Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/qsz3HJHkRs1HIlSOwQfujQR_X-g.roa
File: qsz3HJHkRs1HIlSOwQfujQR_X-g.roa (raw, json)
Hash identifier: qDXZ1NPmUZkgxgCjolIY6ouRch2LrD2f2BpO4MpiV8c=
Subject key identifier: AA:CC:F7:1C:91:E4:46:CD:47:22:54:8E:C1:07:EE:8D:04:7F:5F:E8
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 0196AFC4EF8A3F505E76350426581A98C296
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/qsz3HJHkRs1HIlSOwQfujQR_X-g.roa
Signing time: Thu 08 May 2025 12:00:41 +0000
ROA not before: Thu 08 May 2025 12:00:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39640
IP address blocks: 45.80.83.0/24 maxlen: 24
167.160.31.0/24 maxlen: 24
178.19.32.0/23 maxlen: 23
201.49.188.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:af:c4:ef:8a:3f:50:5e:76:35:04:26:58:1a:98:c2:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: May 8 12:00:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aaccf71c91e446cd4722548ec107ee8d047f5fe8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:31:a4:1e:7d:a9:3b:58:be:70:c6:8b:a9:31:
58:d9:4b:33:08:85:70:eb:f7:e9:50:05:a4:cb:87:
f0:60:b5:d2:fb:8b:d8:d4:49:6b:d0:d8:2f:d1:7d:
16:1e:5b:78:30:5d:1a:68:c1:45:d7:51:1e:a1:40:
91:73:f2:e2:0d:70:de:ba:ad:49:2d:38:2e:4f:02:
c4:05:92:88:4f:52:8e:7f:6a:87:a2:54:76:21:52:
77:8f:e8:e8:b5:47:4b:51:a2:c5:86:61:0f:0c:5e:
d6:b6:ef:9f:30:e6:74:a3:55:d6:b6:c3:8a:1b:99:
40:ae:e3:31:8a:d5:bd:1b:c2:fa:c5:5f:ed:ed:30:
bf:02:3e:85:1b:ce:8a:0a:a2:6c:92:6a:1e:87:f6:
63:3d:96:92:46:2f:99:d6:09:17:e1:34:e1:ae:63:
3a:16:73:2e:35:0d:95:94:a9:34:c6:53:f9:9b:a7:
0f:bb:d3:6d:8a:ab:86:44:be:55:70:9c:07:c5:c1:
a8:bc:69:7c:5a:d1:eb:f1:b9:f7:f1:f7:9b:8c:47:
66:d3:74:68:94:5a:5b:41:c4:85:b6:29:aa:a1:1e:
ba:86:81:1c:48:cf:0c:cb:dd:0c:4a:87:16:0f:51:
62:d8:18:80:8d:32:cf:9b:c7:6a:2c:40:68:18:e5:
79:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:CC:F7:1C:91:E4:46:CD:47:22:54:8E:C1:07:EE:8D:04:7F:5F:E8
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/qsz3HJHkRs1HIlSOwQfujQR_X-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.83.0/24
167.160.31.0/24
178.19.32.0/23
201.49.188.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:2d:f8:67:96:78:46:40:3b:2b:07:26:58:dd:24:b0:1d:52:
20:bb:18:36:95:61:81:24:3c:7f:23:28:15:99:04:fc:5b:6d:
6b:f3:30:50:f5:3d:a6:d7:b3:0a:2a:cb:0f:ed:47:57:d4:8d:
e3:29:4b:36:32:b3:06:64:99:fd:11:af:47:15:98:3b:0b:94:
dc:30:cc:6f:cf:37:ee:a8:6b:26:69:e1:ff:d9:f6:1e:1b:bc:
88:fc:62:c3:f4:43:53:c3:d2:f8:0a:37:e0:43:59:37:c4:77:
0f:b1:af:46:6b:85:03:8c:a6:80:cf:cc:09:fe:02:1e:d5:ca:
97:0d:4f:53:cc:d3:93:e1:01:11:60:83:b9:35:24:8d:42:66:
7f:d5:bf:30:d9:ac:f3:33:a8:28:f7:45:b2:40:7e:60:ae:fe:
85:5e:74:d4:43:59:be:50:16:81:41:de:d8:1b:ec:73:99:a0:
77:ca:19:45:06:ae:9b:24:fd:e0:6e:e2:21:54:c3:ac:df:9a:
b3:d8:be:b5:28:c7:ce:8f:9a:f5:90:3e:d3:ae:fb:c6:54:5a:
f1:f3:f0:51:5a:a7:70:fc:1a:26:c4:ba:41:1e:b8:f5:c4:fc:
97:44:af:51:ae:43:2d:fc:47:68:f5:32:60:90:19:10:5c:63:
7c:14:ff:13
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZavxO+KP1BedjUEJlgamMKWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwNTA4MTIwMDQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWNjZjcxYzkxZTQ0NmNkNDcyMjU0OGVjMTA3ZWU4ZDA0N2Y1ZmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3jGkHn2pO1i+cMaLqTFY2UszCIVw
6/fpUAWky4fwYLXS+4vY1Elr0Ngv0X0WHlt4MF0aaMFF11EeoUCRc/LiDXDeuq1J
LTguTwLEBZKIT1KOf2qHolR2IVJ3j+jotUdLUaLFhmEPDF7Wtu+fMOZ0o1XWtsOK
G5lAruMxitW9G8L6xV/t7TC/Aj6FG86KCqJskmoeh/ZjPZaSRi+Z1gkX4TThrmM6
FnMuNQ2VlKk0xlP5m6cPu9NtiquGRL5VcJwHxcGovGl8WtHr8bn38febjEdm03Ro
lFpbQcSFtimqoR66hoEcSM8My90MSocWD1Fi2BiAjTLPm8dqLEBoGOV5LQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKrM9xyR5EbNRyJUjsEH7o0Ef1/oMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvcXN6M0hKSGtSczFISWxTT3dRZnVqUVJfWC1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVBTAwQA
p6AfAwQBshMgAwQCyTG8MA0GCSqGSIb3DQEBCwUAA4IBAQCOLfhnlnhGQDsrByZY
3SSwHVIguxg2lWGBJDx/IygVmQT8W21r8zBQ9T2m17MKKssP7UdX1I3jKUs2MrMG
ZJn9Ea9HFZg7C5TcMMxvzzfuqGsmaeH/2fYeG7yI/GLD9ENTw9L4CjfgQ1k3xHcP
sa9Ga4UDjKaAz8wJ/gIe1cqXDU9TzNOT4QERYIO5NSSNQmZ/1b8w2azzM6go90Wy
QH5grv6FXnTUQ1m+UBaBQd7YG+xzmaB3yhlFBq6bJP3gbuIhVMOs35qz2L61KMfO
j5r1kD7TrvvGVFrx8/BRWqdw/BomxLpBHrj1xPyXRK9RrkMt/Edo9TJgkBkQXGN8
FP8T
-----END CERTIFICATE-----
Generated at Fri May 9 20:11:40 2025 by rpki-client