Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/6a6b22-fe67-4202-ac94-51ad00e54332/1/1M6uqQrJ-H8cZQtvFA1H52Pn6A4.roa
File: 1M6uqQrJ-H8cZQtvFA1H52Pn6A4.roa (raw, json)
Hash identifier: nnfKaOcFHds8X3AM+jMxIYq03nNPy9Dlqx+6UDoHZiY=
Subject key identifier: D4:CE:AE:A9:0A:C9:F8:7F:1C:65:0B:6F:14:0D:47:E7:63:E7:E8:0E
Certificate issuer: /CN=64b59ae521952da55e03f779b885031c0c809cf9
Certificate serial: 019428254D5B74F4662D33453E776EFDCB65
Authority key identifier: 64:B5:9A:E5:21:95:2D:A5:5E:03:F7:79:B8:85:03:1C:0C:80:9C:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZLWa5SGVLaVeA_d5uIUDHAyAnPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/6a6b22-fe67-4202-ac94-51ad00e54332/1/1M6uqQrJ-H8cZQtvFA1H52Pn6A4.roa
Signing time: Thu 02 Jan 2025 17:52:00 +0000
ROA not before: Thu 02 Jan 2025 17:52:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210897
IP address blocks: 103.56.172.0/24 maxlen: 24
193.23.125.0/24 maxlen: 24
194.8.135.0/24 maxlen: 24
2a11:2b80::/48 maxlen: 48
2a11:2b80:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/6a6b22-fe67-4202-ac94-51ad00e54332/1/ZLWa5SGVLaVeA_d5uIUDHAyAnPk.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/6a6b22-fe67-4202-ac94-51ad00e54332/1/ZLWa5SGVLaVeA_d5uIUDHAyAnPk.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZLWa5SGVLaVeA_d5uIUDHAyAnPk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:4d:5b:74:f4:66:2d:33:45:3e:77:6e:fd:cb:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64b59ae521952da55e03f779b885031c0c809cf9
Validity
Not Before: Jan 2 17:52:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d4ceaea90ac9f87f1c650b6f140d47e763e7e80e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:f6:e3:df:02:b7:1f:4a:38:e1:cd:84:ea:56:
f6:52:ca:63:7c:38:38:35:1d:3d:5f:78:e8:70:37:
14:4f:fc:9d:e9:2b:6a:c0:a9:50:1f:c0:3e:46:69:
40:45:84:51:ef:e1:66:b2:71:44:c8:3e:d3:20:10:
eb:ef:26:da:90:2a:62:59:4e:93:5c:ec:39:fb:51:
b6:82:33:99:ad:08:9d:f6:d6:f1:c7:ae:e4:8f:67:
6a:c5:32:1c:ba:c2:1b:de:1e:95:b7:45:c7:b5:2a:
81:fd:78:70:6a:a2:57:39:16:2e:34:78:b3:62:4d:
17:ce:7e:7d:66:21:41:59:64:20:df:ad:d4:5f:32:
6a:d1:69:2e:fa:37:5e:a8:be:f9:d8:c8:ff:fe:09:
ec:e6:00:c3:cb:06:63:26:92:be:0a:96:b6:13:b8:
b2:0c:29:c0:bf:b5:02:2c:b9:6e:f1:98:c8:b6:bd:
80:1e:af:bc:9e:3a:9d:82:d1:ed:cf:cf:b3:8c:c7:
0f:44:b4:34:74:80:32:b3:23:03:a7:d8:07:a9:05:
53:d8:0b:1e:8b:5a:d7:43:84:01:51:a9:b4:a2:94:
b9:c6:9c:fe:fb:25:4d:36:4c:f4:84:37:50:be:85:
bd:05:57:b2:df:8d:12:96:7c:ee:18:10:f6:ac:4c:
48:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:CE:AE:A9:0A:C9:F8:7F:1C:65:0B:6F:14:0D:47:E7:63:E7:E8:0E
X509v3 Authority Key Identifier:
keyid:64:B5:9A:E5:21:95:2D:A5:5E:03:F7:79:B8:85:03:1C:0C:80:9C:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZLWa5SGVLaVeA_d5uIUDHAyAnPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/6a6b22-fe67-4202-ac94-51ad00e54332/1/1M6uqQrJ-H8cZQtvFA1H52Pn6A4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/6a6b22-fe67-4202-ac94-51ad00e54332/1/ZLWa5SGVLaVeA_d5uIUDHAyAnPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.56.172.0/24
193.23.125.0/24
194.8.135.0/24
IPv6:
2a11:2b80::/47
Signature Algorithm: sha256WithRSAEncryption
94:3e:22:18:d5:02:45:5b:a3:20:62:58:c9:a8:a6:48:0d:2a:
95:48:d5:8e:47:78:d4:7c:99:40:80:9a:e2:c4:0c:86:d5:3a:
16:61:b3:15:e5:09:51:05:74:cf:22:d9:10:7a:20:4d:bb:f7:
66:d7:ce:48:d9:a6:b8:12:f4:ee:3f:c5:4b:44:6f:37:81:28:
ef:26:89:1b:71:68:a2:d9:2c:20:0d:f0:5a:ad:a8:91:1d:2f:
71:2c:71:e7:78:0b:82:0e:74:28:05:a4:81:33:bb:4c:87:72:
70:53:b2:a5:77:85:31:b9:7e:20:3d:bb:c9:33:19:61:04:b8:
a8:67:ed:ee:e6:a7:71:77:eb:96:4a:5b:e4:a2:b0:5d:47:3a:
d2:8d:b1:c3:32:3c:52:15:50:26:87:1a:aa:90:4a:c4:25:c3:
dc:28:2e:3c:af:2a:85:5e:87:6c:ae:15:f9:40:ae:22:7f:1c:
5c:30:18:1b:27:c1:a2:d9:88:1d:56:30:c0:cd:23:72:f5:65:
32:4b:17:5b:45:a2:36:a7:97:29:5c:79:df:c1:86:48:be:df:
8b:6c:58:0b:62:0c:79:f2:69:b8:3d:e3:c9:6e:50:d5:1f:f2:
17:40:cf:f2:e9:6b:d6:d5:42:44:49:64:3d:d7:a9:37:7d:3b:
c1:ad:1d:a0
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQoJU1bdPRmLTNFPndu/ctlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YjU5YWU1MjE5NTJkYTU1ZTAzZjc3OWI4ODUwMzFjMGM4
MDljZjkwHhcNMjUwMTAyMTc1MjAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGNlYWVhOTBhYzlmODdmMWM2NTBiNmYxNDBkNDdlNzYzZTdlODBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2fbj3wK3H0o44c2E6lb2UspjfDg4
NR09X3jocDcUT/yd6StqwKlQH8A+RmlARYRR7+FmsnFEyD7TIBDr7ybakCpiWU6T
XOw5+1G2gjOZrQid9tbxx67kj2dqxTIcusIb3h6Vt0XHtSqB/XhwaqJXORYuNHiz
Yk0Xzn59ZiFBWWQg363UXzJq0Wku+jdeqL752Mj//gns5gDDywZjJpK+Cpa2E7iy
DCnAv7UCLLlu8ZjItr2AHq+8njqdgtHtz8+zjMcPRLQ0dIAysyMDp9gHqQVT2Ase
i1rXQ4QBUam0opS5xpz++yVNNkz0hDdQvoW9BVey340SlnzuGBD2rExIfQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFNTOrqkKyfh/HGULbxQNR+dj5+gOMB8GA1UdIwQY
MBaAFGS1muUhlS2lXgP3ebiFAxwMgJz5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkxXYTVTR1ZMYVZlQV9kNXVJVURIQXlBblBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi82YTZiMjItZmU2Ny00MjAyLWFjOTQt
NTFhZDAwZTU0MzMyLzEvMU02dXFRckotSDhjWlF0dkZBMUg1MlBuNkE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi82YTZiMjItZmU2Ny00MjAyLWFjOTQtNTFhZDAwZTU0MzMy
LzEvWkxXYTVTR1ZMYVZlQV9kNXVJVURIQXlBblBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAZzisAwQA
wRd9AwQAwgiHMA8EAgACMAkDBwEqESuAAAAwDQYJKoZIhvcNAQELBQADggEBAJQ+
IhjVAkVboyBiWMmopkgNKpVI1Y5HeNR8mUCAmuLEDIbVOhZhsxXlCVEFdM8i2RB6
IE2792bXzkjZprgS9O4/xUtEbzeBKO8miRtxaKLZLCAN8FqtqJEdL3Esced4C4IO
dCgFpIEzu0yHcnBTsqV3hTG5fiA9u8kzGWEEuKhn7e7mp3F365ZKW+SisF1HOtKN
scMyPFIVUCaHGqqQSsQlw9woLjyvKoVeh2yuFflAriJ/HFwwGBsnwaLZiB1WMMDN
I3L1ZTJLF1tFojanlylced/Bhki+34tsWAtiDHnyabg948luUNUf8hdAz/Lpa9bV
QkRJZD3XqTd9O8GtHaA=
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:01:21 2025 by rpki-client