Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/a6q6SMppTrXBxB1ybsHve0I84N0.roa
File: a6q6SMppTrXBxB1ybsHve0I84N0.roa (raw, json)
Hash identifier: zWAoSAHCDkJxMs7sBHL6WOI4Hvocxl0YCPnrC6K64Fc=
Subject key identifier: 6B:AA:BA:48:CA:69:4E:B5:C1:C4:1D:72:6E:C1:EF:7B:42:3C:E0:DD
Certificate issuer: /CN=76670236cd0e038684a33194bde7d4b95adc66f7
Certificate serial: 01946611D29F1E296F75BCF999C3916DB25A
Authority key identifier: 76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/a6q6SMppTrXBxB1ybsHve0I84N0.roa
Signing time: Tue 14 Jan 2025 18:27:11 +0000
ROA not before: Tue 14 Jan 2025 18:27:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215540
IP address blocks: 5.44.42.0/24 maxlen: 24
45.129.185.0/24 maxlen: 24
2a05:541:102::/48 maxlen: 48
2a05:541:103::/48 maxlen: 48
2a05:541:104::/48 maxlen: 48
2a05:541:105::/48 maxlen: 48
2a05:541:106::/48 maxlen: 48
2a05:541:107::/48 maxlen: 48
2a05:541:108::/48 maxlen: 48
2a05:541:109::/48 maxlen: 48
2a05:541:110::/48 maxlen: 48
2a05:541:111::/48 maxlen: 48
2a05:541:112::/48 maxlen: 48
2a05:541:113::/48 maxlen: 48
2a05:541:114::/48 maxlen: 48
2a05:541:115::/48 maxlen: 48
2a05:541:116::/48 maxlen: 48
2a05:541:117::/48 maxlen: 48
2a05:541:118::/48 maxlen: 48
2a05:541:119::/48 maxlen: 48
2a05:541:121::/48 maxlen: 48
2a05:541:122::/48 maxlen: 48
2a05:541:123::/48 maxlen: 48
2a05:541:124::/48 maxlen: 48
2a05:541:125::/48 maxlen: 48
2a05:541:126::/48 maxlen: 48
2a05:541:127::/48 maxlen: 48
2a05:541:129::/48 maxlen: 48
2a05:541:131::/48 maxlen: 48
2a05:541:133::/48 maxlen: 48
2a05:541:134::/48 maxlen: 48
2a05:541:135::/48 maxlen: 48
2a05:541:136::/48 maxlen: 48
2a05:541:137::/48 maxlen: 48
2a05:541:138::/48 maxlen: 48
2a05:541:139::/48 maxlen: 48
2a05:541:141::/48 maxlen: 48
2a05:541:152::/48 maxlen: 48
2a05:541:153::/48 maxlen: 48
2a05:541:156::/48 maxlen: 48
2a05:541:157::/48 maxlen: 48
2a05:541:158::/48 maxlen: 48
2a05:541:159::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.mft
rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:66:11:d2:9f:1e:29:6f:75:bc:f9:99:c3:91:6d:b2:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76670236cd0e038684a33194bde7d4b95adc66f7
Validity
Not Before: Jan 14 18:27:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6baaba48ca694eb5c1c41d726ec1ef7b423ce0dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:13:ed:ef:8a:2c:c5:8f:8c:a9:74:f3:cf:8f:
db:9a:74:4b:f6:f3:62:9d:21:c0:6d:42:d5:28:a7:
77:c7:5e:29:e2:06:1b:6c:d1:4b:ff:02:19:ba:fd:
01:8b:19:9d:5d:d6:38:ba:6c:ca:9f:a4:d0:75:81:
52:22:9b:6d:20:a7:3b:aa:40:99:c9:cc:e3:f9:c0:
fd:50:d0:f2:27:3f:9a:3e:69:ff:16:39:fa:a7:cf:
da:38:8b:cc:65:bb:13:3d:69:90:04:13:ce:4c:bb:
1c:21:3a:fc:8e:34:bd:cd:84:f6:f5:d0:0c:92:8e:
c0:5a:2f:85:a8:7d:e7:0a:db:e5:7d:79:af:80:f5:
f2:ca:af:d1:ab:08:4d:05:4d:ac:49:ed:aa:17:1b:
b3:14:a4:b6:71:8a:34:34:87:63:1f:e5:69:13:dc:
d6:15:9a:0b:89:d7:dc:f1:f9:14:c0:f3:26:f6:c1:
94:79:66:d9:01:9f:b2:ec:52:f0:37:f0:07:10:2e:
3d:93:39:15:b6:57:7b:b5:8b:86:7b:40:be:a9:09:
32:87:11:be:fb:e6:ac:bc:8a:27:f2:3d:8f:bc:b6:
61:d4:7d:c9:d2:fe:8c:28:a8:30:7d:f0:8d:8b:c4:
ad:ee:9d:9f:f6:44:cc:ad:fe:9d:07:69:13:91:3b:
55:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:AA:BA:48:CA:69:4E:B5:C1:C4:1D:72:6E:C1:EF:7B:42:3C:E0:DD
X509v3 Authority Key Identifier:
keyid:76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/a6q6SMppTrXBxB1ybsHve0I84N0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.42.0/24
45.129.185.0/24
IPv6:
2a05:541:102::-2a05:541:109:ffff:ffff:ffff:ffff:ffff
2a05:541:110::-2a05:541:119:ffff:ffff:ffff:ffff:ffff
2a05:541:121::-2a05:541:127:ffff:ffff:ffff:ffff:ffff
2a05:541:129::/48
2a05:541:131::/48
2a05:541:133::-2a05:541:139:ffff:ffff:ffff:ffff:ffff
2a05:541:141::/48
2a05:541:152::/47
2a05:541:156::-2a05:541:159:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
85:9b:e8:a7:4d:98:06:0e:32:85:8d:c3:75:49:7f:bb:2b:58:
64:84:c5:51:a8:1b:37:7a:b8:de:bb:54:af:60:76:58:3a:43:
42:28:03:87:9d:04:62:d5:43:f5:6d:70:4b:ac:56:03:7c:87:
61:33:40:1e:ff:07:7e:51:c4:89:88:e0:e3:79:b3:a5:23:7b:
3f:8d:b8:15:08:ff:bc:7a:ba:82:5f:36:8d:81:8c:b6:7f:f1:
a2:39:42:d9:7f:2a:ae:ef:1a:0c:46:f4:91:1f:1c:86:c6:d4:
e8:92:1d:4d:74:1c:d0:2c:5a:8b:57:af:b8:a4:66:54:36:8a:
1d:99:d8:bd:4c:34:e4:e6:b9:11:6e:e1:1d:0e:99:f9:5c:52:
38:af:09:b7:9a:5c:72:a9:88:bd:f6:a1:61:f3:59:78:8c:62:
d9:52:b9:e3:fc:b8:55:a2:11:48:f9:66:d0:b8:3f:9e:5e:64:
4a:ef:f0:7c:95:55:7b:9f:aa:e7:95:c7:2b:55:2f:23:4a:a0:
a0:a9:60:3a:ac:91:21:82:9e:ae:0b:e7:5d:b4:d5:bd:a1:45:
bd:70:03:fc:a2:f0:39:3e:d3:47:43:4d:4b:ca:7a:47:a0:9a:
f0:73:a7:66:e9:69:d2:66:6a:e5:86:61:75:05:13:6e:51:00:
c4:8d:e1:e7
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAZRmEdKfHilvdbz5mcORbbJaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NjcwMjM2Y2QwZTAzODY4NGEzMzE5NGJkZTdkNGI5NWFk
YzY2ZjcwHhcNMjUwMTE0MTgyNzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmFhYmE0OGNhNjk0ZWI1YzFjNDFkNzI2ZWMxZWY3YjQyM2NlMGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhPt74osxY+MqXTzz4/bmnRL9vNi
nSHAbULVKKd3x14p4gYbbNFL/wIZuv0BixmdXdY4umzKn6TQdYFSIpttIKc7qkCZ
yczj+cD9UNDyJz+aPmn/Fjn6p8/aOIvMZbsTPWmQBBPOTLscITr8jjS9zYT29dAM
ko7AWi+FqH3nCtvlfXmvgPXyyq/RqwhNBU2sSe2qFxuzFKS2cYo0NIdjH+VpE9zW
FZoLidfc8fkUwPMm9sGUeWbZAZ+y7FLwN/AHEC49kzkVtld7tYuGe0C+qQkyhxG+
++asvIon8j2PvLZh1H3J0v6MKKgwffCNi8St7p2f9kTMrf6dB2kTkTtVUwIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFGuqukjKaU61wcQdcm7B73tCPODdMB8GA1UdIwQY
MBaAFHZnAjbNDgOGhKMxlL3n1Lla3Gb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgt
YmE0ZmMyMzQ2ODNlLzEvYTZxNlNNcHBUclhCeEIxeWJzSHZlMEk4NE4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgtYmE0ZmMyMzQ2ODNl
LzEvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjASBAIAATAMAwQABSwq
AwQALYG5MIGPBAIAAjCBiDASAwcBKgUFQQECAwcBKgUFQQEIMBIDBwQqBQVBARAD
BwEqBQVBARgwEgMHACoFBUEBIQMHAyoFBUEBIAMHACoFBUEBKQMHACoFBUEBMTAS
AwcAKgUFQQEzAwcBKgUFQQE4AwcAKgUFQQFBAwcBKgUFQQFSMBIDBwEqBQVBAVYD
BwEqBQVBAVgwDQYJKoZIhvcNAQELBQADggEBAIWb6KdNmAYOMoWNw3VJf7srWGSE
xVGoGzd6uN67VK9gdlg6Q0IoA4edBGLVQ/VtcEusVgN8h2EzQB7/B35RxImI4ON5
s6Ujez+NuBUI/7x6uoJfNo2BjLZ/8aI5Qtl/Kq7vGgxG9JEfHIbG1OiSHU10HNAs
WotXr7ikZlQ2ih2Z2L1MNOTmuRFu4R0OmflcUjivCbeaXHKpiL32oWHzWXiMYtlS
ueP8uFWiEUj5ZtC4P55eZErv8HyVVXufqueVxytVLyNKoKCpYDqskSGCnq4L5120
1b2hRb1wA/yi8Dk+00dDTUvKekegmvBzp2bpadJmauWGYXUFE25RAMSN4ec=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:35:22 2025 by rpki-client