Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/qjM14mHgk1Edy0idzb8PcMe4oBE.roa
File: qjM14mHgk1Edy0idzb8PcMe4oBE.roa (raw, json)
Hash identifier: pcsI+0E79qmlWXPdLST7nM+67d24tKTfwvx2fxrvqMw=
Subject key identifier: AA:33:35:E2:61:E0:93:51:1D:CB:48:9D:CD:BF:0F:70:C7:B8:A0:11
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0196683ED5B123BB7F587636E2944A48FF7C
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/qjM14mHgk1Edy0idzb8PcMe4oBE.roa
Signing time: Thu 24 Apr 2025 14:41:10 +0000
ROA not before: Thu 24 Apr 2025 14:41:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 81.22.130.0/24 maxlen: 24
89.185.1.0/24 maxlen: 24
89.185.3.0/24 maxlen: 24
109.72.117.0/24 maxlen: 24
109.72.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.mft
rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:68:3e:d5:b1:23:bb:7f:58:76:36:e2:94:4a:48:ff:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Apr 24 14:41:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa3335e261e093511dcb489dcdbf0f70c7b8a011
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c3:df:2b:43:27:5c:7d:fd:2f:96:75:00:e4:
29:ae:05:d7:bc:6f:43:a9:c8:03:40:3e:74:8b:eb:
6c:de:9d:94:8a:24:70:a3:19:53:e9:d6:69:39:4d:
b8:79:a5:f5:4d:63:36:58:15:f1:c8:5e:b0:7d:90:
af:f1:74:d0:51:d8:26:2d:36:42:67:0a:aa:dd:d5:
ba:ae:1e:e6:6c:04:75:7d:ed:78:03:5a:01:b9:7c:
29:8a:80:f6:96:f2:f0:a7:e0:55:92:d9:b1:e8:82:
92:dc:ab:78:1a:e9:05:40:55:c5:7a:73:f2:43:93:
b4:1f:b5:f8:85:de:e9:5b:50:be:6b:1c:5f:39:d8:
6b:47:70:5b:1d:96:c8:0f:a2:c4:20:c1:a7:c5:d6:
e1:8a:43:5b:fb:35:9e:67:50:f3:ea:a3:e3:6b:64:
d3:9f:79:c6:f8:3d:b2:7f:7c:04:62:40:de:ae:3b:
cd:1a:94:96:a5:74:eb:a4:d4:9b:9a:c6:66:ac:43:
e7:7a:f4:d9:71:1f:e3:1d:5a:15:a8:87:3d:1c:6a:
0a:64:c1:da:2a:3c:1f:7f:a9:b6:34:66:30:1e:3a:
a9:75:15:12:01:4c:1f:6a:94:92:64:09:e7:11:b2:
c6:8b:15:fe:b9:ef:4c:d0:6e:9a:91:46:ac:d1:fd:
f9:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:33:35:E2:61:E0:93:51:1D:CB:48:9D:CD:BF:0F:70:C7:B8:A0:11
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/qjM14mHgk1Edy0idzb8PcMe4oBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.130.0/24
89.185.1.0/24
89.185.3.0/24
109.72.117.0/24
109.72.127.0/24
Signature Algorithm: sha256WithRSAEncryption
46:f8:63:8a:45:4e:dd:b9:d4:68:43:52:ec:34:eb:b8:57:9d:
f4:52:e2:4e:19:b4:f0:92:ec:4c:53:1c:51:2c:88:8d:f0:26:
fb:de:7c:27:a3:35:aa:7a:1d:fb:f6:a7:f1:49:8f:d7:16:6c:
3b:c2:47:02:c9:9a:8d:bc:02:c0:2f:ea:7e:78:a5:4a:c9:87:
43:5f:7e:03:dd:4e:f0:9f:b4:cf:c8:15:af:d4:cf:43:62:8e:
33:16:63:d9:63:87:d0:90:2f:08:69:a1:a2:28:e7:76:c5:e4:
f0:30:4a:62:71:6a:63:19:69:cc:15:46:b0:d4:16:5a:2c:59:
47:7a:47:d6:be:4e:cf:7c:71:84:67:05:03:e0:c4:a6:47:54:
85:54:2e:80:80:cf:29:80:e6:57:e4:8b:e8:cb:85:c4:6a:ea:
19:c6:79:ef:bf:81:23:6b:f0:9d:1f:40:4f:93:3e:97:fc:06:
6e:4e:2b:81:13:17:31:ef:bc:51:58:d8:fb:6e:cb:74:4e:09:
a2:06:42:bc:d5:97:fc:0c:94:aa:08:23:b8:b6:ac:42:26:0f:
db:55:93:b3:c7:79:f4:8d:75:e0:26:05:c4:51:00:35:0c:d7:
07:aa:4f:5d:55:f3:e9:56:83:6d:e0:9a:c2:b6:e6:64:fb:79:
9a:5e:66:c1
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZZoPtWxI7t/WHY24pRKSP98MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjUwNDI0MTQ0MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTMzMzVlMjYxZTA5MzUxMWRjYjQ4OWRjZGJmMGY3MGM3YjhhMDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMPfK0MnXH39L5Z1AOQprgXXvG9D
qcgDQD50i+ts3p2UiiRwoxlT6dZpOU24eaX1TWM2WBXxyF6wfZCv8XTQUdgmLTZC
Zwqq3dW6rh7mbAR1fe14A1oBuXwpioD2lvLwp+BVktmx6IKS3Kt4GukFQFXFenPy
Q5O0H7X4hd7pW1C+axxfOdhrR3BbHZbID6LEIMGnxdbhikNb+zWeZ1Dz6qPja2TT
n3nG+D2yf3wEYkDerjvNGpSWpXTrpNSbmsZmrEPnevTZcR/jHVoVqIc9HGoKZMHa
Kjwff6m2NGYwHjqpdRUSAUwfapSSZAnnEbLGixX+ue9M0G6akUas0f35nwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKozNeJh4JNRHctInc2/D3DHuKARMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvcWpNMTRtSGdrMUVkeTBpZHpiOFBjTWU0b0JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAURaCAwQA
WbkBAwQAWbkDAwQAbUh1AwQAbUh/MA0GCSqGSIb3DQEBCwUAA4IBAQBG+GOKRU7d
udRoQ1LsNOu4V530UuJOGbTwkuxMUxxRLIiN8Cb73nwnozWqeh379qfxSY/XFmw7
wkcCyZqNvALAL+p+eKVKyYdDX34D3U7wn7TPyBWv1M9DYo4zFmPZY4fQkC8IaaGi
KOd2xeTwMEpicWpjGWnMFUaw1BZaLFlHekfWvk7PfHGEZwUD4MSmR1SFVC6AgM8p
gOZX5Ivoy4XEauoZxnnvv4Eja/CdH0BPkz6X/AZuTiuBExcx77xRWNj7bst0Tgmi
BkK81Zf8DJSqCCO4tqxCJg/bVZOzx3n0jXXgJgXEUQA1DNcHqk9dVfPpVoNt4JrC
tuZk+3maXmbB
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:54:35 2025 by rpki-client