Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/35dee5-d8db-48e3-b7bb-0810d16bcc87/1/6zp8k7ws-z1aCcsmWGLYmfVsv4E.roa
File: 6zp8k7ws-z1aCcsmWGLYmfVsv4E.roa (raw, json)
Hash identifier: bUIQEUVAIaujbjPg7okGrEKCeQdfL4efouwX9EGneXc=
Subject key identifier: EB:3A:7C:93:BC:2C:FB:3D:5A:09:CB:26:58:62:D8:99:F5:6C:BF:81
Certificate issuer: /CN=9fd68f1b241423da97647b99224530386d25698c
Certificate serial: 0194228E0546D957C5877BAC99471A2C529A
Authority key identifier: 9F:D6:8F:1B:24:14:23:DA:97:64:7B:99:22:45:30:38:6D:25:69:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n9aPGyQUI9qXZHuZIkUwOG0laYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/35dee5-d8db-48e3-b7bb-0810d16bcc87/1/6zp8k7ws-z1aCcsmWGLYmfVsv4E.roa
Signing time: Wed 01 Jan 2025 15:48:40 +0000
ROA not before: Wed 01 Jan 2025 15:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28746
IP address blocks: 185.104.20.0/24 maxlen: 24
185.104.21.0/24 maxlen: 24
185.104.22.0/24 maxlen: 24
185.104.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/35dee5-d8db-48e3-b7bb-0810d16bcc87/1/n9aPGyQUI9qXZHuZIkUwOG0laYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/35dee5-d8db-48e3-b7bb-0810d16bcc87/1/n9aPGyQUI9qXZHuZIkUwOG0laYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/n9aPGyQUI9qXZHuZIkUwOG0laYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 06:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:05:46:d9:57:c5:87:7b:ac:99:47:1a:2c:52:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9fd68f1b241423da97647b99224530386d25698c
Validity
Not Before: Jan 1 15:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eb3a7c93bc2cfb3d5a09cb265862d899f56cbf81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:58:96:b4:ee:ca:0b:c7:fb:79:04:f3:a5:c5:
fe:da:a6:6f:62:2e:11:04:bf:fd:37:70:26:16:62:
f8:23:e9:a6:4c:9f:fa:63:92:26:17:f2:91:33:77:
bc:55:06:e7:0e:66:06:e0:07:26:c7:23:42:94:85:
d7:e6:d0:85:56:55:d6:83:d5:18:22:74:10:a1:a2:
ff:4a:e1:02:5b:d8:47:6b:f2:22:d0:65:51:d7:26:
89:48:f1:1a:80:65:e9:ff:56:8c:80:42:ac:20:d7:
96:d5:ca:4c:1b:96:7b:e1:9c:d1:d6:1f:5c:9f:b5:
fe:c7:cd:c3:1e:8f:e8:25:76:1d:4d:1d:21:fc:5c:
c3:c5:31:4a:9f:a5:2d:4d:c5:e1:38:4f:86:37:79:
46:1d:b8:25:7b:f6:00:09:1d:a0:79:b1:79:e2:90:
d6:02:6f:e8:a5:23:b4:da:be:d7:8b:fc:0f:fb:46:
ab:87:26:8f:97:2a:f6:27:58:49:d2:9c:68:d9:6a:
46:fe:d6:09:7e:ad:d0:6c:f1:3e:d7:0e:3d:87:b0:
ca:e0:85:44:bb:50:c6:e4:88:2c:32:03:4b:58:e2:
46:ac:e0:8b:db:46:7f:bf:4c:77:05:13:7d:3c:b1:
dc:0f:6b:f3:bc:ac:07:ee:c6:43:2d:7b:33:ff:75:
b2:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:3A:7C:93:BC:2C:FB:3D:5A:09:CB:26:58:62:D8:99:F5:6C:BF:81
X509v3 Authority Key Identifier:
keyid:9F:D6:8F:1B:24:14:23:DA:97:64:7B:99:22:45:30:38:6D:25:69:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n9aPGyQUI9qXZHuZIkUwOG0laYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/35dee5-d8db-48e3-b7bb-0810d16bcc87/1/6zp8k7ws-z1aCcsmWGLYmfVsv4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/35dee5-d8db-48e3-b7bb-0810d16bcc87/1/n9aPGyQUI9qXZHuZIkUwOG0laYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.20.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:b7:0f:d4:bf:35:ee:54:99:5e:11:75:b6:b0:27:61:ca:67:
cc:82:b6:cb:7f:08:e0:e9:4b:69:56:c2:f4:0a:12:a7:30:51:
ef:49:ec:40:1c:e9:22:00:65:3a:4d:5c:05:d3:54:d9:6f:c1:
5d:8d:96:09:e0:e4:82:5b:af:af:5e:f2:38:8e:f0:29:a5:e0:
a3:af:8d:70:26:30:30:39:7e:40:cc:7c:e7:b3:93:95:d3:d9:
dd:35:d8:d7:79:46:aa:48:e8:a9:e9:31:b7:a8:73:ee:9c:18:
d2:6e:b0:44:42:64:17:0b:63:43:7e:01:b2:98:d5:3d:42:f2:
12:f2:e4:61:dd:a0:a5:01:2b:8d:f1:34:6f:08:53:1f:6e:08:
ab:dd:09:07:ef:9c:26:7d:09:4c:f4:1f:a7:2e:d6:c2:71:1f:
3f:5f:ab:c0:55:16:b2:96:ef:d5:d5:8a:52:e1:31:3d:a3:dc:
3d:7e:1e:fa:8a:f9:59:a5:a2:e1:50:35:cd:6d:23:75:f2:47:
35:b9:b1:8d:16:3b:19:22:ed:46:e8:e4:b0:2b:77:7e:2c:b9:
d5:23:64:f9:57:75:4f:2b:49:00:93:13:fd:a6:be:8f:2c:c1:
87:22:61:e5:98:ca:49:d6:8e:92:e8:5c:d8:87:34:0e:2c:dc:
17:96:19:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijgVG2VfFh3usmUcaLFKaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmZDY4ZjFiMjQxNDIzZGE5NzY0N2I5OTIyNDUzMDM4NmQy
NTY5OGMwHhcNMjUwMTAxMTU0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjNhN2M5M2JjMmNmYjNkNWEwOWNiMjY1ODYyZDg5OWY1NmNiZjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1iWtO7KC8f7eQTzpcX+2qZvYi4R
BL/9N3AmFmL4I+mmTJ/6Y5ImF/KRM3e8VQbnDmYG4AcmxyNClIXX5tCFVlXWg9UY
InQQoaL/SuECW9hHa/Ii0GVR1yaJSPEagGXp/1aMgEKsINeW1cpMG5Z74ZzR1h9c
n7X+x83DHo/oJXYdTR0h/FzDxTFKn6UtTcXhOE+GN3lGHbgle/YACR2gebF54pDW
Am/opSO02r7Xi/wP+0arhyaPlyr2J1hJ0pxo2WpG/tYJfq3QbPE+1w49h7DK4IVE
u1DG5IgsMgNLWOJGrOCL20Z/v0x3BRN9PLHcD2vzvKwH7sZDLXsz/3WyzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOs6fJO8LPs9WgnLJlhi2Jn1bL+BMB8GA1UdIwQY
MBaAFJ/WjxskFCPal2R7mSJFMDhtJWmMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjlhUEd5UVVJOXFYWkh1WklrVXdPRzBsYVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8zNWRlZTUtZDhkYi00OGUzLWI3YmIt
MDgxMGQxNmJjYzg3LzEvNnpwOGs3d3MtejFhQ2NzbVdHTFltZlZzdjRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni8zNWRlZTUtZDhkYi00OGUzLWI3YmItMDgxMGQxNmJjYzg3
LzEvbjlhUEd5UVVJOXFYWkh1WklrVXdPRzBsYVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWgUMA0G
CSqGSIb3DQEBCwUAA4IBAQAutw/UvzXuVJleEXW2sCdhymfMgrbLfwjg6UtpVsL0
ChKnMFHvSexAHOkiAGU6TVwF01TZb8FdjZYJ4OSCW6+vXvI4jvAppeCjr41wJjAw
OX5AzHzns5OV09ndNdjXeUaqSOip6TG3qHPunBjSbrBEQmQXC2NDfgGymNU9QvIS
8uRh3aClASuN8TRvCFMfbgir3QkH75wmfQlM9B+nLtbCcR8/X6vAVRaylu/V1YpS
4TE9o9w9fh76ivlZpaLhUDXNbSN18kc1ubGNFjsZIu1G6OSwK3d+LLnVI2T5V3VP
K0kAkxP9pr6PLMGHImHlmMpJ1o6S6FzYhzQOLNwXlhkO
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:29:02 2025 by rpki-client