Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/f6GDqb9nJIgj_F1z2AEUbY6YnmQ.roa
File: f6GDqb9nJIgj_F1z2AEUbY6YnmQ.roa (raw, json)
Hash identifier: jKya+L5/uP3Dz7PfxR54wCUY1sMiu+aWWncKs50X+nY=
Subject key identifier: 7F:A1:83:A9:BF:67:24:88:23:FC:5D:73:D8:01:14:6D:8E:98:9E:64
Certificate issuer: /CN=22f344a63dcb70e89057deb8e2761dc45165881a
Certificate serial: 0194AB48CE43CEB7872C431D3AD3FBD7227A
Authority key identifier: 22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/f6GDqb9nJIgj_F1z2AEUbY6YnmQ.roa
Signing time: Tue 28 Jan 2025 05:01:02 +0000
ROA not before: Tue 28 Jan 2025 05:01:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209372
IP address blocks: 85.28.32.0/23 maxlen: 23
85.28.34.0/24 maxlen: 24
85.28.35.0/24 maxlen: 24
85.28.36.0/22 maxlen: 22
85.28.40.0/23 maxlen: 23
85.28.42.0/24 maxlen: 24
85.28.43.0/24 maxlen: 24
85.28.44.0/23 maxlen: 23
85.28.48.0/22 maxlen: 22
85.28.52.0/23 maxlen: 23
85.28.54.0/23 maxlen: 23
85.28.56.0/24 maxlen: 24
85.28.57.0/24 maxlen: 24
85.28.58.0/24 maxlen: 24
85.28.59.0/24 maxlen: 24
85.28.60.0/22 maxlen: 22
85.28.60.0/24 maxlen: 24
85.28.62.0/24 maxlen: 24
109.238.200.0/24 maxlen: 24
109.238.203.0/24 maxlen: 24
109.238.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.mft
rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 04:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ab:48:ce:43:ce:b7:87:2c:43:1d:3a:d3:fb:d7:22:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f344a63dcb70e89057deb8e2761dc45165881a
Validity
Not Before: Jan 28 05:01:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7fa183a9bf67248823fc5d73d801146d8e989e64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:59:a0:a3:98:46:b9:11:34:0a:14:45:dd:02:
79:d0:56:f9:1a:9d:90:1c:cd:7f:d2:3f:ec:89:7c:
84:6b:90:fa:92:f1:84:05:73:1b:28:75:57:0e:8b:
2b:e6:c2:d7:b5:71:4b:c0:6e:9f:70:73:65:c2:b7:
f3:f7:a4:d6:23:f6:dc:34:76:88:7c:b5:f4:27:40:
5b:3a:35:91:24:24:5b:9b:b7:f7:88:96:86:1e:f8:
6a:a6:06:f1:47:33:69:c1:ac:f7:f5:c7:f2:68:4e:
32:02:92:fc:f3:e6:57:b6:5b:b1:d4:16:0f:ac:5c:
25:50:01:e1:c1:ec:f6:a2:83:e4:a4:6e:32:cb:0c:
82:b4:fc:ec:ab:5c:33:36:3a:a9:b8:34:2d:ec:4a:
ad:64:22:34:b6:d4:0c:7b:c1:b7:87:d9:65:cd:23:
ab:82:8c:31:79:15:7d:8b:31:75:a7:f6:1b:31:a4:
ca:b1:e6:dd:c9:37:b1:a3:4f:cd:29:35:05:b0:79:
eb:3b:87:79:8e:bc:d8:75:e5:e0:09:dc:e6:cf:a1:
f6:25:3a:89:a3:19:ab:11:c8:07:34:c5:9d:15:61:
e3:dc:0b:10:36:79:4b:18:22:c9:4d:c5:27:cc:d0:
c3:ce:63:85:29:4d:d9:36:d8:c6:61:c8:22:0c:82:
c0:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:A1:83:A9:BF:67:24:88:23:FC:5D:73:D8:01:14:6D:8E:98:9E:64
X509v3 Authority Key Identifier:
keyid:22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/f6GDqb9nJIgj_F1z2AEUbY6YnmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.28.32.0-85.28.45.255
85.28.48.0/20
109.238.200.0/24
109.238.203.0/24
109.238.205.0/24
Signature Algorithm: sha256WithRSAEncryption
07:4d:df:2c:e8:0b:86:c5:c5:47:98:84:b9:72:7d:a6:54:5c:
ca:b7:fd:61:2f:8d:de:21:96:4e:8d:4e:c2:8d:f0:af:5d:b4:
a0:3a:48:d6:7c:de:11:6b:2b:77:1b:14:7b:8f:65:5f:5e:b4:
c9:40:8b:c2:2a:36:ac:c3:c0:29:0c:a8:d3:47:29:f9:9c:6d:
9a:14:60:e0:8f:d9:6e:8b:31:92:94:8a:e1:9d:95:1e:79:bf:
69:a1:68:02:8d:ff:0c:d5:20:94:cd:90:e9:54:7e:14:5a:69:
60:c5:b8:a4:ed:e8:7b:ab:e1:08:7d:20:35:7b:72:28:ce:65:
31:29:14:f8:4e:a2:77:fd:5e:58:fb:0d:3c:ed:8d:15:4b:01:
42:8d:77:f5:19:44:68:45:86:1f:10:2c:b1:76:63:18:29:90:
bb:a0:c3:f1:c0:aa:f3:bc:7f:64:3e:47:fc:99:d0:35:71:ea:
69:07:d3:c5:b7:2c:e5:69:98:1d:46:ce:d8:43:4d:fc:2a:b2:
b6:af:cb:47:f9:03:43:cb:c0:25:8d:1f:55:5e:9d:04:3f:c4:
d3:1d:2c:da:78:8a:76:db:e6:29:a8:53:fc:6a:3b:d1:37:fb:
85:48:49:3c:cb:30:74:33:a8:ed:be:01:eb:1e:4e:f1:e9:e3:
64:aa:23:af
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZSrSM5DzreHLEMdOtP71yJ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjM0NGE2M2RjYjcwZTg5MDU3ZGViOGUyNzYxZGM0NTE2
NTg4MWEwHhcNMjUwMTI4MDUwMTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmExODNhOWJmNjcyNDg4MjNmYzVkNzNkODAxMTQ2ZDhlOTg5ZTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslmgo5hGuRE0ChRF3QJ50Fb5Gp2Q
HM1/0j/siXyEa5D6kvGEBXMbKHVXDosr5sLXtXFLwG6fcHNlwrfz96TWI/bcNHaI
fLX0J0BbOjWRJCRbm7f3iJaGHvhqpgbxRzNpwaz39cfyaE4yApL88+ZXtlux1BYP
rFwlUAHhwez2ooPkpG4yywyCtPzsq1wzNjqpuDQt7EqtZCI0ttQMe8G3h9llzSOr
gowxeRV9izF1p/YbMaTKsebdyTexo0/NKTUFsHnrO4d5jrzYdeXgCdzmz6H2JTqJ
oxmrEcgHNMWdFWHj3AsQNnlLGCLJTcUnzNDDzmOFKU3ZNtjGYcgiDILAhQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFH+hg6m/ZySII/xdc9gBFG2OmJ5kMB8GA1UdIwQY
MBaAFCLzRKY9y3DokFfeuOJ2HcRRZYgaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5Yzct
ZmViYjY0YjVlMTY0LzEvZjZHRHFiOW5KSWdqX0YxejJBRVViWTZZbm1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5YzctZmViYjY0YjVlMTY0
LzEvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAVVHCAD
BAFVHCwDBARVHDADBABt7sgDBABt7ssDBABt7s0wDQYJKoZIhvcNAQELBQADggEB
AAdN3yzoC4bFxUeYhLlyfaZUXMq3/WEvjd4hlk6NTsKN8K9dtKA6SNZ83hFrK3cb
FHuPZV9etMlAi8IqNqzDwCkMqNNHKfmcbZoUYOCP2W6LMZKUiuGdlR55v2mhaAKN
/wzVIJTNkOlUfhRaaWDFuKTt6Hur4Qh9IDV7cijOZTEpFPhOonf9Xlj7DTztjRVL
AUKNd/UZRGhFhh8QLLF2YxgpkLugw/HAqvO8f2Q+R/yZ0DVx6mkH08W3LOVpmB1G
zthDTfwqsravy0f5A0PLwCWNH1VenQQ/xNMdLNp4inbb5imoU/xqO9E3+4VISTzL
MHQzqO2+AeseTvHp42SqI68=
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:46:35 2025 by rpki-client