Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/6wpfGtluHIGN3MtN9SqQrTcpczs.roa
File: 6wpfGtluHIGN3MtN9SqQrTcpczs.roa (raw, json)
Hash identifier: 3kI/dtG5JV5NS+lnDyTbrArYg9AlesA6qG7Sfdv5qTI=
Subject key identifier: EB:0A:5F:1A:D9:6E:1C:81:8D:DC:CB:4D:F5:2A:90:AD:37:29:73:3B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019428249612ADBD42660A6490A9760ECAEA
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/6wpfGtluHIGN3MtN9SqQrTcpczs.roa
Signing time: Thu 02 Jan 2025 17:51:13 +0000
ROA not before: Thu 02 Jan 2025 17:51:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61071
IP address blocks: 85.217.164.0/23 maxlen: 32
87.120.246.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 00:57:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:96:12:ad:bd:42:66:0a:64:90:a9:76:0e:ca:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 17:51:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eb0a5f1ad96e1c818ddccb4df52a90ad3729733b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:4d:08:84:41:74:a2:e3:4b:32:b8:2c:c1:23:
d1:29:70:f5:20:d5:7c:ff:67:8a:7d:ca:ea:34:14:
8d:52:57:bf:f8:26:98:bc:cd:3d:f5:97:f7:2b:c6:
aa:80:c7:80:ca:d2:d0:6b:aa:2e:27:b8:4b:61:47:
7f:07:f4:61:09:b3:79:8f:0a:51:8c:ee:71:98:0b:
7b:cf:6f:6b:bf:1b:2b:37:65:07:e3:32:c5:c2:3b:
84:b8:8d:3b:83:76:9c:0f:9d:92:02:69:6a:fd:a2:
ab:84:d4:61:1f:cb:48:6a:4b:1c:ef:ed:7b:65:53:
30:d6:2d:c3:59:50:cc:35:46:ab:58:8e:a8:55:ff:
69:2c:45:c8:83:27:c1:39:19:d0:8e:8f:24:d0:6d:
1c:c8:e2:b7:47:d4:57:b6:ad:12:ed:e9:37:3a:0f:
1b:b7:f9:84:da:6b:4a:cc:87:e1:f4:51:34:ae:7f:
b3:2c:da:80:40:69:38:02:d4:97:28:dd:5f:ac:34:
13:fc:c9:ab:45:57:44:bc:bd:10:dc:5d:17:c8:13:
1f:d9:5d:5d:d6:ae:29:31:2f:29:ca:a8:bf:97:ba:
12:a8:a4:b5:05:6f:14:70:88:56:e3:05:7f:c0:c4:
19:4b:ab:52:14:0f:13:d1:33:ee:82:5f:44:ba:29:
e1:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:0A:5F:1A:D9:6E:1C:81:8D:DC:CB:4D:F5:2A:90:AD:37:29:73:3B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/6wpfGtluHIGN3MtN9SqQrTcpczs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.164.0/23
87.120.246.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:56:1f:58:c4:f6:96:b7:7c:32:09:5d:78:9a:b5:5f:67:71:
24:b3:f9:06:f4:6a:f5:fb:ff:17:f5:9f:33:eb:67:6c:ff:18:
38:3c:09:25:a1:37:2d:cd:5b:6f:0d:ab:8b:72:ee:76:18:6f:
df:3d:00:bf:40:cd:42:da:bd:5b:ab:bc:43:5b:9c:a1:bb:ef:
49:a3:51:4a:3a:7a:c1:09:63:c6:e9:53:20:6e:01:27:9a:1d:
e9:4e:99:fd:ab:84:7b:71:47:22:06:ed:b2:c7:71:4a:cd:c5:
26:68:23:94:7b:d3:f0:b3:44:01:55:be:ef:79:db:71:39:ac:
da:ea:bc:d9:12:c0:85:44:2e:10:d0:5c:44:8d:d1:6d:c2:82:
11:33:0c:1a:28:cd:db:92:54:28:ee:5d:9f:3f:f4:37:33:d3:
f9:0a:67:de:03:74:6d:d4:3c:2b:73:b4:7d:b7:c3:09:73:e5:
aa:dd:23:c1:c1:60:0e:2d:03:59:d1:03:9f:40:bf:6a:88:b1:
4a:47:df:49:99:bb:08:ea:f6:26:28:b5:b7:4c:98:eb:e9:4a:
44:e6:63:8b:6b:6a:b0:48:16:9f:87:9b:19:1d:38:d5:96:8f:
8c:90:36:4c:96:db:de:16:63:56:c8:a8:26:eb:a6:93:3b:ae:
8c:33:ea:88
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQoJJYSrb1CZgpkkKl2DsrqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTAyMTc1MTEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjBhNWYxYWQ5NmUxYzgxOGRkY2NiNGRmNTJhOTBhZDM3Mjk3MzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3k0IhEF0ouNLMrgswSPRKXD1INV8
/2eKfcrqNBSNUle/+CaYvM099Zf3K8aqgMeAytLQa6ouJ7hLYUd/B/RhCbN5jwpR
jO5xmAt7z29rvxsrN2UH4zLFwjuEuI07g3acD52SAmlq/aKrhNRhH8tIaksc7+17
ZVMw1i3DWVDMNUarWI6oVf9pLEXIgyfBORnQjo8k0G0cyOK3R9RXtq0S7ek3Og8b
t/mE2mtKzIfh9FE0rn+zLNqAQGk4AtSXKN1frDQT/MmrRVdEvL0Q3F0XyBMf2V1d
1q4pMS8pyqi/l7oSqKS1BW8UcIhW4wV/wMQZS6tSFA8T0TPugl9EuinhbQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOsKXxrZbhyBjdzLTfUqkK03KXM7MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNndwZkd0bHVISUdOM010TjlTcVFyVGNwY3pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVdmkAwQA
V3j2MA0GCSqGSIb3DQEBCwUAA4IBAQBsVh9YxPaWt3wyCV14mrVfZ3Eks/kG9Gr1
+/8X9Z8z62ds/xg4PAkloTctzVtvDauLcu52GG/fPQC/QM1C2r1bq7xDW5yhu+9J
o1FKOnrBCWPG6VMgbgEnmh3pTpn9q4R7cUciBu2yx3FKzcUmaCOUe9Pws0QBVb7v
edtxOaza6rzZEsCFRC4Q0FxEjdFtwoIRMwwaKM3bklQo7l2fP/Q3M9P5CmfeA3Rt
1Dwrc7R9t8MJc+Wq3SPBwWAOLQNZ0QOfQL9qiLFKR99JmbsI6vYmKLW3TJjr6UpE
5mOLa2qwSBafh5sZHTjVlo+MkDZMltveFmNWyKgm66aTO66MM+qI
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:32:05 2025 by rpki-client