Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/6KojKGt8m1JZYflLectBk9G6KyQ.roa
File: 6KojKGt8m1JZYflLectBk9G6KyQ.roa (raw, json)
Hash identifier: f7oRXtNmZrUg7ECYCX58KaB9kZ/BYKNvyNqrr7ZA0pg=
Subject key identifier: E8:AA:23:28:6B:7C:9B:52:59:61:F9:4B:79:CB:41:93:D1:BA:2B:24
Certificate issuer: /CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Certificate serial: 019421B20988DD2E4740E3965A44DDD0C6AE
Authority key identifier: 36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/6KojKGt8m1JZYflLectBk9G6KyQ.roa
Signing time: Wed 01 Jan 2025 11:48:23 +0000
ROA not before: Wed 01 Jan 2025 11:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50214
IP address blocks: 95.181.152.0/24 maxlen: 24
95.181.171.0/24 maxlen: 24
185.12.124.0/24 maxlen: 24
185.12.125.0/24 maxlen: 24
185.12.126.0/24 maxlen: 24
185.12.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/Njdp-GRKWnGK5isFjdH7YstaPCA.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/Njdp-GRKWnGK5isFjdH7YstaPCA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:09:88:dd:2e:47:40:e3:96:5a:44:dd:d0:c6:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Validity
Not Before: Jan 1 11:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e8aa23286b7c9b525961f94b79cb4193d1ba2b24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:82:39:9e:57:6c:69:4c:d0:83:56:13:91:fe:
87:f6:47:2b:42:f3:2d:7e:4b:2f:fa:9d:c5:57:27:
09:38:d4:26:6d:42:91:b0:a9:86:5a:ca:1d:f6:c9:
fa:1c:ba:93:de:49:2c:0d:9e:df:30:06:19:5e:46:
b1:dc:9d:c0:30:f8:5e:c4:03:a9:03:a3:c9:82:56:
f2:77:7b:87:03:b3:56:0e:eb:b1:69:5a:de:67:1e:
1e:42:d6:52:24:db:33:c8:92:8c:ee:29:a3:fa:4c:
c4:26:84:43:07:46:1f:cb:a8:57:fe:b3:ea:f8:14:
5c:18:1b:22:c8:39:46:68:42:5f:27:3e:fc:bf:ba:
8d:36:69:af:26:0d:57:4a:b5:13:c2:45:41:53:b9:
76:70:6e:3c:23:bb:ca:c4:33:bf:7c:47:22:bf:5d:
a7:33:cb:40:45:ec:93:9d:67:76:53:b8:fa:b3:61:
dd:73:57:73:9c:62:02:65:9e:8c:d0:15:30:8e:c3:
50:2a:41:ac:01:00:6c:6f:10:c8:d1:30:20:31:c6:
d4:12:17:5d:60:ae:73:1b:4b:6b:b3:ec:56:3b:91:
a6:b7:2b:66:fc:d2:d3:24:d2:84:4e:42:1b:6e:04:
4b:49:36:9c:e8:d8:8f:2a:d4:d8:95:fd:c9:40:6d:
02:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:AA:23:28:6B:7C:9B:52:59:61:F9:4B:79:CB:41:93:D1:BA:2B:24
X509v3 Authority Key Identifier:
keyid:36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/6KojKGt8m1JZYflLectBk9G6KyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/Njdp-GRKWnGK5isFjdH7YstaPCA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.181.152.0/24
95.181.171.0/24
185.12.124.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:15:f1:14:9f:cf:2b:b6:4b:d6:b4:f9:19:34:3c:b7:19:c2:
8c:16:2e:f3:80:93:9c:12:dc:65:30:77:71:4e:fd:4a:e6:72:
9d:b8:1b:b0:de:4a:dd:16:38:93:5d:8e:ac:b3:09:bd:2c:a8:
e2:3a:38:83:3d:7f:35:5f:e7:0c:0c:d5:b5:91:65:f8:d4:18:
e2:2d:a9:6f:34:24:dd:13:fc:a2:1a:8f:4a:33:e2:bb:c1:30:
d0:f1:d5:27:fb:96:4a:38:af:be:6b:f3:6f:d1:39:31:ee:48:
9a:43:7e:2b:f7:79:89:94:ac:65:ed:95:6c:1c:2f:1b:32:ba:
f3:51:9d:31:ef:29:be:90:60:e6:0e:23:0e:1c:9a:81:99:66:
e5:60:ed:d0:63:ff:60:c7:72:1a:83:d8:b8:36:d4:51:b4:0a:
01:4b:bd:02:f5:44:b8:ad:32:f5:bc:68:9e:a1:05:62:e9:c6:
99:ad:77:20:a2:3b:7d:8a:f5:60:29:a8:9f:d2:22:bb:00:e1:
e4:39:8e:bb:a0:e8:75:81:7f:5f:68:d7:25:ef:4e:aa:a2:55:
8b:da:97:ba:10:23:be:e6:d4:0b:d7:35:21:90:00:44:f8:f3:
67:85:6b:75:0f:00:ea:50:dc:0c:96:7c:5c:7a:db:8d:34:50:
31:b8:e1:9a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQhsgmI3S5HQOOWWkTd0MauMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2Mzc2OWY4NjQ0YTVhNzE4YWU2MmIwNThkZDFmYjYyY2I1
YTNjMjAwHhcNMjUwMTAxMTE0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGFhMjMyODZiN2M5YjUyNTk2MWY5NGI3OWNiNDE5M2QxYmEyYjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYI5nldsaUzQg1YTkf6H9kcrQvMt
fksv+p3FVycJONQmbUKRsKmGWsod9sn6HLqT3kksDZ7fMAYZXkax3J3AMPhexAOp
A6PJglbyd3uHA7NWDuuxaVreZx4eQtZSJNszyJKM7imj+kzEJoRDB0Yfy6hX/rPq
+BRcGBsiyDlGaEJfJz78v7qNNmmvJg1XSrUTwkVBU7l2cG48I7vKxDO/fEciv12n
M8tAReyTnWd2U7j6s2Hdc1dznGICZZ6M0BUwjsNQKkGsAQBsbxDI0TAgMcbUEhdd
YK5zG0trs+xWO5Gmtytm/NLTJNKETkIbbgRLSTac6NiPKtTYlf3JQG0CeQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOiqIyhrfJtSWWH5S3nLQZPRuiskMB8GA1UdIwQY
MBaAFDY3afhkSlpxiuYrBY3R+2LLWjwgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYt
Mzk5ZmM5NjkzYjIyLzEvNktvaktHdDhtMUpaWWZsTGVjdEJrOUc2S3lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYtMzk5ZmM5NjkzYjIy
LzEvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAX7WYAwQA
X7WrAwQCuQx8MA0GCSqGSIb3DQEBCwUAA4IBAQB/FfEUn88rtkvWtPkZNDy3GcKM
Fi7zgJOcEtxlMHdxTv1K5nKduBuw3krdFjiTXY6sswm9LKjiOjiDPX81X+cMDNW1
kWX41BjiLalvNCTdE/yiGo9KM+K7wTDQ8dUn+5ZKOK++a/Nv0Tkx7kiaQ34r93mJ
lKxl7ZVsHC8bMrrzUZ0x7ym+kGDmDiMOHJqBmWblYO3QY/9gx3Iag9i4NtRRtAoB
S70C9US4rTL1vGieoQVi6caZrXcgojt9ivVgKaif0iK7AOHkOY67oOh1gX9faNcl
706qolWL2pe6ECO+5tQL1zUhkABE+PNnhWt1DwDqUNwMlnxcetuNNFAxuOGa
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:53:48 2025 by rpki-client