Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/6TauPTrrYu2XtkFKKlQ2u7VDDno.roa
File: 6TauPTrrYu2XtkFKKlQ2u7VDDno.roa (raw, json)
Hash identifier: n6010YujWfquA7qOkV2BHT4bCszagBkp571M6qN6nZc=
Subject key identifier: E9:36:AE:3D:3A:EB:62:ED:97:B6:41:4A:2A:54:36:BB:B5:43:0E:7A
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 01942826791BFE1885E100777F8A7F0AFFB7
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/6TauPTrrYu2XtkFKKlQ2u7VDDno.roa
Signing time: Thu 02 Jan 2025 17:53:17 +0000
ROA not before: Thu 02 Jan 2025 17:53:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396190
IP address blocks: 89.249.193.0/24 maxlen: 24
212.42.193.0/24 maxlen: 24
212.42.194.0/24 maxlen: 24
212.42.200.0/24 maxlen: 24
212.42.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.mft
rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 11:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:79:1b:fe:18:85:e1:00:77:7f:8a:7f:0a:ff:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Jan 2 17:53:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e936ae3d3aeb62ed97b6414a2a5436bbb5430e7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:5e:50:e8:99:1d:32:5f:53:53:74:ba:cb:02:
b4:67:4e:b8:23:55:54:8f:3d:8d:2a:d5:da:e5:3b:
25:82:02:26:dd:bd:6b:41:37:e7:ad:30:dd:c6:51:
28:9c:c2:82:45:bc:21:54:67:85:dd:76:b6:59:89:
22:d5:cd:ab:f2:f4:93:06:2c:46:24:99:1b:41:de:
bf:59:4a:29:8a:2a:82:45:d4:ad:6d:de:58:3d:56:
18:25:e9:93:46:97:69:9d:e4:33:48:08:a9:b4:9f:
75:76:6f:26:ef:ff:8a:20:a6:25:09:4f:54:99:2a:
fc:9a:28:d0:02:58:9a:d3:8d:79:a7:a7:3b:9b:73:
37:22:54:ad:25:83:e6:70:33:e0:27:01:f1:08:7d:
f5:67:95:3d:dc:76:3a:b4:bd:f6:c1:bb:42:cf:cc:
04:55:2d:52:9c:94:7a:4c:c5:64:79:2a:07:e1:42:
8d:11:23:51:58:47:b7:32:8e:8f:77:09:fd:a1:c0:
bb:fd:b6:c2:65:11:e1:13:f7:ea:2c:d4:d3:10:34:
fd:6a:4c:d6:ce:ba:ca:1c:21:7e:d3:ad:12:19:ad:
a8:9e:c8:d2:8a:bf:dc:41:ba:cf:aa:f9:20:8d:42:
30:70:ae:c4:b5:92:4b:cb:7f:81:98:03:c5:58:a6:
6a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:36:AE:3D:3A:EB:62:ED:97:B6:41:4A:2A:54:36:BB:B5:43:0E:7A
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/6TauPTrrYu2XtkFKKlQ2u7VDDno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.193.0/24
212.42.193.0-212.42.194.255
212.42.200.0/24
212.42.207.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:9e:ac:8a:0c:82:ad:a1:7d:9f:d9:64:84:8f:12:0e:0c:db:
2c:71:8c:16:33:b2:04:a2:ae:96:39:f9:05:19:1e:df:74:5f:
66:ac:b6:5c:c7:2a:f5:06:fd:43:ff:ad:a5:92:30:a4:c6:ab:
d6:c9:31:5d:48:51:6c:f5:97:c5:ac:40:e8:f9:a3:24:99:57:
09:dc:a2:cc:5a:c1:75:0e:4d:cd:91:9c:21:4a:be:0d:6b:bd:
b1:c2:fc:4b:c7:29:3d:66:66:e6:9e:1c:02:50:0a:a8:4a:05:
d8:2c:70:5d:ee:a5:d7:0c:36:27:3f:4e:0b:41:ce:7d:b5:28:
66:f1:ea:1c:90:9d:01:60:9b:c0:63:ff:86:e9:2b:08:24:b8:
32:00:fe:9c:ef:bc:d1:ca:d9:a9:38:97:88:b6:bb:69:6d:73:
d5:6d:81:79:1b:8c:c8:80:0c:10:0f:14:44:29:5e:3b:62:76:
b4:53:16:15:2c:fe:71:eb:6e:68:61:66:6f:3e:2f:f6:84:be:
f6:ab:79:91:f1:43:88:ee:fb:89:7e:a1:14:67:f3:ec:1e:4e:
b2:7c:1b:55:30:f8:92:f3:1a:86:de:1c:de:32:75:79:6a:ce:
76:5b:ee:62:77:48:d0:1e:0f:41:24:7b:93:74:78:ac:20:a9:
cc:24:e2:8c
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQoJnkb/hiF4QB3f4p/Cv+3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjUwMTAyMTc1MzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTM2YWUzZDNhZWI2MmVkOTdiNjQxNGEyYTU0MzZiYmI1NDMwZTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvl5Q6JkdMl9TU3S6ywK0Z064I1VU
jz2NKtXa5TslggIm3b1rQTfnrTDdxlEonMKCRbwhVGeF3Xa2WYki1c2r8vSTBixG
JJkbQd6/WUopiiqCRdStbd5YPVYYJemTRpdpneQzSAiptJ91dm8m7/+KIKYlCU9U
mSr8mijQAlia0415p6c7m3M3IlStJYPmcDPgJwHxCH31Z5U93HY6tL32wbtCz8wE
VS1SnJR6TMVkeSoH4UKNESNRWEe3Mo6Pdwn9ocC7/bbCZRHhE/fqLNTTEDT9akzW
zrrKHCF+060SGa2onsjSir/cQbrPqvkgjUIwcK7EtZJLy3+BmAPFWKZqNQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOk2rj0662Ltl7ZBSipUNru1Qw56MB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvNlRhdVBUcnJZdTJYdGtGS0tsUTJ1N1ZERG5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAWfnBMAwD
BADUKsEDBADUKsIDBADUKsgDBADUKs8wDQYJKoZIhvcNAQELBQADggEBAE6erIoM
gq2hfZ/ZZISPEg4M2yxxjBYzsgSirpY5+QUZHt90X2astlzHKvUG/UP/raWSMKTG
q9bJMV1IUWz1l8WsQOj5oySZVwncosxawXUOTc2RnCFKvg1rvbHC/EvHKT1mZuae
HAJQCqhKBdgscF3updcMNic/TgtBzn21KGbx6hyQnQFgm8Bj/4bpKwgkuDIA/pzv
vNHK2ak4l4i2u2ltc9VtgXkbjMiADBAPFEQpXjtidrRTFhUs/nHrbmhhZm8+L/aE
vvareZHxQ4ju+4l+oRRn8+weTrJ8G1Uw+JLzGobeHN4ydXlqznZb7mJ3SNAeD0Ek
e5N0eKwgqcwk4ow=
-----END CERTIFICATE-----
Generated at Wed Feb 5 18:57:16 2025 by rpki-client