Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/QAdvSCydHA9eyuAMO4zxWjMLaKA.roa
File: QAdvSCydHA9eyuAMO4zxWjMLaKA.roa (raw, json)
Hash identifier: SOXceRa6NpWT+hoKHihDdCbZSJgN5vfd5bbC+z6R+m0=
Subject key identifier: 40:07:6F:48:2C:9D:1C:0F:5E:CA:E0:0C:3B:8C:F1:5A:33:0B:68:A0
Certificate issuer: /CN=c4ff23b1c371352f39b73d39a4e07f8ca98ccd67
Certificate serial: 01971B39FDEF367C0CAAB8F09FE60F83DE36
Authority key identifier: C4:FF:23:B1:C3:71:35:2F:39:B7:3D:39:A4:E0:7F:8C:A9:8C:CD:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xP8jscNxNS85tz05pOB_jKmMzWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/QAdvSCydHA9eyuAMO4zxWjMLaKA.roa
Signing time: Thu 29 May 2025 08:47:54 +0000
ROA not before: Thu 29 May 2025 08:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 397688
IP address blocks: 2.58.8.0/24 maxlen: 24
2.58.9.0/24 maxlen: 24
2.58.10.0/24 maxlen: 24
2.58.11.0/24 maxlen: 24
31.222.58.0/24 maxlen: 24
147.189.164.0/24 maxlen: 24
147.189.165.0/24 maxlen: 24
147.189.166.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/xP8jscNxNS85tz05pOB_jKmMzWc.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/xP8jscNxNS85tz05pOB_jKmMzWc.mft
rsync://rpki.ripe.net/repository/DEFAULT/xP8jscNxNS85tz05pOB_jKmMzWc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 19:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:1b:39:fd:ef:36:7c:0c:aa:b8:f0:9f:e6:0f:83:de:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ff23b1c371352f39b73d39a4e07f8ca98ccd67
Validity
Not Before: May 29 08:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=40076f482c9d1c0f5ecae00c3b8cf15a330b68a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:92:3b:1d:b2:63:f3:52:65:6f:e5:00:04:6d:
0a:ac:40:0b:e9:b7:69:60:de:c2:b3:72:c2:29:af:
08:a4:ab:35:58:ba:99:36:b5:4d:09:51:97:c7:dd:
89:8d:b2:08:5a:e0:5e:6d:45:9a:cd:10:fd:2d:f0:
91:53:ae:a3:8e:2e:a4:00:6d:59:74:b8:62:a0:e8:
f8:09:71:6a:e8:30:ba:51:57:0f:aa:89:b1:c4:7f:
21:23:29:c5:f4:1d:62:f7:7f:5f:ac:12:8f:ab:9c:
8b:a0:a9:d3:30:1b:43:e6:4c:b8:90:93:6e:58:c6:
d1:2b:77:b2:71:46:a2:18:b2:e8:a3:28:0b:8a:d8:
62:65:b3:72:6e:22:e2:4c:7e:19:a6:cc:dc:49:1f:
bc:28:83:19:ba:9c:c9:6f:88:08:da:c9:3e:31:d4:
8e:69:7a:05:54:c1:a6:f8:85:17:f1:27:6c:ce:6a:
03:83:73:63:6d:91:03:1a:1d:cf:dc:80:1e:ad:82:
72:47:3c:3e:78:33:09:b9:12:19:dc:f9:e5:ca:b2:
73:06:a1:a6:a5:00:7f:3b:9c:89:c6:dd:90:b3:ff:
46:e3:c7:81:7a:74:46:1c:88:eb:6b:3f:68:30:a8:
64:c6:0e:a2:9a:f4:31:9f:2d:b0:de:20:ac:b0:1c:
7e:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:07:6F:48:2C:9D:1C:0F:5E:CA:E0:0C:3B:8C:F1:5A:33:0B:68:A0
X509v3 Authority Key Identifier:
keyid:C4:FF:23:B1:C3:71:35:2F:39:B7:3D:39:A4:E0:7F:8C:A9:8C:CD:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xP8jscNxNS85tz05pOB_jKmMzWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/QAdvSCydHA9eyuAMO4zxWjMLaKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/xP8jscNxNS85tz05pOB_jKmMzWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.8.0/22
31.222.58.0/24
147.189.164.0-147.189.166.255
Signature Algorithm: sha256WithRSAEncryption
31:45:7e:15:b0:31:34:40:82:70:97:d9:70:30:32:70:f6:cc:
f8:7f:30:42:d5:18:b0:05:3c:85:71:a1:80:e0:fc:17:56:d6:
9f:f5:29:b3:02:4b:b9:c2:f2:3d:90:57:b4:87:a5:27:b0:cb:
10:47:72:fd:e6:5f:cf:4a:82:d9:97:c9:3f:9d:43:65:72:0c:
7c:d8:22:e4:0c:c7:24:ae:ac:91:6b:b0:24:23:d8:2b:11:1f:
89:6d:4b:7f:9e:eb:f8:ba:39:c4:1d:7f:2f:f8:94:83:fd:ac:
2f:ef:19:e3:73:97:be:60:aa:1b:ad:96:56:65:ba:60:43:de:
e3:66:04:4f:e1:43:ad:25:31:00:43:f8:a8:08:60:81:ea:f4:
09:e0:20:c9:f4:4e:d9:81:3c:63:78:74:cc:a0:42:4c:b6:fa:
ed:93:30:dd:f0:c7:21:51:1a:f0:de:ff:c0:f2:c7:0c:14:be:
f2:55:e4:32:31:3a:35:ae:96:2c:e1:5a:fe:a4:36:43:7d:a0:
88:00:68:74:39:20:9e:af:9d:91:46:f5:18:a2:1c:26:dc:30:
bd:6c:66:61:27:37:bf:ec:da:3b:4b:2d:e4:94:2b:25:52:9f:
19:0b:66:7b:61:bc:e8:d6:ec:d9:52:ae:bc:05:af:a8:dc:d1:
bb:0a:87:56
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZcbOf3vNnwMqrjwn+YPg942MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ZmYyM2IxYzM3MTM1MmYzOWI3M2QzOWE0ZTA3ZjhjYTk4
Y2NkNjcwHhcNMjUwNTI5MDg0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDA3NmY0ODJjOWQxYzBmNWVjYWUwMGMzYjhjZjE1YTMzMGI2OGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJI7HbJj81Jlb+UABG0KrEAL6bdp
YN7Cs3LCKa8IpKs1WLqZNrVNCVGXx92JjbIIWuBebUWazRD9LfCRU66jji6kAG1Z
dLhioOj4CXFq6DC6UVcPqomxxH8hIynF9B1i939frBKPq5yLoKnTMBtD5ky4kJNu
WMbRK3eycUaiGLLooygLithiZbNybiLiTH4ZpszcSR+8KIMZupzJb4gI2sk+MdSO
aXoFVMGm+IUX8SdszmoDg3NjbZEDGh3P3IAerYJyRzw+eDMJuRIZ3PnlyrJzBqGm
pQB/O5yJxt2Qs/9G48eBenRGHIjraz9oMKhkxg6imvQxny2w3iCssBx+hwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEAHb0gsnRwPXsrgDDuM8VozC2igMB8GA1UdIwQY
MBaAFMT/I7HDcTUvObc9OaTgf4ypjM1nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFA4anNjTnhOUzg1dHowNXBPQl9qS21NeldjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9jNjVhYWItOGE1Mi00NzZmLTllMzIt
MTA5NTlhYWE4YjNlLzEvUUFkdlNDeWRIQTlleXVBTU80enhXak1MYUtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9jNjVhYWItOGE1Mi00NzZmLTllMzItMTA5NTlhYWE4YjNl
LzEveFA4anNjTnhOUzg1dHowNXBPQl9qS21NeldjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCAjoIAwQA
H946MAwDBAKTvaQDBACTvaYwDQYJKoZIhvcNAQELBQADggEBADFFfhWwMTRAgnCX
2XAwMnD2zPh/MELVGLAFPIVxoYDg/BdW1p/1KbMCS7nC8j2QV7SHpSewyxBHcv3m
X89KgtmXyT+dQ2VyDHzYIuQMxySurJFrsCQj2CsRH4ltS3+e6/i6OcQdfy/4lIP9
rC/vGeNzl75gqhutllZlumBD3uNmBE/hQ60lMQBD+KgIYIHq9AngIMn0TtmBPGN4
dMygQky2+u2TMN3wxyFRGvDe/8DyxwwUvvJV5DIxOjWulizhWv6kNkN9oIgAaHQ5
IJ6vnZFG9RiiHCbcML1sZmEnN7/s2jtLLeSUKyVSnxkLZnthvOjW7NlSrrwFr6jc
0bsKh1Y=
-----END CERTIFICATE-----
Generated at Sun Jun 15 00:34:08 2025 by rpki-client