Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/xoc0od1tMoZRW6WfMQPsLl4rQgk.roa
File: xoc0od1tMoZRW6WfMQPsLl4rQgk.roa (raw, json)
Hash identifier: dHkrK4oGh6ZfDWT6h1aDXCyMjqmAMQEeV01WsQKUg+c=
Subject key identifier: C6:87:34:A1:DD:6D:32:86:51:5B:A5:9F:31:03:EC:2E:5E:2B:42:09
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 019427B599993AF5394DDDF70C56A5B7C3BA
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/xoc0od1tMoZRW6WfMQPsLl4rQgk.roa
Signing time: Thu 02 Jan 2025 15:50:00 +0000
ROA not before: Thu 02 Jan 2025 15:50:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 26548
IP address blocks: 46.161.56.0/21 maxlen: 24
91.243.88.0/22 maxlen: 22
91.243.92.0/22 maxlen: 22
146.185.200.0/24 maxlen: 24
146.185.201.0/24 maxlen: 24
146.185.202.0/24 maxlen: 24
146.185.203.0/24 maxlen: 24
146.185.204.0/23 maxlen: 24
146.185.206.0/24 maxlen: 24
193.93.192.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 22:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:99:99:3a:f5:39:4d:dd:f7:0c:56:a5:b7:c3:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 2 15:50:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c68734a1dd6d3286515ba59f3103ec2e5e2b4209
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:27:7b:5c:c4:76:7c:d5:8e:de:ed:3f:79:07:
ba:93:f4:7b:6d:58:40:d7:de:57:38:f9:70:04:b5:
26:c2:35:f5:bf:2f:c2:2e:4e:7b:68:d5:65:b2:e7:
74:e8:67:4f:ad:a3:52:1d:7a:21:c5:cc:0d:a6:42:
6b:47:6b:32:c8:27:cd:d5:0f:d7:70:23:72:30:96:
d7:e8:34:70:76:ff:f0:0c:8c:a5:df:9a:1f:8a:62:
03:02:15:56:0c:3d:a3:68:e2:e8:89:e2:3c:4f:2b:
87:4c:f1:8b:0a:52:35:7a:4d:0f:30:96:99:41:ab:
02:59:4c:8d:2d:b5:af:09:16:a5:07:6a:a6:41:68:
fe:33:bf:53:08:7d:dc:48:bf:28:76:72:5b:de:19:
92:b5:46:6e:27:5b:04:36:5b:e3:ce:a9:d8:c8:f0:
62:2d:0a:b9:03:25:f6:b0:0a:e2:63:d7:30:75:ba:
37:50:27:31:5f:b5:d5:05:09:27:af:dd:3e:aa:f1:
f6:8c:6b:e9:36:1c:39:a2:2b:39:2f:e0:86:bc:cb:
8a:11:c5:17:31:2e:d9:d3:38:1c:00:da:fc:a3:5b:
15:89:38:44:02:91:cb:b0:75:b7:94:76:ad:70:fa:
1a:c3:e9:c8:5a:7d:e0:70:07:71:74:67:47:68:d3:
1c:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:87:34:A1:DD:6D:32:86:51:5B:A5:9F:31:03:EC:2E:5E:2B:42:09
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/xoc0od1tMoZRW6WfMQPsLl4rQgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.161.56.0/21
91.243.88.0/21
146.185.200.0-146.185.206.255
193.93.192.0/22
Signature Algorithm: sha256WithRSAEncryption
b1:91:78:d8:27:6c:75:1c:d3:b0:70:4b:26:7c:5f:5e:51:46:
b2:67:f5:e3:8c:6f:3d:e9:7f:1a:31:4e:04:7a:9f:96:ed:af:
2b:2b:32:f3:cd:19:fc:9d:7c:30:96:2f:42:e0:aa:28:d9:13:
7a:09:22:ce:53:90:8c:62:97:20:c4:37:9d:87:3d:f0:89:45:
bc:25:45:2a:6d:cf:0c:03:a3:17:dc:3c:5e:a3:1a:63:46:a9:
e9:66:4b:49:56:e5:35:cd:89:66:41:33:07:f7:59:be:f2:dc:
76:2f:bd:10:2f:de:45:7b:2f:f1:63:46:d4:70:db:ab:2e:b2:
ab:15:2b:a1:ca:20:37:78:a5:fa:f3:33:a2:68:4c:66:12:f1:
a8:b9:c1:0b:6f:50:4c:37:32:9f:63:fc:a4:50:c3:e3:e2:ba:
e4:7d:63:a0:6b:38:4d:d2:6b:b8:cf:dd:8e:74:22:d2:da:1e:
f1:2f:96:72:3b:82:91:2e:c8:71:09:db:b9:46:8e:7a:df:19:
e9:0d:fd:a1:13:fb:30:95:9f:c5:6a:04:e6:c8:60:34:4f:19:
da:47:86:7a:ab:08:20:b0:ee:81:16:73:0e:45:26:18:cd:0d:
03:14:9c:e7:d6:1e:4d:0c:2b:c5:a3:4f:31:3c:55:4d:28:9a:
a2:1d:c4:6f
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQntZmZOvU5Td33DFalt8O6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjUwMTAyMTU1MDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjg3MzRhMWRkNmQzMjg2NTE1YmE1OWYzMTAzZWMyZTVlMmI0MjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSd7XMR2fNWO3u0/eQe6k/R7bVhA
195XOPlwBLUmwjX1vy/CLk57aNVlsud06GdPraNSHXohxcwNpkJrR2syyCfN1Q/X
cCNyMJbX6DRwdv/wDIyl35ofimIDAhVWDD2jaOLoieI8TyuHTPGLClI1ek0PMJaZ
QasCWUyNLbWvCRalB2qmQWj+M79TCH3cSL8odnJb3hmStUZuJ1sENlvjzqnYyPBi
LQq5AyX2sAriY9cwdbo3UCcxX7XVBQknr90+qvH2jGvpNhw5ois5L+CGvMuKEcUX
MS7Z0zgcANr8o1sViThEApHLsHW3lHatcPoaw+nIWn3gcAdxdGdHaNMcIwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFMaHNKHdbTKGUVulnzED7C5eK0IJMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEveG9jMG9kMXRNb1pSVzZXZk1RUHNMbDRyUWdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQDLqE4AwQD
W/NYMAwDBAOSucgDBACSuc4DBALBXcAwDQYJKoZIhvcNAQELBQADggEBALGReNgn
bHUc07BwSyZ8X15RRrJn9eOMbz3pfxoxTgR6n5btrysrMvPNGfydfDCWL0LgqijZ
E3oJIs5TkIxilyDEN52HPfCJRbwlRSptzwwDoxfcPF6jGmNGqelmS0lW5TXNiWZB
Mwf3Wb7y3HYvvRAv3kV7L/FjRtRw26susqsVK6HKIDd4pfrzM6JoTGYS8ai5wQtv
UEw3Mp9j/KRQw+PiuuR9Y6BrOE3Sa7jP3Y50ItLaHvEvlnI7gpEuyHEJ27lGjnrf
GekN/aET+zCVn8VqBObIYDRPGdpHhnqrCCCw7oEWcw5FJhjNDQMUnOfWHk0MK8Wj
TzE8VU0omqIdxG8=
-----END CERTIFICATE-----
Generated at Wed Apr 9 05:22:26 2025 by rpki-client