Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/120715-2689-4b1c-a6b8-417320cbae55/1/6JxEiaEvYS9lMNYU9-YVInF7e8w.roa
File: 6JxEiaEvYS9lMNYU9-YVInF7e8w.roa (raw, json)
Hash identifier: 70NWS2RXJlvS8eFFeFd9DCGoEyQrpgXb5vcUfy1RN8w=
Subject key identifier: E8:9C:44:89:A1:2F:61:2F:65:30:D6:14:F7:E6:15:22:71:7B:7B:CC
Certificate issuer: /CN=bb70b89281cdb761a04adcbc0ac41705413150e9
Certificate serial: 0194206866601C7BA4E2E95CA0F21674CB12
Authority key identifier: BB:70:B8:92:81:CD:B7:61:A0:4A:DC:BC:0A:C4:17:05:41:31:50:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u3C4koHNt2GgSty8CsQXBUExUOk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/120715-2689-4b1c-a6b8-417320cbae55/1/6JxEiaEvYS9lMNYU9-YVInF7e8w.roa
Signing time: Wed 01 Jan 2025 05:48:20 +0000
ROA not before: Wed 01 Jan 2025 05:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199545
IP address blocks: 2001:67c:bec::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/120715-2689-4b1c-a6b8-417320cbae55/1/u3C4koHNt2GgSty8CsQXBUExUOk.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/120715-2689-4b1c-a6b8-417320cbae55/1/u3C4koHNt2GgSty8CsQXBUExUOk.mft
rsync://rpki.ripe.net/repository/DEFAULT/u3C4koHNt2GgSty8CsQXBUExUOk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 08:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:66:60:1c:7b:a4:e2:e9:5c:a0:f2:16:74:cb:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb70b89281cdb761a04adcbc0ac41705413150e9
Validity
Not Before: Jan 1 05:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e89c4489a12f612f6530d614f7e61522717b7bcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:64:48:8f:e5:0a:89:4c:ae:5e:17:26:6c:99:
2c:97:7c:97:c6:55:38:58:82:1b:3f:9d:cf:68:42:
67:16:4a:f0:d7:7e:99:30:4a:b9:be:63:39:ef:09:
7f:9c:2e:99:76:bf:4a:ea:66:64:82:d7:1e:b0:d2:
c2:6f:c4:c8:e7:fa:aa:aa:e4:f3:c5:c9:74:6f:67:
61:2f:a0:18:3d:97:14:f2:40:21:05:90:92:ba:ad:
25:9c:b5:2b:f7:f7:14:1d:03:60:28:5c:23:a0:94:
54:04:92:1b:8a:19:d4:a8:95:92:81:42:b8:ed:c0:
88:e3:2d:61:e9:0c:20:fb:fa:d6:a8:4d:d8:b2:64:
e9:4e:59:32:6c:5b:2d:b3:79:3c:79:22:f5:4b:bb:
aa:43:5f:2e:33:17:53:4a:d6:80:f7:62:f9:d1:61:
da:c8:19:81:18:50:34:4f:f7:be:31:85:c5:33:20:
e3:e6:15:5c:ad:45:22:0f:9d:e7:21:3a:d7:48:e5:
cb:04:f8:5f:24:7b:59:8c:7d:2f:c6:5e:92:97:e7:
df:bf:4f:29:74:49:68:8f:e1:6c:3e:2c:f2:08:34:
d7:45:d3:ee:d9:f7:0f:73:b0:f1:b9:a3:09:bf:3b:
16:a2:cb:5a:df:c3:8c:aa:37:b4:f5:09:59:e5:da:
0b:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:9C:44:89:A1:2F:61:2F:65:30:D6:14:F7:E6:15:22:71:7B:7B:CC
X509v3 Authority Key Identifier:
keyid:BB:70:B8:92:81:CD:B7:61:A0:4A:DC:BC:0A:C4:17:05:41:31:50:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u3C4koHNt2GgSty8CsQXBUExUOk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/120715-2689-4b1c-a6b8-417320cbae55/1/6JxEiaEvYS9lMNYU9-YVInF7e8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/120715-2689-4b1c-a6b8-417320cbae55/1/u3C4koHNt2GgSty8CsQXBUExUOk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:bec::/48
Signature Algorithm: sha256WithRSAEncryption
11:13:77:24:93:f7:22:e9:40:97:82:67:6d:a1:90:1b:d4:68:
e0:11:c0:68:9a:fa:bf:8f:f6:4f:2a:f9:b5:dd:25:5c:96:4b:
cc:14:ef:87:b0:3c:3a:26:b2:af:70:2c:b9:e3:e7:39:67:de:
f9:17:af:8e:5f:48:a4:e4:e1:cc:27:38:1d:99:41:b7:5d:dd:
48:d7:83:af:16:d4:02:b5:1c:88:81:52:45:86:e9:45:d7:3b:
01:84:f5:7d:4d:16:a5:58:2a:8d:d0:03:fd:4b:27:e4:42:0a:
2e:e1:c5:f2:55:92:bd:c8:1e:60:92:93:9a:74:49:9d:82:ed:
70:bb:5f:2a:9f:3d:1e:52:cb:f5:b9:ee:a1:17:b3:75:cc:9a:
d7:a9:be:9a:6a:04:b2:cc:f6:de:b0:12:ed:9b:77:11:26:d0:
d9:5b:9a:c0:46:0e:a3:1f:6a:44:5d:e8:9c:bb:5a:ed:35:b1:
55:79:46:07:90:be:28:01:10:95:9d:a0:ad:05:e6:e1:92:8e:
51:2e:9a:42:e8:9b:06:18:31:4d:31:ed:d9:11:2b:76:e8:aa:
9e:0e:5d:ea:f7:05:b6:fe:fc:b2:03:82:99:f0:7f:44:8c:dd:
46:54:5a:96:26:5b:f9:56:f3:37:6c:6e:e5:de:88:1d:72:53:
bc:cc:69:e4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQgaGZgHHuk4ulcoPIWdMsSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNzBiODkyODFjZGI3NjFhMDRhZGNiYzBhYzQxNzA1NDEz
MTUwZTkwHhcNMjUwMTAxMDU0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODljNDQ4OWExMmY2MTJmNjUzMGQ2MTRmN2U2MTUyMjcxN2I3YmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmRIj+UKiUyuXhcmbJksl3yXxlU4
WIIbP53PaEJnFkrw136ZMEq5vmM57wl/nC6Zdr9K6mZkgtcesNLCb8TI5/qqquTz
xcl0b2dhL6AYPZcU8kAhBZCSuq0lnLUr9/cUHQNgKFwjoJRUBJIbihnUqJWSgUK4
7cCI4y1h6Qwg+/rWqE3YsmTpTlkybFsts3k8eSL1S7uqQ18uMxdTStaA92L50WHa
yBmBGFA0T/e+MYXFMyDj5hVcrUUiD53nITrXSOXLBPhfJHtZjH0vxl6Sl+ffv08p
dEloj+FsPizyCDTXRdPu2fcPc7DxuaMJvzsWosta38OMqje09QlZ5doLewIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOicRImhL2EvZTDWFPfmFSJxe3vMMB8GA1UdIwQY
MBaAFLtwuJKBzbdhoErcvArEFwVBMVDpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTNDNGtvSE50MkdnU3R5OENzUVhCVUV4VU9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8xMjA3MTUtMjY4OS00YjFjLWE2Yjgt
NDE3MzIwY2JhZTU1LzEvNkp4RWlhRXZZUzlsTU5ZVTktWVZJbkY3ZTh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8xMjA3MTUtMjY4OS00YjFjLWE2YjgtNDE3MzIwY2JhZTU1
LzEvdTNDNGtvSE50MkdnU3R5OENzUVhCVUV4VU9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAvs
MA0GCSqGSIb3DQEBCwUAA4IBAQARE3ckk/ci6UCXgmdtoZAb1GjgEcBomvq/j/ZP
Kvm13SVclkvMFO+HsDw6JrKvcCy54+c5Z975F6+OX0ik5OHMJzgdmUG3Xd1I14Ov
FtQCtRyIgVJFhulF1zsBhPV9TRalWCqN0AP9SyfkQgou4cXyVZK9yB5gkpOadEmd
gu1wu18qnz0eUsv1ue6hF7N1zJrXqb6aagSyzPbesBLtm3cRJtDZW5rARg6jH2pE
Xeicu1rtNbFVeUYHkL4oARCVnaCtBebhko5RLppC6JsGGDFNMe3ZESt26KqeDl3q
9wW2/vyyA4KZ8H9EjN1GVFqWJlv5VvM3bG7l3ogdclO8zGnk
-----END CERTIFICATE-----
Generated at Tue Apr 8 16:23:57 2025 by rpki-client