Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e66afe-6e0b-4dbd-8d0d-ce6915b4736f/1/f6tkx1veLJXtyksaflVzc1YMN2w.roa
File: f6tkx1veLJXtyksaflVzc1YMN2w.roa (raw, json)
Hash identifier: WlrwpYaQcrfGXKf9ZwidLgROLAib30SWtSAT3qSkZJA=
Subject key identifier: 7F:AB:64:C7:5B:DE:2C:95:ED:CA:4B:1A:7E:55:73:73:56:0C:37:6C
Certificate issuer: /CN=6696fa3fe40cf770851c83adcafafb7a4107678f
Certificate serial: 01942067C3C051BA32328FCB3383135C2EED
Authority key identifier: 66:96:FA:3F:E4:0C:F7:70:85:1C:83:AD:CA:FA:FB:7A:41:07:67:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zpb6P-QM93CFHIOtyvr7ekEHZ48.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e66afe-6e0b-4dbd-8d0d-ce6915b4736f/1/f6tkx1veLJXtyksaflVzc1YMN2w.roa
Signing time: Wed 01 Jan 2025 05:47:38 +0000
ROA not before: Wed 01 Jan 2025 05:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31182
IP address blocks: 146.66.134.0/23 maxlen: 23
146.66.134.0/24 maxlen: 24
146.66.135.0/24 maxlen: 24
193.8.139.0/24 maxlen: 24
2a14:5ec0::/29 maxlen: 29
2a14:5ec0::/32 maxlen: 32
2a14:5ec1::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/e66afe-6e0b-4dbd-8d0d-ce6915b4736f/1/Zpb6P-QM93CFHIOtyvr7ekEHZ48.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/e66afe-6e0b-4dbd-8d0d-ce6915b4736f/1/Zpb6P-QM93CFHIOtyvr7ekEHZ48.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zpb6P-QM93CFHIOtyvr7ekEHZ48.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 18:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:c3:c0:51:ba:32:32:8f:cb:33:83:13:5c:2e:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6696fa3fe40cf770851c83adcafafb7a4107678f
Validity
Not Before: Jan 1 05:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7fab64c75bde2c95edca4b1a7e557373560c376c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:28:bf:ef:e4:2f:54:50:0c:d6:29:eb:6b:2b:
47:2e:a4:68:97:55:23:7f:9b:f5:79:55:41:a4:af:
b2:29:d8:da:67:3d:1d:5f:d4:a0:5e:0a:2f:5e:8f:
42:70:11:e6:3a:ed:ba:ac:fa:b7:3a:67:c5:34:95:
38:35:7a:5a:39:b2:4b:cf:6b:bd:70:e4:06:9f:0a:
2c:ef:73:63:38:1f:12:11:b6:05:df:ac:5c:4b:8e:
99:19:ae:99:4e:26:3e:4e:0e:68:93:68:67:5f:98:
a9:20:56:93:59:20:02:7a:20:7a:f0:ed:1d:21:f0:
08:1b:69:66:fe:f3:14:a5:da:5f:c5:11:8a:e8:cd:
0f:7e:5a:c8:03:03:de:50:df:76:5e:af:5f:f0:47:
6a:ba:08:2d:e5:be:33:89:25:f8:c5:cc:2d:3f:2d:
41:01:be:a8:28:9a:e3:7a:d0:13:fb:7b:26:92:58:
81:27:6f:19:17:6e:5d:5c:05:8e:2d:92:a1:2d:ac:
45:92:f9:bd:68:a2:d6:be:ce:df:b6:b2:f3:3e:54:
89:0e:ce:68:e0:0c:17:55:47:d7:bd:08:28:cf:5c:
37:7e:71:fa:bb:94:26:42:68:23:02:f5:8b:9f:d5:
f1:2d:92:12:02:c1:13:94:e6:fd:53:f7:95:99:19:
21:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:AB:64:C7:5B:DE:2C:95:ED:CA:4B:1A:7E:55:73:73:56:0C:37:6C
X509v3 Authority Key Identifier:
keyid:66:96:FA:3F:E4:0C:F7:70:85:1C:83:AD:CA:FA:FB:7A:41:07:67:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zpb6P-QM93CFHIOtyvr7ekEHZ48.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e66afe-6e0b-4dbd-8d0d-ce6915b4736f/1/f6tkx1veLJXtyksaflVzc1YMN2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e66afe-6e0b-4dbd-8d0d-ce6915b4736f/1/Zpb6P-QM93CFHIOtyvr7ekEHZ48.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.66.134.0/23
193.8.139.0/24
IPv6:
2a14:5ec0::/29
Signature Algorithm: sha256WithRSAEncryption
07:43:51:49:fe:dd:0e:d5:6b:00:b7:43:ad:07:dc:e3:23:d8:
5c:cd:b9:50:ae:20:3a:5e:d4:3d:22:3f:22:d9:3b:c7:09:96:
7c:a7:ac:37:33:b8:48:92:1e:46:03:80:7c:f8:ac:ea:fe:7f:
1e:ed:8e:46:60:32:78:b6:65:cc:20:ec:72:01:23:4f:01:42:
8c:0d:fe:67:eb:ee:d7:b1:4c:e6:bd:db:98:c0:ca:07:33:a0:
6c:73:2a:ed:6c:9f:1d:c5:ea:91:e0:c8:03:59:7c:9d:aa:34:
f9:d0:ff:56:a9:ad:c7:f0:4d:22:f3:15:ca:47:7e:60:0b:b7:
73:77:e5:fa:59:3d:e2:52:28:77:c7:2f:29:97:af:41:31:0a:
1a:d7:71:45:0c:f5:5b:b6:3c:8d:9b:7e:91:21:2e:4b:04:d3:
e1:aa:60:2e:1c:3a:26:e9:0e:13:7f:e7:da:35:ea:c3:1e:15:
8a:31:e5:a0:d6:77:57:e0:9d:d8:cd:c9:53:b3:ed:5a:2c:10:
3a:86:bf:8b:6f:94:88:90:cc:9d:e5:a0:48:f3:39:a3:d0:35:
31:db:9c:5a:b0:d6:a0:1b:61:8d:cc:fe:3e:2c:b1:11:14:55:
a2:0a:53:2a:85:59:75:6c:03:84:ae:d3:17:18:a0:6e:24:82:
21:a1:7e:75
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQgZ8PAUboyMo/LM4MTXC7tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OTZmYTNmZTQwY2Y3NzA4NTFjODNhZGNhZmFmYjdhNDEw
NzY3OGYwHhcNMjUwMTAxMDU0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmFiNjRjNzViZGUyYzk1ZWRjYTRiMWE3ZTU1NzM3MzU2MGMzNzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0yi/7+QvVFAM1inraytHLqRol1Uj
f5v1eVVBpK+yKdjaZz0dX9SgXgovXo9CcBHmOu26rPq3OmfFNJU4NXpaObJLz2u9
cOQGnwos73NjOB8SEbYF36xcS46ZGa6ZTiY+Tg5ok2hnX5ipIFaTWSACeiB68O0d
IfAIG2lm/vMUpdpfxRGK6M0PflrIAwPeUN92Xq9f8Edquggt5b4ziSX4xcwtPy1B
Ab6oKJrjetAT+3smkliBJ28ZF25dXAWOLZKhLaxFkvm9aKLWvs7ftrLzPlSJDs5o
4AwXVUfXvQgoz1w3fnH6u5QmQmgjAvWLn9XxLZISAsETlOb9U/eVmRkhoQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFH+rZMdb3iyV7cpLGn5Vc3NWDDdsMB8GA1UdIwQY
MBaAFGaW+j/kDPdwhRyDrcr6+3pBB2ePMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnBiNlAtUU05M0NGSElPdHl2cjdla0VIWjQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lNjZhZmUtNmUwYi00ZGJkLThkMGQt
Y2U2OTE1YjQ3MzZmLzEvZjZ0a3gxdmVMSlh0eWtzYWZsVnpjMVlNTjJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lNjZhZmUtNmUwYi00ZGJkLThkMGQtY2U2OTE1YjQ3MzZm
LzEvWnBiNlAtUU05M0NGSElPdHl2cjdla0VIWjQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBkkKGAwQA
wQiLMA0EAgACMAcDBQMqFF7AMA0GCSqGSIb3DQEBCwUAA4IBAQAHQ1FJ/t0O1WsA
t0OtB9zjI9hczblQriA6XtQ9Ij8i2TvHCZZ8p6w3M7hIkh5GA4B8+Kzq/n8e7Y5G
YDJ4tmXMIOxyASNPAUKMDf5n6+7XsUzmvduYwMoHM6BscyrtbJ8dxeqR4MgDWXyd
qjT50P9Wqa3H8E0i8xXKR35gC7dzd+X6WT3iUih3xy8pl69BMQoa13FFDPVbtjyN
m36RIS5LBNPhqmAuHDom6Q4Tf+faNerDHhWKMeWg1ndX4J3YzclTs+1aLBA6hr+L
b5SIkMyd5aBI8zmj0DUx25xasNagG2GNzP4+LLERFFWiClMqhVl1bAOErtMXGKBu
JIIhoX51
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:12:24 2025 by rpki-client