Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/QRp-gzzsA0-rdx3b1dqncsRjGiA.roa
File: QRp-gzzsA0-rdx3b1dqncsRjGiA.roa (raw, json)
Hash identifier: ZsibpDYXxDl+Q+7fuaklr+d71b4p1KiMoCEp2QmvReI=
Subject key identifier: 41:1A:7E:83:3C:EC:03:4F:AB:77:1D:DB:D5:DA:A7:72:C4:63:1A:20
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 01966D64474DFD8CEF4F1E07E2A837595B6B
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/QRp-gzzsA0-rdx3b1dqncsRjGiA.roa
Signing time: Fri 25 Apr 2025 14:40:10 +0000
ROA not before: Fri 25 Apr 2025 14:40:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 62.171.240.0/22 maxlen: 24
194.238.78.0/24 maxlen: 24
194.238.79.0/24 maxlen: 24
213.18.196.0/22 maxlen: 24
213.18.220.0/22 maxlen: 24
213.18.224.0/20 maxlen: 24
213.18.245.0/24 maxlen: 24
217.177.0.0/21 maxlen: 24
217.177.35.0/24 maxlen: 24
217.179.56.0/22 maxlen: 24
217.179.72.0/22 maxlen: 24
217.179.220.0/22 maxlen: 24
217.180.12.0/24 maxlen: 24
217.180.13.0/24 maxlen: 24
217.180.14.0/24 maxlen: 24
217.180.20.0/24 maxlen: 24
217.180.22.0/23 maxlen: 24
217.180.38.0/24 maxlen: 24
217.180.45.0/24 maxlen: 24
217.180.46.0/24 maxlen: 24
217.180.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.mft
rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 08:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6d:64:47:4d:fd:8c:ef:4f:1e:07:e2:a8:37:59:5b:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Apr 25 14:40:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=411a7e833cec034fab771ddbd5daa772c4631a20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b7:49:68:be:2f:14:bb:66:41:39:6f:da:7b:
b3:f1:a7:1e:13:a8:02:de:de:a1:99:05:30:89:27:
03:3a:76:00:13:77:85:cd:f4:ba:56:d2:8e:27:fd:
16:93:1c:17:98:10:99:f2:48:bd:84:ca:5d:44:bc:
b7:56:a1:7c:51:4e:47:39:0b:71:c9:07:63:65:92:
08:7c:d4:c1:0c:3f:6f:a3:98:22:96:3b:e7:68:76:
bc:65:7b:a0:c7:70:2a:7e:87:e2:58:c5:0a:5e:41:
50:4b:ed:c8:17:19:4c:7a:76:53:bd:cd:73:50:0f:
50:67:c9:4a:6c:71:88:cf:84:5b:3e:84:60:1d:06:
5d:ab:26:b9:59:ce:81:a0:4c:6c:6d:26:84:39:0b:
ac:e5:98:d5:20:3d:89:8b:be:1c:78:2a:2a:3b:e2:
ee:11:c8:c9:84:af:3c:83:34:72:5e:fe:23:97:ea:
5b:9d:a8:1d:1f:d7:26:7f:c9:b0:25:8f:ed:78:1f:
fb:2e:0f:d0:53:1a:63:8d:ae:25:44:bd:42:85:40:
a3:c9:d3:e3:79:f1:f3:80:7a:77:fb:4b:cd:97:1c:
92:6b:a8:f7:d0:4d:0d:ac:62:50:04:b3:1f:ca:43:
da:be:21:e5:29:e7:44:fb:a1:9d:27:58:4a:3a:e9:
29:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:1A:7E:83:3C:EC:03:4F:AB:77:1D:DB:D5:DA:A7:72:C4:63:1A:20
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/QRp-gzzsA0-rdx3b1dqncsRjGiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.171.240.0/22
194.238.78.0/23
213.18.196.0/22
213.18.220.0-213.18.239.255
213.18.245.0/24
217.177.0.0/21
217.177.35.0/24
217.179.56.0/22
217.179.72.0/22
217.179.220.0/22
217.180.12.0-217.180.14.255
217.180.20.0/24
217.180.22.0/23
217.180.38.0/24
217.180.45.0-217.180.46.255
217.180.59.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:05:c4:51:50:e4:3c:8d:ec:4c:5a:94:24:01:89:c0:07:ff:
74:65:26:65:43:c3:be:7b:47:2b:4e:5d:f2:3d:df:c4:f7:5d:
7d:7c:0b:8c:03:2c:a5:8c:75:78:3e:06:5e:64:12:39:d0:eb:
78:68:9a:5e:23:a1:90:fb:1d:c8:68:42:22:f8:58:80:d9:53:
b4:a8:58:35:1a:01:95:7f:b8:f3:43:b0:35:1f:60:04:d5:81:
ca:e9:c6:ef:b7:bf:5d:b4:58:37:17:73:ef:1f:4d:fc:88:79:
e5:ae:16:34:0e:a7:a9:02:2f:ce:f6:ec:1e:4f:31:46:22:e0:
cb:21:12:56:b1:51:8d:14:b2:cd:7c:7a:72:9b:28:07:2b:13:
c2:d3:30:e0:bd:4f:48:f3:9e:06:e8:ae:66:03:ed:66:a5:50:
56:5b:35:dd:a7:c7:1e:3d:e9:08:8a:20:35:3d:ed:83:62:92:
9a:5f:12:8a:62:98:b3:4a:e9:f2:a4:11:00:e1:ec:71:7a:2a:
35:ca:84:52:f7:53:d1:0a:50:2d:83:bd:c7:0c:33:74:e3:a5:
aa:5c:5f:e5:73:4a:81:96:eb:f9:a4:56:1c:12:ac:7d:12:16:
ae:af:fe:62:fd:25:f5:e9:16:81:f3:8c:5a:02:6a:2a:e9:a0:
a3:83:ad:92
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAZZtZEdN/YzvTx4H4qg3WVtrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwNDI1MTQ0MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTFhN2U4MzNjZWMwMzRmYWI3NzFkZGJkNWRhYTc3MmM0NjMxYTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurdJaL4vFLtmQTlv2nuz8aceE6gC
3t6hmQUwiScDOnYAE3eFzfS6VtKOJ/0WkxwXmBCZ8ki9hMpdRLy3VqF8UU5HOQtx
yQdjZZIIfNTBDD9vo5giljvnaHa8ZXugx3AqfofiWMUKXkFQS+3IFxlMenZTvc1z
UA9QZ8lKbHGIz4RbPoRgHQZdqya5Wc6BoExsbSaEOQus5ZjVID2Ji74ceCoqO+Lu
EcjJhK88gzRyXv4jl+pbnagdH9cmf8mwJY/teB/7Lg/QUxpjja4lRL1ChUCjydPj
efHzgHp3+0vNlxySa6j30E0NrGJQBLMfykPaviHlKedE+6GdJ1hKOukpWwIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFEEafoM87ANPq3cd29Xap3LEYxogMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvUVJwLWd6enNBMC1yZHgzYjFkcW5jc1JqR2lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQCPqvw
AwQBwu5OAwQC1RLEMAwDBALVEtwDBATVEuADBADVEvUDBAPZsQADBADZsSMDBALZ
szgDBALZs0gDBALZs9wwDAMEAtm0DAMEANm0DgMEANm0FAMEAdm0FgMEANm0JjAM
AwQA2bQtAwQA2bQuAwQA2bQ7MA0GCSqGSIb3DQEBCwUAA4IBAQBdBcRRUOQ8jexM
WpQkAYnAB/90ZSZlQ8O+e0crTl3yPd/E9119fAuMAyyljHV4PgZeZBI50Ot4aJpe
I6GQ+x3IaEIi+FiA2VO0qFg1GgGVf7jzQ7A1H2AE1YHK6cbvt79dtFg3F3PvH038
iHnlrhY0DqepAi/O9uweTzFGIuDLIRJWsVGNFLLNfHpymygHKxPC0zDgvU9I854G
6K5mA+1mpVBWWzXdp8cePekIiiA1Pe2DYpKaXxKKYpizSunypBEA4exxeio1yoRS
91PRClAtg73HDDN046WqXF/lc0qBluv5pFYcEqx9Ehaur/5i/SX16RaB84xaAmoq
6aCjg62S
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:18:32 2025 by rpki-client