Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Q6-WS-Ogl2BUfXGzTcnn86zggbg.roa
File: Q6-WS-Ogl2BUfXGzTcnn86zggbg.roa (raw, json)
Hash identifier: Z4T7mng2RyFpB2LdTZShIdwvER7o+X1yPzGLQ8F0zLc=
Subject key identifier: 43:AF:96:4B:E3:A0:97:60:54:7D:71:B3:4D:C9:E7:F3:AC:E0:81:B8
Certificate issuer: /CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Certificate serial: 0196B861F78FEB28A1B849BAA74FC30902AE
Authority key identifier: 3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Q6-WS-Ogl2BUfXGzTcnn86zggbg.roa
Signing time: Sat 10 May 2025 04:09:10 +0000
ROA not before: Sat 10 May 2025 04:09:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.136.37.0/24 maxlen: 24
45.136.39.0/24 maxlen: 24
185.38.27.0/24 maxlen: 24
194.31.165.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 15 May 2025 14:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b8:61:f7:8f:eb:28:a1:b8:49:ba:a7:4f:c3:09:02:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Validity
Not Before: May 10 04:09:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43af964be3a09760547d71b34dc9e7f3ace081b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ce:b3:79:6c:1c:95:b8:3c:5e:63:40:aa:2e:
27:ba:0e:76:81:5b:e7:8f:10:1e:94:df:79:70:92:
5b:21:a0:31:1e:8f:3d:28:a9:4f:05:6a:c9:8a:d3:
e0:84:dc:53:7a:a2:4e:04:2d:9e:b2:d8:67:43:a2:
51:8d:13:b0:a7:ad:45:9b:9d:19:35:b0:d1:e2:c4:
d6:07:f5:bb:15:d9:b2:41:da:52:89:39:7d:ec:29:
26:25:fd:3b:69:64:4c:d7:f3:ed:b9:29:43:e4:2b:
d0:0d:e2:1d:85:f8:41:9b:56:97:f9:d4:92:ae:56:
59:30:7d:f4:28:b7:36:f0:98:74:20:d4:bb:fa:2b:
a1:4c:e8:79:66:47:15:21:57:86:4a:52:0b:83:1a:
4d:f8:cf:55:de:3c:6d:39:d1:4d:1b:bd:5c:bb:66:
df:e9:fd:8e:fa:b7:39:98:57:35:14:30:ed:a4:b7:
aa:43:b9:a8:3b:a6:21:12:8d:22:91:6b:3d:9c:6c:
ab:c6:7b:6d:cb:0d:4e:9b:0c:98:28:35:05:d2:97:
95:d7:e5:b7:ec:d7:d3:dc:0a:a5:2b:b3:0d:9e:c2:
25:85:d6:a0:6a:11:55:6a:e7:3e:4a:37:a7:53:1d:
ec:a3:51:65:9f:ad:3d:7a:d2:cb:d9:bf:36:bd:59:
eb:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:AF:96:4B:E3:A0:97:60:54:7D:71:B3:4D:C9:E7:F3:AC:E0:81:B8
X509v3 Authority Key Identifier:
keyid:3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Q6-WS-Ogl2BUfXGzTcnn86zggbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.37.0/24
45.136.39.0/24
185.38.27.0/24
194.31.165.0/24
Signature Algorithm: sha256WithRSAEncryption
48:cb:56:bd:58:a1:c1:93:a5:c3:98:1c:59:8d:b2:05:46:64:
6e:59:35:67:1e:96:d2:f7:c6:55:32:0a:a6:a9:51:54:96:93:
82:9a:66:74:0a:ed:ea:59:b9:2e:c7:54:58:bd:5a:d8:44:39:
fb:50:69:85:56:af:f2:91:f0:47:4d:80:6d:28:9c:3a:12:0c:
37:c9:bc:17:d9:87:aa:9c:86:47:dc:48:c0:34:32:db:f2:07:
37:c4:07:09:9d:af:45:52:86:59:48:8d:3b:87:71:a1:a4:16:
ac:a9:e0:a0:e1:7f:d8:9b:a2:75:ca:22:e6:77:d3:9c:21:1d:
6e:89:b8:17:30:7b:08:c6:ae:8b:d0:5e:2a:fd:85:8c:88:46:
4f:ae:f9:ef:90:95:fa:53:fd:c2:c0:09:5e:eb:e1:41:cb:c7:
d8:3b:4e:56:d8:52:1d:8c:09:bc:2c:26:97:c0:ae:48:de:6d:
4f:80:20:92:32:39:f6:f3:6b:da:66:74:be:50:c2:90:7a:81:
d5:61:e2:2a:83:58:31:80:ea:a0:a6:16:4a:0b:dc:84:18:1c:
22:6a:3b:23:b7:cd:26:bc:dc:a5:c6:76:7d:b5:49:a5:84:16:
18:24:b2:00:a2:b8:8c:0a:ca:18:ca:ac:90:5e:10:1b:58:f6:
a7:b8:d5:e3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZa4YfeP6yihuEm6p0/DCQKuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZTc3MGY0N2ZkOTAzOTI1ZDgwYWM1OGUwNWUwNzZmM2Jh
YTExMGIwHhcNMjUwNTEwMDQwOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2FmOTY0YmUzYTA5NzYwNTQ3ZDcxYjM0ZGM5ZTdmM2FjZTA4MWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyc6zeWwclbg8XmNAqi4nug52gVvn
jxAelN95cJJbIaAxHo89KKlPBWrJitPghNxTeqJOBC2esthnQ6JRjROwp61Fm50Z
NbDR4sTWB/W7FdmyQdpSiTl97CkmJf07aWRM1/PtuSlD5CvQDeIdhfhBm1aX+dSS
rlZZMH30KLc28Jh0INS7+iuhTOh5ZkcVIVeGSlILgxpN+M9V3jxtOdFNG71cu2bf
6f2O+rc5mFc1FDDtpLeqQ7moO6YhEo0ikWs9nGyrxnttyw1OmwyYKDUF0peV1+W3
7NfT3AqlK7MNnsIlhdagahFVauc+SjenUx3so1Fln609etLL2b82vVnr1wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEOvlkvjoJdgVH1xs03J5/Os4IG4MB8GA1UdIwQY
MBaAFD7ncPR/2QOSXYCsWOBeB287qhELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTIt
NjI0ZjgzNjgyMTY5LzEvUTYtV1MtT2dsMkJVZlhHelRjbm44NnpnZ2JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTItNjI0ZjgzNjgyMTY5
LzEvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYglAwQA
LYgnAwQAuSYbAwQAwh+lMA0GCSqGSIb3DQEBCwUAA4IBAQBIy1a9WKHBk6XDmBxZ
jbIFRmRuWTVnHpbS98ZVMgqmqVFUlpOCmmZ0Cu3qWbkux1RYvVrYRDn7UGmFVq/y
kfBHTYBtKJw6Egw3ybwX2YeqnIZH3EjANDLb8gc3xAcJna9FUoZZSI07h3GhpBas
qeCg4X/Ym6J1yiLmd9OcIR1uibgXMHsIxq6L0F4q/YWMiEZPrvnvkJX6U/3CwAle
6+FBy8fYO05W2FIdjAm8LCaXwK5I3m1PgCCSMjn282vaZnS+UMKQeoHVYeIqg1gx
gOqgphZKC9yEGBwiajsjt80mvNylxnZ9tUmlhBYYJLIAoriMCsoYyqyQXhAbWPan
uNXj
-----END CERTIFICATE-----
Generated at Wed May 14 21:22:13 2025 by rpki-client