Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/k2Bl0X1Xhyjdn3IbuabLI96zgjM.roa
File: k2Bl0X1Xhyjdn3IbuabLI96zgjM.roa (raw, json)
Hash identifier: SdiU91uJhhlahJNRJxTnGujivAjE2HO2D4zGx1rcEjA=
Subject key identifier: 93:60:65:D1:7D:57:87:28:DD:9F:72:1B:B9:A6:CB:23:DE:B3:82:33
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 01942067D950B95C7AA2B3944D58811D2D42
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/k2Bl0X1Xhyjdn3IbuabLI96zgjM.roa
Signing time: Wed 01 Jan 2025 05:47:44 +0000
ROA not before: Wed 01 Jan 2025 05:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206466
IP address blocks: 194.6.170.0/24 maxlen: 24
194.6.173.0/24 maxlen: 24
194.209.31.0/24 maxlen: 24
194.209.199.0/24 maxlen: 24
195.65.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.mft
rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:d9:50:b9:5c:7a:a2:b3:94:4d:58:81:1d:2d:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 05:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=936065d17d578728dd9f721bb9a6cb23deb38233
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:46:fb:f4:1c:cc:cf:a8:66:70:a2:79:8a:70:
29:7b:c4:eb:a8:52:03:39:94:af:ba:0a:28:54:c5:
d3:fb:32:2e:8c:fd:52:ed:9d:a2:56:4c:a1:6a:f5:
9e:e5:f6:f1:9f:3e:f3:2e:87:f8:5c:33:f8:18:89:
b3:d4:5a:32:0a:0c:c7:f8:55:2c:97:3b:b1:43:24:
5e:9a:27:7e:61:f1:ee:d6:04:fc:83:c8:9c:b8:48:
e2:83:9e:28:fe:f0:a6:ce:73:34:4f:b0:30:72:70:
cb:05:5a:6e:a7:71:54:65:c8:f7:43:02:0d:f8:1a:
ba:27:86:e8:fe:f9:08:1f:de:ee:dc:16:e2:20:74:
9c:31:c6:ec:3c:e5:b0:73:ed:0a:d8:6a:e0:b9:50:
e0:8e:de:b6:f7:cd:19:58:a0:5e:77:ab:1a:79:ff:
ec:ec:22:a7:36:81:2a:c6:14:64:a1:4a:29:fb:7d:
be:74:23:38:9e:b7:9c:02:ab:cf:c3:1b:09:2e:5a:
29:f6:9e:f3:5f:09:81:69:33:c9:51:26:51:69:0c:
8e:ff:f2:90:39:1e:03:34:45:ac:3a:6a:1a:0c:37:
17:c5:61:ef:d8:c4:b6:d4:d4:87:14:60:58:88:fa:
88:2c:04:23:fc:a8:ac:65:51:86:14:de:e7:89:54:
35:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:60:65:D1:7D:57:87:28:DD:9F:72:1B:B9:A6:CB:23:DE:B3:82:33
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/k2Bl0X1Xhyjdn3IbuabLI96zgjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.6.170.0/24
194.6.173.0/24
194.209.31.0/24
194.209.199.0/24
195.65.142.0/24
Signature Algorithm: sha256WithRSAEncryption
94:7d:a8:81:f2:82:76:34:e8:5a:c5:50:c9:cf:5f:3e:d7:63:
07:ad:ce:2f:6a:8f:38:c4:5c:1e:e2:1e:7e:2f:07:1e:d4:9e:
9c:a0:5a:6d:67:c7:81:f2:d4:38:33:82:09:24:af:08:ca:3c:
a9:54:70:39:40:73:c3:8d:27:d1:04:8f:72:00:59:9d:a5:10:
fd:5d:a3:62:23:24:70:35:8f:8a:73:4e:23:1e:38:4f:0d:04:
9f:ce:7e:ed:61:b9:ee:d7:c3:66:1e:9c:d8:f7:c8:f7:53:fe:
69:38:01:31:88:5c:da:26:32:d6:c7:90:c2:c5:1a:05:b8:20:
4e:6f:69:85:94:da:5e:d3:15:98:a3:73:34:61:5f:d3:d7:91:
15:66:85:70:5b:22:24:3f:6b:23:dd:4d:13:c7:3e:85:98:f6:
2a:18:92:0b:5a:76:03:a1:7b:05:9a:27:a6:5d:cb:0d:96:26:
34:9b:86:df:79:97:c5:31:76:93:a6:67:49:cf:33:0c:ec:6e:
76:ff:21:43:c4:1b:53:11:93:26:e4:ab:89:cc:14:88:fa:e5:
57:19:d7:b0:e4:09:83:e9:ac:99:fd:f0:53:c1:f9:54:5a:c6:
a3:f7:df:86:f6:d1:db:12:ee:b3:4f:7e:dc:2d:bf:68:2a:64:
02:1f:43:9a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQgZ9lQuVx6orOUTViBHS1CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjUwMTAxMDU0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzYwNjVkMTdkNTc4NzI4ZGQ5ZjcyMWJiOWE2Y2IyM2RlYjM4MjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0b79BzMz6hmcKJ5inApe8TrqFID
OZSvugooVMXT+zIujP1S7Z2iVkyhavWe5fbxnz7zLof4XDP4GImz1FoyCgzH+FUs
lzuxQyRemid+YfHu1gT8g8icuEjig54o/vCmznM0T7AwcnDLBVpup3FUZcj3QwIN
+Bq6J4bo/vkIH97u3BbiIHScMcbsPOWwc+0K2GrguVDgjt62980ZWKBed6saef/s
7CKnNoEqxhRkoUop+32+dCM4nrecAqvPwxsJLlop9p7zXwmBaTPJUSZRaQyO//KQ
OR4DNEWsOmoaDDcXxWHv2MS21NSHFGBYiPqILAQj/KisZVGGFN7niVQ1tQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJNgZdF9V4co3Z9yG7mmyyPes4IzMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvazJCbDBYMVhoeWpkbjNJYnVhYkxJOTZ6Z2pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwgaqAwQA
wgatAwQAwtEfAwQAwtHHAwQAw0GOMA0GCSqGSIb3DQEBCwUAA4IBAQCUfaiB8oJ2
NOhaxVDJz18+12MHrc4vao84xFwe4h5+Lwce1J6coFptZ8eB8tQ4M4IJJK8Iyjyp
VHA5QHPDjSfRBI9yAFmdpRD9XaNiIyRwNY+Kc04jHjhPDQSfzn7tYbnu18NmHpzY
98j3U/5pOAExiFzaJjLWx5DCxRoFuCBOb2mFlNpe0xWYo3M0YV/T15EVZoVwWyIk
P2sj3U0Txz6FmPYqGJILWnYDoXsFmiemXcsNliY0m4bfeZfFMXaTpmdJzzMM7G52
/yFDxBtTEZMm5KuJzBSI+uVXGdew5AmD6ayZ/fBTwflUWsaj99+G9tHbEu6zT37c
Lb9oKmQCH0Oa
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:41:30 2025 by rpki-client