Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/6kRYNbKg-jZgGBwbytwSuT8UAtY.roa
File: 6kRYNbKg-jZgGBwbytwSuT8UAtY.roa (raw, json)
Hash identifier: 27r1vM8Dp8MD8MrHF+JDthIhTdq7AdFo8XdPDyMY7hA=
Subject key identifier: EA:44:58:35:B2:A0:FA:36:60:18:1C:1B:CA:DC:12:B9:3F:14:02:D6
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019424B2E5E94EBB42B5D4D6053939F54070
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/6kRYNbKg-jZgGBwbytwSuT8UAtY.roa
Signing time: Thu 02 Jan 2025 01:48:11 +0000
ROA not before: Thu 02 Jan 2025 01:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 159.148.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:e5:e9:4e:bb:42:b5:d4:d6:05:39:39:f5:40:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 01:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ea445835b2a0fa3660181c1bcadc12b93f1402d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c5:ff:0f:37:a1:70:7d:4f:ae:39:3b:80:c3:
89:1f:7f:5f:08:7d:c1:e1:6f:5e:2d:98:6b:4c:be:
93:11:33:eb:67:5f:97:a1:d8:aa:af:96:ab:04:94:
c2:25:62:bc:46:06:60:1d:21:d0:62:4c:1a:f1:13:
38:93:22:47:25:db:c0:0b:ed:2b:05:fd:70:9f:ec:
a0:bc:d4:46:e7:74:29:d6:6e:44:e8:33:b7:85:b7:
2c:2d:03:1b:a8:d3:d6:5c:bf:29:94:06:28:75:e0:
9b:46:b3:fb:a2:f5:a3:f7:d9:96:56:38:81:a2:16:
4a:c5:56:07:30:cc:b9:8a:1b:be:81:ae:d8:56:af:
a7:31:1e:6b:f2:da:09:d6:82:e8:31:c0:0b:2f:24:
ff:5c:59:0e:e9:99:3a:e8:0a:be:9e:90:fe:04:1d:
1d:bd:6a:cc:8c:c8:34:9b:90:4d:ed:7b:df:a1:66:
73:07:7f:57:b3:4a:94:f0:38:8c:6a:0d:30:ef:ca:
5a:f0:2c:87:f5:a8:a9:12:5d:23:73:4d:50:9b:9c:
a5:52:f8:ed:7c:a4:9d:7c:7c:66:0c:28:fe:d6:75:
cc:72:7f:74:2f:21:98:df:da:da:3b:29:59:1c:de:
db:5f:86:4d:25:a7:b2:93:55:79:e0:b2:0e:be:67:
3c:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:44:58:35:B2:A0:FA:36:60:18:1C:1B:CA:DC:12:B9:3F:14:02:D6
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/6kRYNbKg-jZgGBwbytwSuT8UAtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.137.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:da:fd:23:aa:8b:11:80:29:7b:d4:81:bb:6d:ca:9f:2f:ea:
4b:68:f9:68:a9:e1:4e:e5:64:69:00:1a:94:4d:1b:f3:6c:65:
d2:f2:c8:b4:b9:4c:90:1c:98:6a:68:ff:30:eb:62:fe:be:b9:
00:e4:19:fc:df:67:db:e5:ea:e2:92:01:8d:65:2f:c9:f9:f5:
9a:5e:74:e3:ee:e4:fc:96:c0:a6:8d:59:b6:d7:ca:86:8d:5d:
a5:3c:f4:90:77:61:1c:ac:37:73:f0:3d:33:b3:fe:17:75:a9:
20:e4:3e:58:a8:3a:9f:b3:25:07:8c:27:87:3a:01:64:5a:9f:
a0:36:38:44:b4:91:2d:6a:4f:87:a7:0a:e2:c0:03:9e:92:6a:
08:31:3a:a0:52:f8:0c:72:ba:12:a8:c0:18:23:04:bc:b8:e6:
17:20:2c:68:eb:ff:10:71:54:dc:21:34:64:6f:9e:81:c4:a8:
eb:0c:79:bb:01:10:6f:d2:d9:4e:87:fa:49:b8:12:b1:75:cb:
75:54:2e:9b:11:b0:7f:a7:12:72:c2:11:cf:79:6a:c7:e3:1e:
ad:b7:b4:51:87:2b:12:d2:70:04:e8:46:7a:0c:3e:05:7b:72:
c8:5f:a4:8f:64:f9:82:52:ad:83:14:b1:1a:8e:2b:86:66:77:
32:1a:15:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQksuXpTrtCtdTWBTk59UBwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwMTAyMDE0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTQ0NTgzNWIyYTBmYTM2NjAxODFjMWJjYWRjMTJiOTNmMTQwMmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsX/DzehcH1Prjk7gMOJH39fCH3B
4W9eLZhrTL6TETPrZ1+Xodiqr5arBJTCJWK8RgZgHSHQYkwa8RM4kyJHJdvAC+0r
Bf1wn+ygvNRG53Qp1m5E6DO3hbcsLQMbqNPWXL8plAYodeCbRrP7ovWj99mWVjiB
ohZKxVYHMMy5ihu+ga7YVq+nMR5r8toJ1oLoMcALLyT/XFkO6Zk66Aq+npD+BB0d
vWrMjMg0m5BN7XvfoWZzB39Xs0qU8DiMag0w78pa8CyH9aipEl0jc01Qm5ylUvjt
fKSdfHxmDCj+1nXMcn90LyGY39raOylZHN7bX4ZNJaeyk1V54LIOvmc8kwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOpEWDWyoPo2YBgcG8rcErk/FALWMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvNmtSWU5iS2ctalpnR0J3Ynl0d1N1VDhVQXRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAn5SJMA0G
CSqGSIb3DQEBCwUAA4IBAQCM2v0jqosRgCl71IG7bcqfL+pLaPloqeFO5WRpABqU
TRvzbGXS8si0uUyQHJhqaP8w62L+vrkA5Bn832fb5erikgGNZS/J+fWaXnTj7uT8
lsCmjVm218qGjV2lPPSQd2EcrDdz8D0zs/4Xdakg5D5YqDqfsyUHjCeHOgFkWp+g
NjhEtJEtak+HpwriwAOekmoIMTqgUvgMcroSqMAYIwS8uOYXICxo6/8QcVTcITRk
b56BxKjrDHm7ARBv0tlOh/pJuBKxdct1VC6bEbB/pxJywhHPeWrH4x6tt7RRhysS
0nAE6EZ6DD4Fe3LIX6SPZPmCUq2DFLEajiuGZncyGhXS
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:12:57 2025 by rpki-client