Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/Qr2_pZwtUuuXPoMfySpHp2LFCzA.roa
File: Qr2_pZwtUuuXPoMfySpHp2LFCzA.roa (raw, json)
Hash identifier: OPOydN0anKEX6vc+TeAzqMc5Umz77lHhXvSZK8OXrNs=
Subject key identifier: 42:BD:BF:A5:9C:2D:52:EB:97:3E:83:1F:C9:2A:47:A7:62:C5:0B:30
Certificate issuer: /CN=73f210f1299a1e0aee71dc1d79e5fb12092d30a9
Certificate serial: 019648ED8F076E3ECBCAC152F24CD916EEA5
Authority key identifier: 73:F2:10:F1:29:9A:1E:0A:EE:71:DC:1D:79:E5:FB:12:09:2D:30:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/Qr2_pZwtUuuXPoMfySpHp2LFCzA.roa
Signing time: Fri 18 Apr 2025 12:44:10 +0000
ROA not before: Fri 18 Apr 2025 12:44:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39521
IP address blocks: 45.10.16.0/23 maxlen: 23
45.10.18.0/24 maxlen: 24
45.88.5.0/24 maxlen: 24
45.88.6.0/24 maxlen: 24
45.88.7.0/24 maxlen: 24
45.95.40.0/24 maxlen: 24
45.95.41.0/24 maxlen: 24
45.130.100.0/22 maxlen: 22
83.229.34.0/24 maxlen: 24
95.178.107.0/24 maxlen: 24
185.144.56.0/22 maxlen: 24
188.191.48.0/22 maxlen: 22
217.194.153.0/24 maxlen: 24
2a05:e4c0::/32 maxlen: 32
2a05:e4c1::/32 maxlen: 32
2a05:e4c7::/36 maxlen: 36
2a07:3bc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/c_IQ8SmaHgrucdwdeeX7EgktMKk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/c_IQ8SmaHgrucdwdeeX7EgktMKk.mft
rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 18:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:48:ed:8f:07:6e:3e:cb:ca:c1:52:f2:4c:d9:16:ee:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73f210f1299a1e0aee71dc1d79e5fb12092d30a9
Validity
Not Before: Apr 18 12:44:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=42bdbfa59c2d52eb973e831fc92a47a762c50b30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:37:b8:60:55:5d:18:a8:27:a2:4d:d3:e7:e4:
1a:13:b5:9a:30:42:fe:94:73:a9:91:4e:18:35:ca:
56:cf:ad:3c:f1:12:59:50:5c:92:f6:67:76:07:4c:
05:01:93:18:a8:91:b3:a6:ce:31:e1:00:e0:0b:76:
57:b8:59:6f:d1:05:52:e7:f0:d4:71:e3:ac:eb:59:
00:04:e5:1a:4d:31:2c:a5:e6:d8:a0:fa:57:de:9a:
64:18:7b:42:30:4d:3e:17:02:de:e5:f6:b2:d9:d1:
8f:6e:e2:8e:16:00:f7:99:92:ad:21:36:1d:ef:79:
72:0d:a5:2d:c1:e6:cd:86:1a:36:26:52:bc:bc:3e:
44:4d:5f:b4:21:9c:36:8f:57:38:b8:e6:6f:f1:8e:
ed:f7:0d:51:34:67:60:6a:b8:d2:4b:68:58:9e:7f:
17:71:91:28:92:f0:38:7c:b1:50:82:94:70:db:ef:
e6:e1:d6:c1:a9:e4:de:7d:11:df:9d:a8:4a:91:41:
08:4f:27:f7:a7:0c:10:82:b6:cc:3e:d2:43:72:45:
2c:f9:9a:64:68:27:c1:28:37:e4:50:95:de:e1:dd:
1e:2f:2a:48:f6:11:f2:ee:fc:db:dd:80:ff:19:ed:
45:a5:6b:a0:ec:12:d7:60:82:4b:52:5f:68:5d:da:
89:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:BD:BF:A5:9C:2D:52:EB:97:3E:83:1F:C9:2A:47:A7:62:C5:0B:30
X509v3 Authority Key Identifier:
keyid:73:F2:10:F1:29:9A:1E:0A:EE:71:DC:1D:79:E5:FB:12:09:2D:30:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/Qr2_pZwtUuuXPoMfySpHp2LFCzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/c_IQ8SmaHgrucdwdeeX7EgktMKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.16.0-45.10.18.255
45.88.5.0-45.88.7.255
45.95.40.0/23
45.130.100.0/22
83.229.34.0/24
95.178.107.0/24
185.144.56.0/22
188.191.48.0/22
217.194.153.0/24
IPv6:
2a05:e4c0::/31
2a05:e4c7::/36
2a07:3bc0::/29
Signature Algorithm: sha256WithRSAEncryption
7f:2b:33:61:da:c2:77:d1:24:0b:21:c4:c6:d3:0f:b5:03:7d:
d7:9e:c8:6a:f1:01:29:10:37:de:07:8b:be:28:6e:21:56:69:
b1:88:7b:5d:51:d7:f4:29:35:cf:33:b7:37:9e:60:f8:9f:6e:
d0:7b:e4:e3:7d:04:1d:74:f4:74:17:4f:9b:e9:90:99:2e:9e:
c9:44:08:45:71:c3:06:9e:1c:ae:bd:52:c8:2f:70:fb:6a:ac:
db:21:8b:1c:45:53:2f:44:de:a6:57:49:b0:70:24:ee:bb:f1:
67:c8:fc:7c:55:62:ee:5d:95:93:e3:57:74:66:bc:ff:ee:cf:
fa:dc:04:fd:29:54:00:4f:cb:ad:ce:04:b6:7e:81:c4:dc:ac:
f2:87:74:7b:5e:51:75:7a:4a:10:e2:28:0e:7e:3c:3e:62:bf:
ce:b1:23:d3:5e:df:ca:2f:9c:41:7a:78:20:58:05:56:d2:29:
56:9d:f6:b5:21:34:ea:73:b3:d8:0d:96:26:fb:ea:97:75:ed:
43:ff:81:20:61:f0:89:12:8d:32:46:f8:1f:86:db:5e:38:30:
9d:b6:ae:49:9d:25:f8:9f:f0:d4:e8:4f:7e:c4:2f:e4:dd:1a:
1e:ce:40:bc:a6:49:3b:33:de:2d:d1:07:d1:ca:0e:8b:58:cb:
b0:44:c2:4c
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZZI7Y8Hbj7LysFS8kzZFu6lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZjIxMGYxMjk5YTFlMGFlZTcxZGMxZDc5ZTVmYjEyMDky
ZDMwYTkwHhcNMjUwNDE4MTI0NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmJkYmZhNTljMmQ1MmViOTczZTgzMWZjOTJhNDdhNzYyYzUwYjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTe4YFVdGKgnok3T5+QaE7WaMEL+
lHOpkU4YNcpWz6088RJZUFyS9md2B0wFAZMYqJGzps4x4QDgC3ZXuFlv0QVS5/DU
ceOs61kABOUaTTEspebYoPpX3ppkGHtCME0+FwLe5fay2dGPbuKOFgD3mZKtITYd
73lyDaUtwebNhho2JlK8vD5ETV+0IZw2j1c4uOZv8Y7t9w1RNGdgarjSS2hYnn8X
cZEokvA4fLFQgpRw2+/m4dbBqeTefRHfnahKkUEITyf3pwwQgrbMPtJDckUs+Zpk
aCfBKDfkUJXe4d0eLypI9hHy7vzb3YD/Ge1FpWug7BLXYIJLUl9oXdqJ5QIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFEK9v6WcLVLrlz6DH8kqR6dixQswMB8GA1UdIwQY
MBaAFHPyEPEpmh4K7nHcHXnl+xIJLTCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY19JUThTbWFIZ3J1Y2R3ZGVlWDdFZ2t0TUtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kYjFiNDgtMWNjNS00ODMzLTkzZDkt
Yjk0NjQ3MThiYTM3LzEvUXIyX3Bad3RVdXVYUG9NZnlTcEhwMkxGQ3pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kYjFiNDgtMWNjNS00ODMzLTkzZDktYjk0NjQ3MThiYTM3
LzEvY19JUThTbWFIZ3J1Y2R3ZGVlWDdFZ2t0TUtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBMBAIAATBGMAwDBAQtChAD
BAAtChIwDAMEAC1YBQMEAy1YAAMEAS1fKAMEAi2CZAMEAFPlIgMEAF+yawMEArmQ
OAMEAry/MAMEANnCmTAcBAIAAjAWAwUBKgXkwAMGBCoF5McAAwUDKgc7wDANBgkq
hkiG9w0BAQsFAAOCAQEAfyszYdrCd9EkCyHExtMPtQN9157IavEBKRA33geLvihu
IVZpsYh7XVHX9Ck1zzO3N55g+J9u0Hvk430EHXT0dBdPm+mQmS6eyUQIRXHDBp4c
rr1SyC9w+2qs2yGLHEVTL0TepldJsHAk7rvxZ8j8fFVi7l2Vk+NXdGa8/+7P+twE
/SlUAE/Lrc4Etn6BxNys8od0e15RdXpKEOIoDn48PmK/zrEj017fyi+cQXp4IFgF
VtIpVp32tSE06nOz2A2WJvvql3XtQ/+BIGHwiRKNMkb4H4bbXjgwnbauSZ0l+J/w
1OhPfsQv5N0aHs5AvKZJOzPeLdEH0coOi1jLsETCTA==
-----END CERTIFICATE-----
Generated at Sun Apr 27 04:12:57 2025 by rpki-client