Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/fd8074-223a-4b52-bedd-66bdffa8bdc1/1/6ZlUqBOWy6SfY78F6eyD54lMPAY.roa
File: 6ZlUqBOWy6SfY78F6eyD54lMPAY.roa (raw, json)
Hash identifier: SE9+hxx8Z232AXhES9ATqyXkhpq/sJNlQEl+ue1Fkso=
Subject key identifier: E9:99:54:A8:13:96:CB:A4:9F:63:BF:05:E9:EC:83:E7:89:4C:3C:06
Certificate issuer: /CN=f94df2f8f5a13c645368914e3dbe42a24a36da5d
Certificate serial: 019420D65B324EC2B28BA326291B16AC0B4C
Authority key identifier: F9:4D:F2:F8:F5:A1:3C:64:53:68:91:4E:3D:BE:42:A2:4A:36:DA:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-U3y-PWhPGRTaJFOPb5Coko22l0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/fd8074-223a-4b52-bedd-66bdffa8bdc1/1/6ZlUqBOWy6SfY78F6eyD54lMPAY.roa
Signing time: Wed 01 Jan 2025 07:48:26 +0000
ROA not before: Wed 01 Jan 2025 07:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60781
IP address blocks: 91.184.46.0/23 maxlen: 23
91.184.48.0/20 maxlen: 20
2a01:198:ff00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/fd8074-223a-4b52-bedd-66bdffa8bdc1/1/1-U3y-PWhPGRTaJFOPb5Coko22l0.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/fd8074-223a-4b52-bedd-66bdffa8bdc1/1/1-U3y-PWhPGRTaJFOPb5Coko22l0.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-U3y-PWhPGRTaJFOPb5Coko22l0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:5b:32:4e:c2:b2:8b:a3:26:29:1b:16:ac:0b:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f94df2f8f5a13c645368914e3dbe42a24a36da5d
Validity
Not Before: Jan 1 07:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e99954a81396cba49f63bf05e9ec83e7894c3c06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0a:27:22:15:e1:b5:8c:a1:d1:e7:3b:be:e4:
49:66:b8:7f:12:81:90:ae:0d:25:95:84:52:33:c5:
34:38:4b:fe:1a:42:71:e4:5b:3a:9c:a2:ef:6e:c8:
de:4c:1a:63:75:ce:1e:f9:37:86:18:d0:f3:c6:03:
3f:1e:3e:01:9b:5f:74:df:ac:bb:de:f2:32:4c:46:
59:24:c7:2f:3a:62:34:70:10:3f:4d:bd:9c:78:b2:
33:d0:6a:39:dd:17:d4:78:3f:ef:55:e0:85:ff:8a:
96:b0:8d:ff:e7:28:78:28:2d:c0:e6:c8:ac:12:ac:
02:8a:82:a7:45:6e:d6:22:8e:81:b4:2b:2f:1f:89:
44:65:89:62:54:11:de:98:c9:d1:ac:39:70:7a:f9:
37:c0:93:2b:ce:ad:a3:1c:9d:28:68:ae:6a:eb:9c:
43:7b:f5:19:d3:de:a2:dc:b3:13:d1:2b:24:a3:13:
d4:cf:2f:ee:11:78:7a:61:32:3d:8e:31:a4:3e:f6:
2f:04:c0:68:c9:fa:12:78:27:ee:0b:c4:96:c3:bd:
c1:e7:87:94:fe:23:3d:ff:48:d2:93:35:42:78:c7:
12:79:04:fd:95:7e:9a:f9:20:d7:d3:28:1a:3d:00:
ea:2c:a6:6c:27:2d:3b:f0:7a:99:cc:ea:8a:98:f8:
2c:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:99:54:A8:13:96:CB:A4:9F:63:BF:05:E9:EC:83:E7:89:4C:3C:06
X509v3 Authority Key Identifier:
keyid:F9:4D:F2:F8:F5:A1:3C:64:53:68:91:4E:3D:BE:42:A2:4A:36:DA:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-U3y-PWhPGRTaJFOPb5Coko22l0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/fd8074-223a-4b52-bedd-66bdffa8bdc1/1/6ZlUqBOWy6SfY78F6eyD54lMPAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/fd8074-223a-4b52-bedd-66bdffa8bdc1/1/1-U3y-PWhPGRTaJFOPb5Coko22l0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.184.46.0-91.184.63.255
IPv6:
2a01:198:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
8d:d5:9e:d6:83:fe:53:e7:e4:44:3b:f8:48:2b:4a:f1:51:44:
93:bb:b6:21:cb:1d:9b:23:f7:10:57:25:32:bf:26:65:25:3a:
b3:c4:4a:64:42:d8:78:37:64:f1:18:19:81:24:6d:87:74:14:
e3:06:9e:88:e5:82:d4:67:7c:cd:4d:cd:5b:43:a7:4a:7a:5b:
78:05:6a:85:4d:94:8e:18:e4:26:7f:93:c3:96:fe:bb:36:9d:
35:2f:ab:01:11:ca:cd:0c:ae:3c:e5:8e:3a:08:a1:cd:0d:7d:
d5:8e:ba:6a:87:18:75:9b:01:7a:8a:b8:c1:e2:92:32:58:49:
e7:44:e6:bd:d6:2c:60:08:b6:4e:f0:40:d2:fd:40:43:41:63:
e9:4c:95:ee:ca:a2:ed:df:aa:c8:06:e7:b1:31:5f:b0:7f:20:
6d:be:dd:a6:28:27:b7:a0:b3:e7:b6:de:e2:a7:10:15:32:1c:
b8:c0:16:60:6e:3f:d2:9b:20:fd:0f:a6:6a:67:e4:cc:d6:72:
95:e4:bf:cf:19:b8:28:50:75:91:82:0b:39:02:02:37:e6:f4:
0b:c6:fa:9d:e9:68:2e:a6:50:82:45:4c:8d:a8:3e:7b:ca:56:
6f:7e:0d:98:a8:4a:93:1c:4a:a5:c4:ae:bf:55:6c:59:9f:5d:
16:ca:a7:f5
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQg1lsyTsKyi6MmKRsWrAtMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5NGRmMmY4ZjVhMTNjNjQ1MzY4OTE0ZTNkYmU0MmEyNGEz
NmRhNWQwHhcNMjUwMTAxMDc0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTk5NTRhODEzOTZjYmE0OWY2M2JmMDVlOWVjODNlNzg5NGMzYzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAonIhXhtYyh0ec7vuRJZrh/EoGQ
rg0llYRSM8U0OEv+GkJx5Fs6nKLvbsjeTBpjdc4e+TeGGNDzxgM/Hj4Bm19036y7
3vIyTEZZJMcvOmI0cBA/Tb2ceLIz0Go53RfUeD/vVeCF/4qWsI3/5yh4KC3A5sis
EqwCioKnRW7WIo6BtCsvH4lEZYliVBHemMnRrDlwevk3wJMrzq2jHJ0oaK5q65xD
e/UZ096i3LMT0SskoxPUzy/uEXh6YTI9jjGkPvYvBMBoyfoSeCfuC8SWw73B54eU
/iM9/0jSkzVCeMcSeQT9lX6a+SDX0ygaPQDqLKZsJy078HqZzOqKmPgssQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOmZVKgTlsukn2O/Bensg+eJTDwGMB8GA1UdIwQY
MBaAFPlN8vj1oTxkU2iRTj2+QqJKNtpdMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1VM3ktUFdoUEdSVGFKRk9QYjVDb2tvMjJsMC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIvZmQ4MDc0LTIyM2EtNGI1Mi1iZWRk
LTY2YmRmZmE4YmRjMS8xLzZabFVxQk9XeTZTZlk3OEY2ZXlENTRsTVBBWS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmIvZmQ4MDc0LTIyM2EtNGI1Mi1iZWRkLTY2YmRmZmE4YmRj
MS8xLzEtVTN5LVBXaFBHUlRhSkZPUGI1Q29rbzIybDAuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMBQEAgABMA4wDAMEAVu4
LgMEBlu4ADAOBAIAAjAIAwYAKgEBmP8wDQYJKoZIhvcNAQELBQADggEBAI3VntaD
/lPn5EQ7+EgrSvFRRJO7tiHLHZsj9xBXJTK/JmUlOrPESmRC2Hg3ZPEYGYEkbYd0
FOMGnojlgtRnfM1NzVtDp0p6W3gFaoVNlI4Y5CZ/k8OW/rs2nTUvqwERys0Mrjzl
jjoIoc0NfdWOumqHGHWbAXqKuMHikjJYSedE5r3WLGAItk7wQNL9QENBY+lMle7K
ou3fqsgG57ExX7B/IG2+3aYoJ7egs+e23uKnEBUyHLjAFmBuP9KbIP0Ppmpn5MzW
cpXkv88ZuChQdZGCCzkCAjfm9AvG+p3paC6mUIJFTI2oPnvKVm9+DZioSpMcSqXE
rr9VbFmfXRbKp/U=
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:38:13 2025 by rpki-client