Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/6e0cfa-205e-4d66-ae3a-c743d7c0bb22/1/AT-JQ-Y_A09PsPmxRqqnl1VWEUg.roa
File: AT-JQ-Y_A09PsPmxRqqnl1VWEUg.roa (raw, json)
Hash identifier: F2BQnvjv4yVGmxyojFmIinn12fD07Zb4EP5XRrRv7Hg=
Subject key identifier: 01:3F:89:43:E6:3F:03:4F:4F:B0:F9:B1:46:AA:A7:97:55:56:11:48
Certificate issuer: /CN=8c32a6e57ec81cc5cb43bb503749b360f2b05c3b
Certificate serial: 01968103C6FB2B6CAA87F0C68443BC20B729
Authority key identifier: 8C:32:A6:E5:7E:C8:1C:C5:CB:43:BB:50:37:49:B3:60:F2:B0:5C:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jDKm5X7IHMXLQ7tQN0mzYPKwXDs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/6e0cfa-205e-4d66-ae3a-c743d7c0bb22/1/AT-JQ-Y_A09PsPmxRqqnl1VWEUg.roa
Signing time: Tue 29 Apr 2025 10:07:10 +0000
ROA not before: Tue 29 Apr 2025 10:07:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59877
IP address blocks: 31.223.190.0/24 maxlen: 24
62.68.65.0/24 maxlen: 24
185.61.176.0/22 maxlen: 24
185.160.52.0/22 maxlen: 24
193.39.0.0/22 maxlen: 24
2a02:7b20::/32 maxlen: 32
2a03:9260::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/6e0cfa-205e-4d66-ae3a-c743d7c0bb22/1/jDKm5X7IHMXLQ7tQN0mzYPKwXDs.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/6e0cfa-205e-4d66-ae3a-c743d7c0bb22/1/jDKm5X7IHMXLQ7tQN0mzYPKwXDs.mft
rsync://rpki.ripe.net/repository/DEFAULT/jDKm5X7IHMXLQ7tQN0mzYPKwXDs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:81:03:c6:fb:2b:6c:aa:87:f0:c6:84:43:bc:20:b7:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c32a6e57ec81cc5cb43bb503749b360f2b05c3b
Validity
Not Before: Apr 29 10:07:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=013f8943e63f034f4fb0f9b146aaa79755561148
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f9:5c:a5:f6:7c:79:21:c6:57:ae:69:70:c2:
4e:7f:2f:52:8b:fb:05:1a:86:df:c8:b0:2c:6f:b3:
b6:e6:c3:a6:c0:4f:5a:1f:cf:4a:c1:f8:9f:2e:07:
55:6e:5f:f0:fc:6f:b6:d2:fe:ce:4b:a3:4a:49:12:
30:68:93:21:5c:1b:71:66:54:c7:f7:9d:76:e8:66:
36:2f:07:8c:f4:6d:79:f7:1b:24:4d:12:a9:c5:0f:
e0:90:61:a7:31:6f:00:ee:df:ed:d2:fd:90:2a:b8:
e0:1a:70:cd:83:94:ea:80:6a:bf:3a:4a:88:78:b5:
11:34:01:31:58:cb:82:e9:a6:41:c5:4f:9c:88:2b:
75:ab:20:66:eb:89:af:c7:8d:3a:ae:d9:bb:72:16:
23:2f:e8:e9:9e:8d:77:7f:c8:15:a5:64:38:d7:4a:
f4:7e:53:20:00:8f:06:ca:4a:6f:b1:5b:ab:9b:f2:
5d:58:f6:3a:b8:67:85:e9:2e:54:c3:6e:f8:90:ed:
34:6a:94:bc:d4:35:ce:c9:b1:51:4d:87:db:de:56:
2b:16:f8:c4:d6:8d:44:18:1f:ef:03:1f:96:69:34:
88:c1:c3:0a:1a:46:a1:7e:50:39:70:e1:7b:19:e6:
f2:e9:b2:99:1d:7b:ec:0a:dd:55:9f:21:d3:b4:62:
6e:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:3F:89:43:E6:3F:03:4F:4F:B0:F9:B1:46:AA:A7:97:55:56:11:48
X509v3 Authority Key Identifier:
keyid:8C:32:A6:E5:7E:C8:1C:C5:CB:43:BB:50:37:49:B3:60:F2:B0:5C:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jDKm5X7IHMXLQ7tQN0mzYPKwXDs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/6e0cfa-205e-4d66-ae3a-c743d7c0bb22/1/AT-JQ-Y_A09PsPmxRqqnl1VWEUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/6e0cfa-205e-4d66-ae3a-c743d7c0bb22/1/jDKm5X7IHMXLQ7tQN0mzYPKwXDs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.223.190.0/24
62.68.65.0/24
185.61.176.0/22
185.160.52.0/22
193.39.0.0/22
IPv6:
2a02:7b20::/32
2a03:9260::/32
Signature Algorithm: sha256WithRSAEncryption
5c:c8:20:11:6f:c6:d7:a1:70:35:24:73:a4:c3:f2:ea:90:03:
fe:0b:0e:6d:5e:c0:8e:b4:8e:c5:1b:fd:38:ed:57:e0:cd:67:
83:06:93:cb:2c:00:34:32:b3:36:91:c4:c8:f7:ba:5f:bc:86:
f2:10:14:1e:3f:1d:f6:58:8b:a8:d5:b5:68:45:34:6e:a9:2b:
02:97:c8:0e:97:ed:02:04:5e:2b:ec:30:60:84:20:f6:d6:2d:
dc:6c:e6:28:a8:d6:6d:65:54:9f:34:e3:c1:f4:0c:03:22:f0:
88:5b:0d:b2:e2:44:b8:4e:7a:67:06:54:95:21:eb:89:8f:a4:
ec:a1:6f:94:c8:db:5c:5b:da:7e:4c:f6:7e:51:a2:6c:5c:d4:
77:11:d3:43:c3:40:b2:f3:1a:89:98:a8:64:e6:af:04:4b:6a:
8b:cc:32:da:c8:a0:fd:1e:94:99:13:cf:24:59:96:9e:ad:6f:
55:01:ab:7d:30:71:f7:e6:30:32:64:13:5f:03:3c:95:af:8d:
0d:58:ad:91:c5:4d:4b:dc:de:96:58:9b:77:e6:85:b4:f0:f3:
e9:ff:3c:6d:de:a6:cb:06:b5:50:f3:c8:1c:66:b6:74:b5:33:
02:3f:e1:6e:06:7b:e0:ea:4e:56:fb:d3:62:61:c6:af:81:a4:
ed:0e:fb:31
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZaBA8b7K2yqh/DGhEO8ILcpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjMzJhNmU1N2VjODFjYzVjYjQzYmI1MDM3NDliMzYwZjJi
MDVjM2IwHhcNMjUwNDI5MTAwNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTNmODk0M2U2M2YwMzRmNGZiMGY5YjE0NmFhYTc5NzU1NTYxMTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/lcpfZ8eSHGV65pcMJOfy9Si/sF
GobfyLAsb7O25sOmwE9aH89KwfifLgdVbl/w/G+20v7OS6NKSRIwaJMhXBtxZlTH
95126GY2LweM9G159xskTRKpxQ/gkGGnMW8A7t/t0v2QKrjgGnDNg5TqgGq/OkqI
eLURNAExWMuC6aZBxU+ciCt1qyBm64mvx406rtm7chYjL+jpno13f8gVpWQ410r0
flMgAI8GykpvsVurm/JdWPY6uGeF6S5Uw274kO00apS81DXOybFRTYfb3lYrFvjE
1o1EGB/vAx+WaTSIwcMKGkahflA5cOF7Geby6bKZHXvsCt1VnyHTtGJuwQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFAE/iUPmPwNPT7D5sUaqp5dVVhFIMB8GA1UdIwQY
MBaAFIwypuV+yBzFy0O7UDdJs2DysFw7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakRLbTVYN0lITVhMUTd0UU4wbXpZUEt3WERzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC82ZTBjZmEtMjA1ZS00ZDY2LWFlM2Et
Yzc0M2Q3YzBiYjIyLzEvQVQtSlEtWV9BMDlQc1BteFJxcW5sMVZXRVVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC82ZTBjZmEtMjA1ZS00ZDY2LWFlM2EtYzc0M2Q3YzBiYjIy
LzEvakRLbTVYN0lITVhMUTd0UU4wbXpZUEt3WERzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQAH9++AwQA
PkRBAwQCuT2wAwQCuaA0AwQCwScAMBQEAgACMA4DBQAqAnsgAwUAKgOSYDANBgkq
hkiG9w0BAQsFAAOCAQEAXMggEW/G16FwNSRzpMPy6pAD/gsObV7AjrSOxRv9OO1X
4M1ngwaTyywANDKzNpHEyPe6X7yG8hAUHj8d9liLqNW1aEU0bqkrApfIDpftAgRe
K+wwYIQg9tYt3GzmKKjWbWVUnzTjwfQMAyLwiFsNsuJEuE56ZwZUlSHriY+k7KFv
lMjbXFvafkz2flGibFzUdxHTQ8NAsvMaiZioZOavBEtqi8wy2sig/R6UmRPPJFmW
nq1vVQGrfTBx9+YwMmQTXwM8la+NDVitkcVNS9zellibd+aFtPDz6f88bd6mywa1
UPPIHGa2dLUzAj/hbgZ74OpOVvvTYmHGr4Gk7Q77MQ==
-----END CERTIFICATE-----
Generated at Mon May 5 15:56:31 2025 by rpki-client