Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/bG3vNkLD1dncPLRJXBDHmzwN_FU.roa
File: bG3vNkLD1dncPLRJXBDHmzwN_FU.roa (raw, json)
Hash identifier: VPIXy61pzu1bOvlxodUgzAm3JOVOrTVgSVJvZhBRPLs=
Subject key identifier: 6C:6D:EF:36:42:C3:D5:D9:DC:3C:B4:49:5C:10:C7:9B:3C:0D:FC:55
Certificate issuer: /CN=6aa8fa75c5020cd6218cf7f109de420265204bac
Certificate serial: 0194C76313491F20170C3EA570931634F3A2
Authority key identifier: 6A:A8:FA:75:C5:02:0C:D6:21:8C:F7:F1:09:DE:42:02:65:20:4B:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aqj6dcUCDNYhjPfxCd5CAmUgS6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/bG3vNkLD1dncPLRJXBDHmzwN_FU.roa
Signing time: Sun 02 Feb 2025 15:59:06 +0000
ROA not before: Sun 02 Feb 2025 15:59:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215913
IP address blocks: 46.29.36.0/24 maxlen: 24
2a13:d040:2::/48 maxlen: 48
2a13:d040:3::/48 maxlen: 48
2a13:d040:4::/48 maxlen: 48
2a13:d046:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/aqj6dcUCDNYhjPfxCd5CAmUgS6w.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/aqj6dcUCDNYhjPfxCd5CAmUgS6w.mft
rsync://rpki.ripe.net/repository/DEFAULT/aqj6dcUCDNYhjPfxCd5CAmUgS6w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 06:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c7:63:13:49:1f:20:17:0c:3e:a5:70:93:16:34:f3:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6aa8fa75c5020cd6218cf7f109de420265204bac
Validity
Not Before: Feb 2 15:59:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c6def3642c3d5d9dc3cb4495c10c79b3c0dfc55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d2:bc:1c:42:09:2b:1a:71:e1:41:cf:60:59:
2a:d3:f7:09:6e:f2:99:c9:7b:2b:ea:97:f2:6a:f5:
fb:b6:7e:35:d1:a0:bf:3d:c2:c1:07:aa:03:23:f6:
53:44:b8:01:4c:3f:c1:04:64:18:00:85:10:78:63:
69:01:9e:db:3e:5c:5c:5a:10:01:24:b2:e0:1c:23:
c3:15:47:fb:a1:97:a9:5f:80:c5:5c:79:6f:65:70:
7d:c4:20:8f:bf:08:89:c0:e4:14:75:2e:84:0a:d0:
25:7d:a6:40:42:3f:5c:dd:32:f8:c5:d6:40:b7:79:
66:2a:9c:20:f5:29:3e:f0:e8:54:e6:27:01:66:d1:
50:49:2f:da:36:d9:41:4d:4f:7d:0a:9c:42:b1:3f:
ae:c5:01:c5:e6:5f:6b:49:c6:88:02:55:c1:c7:21:
ec:73:bd:2a:47:1a:e1:a8:05:aa:9a:23:37:31:fa:
7f:4a:dd:78:da:66:78:ee:2f:a2:e9:ad:94:02:76:
e4:90:5d:af:97:32:fb:b7:38:70:f6:88:e3:f9:93:
dd:73:fd:49:fc:b1:49:c9:a0:bc:de:47:cb:76:31:
74:94:78:50:82:11:a6:e1:e6:54:b6:c4:63:1c:2c:
33:81:d9:5b:5f:b6:5d:ac:1d:a1:68:6e:a8:3c:16:
9e:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:6D:EF:36:42:C3:D5:D9:DC:3C:B4:49:5C:10:C7:9B:3C:0D:FC:55
X509v3 Authority Key Identifier:
keyid:6A:A8:FA:75:C5:02:0C:D6:21:8C:F7:F1:09:DE:42:02:65:20:4B:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aqj6dcUCDNYhjPfxCd5CAmUgS6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/bG3vNkLD1dncPLRJXBDHmzwN_FU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/aqj6dcUCDNYhjPfxCd5CAmUgS6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.36.0/24
IPv6:
2a13:d040:2::-2a13:d040:4:ffff:ffff:ffff:ffff:ffff
2a13:d046:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
47:a7:9a:65:fa:8a:4f:bb:86:f6:6c:1c:c5:6d:30:3e:88:14:
04:a6:3c:e9:b2:80:1e:e0:69:9a:cf:b5:b7:bf:fd:57:5f:69:
c8:48:1f:b2:a0:12:13:4c:e4:24:33:58:94:d5:f2:0e:05:ed:
dd:5d:53:fe:3f:30:29:a1:4d:6b:20:62:a7:3e:24:e1:7b:5c:
e0:bd:db:eb:dd:06:d6:90:49:01:ac:e6:30:3b:e1:7c:3b:61:
40:09:91:64:73:df:86:25:7d:a0:14:d8:64:1f:1b:f0:7c:db:
c3:41:96:0c:cf:d9:b3:d4:0c:54:45:67:6a:38:f3:03:b0:1c:
77:c8:4b:56:c0:be:7a:27:de:86:a2:d8:2c:01:09:7c:fb:aa:
a0:3d:ea:63:80:0a:54:c3:77:8e:46:02:b6:dd:3f:db:ac:3f:
86:b7:a8:98:6c:8a:a3:5d:08:68:95:55:c0:95:d4:f0:92:62:
c8:fb:56:04:96:24:01:0b:9a:44:b2:05:b3:f3:45:13:b6:f6:
88:db:5d:65:01:ac:e3:e7:5d:57:87:65:ec:3d:33:70:5c:65:
f4:c1:d1:91:d2:9e:31:f8:3f:34:8f:ce:29:99:84:97:5f:50:
40:87:40:05:36:a1:4f:d3:96:50:3e:f0:d3:60:db:81:2c:a4:
0f:63:12:84
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZTHYxNJHyAXDD6lcJMWNPOiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhYThmYTc1YzUwMjBjZDYyMThjZjdmMTA5ZGU0MjAyNjUy
MDRiYWMwHhcNMjUwMjAyMTU1OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzZkZWYzNjQyYzNkNWQ5ZGMzY2I0NDk1YzEwYzc5YjNjMGRmYzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdK8HEIJKxpx4UHPYFkq0/cJbvKZ
yXsr6pfyavX7tn410aC/PcLBB6oDI/ZTRLgBTD/BBGQYAIUQeGNpAZ7bPlxcWhAB
JLLgHCPDFUf7oZepX4DFXHlvZXB9xCCPvwiJwOQUdS6ECtAlfaZAQj9c3TL4xdZA
t3lmKpwg9Sk+8OhU5icBZtFQSS/aNtlBTU99CpxCsT+uxQHF5l9rScaIAlXBxyHs
c70qRxrhqAWqmiM3Mfp/St142mZ47i+i6a2UAnbkkF2vlzL7tzhw9ojj+ZPdc/1J
/LFJyaC83kfLdjF0lHhQghGm4eZUtsRjHCwzgdlbX7ZdrB2haG6oPBaeZQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFGxt7zZCw9XZ3Dy0SVwQx5s8DfxVMB8GA1UdIwQY
MBaAFGqo+nXFAgzWIYz38QneQgJlIEusMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXFqNmRjVUNETlloalBmeENkNUNBbVVnUzZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy83MDEyZDgtYWZhMS00MTliLThiNjAt
MzVjNjNmYTc2NWEyLzEvYkczdk5rTEQxZG5jUExSSlhCREhtendOX0ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy83MDEyZDgtYWZhMS00MTliLThiNjAtMzVjNjNmYTc2NWEy
LzEvYXFqNmRjVUNETlloalBmeENkNUNBbVVnUzZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAMBAIAATAGAwQALh0kMCME
AgACMB0wEgMHASoT0EAAAgMHACoT0EAABAMHACoT0Eb//zANBgkqhkiG9w0BAQsF
AAOCAQEAR6eaZfqKT7uG9mwcxW0wPogUBKY86bKAHuBpms+1t7/9V19pyEgfsqAS
E0zkJDNYlNXyDgXt3V1T/j8wKaFNayBipz4k4Xtc4L3b690G1pBJAazmMDvhfDth
QAmRZHPfhiV9oBTYZB8b8Hzbw0GWDM/Zs9QMVEVnajjzA7Acd8hLVsC+eifehqLY
LAEJfPuqoD3qY4AKVMN3jkYCtt0/26w/hreomGyKo10IaJVVwJXU8JJiyPtWBJYk
AQuaRLIFs/NFE7b2iNtdZQGs4+ddV4dl7D0zcFxl9MHRkdKeMfg/NI/OKZmEl19Q
QIdABTahT9OWUD7w02DbgSykD2MShA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:24:26 2025 by rpki-client