Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/419d1b-58b0-4483-92d2-86c1ee2a9eba/1/b6NjfbPhaNhgb-BW4tqnY3lmaqA.roa
File: b6NjfbPhaNhgb-BW4tqnY3lmaqA.roa (raw, json)
Hash identifier: pqBGjfGCyQz5ophzP0TT0DFUBi4mqZdJUqu+xhB6npw=
Subject key identifier: 6F:A3:63:7D:B3:E1:68:D8:60:6F:E0:56:E2:DA:A7:63:79:66:6A:A0
Certificate issuer: /CN=bd972d44276ea4102ef6aed30f2ae58e99b3e751
Certificate serial: 0194266C39172752A77123843F0B7BE85DDB
Authority key identifier: BD:97:2D:44:27:6E:A4:10:2E:F6:AE:D3:0F:2A:E5:8E:99:B3:E7:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vZctRCdupBAu9q7TDyrljpmz51E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/419d1b-58b0-4483-92d2-86c1ee2a9eba/1/b6NjfbPhaNhgb-BW4tqnY3lmaqA.roa
Signing time: Thu 02 Jan 2025 09:50:14 +0000
ROA not before: Thu 02 Jan 2025 09:50:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200852
IP address blocks: 185.93.196.0/22 maxlen: 22
185.93.196.0/23 maxlen: 23
185.93.197.0/24 maxlen: 24
185.93.198.0/23 maxlen: 23
2a02:ea00::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/419d1b-58b0-4483-92d2-86c1ee2a9eba/1/vZctRCdupBAu9q7TDyrljpmz51E.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/419d1b-58b0-4483-92d2-86c1ee2a9eba/1/vZctRCdupBAu9q7TDyrljpmz51E.mft
rsync://rpki.ripe.net/repository/DEFAULT/vZctRCdupBAu9q7TDyrljpmz51E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:39:17:27:52:a7:71:23:84:3f:0b:7b:e8:5d:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd972d44276ea4102ef6aed30f2ae58e99b3e751
Validity
Not Before: Jan 2 09:50:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6fa3637db3e168d8606fe056e2daa76379666aa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:10:5c:42:c7:30:4a:6c:72:b2:72:d3:74:6c:
14:a0:78:c8:a7:bd:68:94:5d:3c:19:42:0e:8a:60:
67:2c:80:f5:7d:96:ee:62:6e:2e:81:e9:8c:b2:9f:
70:2b:ca:cb:c4:21:9a:7b:25:a4:e6:f2:5e:77:5d:
dc:24:b7:34:0b:0a:d8:85:23:f6:33:06:f2:11:e2:
3c:63:12:c7:d4:0a:8d:23:c2:ff:ac:7d:d2:7f:1f:
9b:95:af:83:61:72:9c:81:69:62:d4:b0:43:5a:83:
5c:e8:b8:0a:83:51:b5:9d:9f:99:59:70:9c:11:a6:
66:56:e2:3b:62:17:53:11:fe:5a:a1:d0:4c:65:02:
cd:95:98:20:40:71:0c:e9:48:2f:14:c0:9a:95:21:
02:61:99:cd:72:a5:8c:ea:1d:08:63:76:7d:b4:13:
7a:7e:2f:72:cf:fd:1a:d0:74:4e:c8:ef:c4:2a:ef:
44:85:07:65:7c:12:e8:43:bc:65:ae:db:38:c6:17:
04:4c:35:31:d3:82:6a:7f:f6:81:c6:86:71:f0:17:
82:79:1c:15:eb:a7:62:51:41:46:91:f5:8c:44:52:
d1:10:db:e3:da:dc:79:fb:50:a7:a2:9f:e5:4f:00:
57:c4:c6:bc:f9:95:18:b3:49:8e:be:10:7e:97:c6:
72:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:A3:63:7D:B3:E1:68:D8:60:6F:E0:56:E2:DA:A7:63:79:66:6A:A0
X509v3 Authority Key Identifier:
keyid:BD:97:2D:44:27:6E:A4:10:2E:F6:AE:D3:0F:2A:E5:8E:99:B3:E7:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vZctRCdupBAu9q7TDyrljpmz51E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/419d1b-58b0-4483-92d2-86c1ee2a9eba/1/b6NjfbPhaNhgb-BW4tqnY3lmaqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/419d1b-58b0-4483-92d2-86c1ee2a9eba/1/vZctRCdupBAu9q7TDyrljpmz51E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.196.0/22
IPv6:
2a02:ea00::/29
Signature Algorithm: sha256WithRSAEncryption
35:10:8b:ae:1d:f6:64:a6:7f:d4:66:7f:72:95:09:09:8d:02:
18:ec:9f:f7:47:50:be:3b:d7:18:0c:35:04:9d:79:17:67:51:
4a:7a:a5:ea:69:e3:7d:fe:42:a2:0f:23:f8:9d:20:e9:ba:ca:
52:8e:39:62:16:ad:a8:03:83:f5:33:af:ed:8a:68:15:7f:8f:
db:bf:64:06:51:3b:6d:1a:43:0e:23:3a:8c:37:37:36:d1:89:
a0:21:75:6c:9a:d6:26:f3:78:0e:e3:83:d3:13:56:f2:26:13:
dd:cc:a0:84:45:60:cc:4e:df:68:26:07:3d:32:ab:69:8b:47:
27:a9:d4:c1:a8:83:ee:33:1e:d4:2b:6c:12:d3:81:77:b8:97:
e6:4c:a4:7c:e5:c3:0c:98:d8:0e:cf:a8:1b:8e:b5:01:dd:5e:
dd:a0:18:f0:37:9f:9a:b5:10:64:20:30:c1:69:91:d8:08:a2:
4c:5d:e5:cd:9b:30:cd:f9:55:e3:4f:fd:da:86:0e:74:15:30:
b6:6d:09:8d:86:b2:b1:55:c5:54:f9:97:b8:c7:80:a0:a7:f1:
ad:04:a8:3f:90:92:b6:c5:c2:fe:77:46:fa:d1:27:a2:9d:d6:
54:9c:5d:05:d5:76:cf:f4:a2:a9:56:88:7c:00:df:56:c9:23:
c5:85:b6:79
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQmbDkXJ1KncSOEPwt76F3bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkOTcyZDQ0Mjc2ZWE0MTAyZWY2YWVkMzBmMmFlNThlOTli
M2U3NTEwHhcNMjUwMTAyMDk1MDE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmEzNjM3ZGIzZTE2OGQ4NjA2ZmUwNTZlMmRhYTc2Mzc5NjY2YWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhBcQscwSmxysnLTdGwUoHjIp71o
lF08GUIOimBnLID1fZbuYm4ugemMsp9wK8rLxCGaeyWk5vJed13cJLc0CwrYhSP2
MwbyEeI8YxLH1AqNI8L/rH3Sfx+bla+DYXKcgWli1LBDWoNc6LgKg1G1nZ+ZWXCc
EaZmVuI7YhdTEf5aodBMZQLNlZggQHEM6UgvFMCalSECYZnNcqWM6h0IY3Z9tBN6
fi9yz/0a0HROyO/EKu9EhQdlfBLoQ7xlrts4xhcETDUx04Jqf/aBxoZx8BeCeRwV
66diUUFGkfWMRFLRENvj2tx5+1Cnop/lTwBXxMa8+ZUYs0mOvhB+l8ZyHwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG+jY32z4WjYYG/gVuLap2N5ZmqgMB8GA1UdIwQY
MBaAFL2XLUQnbqQQLvau0w8q5Y6Zs+dRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlpjdFJDZHVwQkF1OXE3VER5cmxqcG16NTFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS80MTlkMWItNThiMC00NDgzLTkyZDIt
ODZjMWVlMmE5ZWJhLzEvYjZOamZiUGhhTmhnYi1CVzR0cW5ZM2xtYXFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS80MTlkMWItNThiMC00NDgzLTkyZDItODZjMWVlMmE5ZWJh
LzEvdlpjdFJDZHVwQkF1OXE3VER5cmxqcG16NTFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuV3EMA0E
AgACMAcDBQMqAuoAMA0GCSqGSIb3DQEBCwUAA4IBAQA1EIuuHfZkpn/UZn9ylQkJ
jQIY7J/3R1C+O9cYDDUEnXkXZ1FKeqXqaeN9/kKiDyP4nSDpuspSjjliFq2oA4P1
M6/timgVf4/bv2QGUTttGkMOIzqMNzc20YmgIXVsmtYm83gO44PTE1byJhPdzKCE
RWDMTt9oJgc9Mqtpi0cnqdTBqIPuMx7UK2wS04F3uJfmTKR85cMMmNgOz6gbjrUB
3V7doBjwN5+atRBkIDDBaZHYCKJMXeXNmzDN+VXjT/3ahg50FTC2bQmNhrKxVcVU
+Ze4x4Cgp/GtBKg/kJK2xcL+d0b60SeindZUnF0F1XbP9KKpVoh8AN9WySPFhbZ5
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:04:03 2025 by rpki-client