Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/936d98-7019-401f-9e2a-3e3660da13a4/1/6Sxszx8NiFM_JbWUMjBDeEvUps8.roa
File: 6Sxszx8NiFM_JbWUMjBDeEvUps8.roa (raw, json)
Hash identifier: 8MVKcBrtv6jJ845AEcn3hP00h2PQrFrI39BtX0LnXv4=
Subject key identifier: E9:2C:6C:CF:1F:0D:88:53:3F:25:B5:94:32:30:43:78:4B:D4:A6:CF
Certificate issuer: /CN=7b1f557ee263cb359a19ea2cd7fa0e8c9139eb76
Certificate serial: 019420D6170BA6C5F402F687F3536DA8DB31
Authority key identifier: 7B:1F:55:7E:E2:63:CB:35:9A:19:EA:2C:D7:FA:0E:8C:91:39:EB:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ex9VfuJjyzWaGeos1_oOjJE563Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/936d98-7019-401f-9e2a-3e3660da13a4/1/6Sxszx8NiFM_JbWUMjBDeEvUps8.roa
Signing time: Wed 01 Jan 2025 07:48:09 +0000
ROA not before: Wed 01 Jan 2025 07:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199907
IP address blocks: 185.42.172.0/24 maxlen: 24
185.42.173.0/24 maxlen: 24
185.42.174.0/24 maxlen: 24
185.42.175.0/24 maxlen: 24
194.24.188.0/24 maxlen: 24
2a01:63a0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/936d98-7019-401f-9e2a-3e3660da13a4/1/ex9VfuJjyzWaGeos1_oOjJE563Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/936d98-7019-401f-9e2a-3e3660da13a4/1/ex9VfuJjyzWaGeos1_oOjJE563Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/ex9VfuJjyzWaGeos1_oOjJE563Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 07:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:17:0b:a6:c5:f4:02:f6:87:f3:53:6d:a8:db:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b1f557ee263cb359a19ea2cd7fa0e8c9139eb76
Validity
Not Before: Jan 1 07:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e92c6ccf1f0d88533f25b594323043784bd4a6cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:7a:9f:b3:3e:1c:31:84:8a:aa:59:dc:67:9f:
aa:b0:56:21:69:4e:4d:17:f1:e1:4c:c3:45:3c:3d:
c4:84:46:db:a7:93:3f:98:8f:6a:88:17:58:39:33:
13:07:b9:2f:1f:27:09:f3:ae:e6:40:9c:0e:3c:b7:
5b:81:e0:aa:ea:f2:68:57:58:9e:ab:b4:a4:ea:67:
0b:a3:46:78:cb:3a:a2:b3:b1:ae:49:00:d4:06:b7:
87:b8:f8:80:ff:2c:89:38:64:ed:ee:8c:86:eb:66:
d8:f0:75:fe:70:a9:b4:33:d2:e2:b4:47:77:14:73:
fa:c7:2d:eb:4a:93:7b:37:b7:80:29:04:e7:4f:cd:
11:df:34:d1:e0:54:a0:ce:03:ec:3d:6d:80:e5:aa:
c0:57:92:68:81:80:b7:8d:e9:04:8f:60:f1:9e:93:
b0:6b:94:ed:93:a2:d6:4d:3f:19:c7:02:a2:3c:61:
d6:88:82:7f:67:45:5e:c9:aa:67:7a:51:86:93:67:
07:40:cc:3b:ed:74:1b:47:09:48:6d:fc:27:bb:3f:
62:6c:0c:ab:c6:4a:ea:6b:8a:23:8a:6e:64:7f:d2:
c2:68:29:06:59:f6:f5:49:29:2b:c4:3f:5d:a2:90:
85:fc:ff:f5:df:60:e3:c6:40:2d:d2:6f:63:35:aa:
6e:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:2C:6C:CF:1F:0D:88:53:3F:25:B5:94:32:30:43:78:4B:D4:A6:CF
X509v3 Authority Key Identifier:
keyid:7B:1F:55:7E:E2:63:CB:35:9A:19:EA:2C:D7:FA:0E:8C:91:39:EB:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ex9VfuJjyzWaGeos1_oOjJE563Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/936d98-7019-401f-9e2a-3e3660da13a4/1/6Sxszx8NiFM_JbWUMjBDeEvUps8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/936d98-7019-401f-9e2a-3e3660da13a4/1/ex9VfuJjyzWaGeos1_oOjJE563Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.42.172.0/22
194.24.188.0/24
IPv6:
2a01:63a0::/32
Signature Algorithm: sha256WithRSAEncryption
95:15:5f:f4:9d:82:90:15:ff:2a:94:21:44:33:38:ce:7f:a4:
ff:34:38:f4:ef:38:3c:79:a9:b2:11:58:ad:86:65:1f:53:95:
0c:26:d1:67:37:e5:00:93:c7:8d:d0:e1:66:a6:d4:4a:48:b4:
2b:85:8c:9c:4c:15:42:d9:b4:bf:0f:7d:8a:d3:d2:3e:ed:bc:
3d:24:43:43:4a:bf:dc:fd:5e:2f:2f:ca:ff:04:8e:4a:75:4d:
c3:38:dc:2a:15:89:2d:5e:e4:91:fc:82:e0:2d:a8:2b:c3:6d:
5c:48:3f:c7:62:7b:12:6a:9c:ae:30:9f:88:2b:b9:1e:a0:c7:
66:f7:ba:ef:7e:01:f6:ec:76:c1:fb:18:ba:13:b8:ee:d1:b0:
96:53:98:9a:6a:0e:33:a4:ea:29:cd:69:31:c6:38:5a:6f:8d:
2a:85:df:41:82:ba:52:34:82:29:ae:08:d3:1a:d9:b4:e9:5c:
30:0f:e3:d0:fd:8a:92:85:f6:ec:0e:ce:c5:c3:a1:db:a5:0f:
3e:69:a9:c5:42:7c:e9:6c:63:68:c9:55:36:6e:8e:26:14:33:
d4:31:38:29:59:05:c3:16:a0:9d:2b:a1:54:13:dc:f4:4b:23:
0a:0d:36:11:b7:1c:3e:fa:bb:af:15:95:11:1f:a0:b9:73:03:
14:b9:4b:78
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQg1hcLpsX0AvaH81NtqNsxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiMWY1NTdlZTI2M2NiMzU5YTE5ZWEyY2Q3ZmEwZThjOTEz
OWViNzYwHhcNMjUwMTAxMDc0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTJjNmNjZjFmMGQ4ODUzM2YyNWI1OTQzMjMwNDM3ODRiZDRhNmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5nqfsz4cMYSKqlncZ5+qsFYhaU5N
F/HhTMNFPD3EhEbbp5M/mI9qiBdYOTMTB7kvHycJ867mQJwOPLdbgeCq6vJoV1ie
q7Sk6mcLo0Z4yzqis7GuSQDUBreHuPiA/yyJOGTt7oyG62bY8HX+cKm0M9LitEd3
FHP6xy3rSpN7N7eAKQTnT80R3zTR4FSgzgPsPW2A5arAV5JogYC3jekEj2DxnpOw
a5Ttk6LWTT8ZxwKiPGHWiIJ/Z0VeyapnelGGk2cHQMw77XQbRwlIbfwnuz9ibAyr
xkrqa4ojim5kf9LCaCkGWfb1SSkrxD9dopCF/P/132DjxkAt0m9jNapuzQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOksbM8fDYhTPyW1lDIwQ3hL1KbPMB8GA1UdIwQY
MBaAFHsfVX7iY8s1mhnqLNf6DoyROet2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXg5VmZ1Smp5eldhR2VvczFfb09qSkU1NjNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy85MzZkOTgtNzAxOS00MDFmLTllMmEt
M2UzNjYwZGExM2E0LzEvNlN4c3p4OE5pRk1fSmJXVU1qQkRlRXZVcHM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy85MzZkOTgtNzAxOS00MDFmLTllMmEtM2UzNjYwZGExM2E0
LzEvZXg5VmZ1Smp5eldhR2VvczFfb09qSkU1NjNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuSqsAwQA
whi8MA0EAgACMAcDBQAqAWOgMA0GCSqGSIb3DQEBCwUAA4IBAQCVFV/0nYKQFf8q
lCFEMzjOf6T/NDj07zg8eamyEVithmUfU5UMJtFnN+UAk8eN0OFmptRKSLQrhYyc
TBVC2bS/D32K09I+7bw9JENDSr/c/V4vL8r/BI5KdU3DONwqFYktXuSR/ILgLagr
w21cSD/HYnsSapyuMJ+IK7keoMdm97rvfgH27HbB+xi6E7ju0bCWU5iaag4zpOop
zWkxxjhab40qhd9BgrpSNIIprgjTGtm06VwwD+PQ/YqShfbsDs7Fw6HbpQ8+aanF
QnzpbGNoyVU2bo4mFDPUMTgpWQXDFqCdK6FUE9z0SyMKDTYRtxw++ruvFZURH6C5
cwMUuUt4
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:04:10 2025 by rpki-client