Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/a2-Ak-XNzMq87nGfxm17NNrDD-w.roa
File: a2-Ak-XNzMq87nGfxm17NNrDD-w.roa (raw, json)
Hash identifier: oobPnpb12mxX5CV2sXI30Is1iiyb45x/TVEFVdIFWQ0=
Subject key identifier: 6B:6F:80:93:E5:CD:CC:CA:BC:EE:71:9F:C6:6D:7B:34:DA:C3:0F:EC
Certificate issuer: /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial: 019427B3D8681842DCE8E641E55BACB5E424
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/a2-Ak-XNzMq87nGfxm17NNrDD-w.roa
Signing time: Thu 02 Jan 2025 15:48:05 +0000
ROA not before: Thu 02 Jan 2025 15:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9583
IP address blocks: 57.250.64.0/24 maxlen: 24
57.250.66.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 21:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:d8:68:18:42:dc:e8:e6:41:e5:5b:ac:b5:e4:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Validity
Not Before: Jan 2 15:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6b6f8093e5cdcccabcee719fc66d7b34dac30fec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:2b:2f:f2:a1:cc:3f:6e:58:88:8f:0b:cc:20:
61:ce:8c:19:e3:b1:53:6d:cc:b1:d9:cb:44:04:b8:
9d:97:c2:14:a0:60:4b:0c:d6:01:70:80:43:c0:24:
48:31:3a:34:9e:1a:2c:f6:3b:1b:70:78:1a:70:c7:
73:7c:0f:ec:8b:28:10:9e:8b:fb:4d:0d:8c:9a:5f:
60:f0:d0:d2:0e:77:fc:07:7a:09:07:7b:b6:2c:19:
44:47:36:27:37:aa:f5:75:ba:55:3f:4c:af:59:11:
bd:fd:f1:6e:54:11:12:c7:d8:fa:92:97:a1:09:be:
ff:bf:1b:ee:a1:d6:0b:69:77:69:3b:7d:ad:ab:f0:
d6:09:d0:ae:5b:d4:e6:55:a0:51:7a:58:d2:74:59:
c9:2c:da:76:f3:61:59:c3:3f:ae:7e:3d:e6:42:d9:
53:f2:35:17:04:e9:11:43:5e:7f:ec:7c:b5:5a:b3:
f8:4d:4e:80:0c:87:92:81:0a:f1:6e:89:dc:86:99:
d8:45:1c:98:7a:be:3b:e3:c2:18:8c:31:91:d3:07:
d8:8b:d3:2a:85:81:a2:c0:57:f9:80:9e:bd:92:64:
ae:b2:c3:63:6e:31:2b:27:3f:bc:88:a5:11:5c:8a:
e4:5c:b9:70:4f:67:4b:59:61:63:94:a4:42:e3:da:
9c:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:6F:80:93:E5:CD:CC:CA:BC:EE:71:9F:C6:6D:7B:34:DA:C3:0F:EC
X509v3 Authority Key Identifier:
keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/a2-Ak-XNzMq87nGfxm17NNrDD-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.250.64.0/24
57.250.66.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:b7:0e:2a:69:98:30:42:2c:7f:07:6f:10:a7:d8:70:4c:07:
46:ac:00:e7:ad:f0:d2:f4:61:d3:40:c0:43:4c:34:fd:93:ae:
b8:4b:71:63:86:9d:5e:66:84:77:c2:cb:d5:3c:4b:cb:f2:5f:
c9:3c:13:b2:70:5b:5f:f8:a0:ec:41:16:b8:36:a9:61:f9:7c:
00:55:55:99:16:b0:fb:e3:7d:a9:31:e8:a1:2b:f5:e0:c3:78:
8f:1d:21:d6:ac:f7:6b:5a:96:78:d0:69:84:c7:27:26:69:ea:
cf:f1:50:91:86:a0:5b:ad:55:5c:b8:ff:c0:fa:df:00:f3:a2:
59:0c:c6:27:ed:07:82:f0:5f:c9:33:a3:01:de:e3:27:60:62:
10:53:0a:30:76:db:9d:b5:b4:ee:f3:d0:b5:f3:ee:03:1b:e9:
58:0c:df:b3:dd:77:da:07:82:c1:2d:b7:7f:a6:4d:57:5f:ef:
24:b4:b3:bd:d9:19:7e:85:fb:d6:8d:89:4b:71:5d:03:78:27:
2f:e7:5b:7c:55:f6:3d:53:f5:8c:3d:f4:0f:48:55:45:ed:83:
0f:17:a6:11:75:b2:73:f5:a7:28:c1:f0:cb:fa:eb:8b:ca:5e:
d9:94:f7:58:14:bb:1f:f9:2a:81:d6:86:31:3f:a9:43:63:c9:
83:49:6a:0d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQns9hoGELc6OZB5VusteQkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDViYTA4MTVjOWY1MTkzZjgwOTg5ZWU4OTNhY2FjYzRi
YTg4NDkwHhcNMjUwMTAyMTU0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjZmODA5M2U1Y2RjY2NhYmNlZTcxOWZjNjZkN2IzNGRhYzMwZmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCsv8qHMP25YiI8LzCBhzowZ47FT
bcyx2ctEBLidl8IUoGBLDNYBcIBDwCRIMTo0nhos9jsbcHgacMdzfA/siygQnov7
TQ2Mml9g8NDSDnf8B3oJB3u2LBlERzYnN6r1dbpVP0yvWRG9/fFuVBESx9j6kpeh
Cb7/vxvuodYLaXdpO32tq/DWCdCuW9TmVaBReljSdFnJLNp282FZwz+ufj3mQtlT
8jUXBOkRQ15/7Hy1WrP4TU6ADIeSgQrxbonchpnYRRyYer4748IYjDGR0wfYi9Mq
hYGiwFf5gJ69kmSussNjbjErJz+8iKURXIrkXLlwT2dLWWFjlKRC49qcjwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGtvgJPlzczKvO5xn8ZtezTaww/sMB8GA1UdIwQY
MBaAFEPVuggVyfUZP4CYnuiTrKzEuohJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEt
ZTEzZTU1NzljNWRjLzEvYTItQWstWE56TXE4N25HZnhtMTdOTnJERC13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEtZTEzZTU1NzljNWRj
LzEvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAOfpAAwQA
OfpCMA0GCSqGSIb3DQEBCwUAA4IBAQCttw4qaZgwQix/B28Qp9hwTAdGrADnrfDS
9GHTQMBDTDT9k664S3Fjhp1eZoR3wsvVPEvL8l/JPBOycFtf+KDsQRa4Nqlh+XwA
VVWZFrD7432pMeihK/Xgw3iPHSHWrPdrWpZ40GmExycmaerP8VCRhqBbrVVcuP/A
+t8A86JZDMYn7QeC8F/JM6MB3uMnYGIQUwowdtudtbTu89C18+4DG+lYDN+z3Xfa
B4LBLbd/pk1XX+8ktLO92Rl+hfvWjYlLcV0DeCcv51t8VfY9U/WMPfQPSFVF7YMP
F6YRdbJz9acowfDL+uuLyl7ZlPdYFLsf+SqB1oYxP6lDY8mDSWoN
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:31:20 2025 by rpki-client