Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/3e2c38-f96f-40df-aeac-f0150c81acf5/1/6-IQUKyeOlnZ0n7k-mpTFfKu5nA.roa
File: 6-IQUKyeOlnZ0n7k-mpTFfKu5nA.roa (raw, json)
Hash identifier: uwqOWT1eD0xXX0n+hN5F7B5Z9MhYA/dYHW/YSlQ6tT8=
Subject key identifier: EB:E2:10:50:AC:9E:3A:59:D9:D2:7E:E4:FA:6A:53:15:F2:AE:E6:70
Certificate issuer: /CN=4927124d9803a7de54883164a376ea72e3c63eaf
Certificate serial: 0194266BE90A40BFD95A1DF1B5BDAF14561A
Authority key identifier: 49:27:12:4D:98:03:A7:DE:54:88:31:64:A3:76:EA:72:E3:C6:3E:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SScSTZgDp95UiDFko3bqcuPGPq8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/3e2c38-f96f-40df-aeac-f0150c81acf5/1/6-IQUKyeOlnZ0n7k-mpTFfKu5nA.roa
Signing time: Thu 02 Jan 2025 09:49:53 +0000
ROA not before: Thu 02 Jan 2025 09:49:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8522
IP address blocks: 139.91.0.0/16 maxlen: 16
139.91.250.0/24 maxlen: 24
139.91.252.0/24 maxlen: 24
139.91.253.0/24 maxlen: 24
192.67.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/3e2c38-f96f-40df-aeac-f0150c81acf5/1/SScSTZgDp95UiDFko3bqcuPGPq8.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/3e2c38-f96f-40df-aeac-f0150c81acf5/1/SScSTZgDp95UiDFko3bqcuPGPq8.mft
rsync://rpki.ripe.net/repository/DEFAULT/SScSTZgDp95UiDFko3bqcuPGPq8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:e9:0a:40:bf:d9:5a:1d:f1:b5:bd:af:14:56:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4927124d9803a7de54883164a376ea72e3c63eaf
Validity
Not Before: Jan 2 09:49:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ebe21050ac9e3a59d9d27ee4fa6a5315f2aee670
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a4:0e:03:b6:44:ae:19:bb:cd:66:54:20:d2:
18:10:fa:bb:d9:e3:39:4b:0b:ac:fc:3d:71:f7:cf:
7a:a6:8e:0d:84:11:96:a9:ec:91:b1:2f:57:01:4f:
2a:82:a6:5b:5b:08:0e:f0:1c:30:fe:87:d4:d2:71:
68:62:b7:25:2e:5b:df:27:e9:31:e4:16:52:6f:c5:
45:5e:92:ed:b8:01:e6:09:cd:f8:bf:e1:36:6d:f7:
a2:ab:33:75:d2:6f:65:a1:5c:40:fd:44:0c:1d:ff:
ae:ee:f6:16:44:6b:76:c9:7b:51:40:c3:aa:63:55:
49:1f:17:7e:ee:e1:40:94:2f:3e:e1:92:98:d4:6d:
39:0b:ba:29:27:2f:ec:8e:58:6f:5c:9d:31:13:77:
14:71:b7:9e:d5:a5:02:15:ba:65:6c:d7:95:6d:b5:
63:16:76:c2:84:05:6e:f6:dd:5a:1c:ef:d3:8d:bc:
ce:76:60:9d:b4:fe:7e:a2:8a:5c:e4:a9:78:8b:40:
bb:56:ce:76:9e:07:84:31:1f:8d:69:35:23:8e:64:
35:8d:69:3c:85:52:00:69:ee:86:a7:d1:25:fa:97:
19:b7:41:a9:c3:ba:bd:20:a0:07:f6:04:bd:35:bf:
31:75:7c:42:f4:db:20:d9:12:bb:24:63:ba:53:95:
7d:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:E2:10:50:AC:9E:3A:59:D9:D2:7E:E4:FA:6A:53:15:F2:AE:E6:70
X509v3 Authority Key Identifier:
keyid:49:27:12:4D:98:03:A7:DE:54:88:31:64:A3:76:EA:72:E3:C6:3E:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SScSTZgDp95UiDFko3bqcuPGPq8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/3e2c38-f96f-40df-aeac-f0150c81acf5/1/6-IQUKyeOlnZ0n7k-mpTFfKu5nA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/3e2c38-f96f-40df-aeac-f0150c81acf5/1/SScSTZgDp95UiDFko3bqcuPGPq8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.91.0.0/16
192.67.249.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:bc:83:3c:34:d4:b0:29:81:a8:b4:d1:5e:7e:8a:54:0b:a4:
44:06:fa:94:39:09:fc:78:ae:06:fe:78:81:9c:10:dc:38:2f:
b5:ba:86:74:9f:8d:6d:1c:fd:d6:1d:16:eb:37:51:49:c7:00:
0f:00:e3:b5:45:a5:96:8f:e7:7e:81:cd:cb:9e:3d:3c:18:9d:
e9:55:8f:c4:3a:8a:33:86:3c:3d:9c:e6:bd:8d:1a:5d:52:1f:
f9:bd:2c:5d:9d:b0:fc:6e:e5:2f:50:e5:11:9b:eb:c4:e0:51:
35:73:12:8b:81:ef:cc:0e:9e:99:d9:2e:a2:c9:9c:e3:23:46:
48:49:74:0b:55:19:39:0b:42:a6:e7:41:9b:23:6c:16:c4:94:
c5:15:bf:ec:9a:39:cd:98:93:60:d5:b6:29:6e:2e:68:34:0d:
d7:9b:7d:c1:40:ec:87:57:79:b1:c3:97:d8:32:60:9e:f2:7b:
cd:a8:4f:60:3d:a8:33:6f:96:84:5d:fd:4a:dd:9f:3f:2f:62:
26:8f:92:cb:57:49:04:49:f9:79:ac:3d:45:19:e3:ea:15:62:
d0:a8:6e:bf:44:8b:ab:c5:2e:28:fb:2f:34:11:ee:0c:3f:1b:
71:5b:55:4d:4f:99:bd:1f:d4:25:86:a5:2a:34:eb:74:dd:06:
1f:2b:2c:7b
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAZQma+kKQL/ZWh3xtb2vFFYaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MjcxMjRkOTgwM2E3ZGU1NDg4MzE2NGEzNzZlYTcyZTNj
NjNlYWYwHhcNMjUwMTAyMDk0OTUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmUyMTA1MGFjOWUzYTU5ZDlkMjdlZTRmYTZhNTMxNWYyYWVlNjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKQOA7ZErhm7zWZUINIYEPq72eM5
Swus/D1x9896po4NhBGWqeyRsS9XAU8qgqZbWwgO8Bww/ofU0nFoYrclLlvfJ+kx
5BZSb8VFXpLtuAHmCc34v+E2bfeiqzN10m9loVxA/UQMHf+u7vYWRGt2yXtRQMOq
Y1VJHxd+7uFAlC8+4ZKY1G05C7opJy/sjlhvXJ0xE3cUcbee1aUCFbplbNeVbbVj
FnbChAVu9t1aHO/TjbzOdmCdtP5+oopc5Kl4i0C7Vs52ngeEMR+NaTUjjmQ1jWk8
hVIAae6Gp9El+pcZt0Gpw7q9IKAH9gS9Nb8xdXxC9Nsg2RK7JGO6U5V9HQIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFOviEFCsnjpZ2dJ+5PpqUxXyruZwMB8GA1UdIwQY
MBaAFEknEk2YA6feVIgxZKN26nLjxj6vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1NjU1RaZ0RwOTVVaURGa28zYnFjdVBHUHE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8zZTJjMzgtZjk2Zi00MGRmLWFlYWMt
ZjAxNTBjODFhY2Y1LzEvNi1JUVVLeWVPbG5aMG43ay1tcFRGZkt1NW5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8zZTJjMzgtZjk2Zi00MGRmLWFlYWMtZjAxNTBjODFhY2Y1
LzEvU1NjU1RaZ0RwOTVVaURGa28zYnFjdVBHUHE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMAi1sDBADA
Q/kwDQYJKoZIhvcNAQELBQADggEBAEq8gzw01LApgai00V5+ilQLpEQG+pQ5Cfx4
rgb+eIGcENw4L7W6hnSfjW0c/dYdFus3UUnHAA8A47VFpZaP536BzcuePTwYnelV
j8Q6ijOGPD2c5r2NGl1SH/m9LF2dsPxu5S9Q5RGb68TgUTVzEouB78wOnpnZLqLJ
nOMjRkhJdAtVGTkLQqbnQZsjbBbElMUVv+yaOc2Yk2DVtiluLmg0DdebfcFA7IdX
ebHDl9gyYJ7ye82oT2A9qDNvloRd/Urdnz8vYiaPkstXSQRJ+XmsPUUZ4+oVYtCo
br9Ei6vFLij7LzQR7gw/G3FbVU1Pmb0f1CWGpSo063TdBh8rLHs=
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:13:02 2025 by rpki-client