Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/ce81b6-bceb-47bc-adfb-dae9fb8bf0b1/1/_6tIu-5BhkTfQSIU-ovT-VQgmJM.roa
File: _6tIu-5BhkTfQSIU-ovT-VQgmJM.roa (raw, json)
Hash identifier: brb+X8on990RM1qxLKFjMml5fBdiyywQAKjPoQC7+R8=
Subject key identifier: FF:AB:48:BB:EE:41:86:44:DF:41:22:14:FA:8B:D3:F9:54:20:98:93
Certificate issuer: /CN=6f1ba6e14d83a8b14b05026e710c86c46b73c3a6
Certificate serial: 0195093636BDFB79FFAFC278BE7E345A703D
Authority key identifier: 6F:1B:A6:E1:4D:83:A8:B1:4B:05:02:6E:71:0C:86:C4:6B:73:C3:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bxum4U2DqLFLBQJucQyGxGtzw6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/ce81b6-bceb-47bc-adfb-dae9fb8bf0b1/1/_6tIu-5BhkTfQSIU-ovT-VQgmJM.roa
Signing time: Sat 15 Feb 2025 10:45:02 +0000
ROA not before: Sat 15 Feb 2025 10:45:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204908
IP address blocks: 185.124.12.0/24 maxlen: 24
185.124.13.0/24 maxlen: 24
185.236.28.0/22 maxlen: 22
185.236.28.0/24 maxlen: 24
185.236.29.0/24 maxlen: 24
185.236.30.0/24 maxlen: 24
185.236.31.0/24 maxlen: 24
2a03:9000::/40 maxlen: 40
2a03:9000:100::/40 maxlen: 40
2a03:9000:200::/40 maxlen: 40
2a03:9000:300::/40 maxlen: 40
2a03:9000:400::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/ce81b6-bceb-47bc-adfb-dae9fb8bf0b1/1/bxum4U2DqLFLBQJucQyGxGtzw6Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/ce81b6-bceb-47bc-adfb-dae9fb8bf0b1/1/bxum4U2DqLFLBQJucQyGxGtzw6Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/bxum4U2DqLFLBQJucQyGxGtzw6Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Mar 2025 10:02:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:09:36:36:bd:fb:79:ff:af:c2:78:be:7e:34:5a:70:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f1ba6e14d83a8b14b05026e710c86c46b73c3a6
Validity
Not Before: Feb 15 10:45:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ffab48bbee418644df412214fa8bd3f954209893
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:6a:1b:f1:7f:17:32:2b:6f:af:35:04:00:b3:
49:da:e7:41:7a:6e:6c:e6:0b:85:03:f7:87:0e:84:
21:89:0c:11:4c:1a:46:59:48:1f:f3:2a:06:00:27:
08:d5:0d:c6:62:05:ed:3d:c6:bf:3a:b0:d3:bd:26:
52:5b:e4:8e:56:26:57:bb:bd:fe:1c:09:f6:88:cd:
29:d4:a2:19:f7:29:11:e5:34:d5:a0:cd:aa:7c:f2:
db:32:19:22:d2:e4:60:09:db:d4:8a:6f:ca:c5:5d:
96:13:46:f3:2a:c1:e3:ef:c0:2b:7b:2a:70:3d:f1:
ea:c2:a1:9c:9b:cd:d0:dd:1f:95:e7:bd:af:e2:da:
9f:25:e8:03:ef:4a:59:d4:7b:df:f7:b9:af:9d:8f:
06:00:da:46:68:50:db:d4:ff:a1:91:70:b8:1e:fb:
9c:26:f5:56:4e:f9:36:ab:2e:5c:67:ad:45:be:1b:
1e:53:4c:4f:d5:da:d2:18:46:b1:53:7f:0c:15:7d:
95:c9:34:cc:62:14:28:7a:ee:db:47:44:10:4e:7b:
33:c6:2e:44:7a:cc:5d:6f:66:e8:84:f0:15:ec:a2:
3e:18:72:81:b5:60:1a:f9:95:be:61:cb:1b:06:1d:
d6:58:ff:45:a0:2c:f3:03:71:1e:4a:1d:cd:1b:b2:
13:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:AB:48:BB:EE:41:86:44:DF:41:22:14:FA:8B:D3:F9:54:20:98:93
X509v3 Authority Key Identifier:
keyid:6F:1B:A6:E1:4D:83:A8:B1:4B:05:02:6E:71:0C:86:C4:6B:73:C3:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bxum4U2DqLFLBQJucQyGxGtzw6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/ce81b6-bceb-47bc-adfb-dae9fb8bf0b1/1/_6tIu-5BhkTfQSIU-ovT-VQgmJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/ce81b6-bceb-47bc-adfb-dae9fb8bf0b1/1/bxum4U2DqLFLBQJucQyGxGtzw6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.12.0/23
185.236.28.0/22
IPv6:
2a03:9000::-2a03:9000:4ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
56:70:37:c5:a2:2c:f6:a5:83:a6:d2:48:ba:75:5f:3e:4b:49:
1a:4e:fe:dd:9d:85:7a:42:2e:a1:64:3f:65:aa:c3:eb:67:37:
d1:c8:c3:9b:cd:de:f0:15:35:a4:e3:1d:3b:07:20:7c:43:44:
2a:28:f1:4d:45:ea:70:f5:39:9a:60:7b:f4:39:5b:98:5d:58:
79:1c:ad:bb:eb:9e:77:72:1e:60:eb:05:10:0b:5d:19:b2:e4:
fb:86:d3:fd:25:ec:2f:0b:85:74:16:88:fe:0b:4c:8d:da:f0:
b4:82:8d:a5:f8:f1:65:4a:93:59:29:4c:9a:19:47:4e:87:01:
90:78:87:96:21:5b:23:70:60:44:7b:b5:a7:af:aa:9b:55:ba:
25:44:33:33:0b:3f:bf:25:86:67:94:fd:ae:22:86:64:d1:18:
35:83:e9:98:34:e1:e0:a5:64:96:01:c5:83:3b:e4:87:6e:b7:
09:0b:8e:03:9b:fa:59:df:3d:70:f3:57:fc:a1:05:ab:2f:9e:
fe:ce:02:64:64:95:d0:24:f3:c0:eb:a2:32:a0:9e:36:c0:dc:
33:b6:7d:65:41:75:9b:8d:ff:22:72:f8:b4:91:86:86:e5:cc:
db:dd:e4:63:6e:04:cf:24:82:70:47:9b:76:11:12:19:7e:2c:
a6:a0:0d:e7
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZUJNja9+3n/r8J4vn40WnA9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMWJhNmUxNGQ4M2E4YjE0YjA1MDI2ZTcxMGM4NmM0NmI3
M2MzYTYwHhcNMjUwMjE1MTA0NTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmFiNDhiYmVlNDE4NjQ0ZGY0MTIyMTRmYThiZDNmOTU0MjA5ODkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWob8X8XMitvrzUEALNJ2udBem5s
5guFA/eHDoQhiQwRTBpGWUgf8yoGACcI1Q3GYgXtPca/OrDTvSZSW+SOViZXu73+
HAn2iM0p1KIZ9ykR5TTVoM2qfPLbMhki0uRgCdvUim/KxV2WE0bzKsHj78Areypw
PfHqwqGcm83Q3R+V572v4tqfJegD70pZ1Hvf97mvnY8GANpGaFDb1P+hkXC4Hvuc
JvVWTvk2qy5cZ61FvhseU0xP1drSGEaxU38MFX2VyTTMYhQoeu7bR0QQTnszxi5E
esxdb2bohPAV7KI+GHKBtWAa+ZW+YcsbBh3WWP9FoCzzA3EeSh3NG7ITUQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFP+rSLvuQYZE30EiFPqL0/lUIJiTMB8GA1UdIwQY
MBaAFG8bpuFNg6ixSwUCbnEMhsRrc8OmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnh1bTRVMkRxTEZMQlFKdWNReUd4R3R6dzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9jZTgxYjYtYmNlYi00N2JjLWFkZmIt
ZGFlOWZiOGJmMGIxLzEvXzZ0SXUtNUJoa1RmUVNJVS1vdlQtVlFnbUpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9jZTgxYjYtYmNlYi00N2JjLWFkZmItZGFlOWZiOGJmMGIx
LzEvYnh1bTRVMkRxTEZMQlFKdWNReUd4R3R6dzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQBuXwMAwQC
uewcMBYEAgACMBAwDgMEBCoDkAMGACoDkAAEMA0GCSqGSIb3DQEBCwUAA4IBAQBW
cDfFoiz2pYOm0ki6dV8+S0kaTv7dnYV6Qi6hZD9lqsPrZzfRyMObzd7wFTWk4x07
ByB8Q0QqKPFNRepw9TmaYHv0OVuYXVh5HK276553ch5g6wUQC10ZsuT7htP9Jewv
C4V0Foj+C0yN2vC0go2l+PFlSpNZKUyaGUdOhwGQeIeWIVsjcGBEe7Wnr6qbVbol
RDMzCz+/JYZnlP2uIoZk0Rg1g+mYNOHgpWSWAcWDO+SHbrcJC44Dm/pZ3z1w81f8
oQWrL57+zgJkZJXQJPPA66IyoJ42wNwztn1lQXWbjf8icvi0kYaG5czb3eRjbgTP
JIJwR5t2ERIZfiymoA3n
-----END CERTIFICATE-----
Generated at Tue Mar 11 19:26:28 2025 by rpki-client