Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/pO6JOWv_WdU5UYruljyF3xtIEXQ.roa
File: pO6JOWv_WdU5UYruljyF3xtIEXQ.roa (raw, json)
Hash identifier: 6mBeADEPhX3Wn3E6Qd5AZNwAKvX4/dbYe8jgqQoewTs=
Subject key identifier: A4:EE:89:39:6B:FF:59:D5:39:51:8A:EE:96:3C:85:DF:1B:48:11:74
Certificate issuer: /CN=a09cd8c71a6e33282c045d8f88c3b378acf41bd9
Certificate serial: 01953BDEA7E19F26BD5748F990395CF5A76F
Authority key identifier: A0:9C:D8:C7:1A:6E:33:28:2C:04:5D:8F:88:C3:B3:78:AC:F4:1B:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oJzYxxpuMygsBF2PiMOzeKz0G9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/pO6JOWv_WdU5UYruljyF3xtIEXQ.roa
Signing time: Tue 25 Feb 2025 06:50:02 +0000
ROA not before: Tue 25 Feb 2025 06:50:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21419
IP address blocks: 178.21.160.0/21 maxlen: 21
178.21.161.0/24 maxlen: 24
178.21.162.0/24 maxlen: 24
178.21.163.0/24 maxlen: 24
178.21.164.0/24 maxlen: 24
178.21.166.0/24 maxlen: 24
178.21.167.0/24 maxlen: 26
185.4.1.0/24 maxlen: 24
185.4.2.0/24 maxlen: 24
185.4.3.0/24 maxlen: 24
2a02:6440::/32 maxlen: 32
2a02:6440::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/oJzYxxpuMygsBF2PiMOzeKz0G9k.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/oJzYxxpuMygsBF2PiMOzeKz0G9k.mft
rsync://rpki.ripe.net/repository/DEFAULT/oJzYxxpuMygsBF2PiMOzeKz0G9k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 06:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3b:de:a7:e1:9f:26:bd:57:48:f9:90:39:5c:f5:a7:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a09cd8c71a6e33282c045d8f88c3b378acf41bd9
Validity
Not Before: Feb 25 06:50:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a4ee89396bff59d539518aee963c85df1b481174
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ef:59:e4:f6:d6:2e:85:7c:25:91:c2:32:67:
0f:11:ed:de:b4:e3:88:24:9f:b5:42:f1:4b:7e:c8:
ae:4d:53:0b:f6:42:12:89:4c:f1:e2:3b:0b:d3:9f:
fe:12:72:2a:48:7c:5f:38:4b:4a:4e:e8:da:df:f2:
a6:68:c1:b2:9d:1d:b5:91:b3:53:48:4c:38:45:13:
c6:0b:3d:bd:b5:04:80:cf:b9:4d:9b:c9:46:b6:c2:
9a:89:79:33:da:34:95:5b:48:a3:73:e7:5a:4b:f8:
8b:a7:8e:ca:c0:eb:4a:b4:f8:d8:67:dd:52:65:94:
4d:c5:9c:e8:60:e9:cd:91:59:d2:62:29:10:49:db:
d5:86:d8:c0:0a:74:54:77:42:5f:0c:e6:e1:16:46:
61:75:b7:5a:4d:b2:a4:3b:cd:61:b6:10:d2:63:47:
f6:c4:2f:a1:a2:fb:c8:97:89:51:65:eb:71:5f:bc:
73:22:a4:4b:34:05:3f:4c:f6:67:91:f0:0e:11:f4:
4f:97:f1:7c:1b:97:09:d3:5c:4a:c4:76:a5:55:0d:
f5:bb:b9:5e:95:b8:e6:18:5d:8f:ec:bf:b2:68:2a:
91:7b:9b:82:0d:e8:a4:9a:22:70:44:81:ee:7a:73:
dd:20:5e:91:35:4c:e3:4e:be:26:db:63:a8:85:37:
e5:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:EE:89:39:6B:FF:59:D5:39:51:8A:EE:96:3C:85:DF:1B:48:11:74
X509v3 Authority Key Identifier:
keyid:A0:9C:D8:C7:1A:6E:33:28:2C:04:5D:8F:88:C3:B3:78:AC:F4:1B:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oJzYxxpuMygsBF2PiMOzeKz0G9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/pO6JOWv_WdU5UYruljyF3xtIEXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0d6375-4765-4e0e-9363-6e8e07d66c9b/1/oJzYxxpuMygsBF2PiMOzeKz0G9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.21.160.0/21
185.4.1.0-185.4.3.255
IPv6:
2a02:6440::/32
Signature Algorithm: sha256WithRSAEncryption
59:af:78:be:d7:b8:97:96:f0:ea:da:06:f1:9a:4d:0f:6d:6d:
66:02:50:fb:c2:05:82:f8:28:73:e2:f9:f1:b1:0e:ef:2a:7e:
f5:da:90:6d:47:e3:67:48:2d:6c:93:13:70:fd:d9:f5:02:50:
d4:4a:c0:c1:e1:1d:e0:62:d8:c5:cf:9b:9c:99:e9:c3:93:51:
33:44:2c:e7:b2:07:96:6c:43:4b:56:6e:30:7f:33:f4:2f:0e:
c4:83:65:41:d9:e3:a7:c6:22:a2:2c:f0:c6:bd:26:dd:48:18:
45:b4:04:2d:26:15:08:00:04:f9:73:45:c8:5f:85:0e:c4:2c:
68:d5:f1:b1:8f:22:37:30:d5:91:a5:97:8c:1e:da:d2:26:b0:
78:d6:d5:4b:85:37:ae:1f:c9:8e:27:f1:54:99:ad:f8:26:4f:
04:fb:dd:a4:b6:1b:35:2a:52:22:38:2c:f5:73:ab:76:9b:af:
6a:e7:56:47:1c:85:6f:f0:23:b9:d0:40:20:42:3b:e3:36:f6:
29:6e:be:09:d8:aa:75:c8:6f:96:20:65:95:7e:29:41:b7:0c:
f2:79:d0:05:ab:b6:9d:e6:53:15:3d:ec:ab:1d:c7:1b:af:89:
41:b3:ac:81:17:5f:75:e2:68:ac:55:07:5a:25:09:ec:fb:56:
f1:93:6e:9c
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZU73qfhnya9V0j5kDlc9advMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwOWNkOGM3MWE2ZTMzMjgyYzA0NWQ4Zjg4YzNiMzc4YWNm
NDFiZDkwHhcNMjUwMjI1MDY1MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGVlODkzOTZiZmY1OWQ1Mzk1MThhZWU5NjNjODVkZjFiNDgxMTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+9Z5PbWLoV8JZHCMmcPEe3etOOI
JJ+1QvFLfsiuTVML9kISiUzx4jsL05/+EnIqSHxfOEtKTuja3/KmaMGynR21kbNT
SEw4RRPGCz29tQSAz7lNm8lGtsKaiXkz2jSVW0ijc+daS/iLp47KwOtKtPjYZ91S
ZZRNxZzoYOnNkVnSYikQSdvVhtjACnRUd0JfDObhFkZhdbdaTbKkO81hthDSY0f2
xC+hovvIl4lRZetxX7xzIqRLNAU/TPZnkfAOEfRPl/F8G5cJ01xKxHalVQ31u7le
lbjmGF2P7L+yaCqRe5uCDeikmiJwRIHuenPdIF6RNUzjTr4m22OohTfl3QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFKTuiTlr/1nVOVGK7pY8hd8bSBF0MB8GA1UdIwQY
MBaAFKCc2McabjMoLARdj4jDs3is9BvZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0p6WXh4cHVNeWdzQkYyUGlNT3plS3owRzlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wZDYzNzUtNDc2NS00ZTBlLTkzNjMt
NmU4ZTA3ZDY2YzliLzEvcE82Sk9Xdl9XZFU1VVlydWxqeUYzeHRJRVhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wZDYzNzUtNDc2NS00ZTBlLTkzNjMtNmU4ZTA3ZDY2Yzli
LzEvb0p6WXh4cHVNeWdzQkYyUGlNT3plS3owRzlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQDshWgMAwD
BAC5BAEDBAK5BAAwDQQCAAIwBwMFACoCZEAwDQYJKoZIhvcNAQELBQADggEBAFmv
eL7XuJeW8OraBvGaTQ9tbWYCUPvCBYL4KHPi+fGxDu8qfvXakG1H42dILWyTE3D9
2fUCUNRKwMHhHeBi2MXPm5yZ6cOTUTNELOeyB5ZsQ0tWbjB/M/QvDsSDZUHZ46fG
IqIs8Ma9Jt1IGEW0BC0mFQgABPlzRchfhQ7ELGjV8bGPIjcw1ZGll4we2tImsHjW
1UuFN64fyY4n8VSZrfgmTwT73aS2GzUqUiI4LPVzq3abr2rnVkcchW/wI7nQQCBC
O+M29iluvgnYqnXIb5YgZZV+KUG3DPJ50AWrtp3mUxU97KsdxxuviUGzrIEXX3Xi
aKxVB1olCez7VvGTbpw=
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:48:00 2025 by rpki-client