Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8631f5-54a2-486f-b9a5-081a1ae6ebd6/1/YUVqQdQIyjArliTwomJUYJEwCGQ.roa
File: YUVqQdQIyjArliTwomJUYJEwCGQ.roa (raw, json)
Hash identifier: 4idaosIzVzGBgf2LXtYCKacvmrm3Vvf4Nk86J3M+nPs=
Subject key identifier: 61:45:6A:41:D4:08:CA:30:2B:96:24:F0:A2:62:54:60:91:30:08:64
Certificate issuer: /CN=b6fbc63ef5614a7ef95a106188e3d78755c687b9
Certificate serial: 0194266C23382B089595EC7291DC538BBC43
Authority key identifier: B6:FB:C6:3E:F5:61:4A:7E:F9:5A:10:61:88:E3:D7:87:55:C6:87:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tvvGPvVhSn75WhBhiOPXh1XGh7k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8631f5-54a2-486f-b9a5-081a1ae6ebd6/1/YUVqQdQIyjArliTwomJUYJEwCGQ.roa
Signing time: Thu 02 Jan 2025 09:50:08 +0000
ROA not before: Thu 02 Jan 2025 09:50:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206828
IP address blocks: 185.175.60.0/24 maxlen: 24
185.175.61.0/24 maxlen: 24
185.175.62.0/24 maxlen: 24
185.175.63.0/24 maxlen: 24
2a0b:d100::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/8631f5-54a2-486f-b9a5-081a1ae6ebd6/1/tvvGPvVhSn75WhBhiOPXh1XGh7k.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/8631f5-54a2-486f-b9a5-081a1ae6ebd6/1/tvvGPvVhSn75WhBhiOPXh1XGh7k.mft
rsync://rpki.ripe.net/repository/DEFAULT/tvvGPvVhSn75WhBhiOPXh1XGh7k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 18:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:23:38:2b:08:95:95:ec:72:91:dc:53:8b:bc:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6fbc63ef5614a7ef95a106188e3d78755c687b9
Validity
Not Before: Jan 2 09:50:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=61456a41d408ca302b9624f0a262546091300864
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:fe:2f:72:81:95:93:c4:24:9a:a3:07:12:d4:
0b:e7:ed:cd:54:d9:d6:a7:42:0c:17:e9:60:44:77:
ff:00:6e:ed:3f:49:5c:08:f4:90:5e:3d:8a:af:f1:
2c:2f:31:8e:55:12:3d:91:08:30:92:7a:13:c9:58:
18:54:83:fe:58:53:a9:6c:0f:84:70:93:d7:e8:95:
46:47:cd:c1:68:cf:c6:73:d5:3a:02:9e:b8:34:f0:
e3:e8:7a:5a:d4:c2:ec:d3:79:60:d9:6c:50:ec:a5:
bb:33:45:7f:e0:6a:90:3b:b6:e1:10:db:1b:1b:88:
e4:96:92:0b:75:6a:39:28:f1:31:bb:ec:58:cf:65:
93:3d:ce:51:2a:dc:50:f1:56:49:64:32:5c:54:50:
78:98:03:d5:36:74:f4:7e:ca:8e:45:5f:27:2d:1e:
c8:0b:a3:10:6b:3a:46:47:59:90:8b:a4:a6:fe:7f:
39:9b:ee:52:71:b6:03:ac:99:e3:89:a9:b0:83:e5:
1c:a1:cd:eb:05:3f:71:7c:af:5a:a5:ae:97:b1:44:
31:c3:7b:9e:03:f2:c0:b5:2f:3f:cb:7a:f2:34:b7:
f1:f7:b1:84:83:48:e0:0e:c5:49:b9:1d:a3:6b:5c:
94:49:47:da:4a:31:87:03:aa:b9:e9:cc:3c:2e:12:
c9:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:45:6A:41:D4:08:CA:30:2B:96:24:F0:A2:62:54:60:91:30:08:64
X509v3 Authority Key Identifier:
keyid:B6:FB:C6:3E:F5:61:4A:7E:F9:5A:10:61:88:E3:D7:87:55:C6:87:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tvvGPvVhSn75WhBhiOPXh1XGh7k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8631f5-54a2-486f-b9a5-081a1ae6ebd6/1/YUVqQdQIyjArliTwomJUYJEwCGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8631f5-54a2-486f-b9a5-081a1ae6ebd6/1/tvvGPvVhSn75WhBhiOPXh1XGh7k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.175.60.0/22
IPv6:
2a0b:d100::/29
Signature Algorithm: sha256WithRSAEncryption
32:aa:72:69:3a:de:dc:79:4a:99:7c:dd:7c:4d:ab:2b:02:41:
ee:17:2f:47:7a:6b:e9:80:1a:ce:ea:83:37:e0:48:27:51:50:
03:13:73:23:62:77:d4:8a:3b:4f:03:06:22:a9:18:37:c1:be:
d1:e8:92:43:70:06:19:1a:69:c8:ad:38:db:b0:d5:f5:62:a9:
14:f8:f8:79:87:48:67:84:bd:72:e8:b4:57:dd:ec:d0:cf:05:
16:b0:b0:6d:37:38:b3:d2:c1:71:28:75:08:d6:74:27:5b:1b:
30:38:f2:4e:1f:18:c0:95:8b:2c:57:7c:6d:23:ff:9c:a1:50:
77:d0:f1:1c:7b:43:50:ba:3b:ec:97:e0:c8:10:22:f7:ba:b4:
96:96:23:16:96:37:9c:3a:3c:5e:42:11:9d:ad:cc:b2:b2:7d:
a0:f2:c4:4d:cc:ad:31:28:7b:fe:2f:b2:cf:bf:22:70:4f:af:
d5:16:a7:3d:d7:35:30:c5:d2:27:f9:2d:0b:c1:45:2b:ea:a6:
d7:15:50:65:f4:4d:1d:61:cb:5f:90:49:16:93:36:7f:d0:13:
f9:cc:43:04:75:e5:d9:39:3e:19:fa:18:57:7c:1d:02:17:3a:
19:54:f1:d1:89:dc:d0:af:91:af:c0:f4:00:40:4d:98:ad:93:
69:76:21:29
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQmbCM4KwiVlexykdxTi7xDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZmJjNjNlZjU2MTRhN2VmOTVhMTA2MTg4ZTNkNzg3NTVj
Njg3YjkwHhcNMjUwMTAyMDk1MDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTQ1NmE0MWQ0MDhjYTMwMmI5NjI0ZjBhMjYyNTQ2MDkxMzAwODY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtf4vcoGVk8QkmqMHEtQL5+3NVNnW
p0IMF+lgRHf/AG7tP0lcCPSQXj2Kr/EsLzGOVRI9kQgwknoTyVgYVIP+WFOpbA+E
cJPX6JVGR83BaM/Gc9U6Ap64NPDj6Hpa1MLs03lg2WxQ7KW7M0V/4GqQO7bhENsb
G4jklpILdWo5KPExu+xYz2WTPc5RKtxQ8VZJZDJcVFB4mAPVNnT0fsqORV8nLR7I
C6MQazpGR1mQi6Sm/n85m+5ScbYDrJnjiamwg+Ucoc3rBT9xfK9apa6XsUQxw3ue
A/LAtS8/y3ryNLfx97GEg0jgDsVJuR2ja1yUSUfaSjGHA6q56cw8LhLJSwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGFFakHUCMowK5Yk8KJiVGCRMAhkMB8GA1UdIwQY
MBaAFLb7xj71YUp++VoQYYjj14dVxoe5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHZ2R1B2VmhTbjc1V2hCaGlPUFhoMVhHaDdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS84NjMxZjUtNTRhMi00ODZmLWI5YTUt
MDgxYTFhZTZlYmQ2LzEvWVVWcVFkUUl5akFybGlUd29tSlVZSkV3Q0dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS84NjMxZjUtNTRhMi00ODZmLWI5YTUtMDgxYTFhZTZlYmQ2
LzEvdHZ2R1B2VmhTbjc1V2hCaGlPUFhoMVhHaDdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCua88MA0E
AgACMAcDBQMqC9EAMA0GCSqGSIb3DQEBCwUAA4IBAQAyqnJpOt7ceUqZfN18Tasr
AkHuFy9HemvpgBrO6oM34EgnUVADE3MjYnfUijtPAwYiqRg3wb7R6JJDcAYZGmnI
rTjbsNX1YqkU+Ph5h0hnhL1y6LRX3ezQzwUWsLBtNziz0sFxKHUI1nQnWxswOPJO
HxjAlYssV3xtI/+coVB30PEce0NQujvsl+DIECL3urSWliMWljecOjxeQhGdrcyy
sn2g8sRNzK0xKHv+L7LPvyJwT6/VFqc91zUwxdIn+S0LwUUr6qbXFVBl9E0dYctf
kEkWkzZ/0BP5zEMEdeXZOT4Z+hhXfB0CFzoZVPHRidzQr5GvwPQAQE2YrZNpdiEp
-----END CERTIFICATE-----
Generated at Fri Apr 18 04:11:15 2025 by rpki-client