Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/8e0f63-ef7a-4662-b046-04e1eb2a9328/1/6IkTOlXjuiMiUAcYz6JmNLyjzkI.roa
File: 6IkTOlXjuiMiUAcYz6JmNLyjzkI.roa (raw, json)
Hash identifier: lvYkGWBMeYPfRVhHecKPB+lCXAgyiJ169VcA0wekGsU=
Subject key identifier: E8:89:13:3A:55:E3:BA:23:22:50:07:18:CF:A2:66:34:BC:A3:CE:42
Certificate issuer: /CN=aa3aed91f29b2cc7d3e05f240d99137581d9b5b3
Certificate serial: 019426D99CD1D51AEBFB965572B4479FBBA9
Authority key identifier: AA:3A:ED:91:F2:9B:2C:C7:D3:E0:5F:24:0D:99:13:75:81:D9:B5:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qjrtkfKbLMfT4F8kDZkTdYHZtbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/8e0f63-ef7a-4662-b046-04e1eb2a9328/1/6IkTOlXjuiMiUAcYz6JmNLyjzkI.roa
Signing time: Thu 02 Jan 2025 11:49:43 +0000
ROA not before: Thu 02 Jan 2025 11:49:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15412
IP address blocks: 62.216.128.0/19 maxlen: 24
80.77.0.0/20 maxlen: 24
85.95.24.0/22 maxlen: 24
89.17.96.0/19 maxlen: 19
2001:1a00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/8e0f63-ef7a-4662-b046-04e1eb2a9328/1/qjrtkfKbLMfT4F8kDZkTdYHZtbM.crl
rsync://rpki.ripe.net/repository/DEFAULT/73/8e0f63-ef7a-4662-b046-04e1eb2a9328/1/qjrtkfKbLMfT4F8kDZkTdYHZtbM.mft
rsync://rpki.ripe.net/repository/DEFAULT/qjrtkfKbLMfT4F8kDZkTdYHZtbM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 20:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:9c:d1:d5:1a:eb:fb:96:55:72:b4:47:9f:bb:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa3aed91f29b2cc7d3e05f240d99137581d9b5b3
Validity
Not Before: Jan 2 11:49:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e889133a55e3ba2322500718cfa26634bca3ce42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:2d:60:11:9e:4b:a3:db:54:d5:3e:f7:8f:f3:
1a:3f:b3:ed:b5:34:e7:b3:6f:a1:ad:f4:e8:ba:d0:
e5:63:b3:bc:ba:a2:1a:80:71:c1:80:d0:6f:59:3b:
ed:1c:b6:5f:1f:52:c2:3a:e1:ae:f3:c8:9c:80:14:
87:4e:a8:10:f8:51:57:9a:ef:75:3d:59:4a:a4:a7:
c6:de:16:28:fd:bb:84:88:03:1b:ad:09:f3:3b:1a:
89:35:c6:47:13:c6:2b:a6:f6:0c:c9:96:a1:7a:06:
53:6c:9a:9f:70:8f:63:52:1c:a3:21:ea:da:1c:08:
bc:34:01:16:dc:bc:76:61:23:6a:39:54:03:bd:2d:
1a:f9:8b:cd:1d:af:35:ad:b7:59:c6:32:67:57:1a:
35:ca:d6:71:e9:97:1a:b7:8f:06:71:30:5c:06:fe:
39:d3:2e:66:15:cc:97:8a:66:1c:ce:80:c7:55:32:
6a:23:ba:2e:ee:69:b3:4f:c8:26:28:27:04:e2:2f:
ae:58:20:b0:2f:3e:12:b9:26:26:1f:36:73:28:9f:
50:7e:51:25:c0:36:0d:3a:e3:07:b1:80:f1:21:a5:
58:57:58:d5:fc:23:ec:9d:3a:04:61:0d:3d:a5:66:
9a:5f:ff:bb:03:44:e7:52:17:8c:18:56:63:da:bb:
07:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:89:13:3A:55:E3:BA:23:22:50:07:18:CF:A2:66:34:BC:A3:CE:42
X509v3 Authority Key Identifier:
keyid:AA:3A:ED:91:F2:9B:2C:C7:D3:E0:5F:24:0D:99:13:75:81:D9:B5:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qjrtkfKbLMfT4F8kDZkTdYHZtbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e0f63-ef7a-4662-b046-04e1eb2a9328/1/6IkTOlXjuiMiUAcYz6JmNLyjzkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e0f63-ef7a-4662-b046-04e1eb2a9328/1/qjrtkfKbLMfT4F8kDZkTdYHZtbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.216.128.0/19
80.77.0.0/20
85.95.24.0/22
89.17.96.0/19
IPv6:
2001:1a00::/32
Signature Algorithm: sha256WithRSAEncryption
0e:d5:8b:97:3c:41:39:5a:80:97:63:97:06:e1:d0:1e:c6:5e:
50:01:34:73:bd:a6:ed:57:4e:43:58:48:00:0a:74:10:a7:3b:
b0:2e:b1:cd:ba:2d:91:d7:45:b4:a3:ea:ce:4b:7f:f6:76:e6:
e4:4a:b4:fd:8e:05:f4:ff:fd:db:bc:eb:43:d4:48:71:9b:c8:
67:f3:51:c1:6c:76:2a:bd:25:bd:70:aa:de:6b:41:cb:d6:87:
f8:83:9a:2c:3c:51:6f:a3:f5:68:f9:e6:8e:53:4d:ea:61:3e:
83:0c:52:ed:3c:8b:17:17:58:a0:78:2b:15:7b:90:85:29:20:
cb:a1:a4:bd:b7:f0:b5:53:d6:c0:e7:75:e9:4f:fb:4c:dd:d5:
e0:20:cf:44:67:eb:58:c1:28:a4:8d:bc:02:b2:42:89:98:ab:
91:7c:9e:c1:86:8a:a8:13:6c:56:8e:12:01:c5:91:aa:64:52:
5f:ec:a1:0b:14:16:e9:7b:02:1d:ce:da:11:4b:ad:f8:5e:12:
47:51:d0:e8:ec:56:66:e3:b1:23:ec:a3:ef:69:ed:b7:9e:e7:
c9:e0:4c:26:4c:08:4f:5d:ce:c9:41:e7:40:c2:db:ab:da:92:
0e:ad:e3:68:e7:05:b7:64:14:c5:70:fe:24:b2:cf:a2:2a:2a:
15:11:b4:08
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQm2ZzR1Rrr+5ZVcrRHn7upMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhM2FlZDkxZjI5YjJjYzdkM2UwNWYyNDBkOTkxMzc1ODFk
OWI1YjMwHhcNMjUwMTAyMTE0OTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODg5MTMzYTU1ZTNiYTIzMjI1MDA3MThjZmEyNjYzNGJjYTNjZTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlC1gEZ5Lo9tU1T73j/MaP7PttTTn
s2+hrfToutDlY7O8uqIagHHBgNBvWTvtHLZfH1LCOuGu88icgBSHTqgQ+FFXmu91
PVlKpKfG3hYo/buEiAMbrQnzOxqJNcZHE8YrpvYMyZahegZTbJqfcI9jUhyjIera
HAi8NAEW3Lx2YSNqOVQDvS0a+YvNHa81rbdZxjJnVxo1ytZx6Zcat48GcTBcBv45
0y5mFcyXimYczoDHVTJqI7ou7mmzT8gmKCcE4i+uWCCwLz4SuSYmHzZzKJ9QflEl
wDYNOuMHsYDxIaVYV1jV/CPsnToEYQ09pWaaX/+7A0TnUheMGFZj2rsH+QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFOiJEzpV47ojIlAHGM+iZjS8o85CMB8GA1UdIwQY
MBaAFKo67ZHymyzH0+BfJA2ZE3WB2bWzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWpydGtmS2JMTWZUNEY4a0Raa1RkWUhadGJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My84ZTBmNjMtZWY3YS00NjYyLWIwNDYt
MDRlMWViMmE5MzI4LzEvNklrVE9sWGp1aU1pVUFjWXo2Sm1OTHlqemtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My84ZTBmNjMtZWY3YS00NjYyLWIwNDYtMDRlMWViMmE5MzI4
LzEvcWpydGtmS2JMTWZUNEY4a0Raa1RkWUhadGJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFPtiAAwQE
UE0AAwQCVV8YAwQFWRFgMA0EAgACMAcDBQAgARoAMA0GCSqGSIb3DQEBCwUAA4IB
AQAO1YuXPEE5WoCXY5cG4dAexl5QATRzvabtV05DWEgACnQQpzuwLrHNui2R10W0
o+rOS3/2dubkSrT9jgX0//3bvOtD1Ehxm8hn81HBbHYqvSW9cKrea0HL1of4g5os
PFFvo/Vo+eaOU03qYT6DDFLtPIsXF1igeCsVe5CFKSDLoaS9t/C1U9bA53XpT/tM
3dXgIM9EZ+tYwSikjbwCskKJmKuRfJ7BhoqoE2xWjhIBxZGqZFJf7KELFBbpewId
ztoRS634XhJHUdDo7FZm47Ej7KPvae23nufJ4EwmTAhPXc7JQedAwtur2pIOreNo
5wW3ZBTFcP4kss+iKioVEbQI
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:00:07 2025 by rpki-client