Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/188542-d4f7-4aa2-adc7-775a05788cf5/1/anOrtlhwnnmjPAi8_6BJOHZxlL4.roa
File: anOrtlhwnnmjPAi8_6BJOHZxlL4.roa (raw, json)
Hash identifier: YCZfQBw4Fjx9AZOlBUf0daMhEFakgdsLR0V2NRN6new=
Subject key identifier: 6A:73:AB:B6:58:70:9E:79:A3:3C:08:BC:FF:A0:49:38:76:71:94:BE
Certificate issuer: /CN=3a6e2e7ff2c702c8ab5149feea7175991c73409c
Certificate serial: 0194214428D49AD9BA2205E16791B9638D8C
Authority key identifier: 3A:6E:2E:7F:F2:C7:02:C8:AB:51:49:FE:EA:71:75:99:1C:73:40:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Om4uf_LHAsirUUn-6nF1mRxzQJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/188542-d4f7-4aa2-adc7-775a05788cf5/1/anOrtlhwnnmjPAi8_6BJOHZxlL4.roa
Signing time: Wed 01 Jan 2025 09:48:22 +0000
ROA not before: Wed 01 Jan 2025 09:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8400
IP address blocks: 37.35.8.0/21 maxlen: 21
93.92.248.0/21 maxlen: 21
185.125.176.0/23 maxlen: 23
212.57.40.0/21 maxlen: 21
212.57.42.0/23 maxlen: 23
212.57.44.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/188542-d4f7-4aa2-adc7-775a05788cf5/1/Om4uf_LHAsirUUn-6nF1mRxzQJw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/188542-d4f7-4aa2-adc7-775a05788cf5/1/Om4uf_LHAsirUUn-6nF1mRxzQJw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Om4uf_LHAsirUUn-6nF1mRxzQJw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 20:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:28:d4:9a:d9:ba:22:05:e1:67:91:b9:63:8d:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a6e2e7ff2c702c8ab5149feea7175991c73409c
Validity
Not Before: Jan 1 09:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a73abb658709e79a33c08bcffa04938767194be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:4a:fb:4e:53:01:4d:26:91:58:8e:d2:13:73:
87:8b:88:32:f8:af:62:61:71:d6:33:5f:12:71:fe:
ec:66:6a:3d:ff:86:d7:52:29:d6:36:5a:d9:58:77:
1f:1a:55:e1:b5:f3:54:71:73:b9:66:1b:f8:88:8f:
bd:a7:26:2f:f1:d7:6d:81:19:5e:52:d8:8f:db:d3:
32:57:8e:67:bb:03:1b:c0:99:f6:81:98:2d:c3:9a:
1c:c6:cd:7f:95:fe:90:71:0e:9b:2d:3b:1a:52:e5:
c0:98:28:cd:ba:d7:04:94:34:4e:fa:58:3c:6b:ad:
94:a5:db:cb:10:ec:e6:e2:59:0a:e1:c7:42:70:ce:
67:5c:e1:95:e7:70:33:c3:0e:39:f9:f8:56:9f:c4:
48:1b:a5:60:5d:bc:d1:27:9b:28:4a:d7:28:09:d5:
56:5a:ef:63:d0:96:97:4a:e8:46:98:2f:32:a5:66:
27:74:b1:cf:3a:13:d2:59:f9:5b:a2:e1:f6:90:87:
c7:c3:c6:46:87:0a:e3:f4:64:61:ab:47:77:e9:67:
34:c3:95:45:cf:91:19:a0:0c:ff:09:1d:9c:b3:b8:
cf:e0:7b:af:b4:d4:7f:61:f0:74:5d:d1:d6:5b:c5:
9d:18:7a:a1:f9:b2:bf:ee:d2:90:1c:9a:7f:57:07:
e7:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:73:AB:B6:58:70:9E:79:A3:3C:08:BC:FF:A0:49:38:76:71:94:BE
X509v3 Authority Key Identifier:
keyid:3A:6E:2E:7F:F2:C7:02:C8:AB:51:49:FE:EA:71:75:99:1C:73:40:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Om4uf_LHAsirUUn-6nF1mRxzQJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/188542-d4f7-4aa2-adc7-775a05788cf5/1/anOrtlhwnnmjPAi8_6BJOHZxlL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/188542-d4f7-4aa2-adc7-775a05788cf5/1/Om4uf_LHAsirUUn-6nF1mRxzQJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.35.8.0/21
93.92.248.0/21
185.125.176.0/23
212.57.40.0/21
Signature Algorithm: sha256WithRSAEncryption
1a:ab:a8:3f:04:e3:35:fd:bc:8f:79:19:bd:96:d2:59:ae:1e:
52:06:9b:31:38:1d:b1:9a:a5:b2:c0:65:eb:d6:71:17:f6:f7:
31:5c:2e:86:48:c0:2f:6e:61:ec:fb:0c:b8:7c:94:f3:2f:89:
8c:fd:56:e6:2c:ec:e3:08:54:39:cc:23:7c:74:45:96:15:13:
c9:54:79:7d:37:5e:4a:7c:12:78:e9:1e:28:c3:03:c0:b6:d3:
91:7b:55:6e:5a:8b:a1:3e:dd:53:3c:92:5e:6b:22:c8:ef:1a:
51:c0:98:0a:8d:6e:bf:99:d2:37:74:c6:a4:d1:b1:3e:b2:aa:
e1:90:52:20:50:83:34:db:9d:fe:65:04:77:50:ab:1c:f9:f5:
98:e6:a2:01:e4:5c:0f:71:5e:ed:c9:19:6f:65:12:a5:4b:20:
9c:64:cc:54:84:a1:e9:cc:38:fd:76:b1:15:a3:61:7a:30:5f:
e8:a7:c6:05:56:b1:c7:11:96:ae:8d:14:da:ef:71:45:05:da:
f8:4b:8d:de:b1:66:69:7f:31:79:da:66:f1:af:47:50:c7:31:
62:9c:31:6f:19:82:d3:b4:bc:9b:73:ec:60:e1:9f:3d:cd:00:
1c:9d:7a:d4:3a:65:b5:45:fe:d3:30:00:92:6c:d0:e5:aa:4f:
d0:e7:dd:be
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQhRCjUmtm6IgXhZ5G5Y42MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNmUyZTdmZjJjNzAyYzhhYjUxNDlmZWVhNzE3NTk5MWM3
MzQwOWMwHhcNMjUwMTAxMDk0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTczYWJiNjU4NzA5ZTc5YTMzYzA4YmNmZmEwNDkzODc2NzE5NGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUr7TlMBTSaRWI7SE3OHi4gy+K9i
YXHWM18Scf7sZmo9/4bXUinWNlrZWHcfGlXhtfNUcXO5Zhv4iI+9pyYv8ddtgRle
UtiP29MyV45nuwMbwJn2gZgtw5ocxs1/lf6QcQ6bLTsaUuXAmCjNutcElDRO+lg8
a62UpdvLEOzm4lkK4cdCcM5nXOGV53Azww45+fhWn8RIG6VgXbzRJ5soStcoCdVW
Wu9j0JaXSuhGmC8ypWYndLHPOhPSWflbouH2kIfHw8ZGhwrj9GRhq0d36Wc0w5VF
z5EZoAz/CR2cs7jP4HuvtNR/YfB0XdHWW8WdGHqh+bK/7tKQHJp/VwfnXQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGpzq7ZYcJ55ozwIvP+gSTh2cZS+MB8GA1UdIwQY
MBaAFDpuLn/yxwLIq1FJ/upxdZkcc0CcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT200dWZfTEhBc2lyVVVuLTZuRjFtUnh6UUp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8xODg1NDItZDRmNy00YWEyLWFkYzct
Nzc1YTA1Nzg4Y2Y1LzEvYW5PcnRsaHdubm1qUEFpOF82QkpPSFp4bEw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8xODg1NDItZDRmNy00YWEyLWFkYzctNzc1YTA1Nzg4Y2Y1
LzEvT200dWZfTEhBc2lyVVVuLTZuRjFtUnh6UUp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDJSMIAwQD
XVz4AwQBuX2wAwQD1DkoMA0GCSqGSIb3DQEBCwUAA4IBAQAaq6g/BOM1/byPeRm9
ltJZrh5SBpsxOB2xmqWywGXr1nEX9vcxXC6GSMAvbmHs+wy4fJTzL4mM/VbmLOzj
CFQ5zCN8dEWWFRPJVHl9N15KfBJ46R4owwPAttORe1VuWouhPt1TPJJeayLI7xpR
wJgKjW6/mdI3dMak0bE+sqrhkFIgUIM0253+ZQR3UKsc+fWY5qIB5FwPcV7tyRlv
ZRKlSyCcZMxUhKHpzDj9drEVo2F6MF/op8YFVrHHEZaujRTa73FFBdr4S43esWZp
fzF52mbxr0dQxzFinDFvGYLTtLybc+xg4Z89zQAcnXrUOmW1Rf7TMACSbNDlqk/Q
592+
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:11 2025 by rpki-client