Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/6d9ce2-6d88-4977-ae06-c1e941e59c14/1/txevIB_6jhleI8mehx3u1ubhM4E.roa
File: txevIB_6jhleI8mehx3u1ubhM4E.roa (raw, json)
Hash identifier: ttQSgL5wxWdGk+Bs6UGV09lAGc4vxzIOxHjXzQQIn4M=
Subject key identifier: B7:17:AF:20:1F:FA:8E:19:5E:23:C9:9E:87:1D:EE:D6:E6:E1:33:81
Certificate issuer: /CN=4f123e248e6ec0368e0712345f726d71f60f826b
Certificate serial: 01942067E012817A772C7FC0B8E3EECE5906
Authority key identifier: 4F:12:3E:24:8E:6E:C0:36:8E:07:12:34:5F:72:6D:71:F6:0F:82:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxI-JI5uwDaOBxI0X3JtcfYPgms.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/6d9ce2-6d88-4977-ae06-c1e941e59c14/1/txevIB_6jhleI8mehx3u1ubhM4E.roa
Signing time: Wed 01 Jan 2025 05:47:45 +0000
ROA not before: Wed 01 Jan 2025 05:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201597
IP address blocks: 185.66.92.0/22 maxlen: 22
185.232.252.0/22 maxlen: 22
185.232.254.0/24 maxlen: 24
2a05:680::/29 maxlen: 29
2a05:687::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/6d9ce2-6d88-4977-ae06-c1e941e59c14/1/TxI-JI5uwDaOBxI0X3JtcfYPgms.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/6d9ce2-6d88-4977-ae06-c1e941e59c14/1/TxI-JI5uwDaOBxI0X3JtcfYPgms.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxI-JI5uwDaOBxI0X3JtcfYPgms.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:e0:12:81:7a:77:2c:7f:c0:b8:e3:ee:ce:59:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f123e248e6ec0368e0712345f726d71f60f826b
Validity
Not Before: Jan 1 05:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b717af201ffa8e195e23c99e871deed6e6e13381
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:29:48:e2:b3:8d:32:2b:47:86:a3:aa:a4:da:
63:d3:69:ea:3e:13:ae:99:76:c2:15:e6:af:86:fa:
e0:b7:37:bf:06:47:b3:80:c7:64:07:ae:d2:48:ab:
0b:eb:34:91:88:9e:19:3e:83:d0:f7:d0:2d:3d:2c:
f5:4e:df:e3:b8:10:e2:71:0c:bf:30:e4:a2:73:d9:
97:5f:4d:fe:dc:a5:80:20:6f:12:2f:7a:ee:64:d9:
9b:5a:97:3b:5c:96:32:ea:95:44:9a:fd:b4:ca:0f:
a6:ac:98:fa:8b:e0:b4:d7:c1:87:11:a7:0a:50:eb:
4d:56:bc:e8:b6:5b:07:a9:62:76:b6:eb:8b:84:bf:
96:62:29:11:3e:9d:b8:d2:c3:16:73:f6:ba:3d:e5:
f7:f1:72:ee:b5:2d:fc:3e:79:f4:81:f1:81:34:a0:
54:fd:3b:df:fb:28:d4:e6:26:65:63:65:1a:35:d2:
d6:45:b9:58:01:ca:d8:b3:3b:98:e0:b1:dd:7a:29:
9a:d4:f7:1f:3a:ea:58:9f:2a:2c:b8:c0:65:51:81:
a1:dc:db:28:26:db:14:87:b3:c1:91:3c:ee:8b:a2:
17:11:9a:4c:cf:9b:7f:3e:6b:5a:13:7e:d9:28:9b:
46:8a:4d:53:d1:0e:5b:90:b6:9b:c4:cb:58:07:9d:
b4:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:17:AF:20:1F:FA:8E:19:5E:23:C9:9E:87:1D:EE:D6:E6:E1:33:81
X509v3 Authority Key Identifier:
keyid:4F:12:3E:24:8E:6E:C0:36:8E:07:12:34:5F:72:6D:71:F6:0F:82:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxI-JI5uwDaOBxI0X3JtcfYPgms.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/6d9ce2-6d88-4977-ae06-c1e941e59c14/1/txevIB_6jhleI8mehx3u1ubhM4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/6d9ce2-6d88-4977-ae06-c1e941e59c14/1/TxI-JI5uwDaOBxI0X3JtcfYPgms.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.92.0/22
185.232.252.0/22
IPv6:
2a05:680::/29
Signature Algorithm: sha256WithRSAEncryption
1f:73:6d:b1:96:a2:4c:40:f1:73:30:24:6c:5a:f4:f6:17:6b:
48:82:b3:aa:c8:25:d9:41:b8:ad:b0:29:ad:f4:f1:ff:02:94:
2d:70:5e:0d:97:38:35:a8:e4:a0:86:c3:15:18:25:5b:88:24:
6b:fd:c8:a5:19:4d:3d:1a:07:11:22:76:a7:74:6e:f9:39:37:
eb:c7:69:4a:7f:a1:73:50:50:84:ac:2d:fe:c7:a0:83:e6:7d:
fd:ee:36:57:44:6c:03:af:67:e6:0d:9b:8f:e1:c6:e7:ee:7d:
10:98:32:21:bc:66:0b:1c:66:ea:52:e0:cd:37:a1:0b:a8:1a:
17:3a:7b:82:30:d1:30:c0:c3:94:a4:2a:34:bd:c6:52:df:30:
d6:e3:aa:2f:46:c5:75:55:75:55:33:4d:46:0e:6c:2b:4e:cf:
ac:47:e7:ba:28:83:a9:6a:f4:98:dd:58:77:fb:c3:81:fa:05:
f8:d5:0a:54:d8:10:0c:8b:df:f5:81:88:22:f8:df:f6:1b:ff:
7b:c9:cf:a0:01:60:57:49:db:4f:ee:8a:ea:09:0e:15:b6:2d:
43:1b:20:6a:1e:fa:12:b5:f0:d3:44:93:64:e9:fd:34:ef:99:
56:b5:2d:75:66:9f:64:72:db:96:a7:2a:78:07:a4:5a:7a:f0:
cf:93:2c:71
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQgZ+ASgXp3LH/AuOPuzlkGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTIzZTI0OGU2ZWMwMzY4ZTA3MTIzNDVmNzI2ZDcxZjYw
ZjgyNmIwHhcNMjUwMTAxMDU0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzE3YWYyMDFmZmE4ZTE5NWUyM2M5OWU4NzFkZWVkNmU2ZTEzMzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ylI4rONMitHhqOqpNpj02nqPhOu
mXbCFeavhvrgtze/BkezgMdkB67SSKsL6zSRiJ4ZPoPQ99AtPSz1Tt/juBDicQy/
MOSic9mXX03+3KWAIG8SL3ruZNmbWpc7XJYy6pVEmv20yg+mrJj6i+C018GHEacK
UOtNVrzotlsHqWJ2tuuLhL+WYikRPp240sMWc/a6PeX38XLutS38Pnn0gfGBNKBU
/Tvf+yjU5iZlY2UaNdLWRblYAcrYszuY4LHdeima1PcfOupYnyosuMBlUYGh3Nso
JtsUh7PBkTzui6IXEZpMz5t/PmtaE37ZKJtGik1T0Q5bkLabxMtYB520/QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLcXryAf+o4ZXiPJnocd7tbm4TOBMB8GA1UdIwQY
MBaAFE8SPiSObsA2jgcSNF9ybXH2D4JrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhJLUpJNXV3RGFPQnhJMFgzSnRjZllQZ21zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS82ZDljZTItNmQ4OC00OTc3LWFlMDYt
YzFlOTQxZTU5YzE0LzEvdHhldklCXzZqaGxlSThtZWh4M3UxdWJoTTRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS82ZDljZTItNmQ4OC00OTc3LWFlMDYtYzFlOTQxZTU5YzE0
LzEvVHhJLUpJNXV3RGFPQnhJMFgzSnRjZllQZ21zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuUJcAwQC
uej8MA0EAgACMAcDBQMqBQaAMA0GCSqGSIb3DQEBCwUAA4IBAQAfc22xlqJMQPFz
MCRsWvT2F2tIgrOqyCXZQbitsCmt9PH/ApQtcF4Nlzg1qOSghsMVGCVbiCRr/cil
GU09GgcRInandG75OTfrx2lKf6FzUFCErC3+x6CD5n397jZXRGwDr2fmDZuP4cbn
7n0QmDIhvGYLHGbqUuDNN6ELqBoXOnuCMNEwwMOUpCo0vcZS3zDW46ovRsV1VXVV
M01GDmwrTs+sR+e6KIOpavSY3Vh3+8OB+gX41QpU2BAMi9/1gYgi+N/2G/97yc+g
AWBXSdtP7orqCQ4Vti1DGyBqHvoStfDTRJNk6f0075lWtS11Zp9kctuWpyp4B6Ra
evDPkyxx
-----END CERTIFICATE-----
Generated at Tue Apr 22 12:44:11 2025 by rpki-client