Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/6WgYdehy91JaGiXTQ4-mtet9hKA.roa
File: 6WgYdehy91JaGiXTQ4-mtet9hKA.roa (raw, json)
Hash identifier: k18cYqD3ZZMZ5W+a0Kjw8aqcJhfy210LAE8xFma2X2Y=
Subject key identifier: E9:68:18:75:E8:72:F7:52:5A:1A:25:D3:43:8F:A6:B5:EB:7D:84:A0
Certificate issuer: /CN=8b47aa09f2c610f6f44b4e75c1cd9dcd3884e55d
Certificate serial: 019426D95096533FF75B79BFF0801D6895FE
Authority key identifier: 8B:47:AA:09:F2:C6:10:F6:F4:4B:4E:75:C1:CD:9D:CD:38:84:E5:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i0eqCfLGEPb0S051wc2dzTiE5V0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/6WgYdehy91JaGiXTQ4-mtet9hKA.roa
Signing time: Thu 02 Jan 2025 11:49:23 +0000
ROA not before: Thu 02 Jan 2025 11:49:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47376
IP address blocks: 185.86.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/i0eqCfLGEPb0S051wc2dzTiE5V0.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/i0eqCfLGEPb0S051wc2dzTiE5V0.mft
rsync://rpki.ripe.net/repository/DEFAULT/i0eqCfLGEPb0S051wc2dzTiE5V0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:50:96:53:3f:f7:5b:79:bf:f0:80:1d:68:95:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b47aa09f2c610f6f44b4e75c1cd9dcd3884e55d
Validity
Not Before: Jan 2 11:49:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e9681875e872f7525a1a25d3438fa6b5eb7d84a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:24:d6:72:ae:1f:f0:61:a6:62:f2:06:06:4d:
3b:e4:ef:9e:b3:5b:b0:c1:e2:54:e5:24:cc:75:dd:
7c:40:05:29:70:9b:13:71:6d:9a:59:5f:74:4b:56:
d8:42:f1:af:12:62:8c:9f:37:22:86:40:11:c0:bd:
d9:9b:cf:6a:e2:c6:f4:69:d9:55:2c:b6:2e:a2:f7:
79:df:4a:53:29:29:b3:05:7d:c1:b4:38:c2:32:c4:
24:38:47:0d:07:40:28:1d:79:4f:c8:61:0b:15:9b:
00:30:9f:43:0c:8d:af:32:b9:21:c0:72:5b:be:39:
33:57:45:a3:a4:34:81:ee:52:28:68:88:45:4d:c3:
c1:3e:29:da:ae:8b:41:78:6a:e4:2e:5c:07:44:f5:
cb:8b:4f:ae:83:05:ed:e5:fc:64:af:b9:ad:cc:f4:
67:87:b4:5a:c8:91:29:30:2b:39:65:52:34:9d:06:
c3:f5:09:3c:97:34:46:dd:a4:d9:be:c4:24:89:d7:
99:ad:1f:2e:40:98:0e:75:4c:5a:1d:4f:ac:f8:fa:
0f:2f:5f:36:29:0f:63:67:b1:56:4b:f4:b1:bb:30:
9e:9a:17:a2:db:70:46:73:01:e6:d5:e8:1d:97:2c:
1b:50:7c:f2:bc:6f:88:56:4d:a7:3a:cb:f4:84:4e:
8d:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:68:18:75:E8:72:F7:52:5A:1A:25:D3:43:8F:A6:B5:EB:7D:84:A0
X509v3 Authority Key Identifier:
keyid:8B:47:AA:09:F2:C6:10:F6:F4:4B:4E:75:C1:CD:9D:CD:38:84:E5:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i0eqCfLGEPb0S051wc2dzTiE5V0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/6WgYdehy91JaGiXTQ4-mtet9hKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/i0eqCfLGEPb0S051wc2dzTiE5V0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.183.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:83:da:11:20:44:3e:31:5c:80:a6:29:c9:8a:f7:55:3c:3f:
df:46:13:22:48:36:6e:51:cf:c7:b6:f0:d1:4b:54:e9:1d:44:
20:69:f9:d2:e8:4d:a6:36:dc:44:11:b4:33:54:f1:5a:61:91:
3f:1c:45:2f:25:94:52:22:7d:f3:0f:14:76:8d:66:78:dc:c2:
63:36:5d:08:48:23:94:9b:89:40:8e:ff:3c:d9:b2:74:1c:24:
c8:a7:ca:fa:8d:8b:7c:fe:ec:d0:53:9a:44:92:91:80:46:b2:
8e:43:aa:80:11:80:df:16:77:a6:db:00:55:af:2c:d2:70:2c:
d1:cb:18:d7:fe:34:7c:5b:61:0a:1d:c5:55:8f:10:cb:b7:28:
3b:3e:45:80:8f:c4:c8:80:cf:01:6b:8c:a3:bc:3c:f3:bb:ee:
f1:73:88:a7:32:b4:c7:ac:38:50:ed:a4:01:20:0c:9e:13:e7:
55:22:ce:be:2b:9b:6c:4d:ec:f1:d1:51:8e:8f:40:2c:12:22:
63:c6:70:a7:db:b3:14:6b:3a:52:ab:f6:1e:10:43:ad:97:0b:
51:67:f8:d1:6d:8e:ae:11:7d:f2:20:db:d1:91:0e:50:9f:e7:
73:d3:f1:35:59:1c:3a:a9:fa:3b:92:ca:d7:c2:f5:9a:55:6a:
8c:f6:1f:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2VCWUz/3W3m/8IAdaJX+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNDdhYTA5ZjJjNjEwZjZmNDRiNGU3NWMxY2Q5ZGNkMzg4
NGU1NWQwHhcNMjUwMTAyMTE0OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTY4MTg3NWU4NzJmNzUyNWExYTI1ZDM0MzhmYTZiNWViN2Q4NGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyTWcq4f8GGmYvIGBk075O+es1uw
weJU5STMdd18QAUpcJsTcW2aWV90S1bYQvGvEmKMnzcihkARwL3Zm89q4sb0adlV
LLYuovd530pTKSmzBX3BtDjCMsQkOEcNB0AoHXlPyGELFZsAMJ9DDI2vMrkhwHJb
vjkzV0WjpDSB7lIoaIhFTcPBPinarotBeGrkLlwHRPXLi0+ugwXt5fxkr7mtzPRn
h7RayJEpMCs5ZVI0nQbD9Qk8lzRG3aTZvsQkideZrR8uQJgOdUxaHU+s+PoPL182
KQ9jZ7FWS/SxuzCemhei23BGcwHm1egdlywbUHzyvG+IVk2nOsv0hE6N9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOloGHXocvdSWhol00OPprXrfYSgMB8GA1UdIwQY
MBaAFItHqgnyxhD29EtOdcHNnc04hOVdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTBlcUNmTEdFUGIwUzA1MXdjMmR6VGlFNVYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9mNTYwZTEtNzg0MC00OTUxLWFiNzgt
NTAwMTUzOWQ3MTg1LzEvNldnWWRlaHk5MUphR2lYVFE0LW10ZXQ5aEtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9mNTYwZTEtNzg0MC00OTUxLWFiNzgtNTAwMTUzOWQ3MTg1
LzEvaTBlcUNmTEdFUGIwUzA1MXdjMmR6VGlFNVYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVa3MA0G
CSqGSIb3DQEBCwUAA4IBAQB+g9oRIEQ+MVyApinJivdVPD/fRhMiSDZuUc/HtvDR
S1TpHUQgafnS6E2mNtxEEbQzVPFaYZE/HEUvJZRSIn3zDxR2jWZ43MJjNl0ISCOU
m4lAjv882bJ0HCTIp8r6jYt8/uzQU5pEkpGARrKOQ6qAEYDfFnem2wBVryzScCzR
yxjX/jR8W2EKHcVVjxDLtyg7PkWAj8TIgM8Ba4yjvDzzu+7xc4inMrTHrDhQ7aQB
IAyeE+dVIs6+K5tsTezx0VGOj0AsEiJjxnCn27MUazpSq/YeEEOtlwtRZ/jRbY6u
EX3yINvRkQ5Qn+dz0/E1WRw6qfo7ksrXwvWaVWqM9h8s
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:15:29 2025 by rpki-client