Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/2713ed-cb32-407e-8628-0e467e51ba06/1/YWeKpT1rE5D3jQdqNfYDMaSRQ-o.roa
File: YWeKpT1rE5D3jQdqNfYDMaSRQ-o.roa (raw, json)
Hash identifier: Zb5RmiW5EJ1sc/m0g84BzROe4xUzHJtXaAdIweCX3Co=
Subject key identifier: 61:67:8A:A5:3D:6B:13:90:F7:8D:07:6A:35:F6:03:31:A4:91:43:EA
Certificate issuer: /CN=6eebaf15233d98eb8ef062c245f917362e632656
Certificate serial: 0194258FCAB23E5A99C328FC6EE31ED4189E
Authority key identifier: 6E:EB:AF:15:23:3D:98:EB:8E:F0:62:C2:45:F9:17:36:2E:63:26:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/buuvFSM9mOuO8GLCRfkXNi5jJlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/2713ed-cb32-407e-8628-0e467e51ba06/1/YWeKpT1rE5D3jQdqNfYDMaSRQ-o.roa
Signing time: Thu 02 Jan 2025 05:49:28 +0000
ROA not before: Thu 02 Jan 2025 05:49:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50630
IP address blocks: 2.56.4.0/24 maxlen: 24
2.56.5.0/24 maxlen: 24
2.56.6.0/24 maxlen: 24
2.56.7.0/24 maxlen: 24
109.95.57.0/24 maxlen: 24
109.95.58.0/24 maxlen: 24
195.8.194.0/24 maxlen: 24
2a0d:4d40::/44 maxlen: 48
2a0d:4d40:10::/48 maxlen: 48
2a0d:4d40:11::/48 maxlen: 48
2a0d:4d40:12::/48 maxlen: 48
2a0d:4d40:13::/48 maxlen: 48
2a0d:4d40:14::/48 maxlen: 48
2a0d:4d40:15::/48 maxlen: 48
2a0d:4d40:16::/48 maxlen: 48
2a0d:4d40:17::/48 maxlen: 48
2a0d:4d40:18::/48 maxlen: 48
2a0d:4d40:1a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/2713ed-cb32-407e-8628-0e467e51ba06/1/buuvFSM9mOuO8GLCRfkXNi5jJlY.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/2713ed-cb32-407e-8628-0e467e51ba06/1/buuvFSM9mOuO8GLCRfkXNi5jJlY.mft
rsync://rpki.ripe.net/repository/DEFAULT/buuvFSM9mOuO8GLCRfkXNi5jJlY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 11:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:ca:b2:3e:5a:99:c3:28:fc:6e:e3:1e:d4:18:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6eebaf15233d98eb8ef062c245f917362e632656
Validity
Not Before: Jan 2 05:49:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=61678aa53d6b1390f78d076a35f60331a49143ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:41:0d:25:7e:c0:c0:c0:ca:b1:3a:62:1e:43:
4a:de:bd:00:bd:cd:2f:9e:c2:2e:de:8d:78:80:29:
f9:be:c6:e2:3d:70:27:38:30:45:f5:bf:c7:10:43:
45:ef:40:0f:a1:a3:39:91:99:3b:90:c9:b0:c0:e9:
dc:8e:aa:36:48:96:bd:9f:fb:01:6b:38:3a:d0:34:
dd:21:c1:6e:28:fb:2a:e1:78:6d:f5:bb:3a:92:b7:
2b:c8:68:6c:50:c9:54:d3:d6:6e:3b:2e:69:09:c6:
6b:a8:07:5d:41:e1:ff:9a:fa:65:54:09:24:9e:eb:
c5:0f:36:09:1b:75:55:72:6d:1b:1c:20:f2:67:6d:
09:a4:fd:9c:48:25:b1:65:5e:7c:3e:87:f8:c3:47:
6e:88:33:79:99:9a:ab:e9:71:35:8e:69:e8:c0:29:
d4:89:47:a0:17:1a:16:fc:f2:8b:3a:f5:6e:0a:1f:
90:91:ea:49:00:bc:94:27:f9:21:68:b7:47:a5:07:
4d:ca:d6:e9:fa:62:e4:86:c1:58:2a:c4:77:10:af:
b5:bb:80:7b:2f:a6:bc:f5:87:fe:45:12:f3:29:f6:
e9:f0:1f:d8:6c:7d:c9:83:b6:90:05:e2:51:a6:cd:
b8:08:bd:f8:51:3b:b1:a1:52:ea:82:dc:0e:f5:98:
04:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:67:8A:A5:3D:6B:13:90:F7:8D:07:6A:35:F6:03:31:A4:91:43:EA
X509v3 Authority Key Identifier:
keyid:6E:EB:AF:15:23:3D:98:EB:8E:F0:62:C2:45:F9:17:36:2E:63:26:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/buuvFSM9mOuO8GLCRfkXNi5jJlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/2713ed-cb32-407e-8628-0e467e51ba06/1/YWeKpT1rE5D3jQdqNfYDMaSRQ-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/2713ed-cb32-407e-8628-0e467e51ba06/1/buuvFSM9mOuO8GLCRfkXNi5jJlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.4.0/22
109.95.57.0-109.95.58.255
195.8.194.0/24
IPv6:
2a0d:4d40::-2a0d:4d40:18:ffff:ffff:ffff:ffff:ffff
2a0d:4d40:1a::/48
Signature Algorithm: sha256WithRSAEncryption
a7:83:5a:1a:00:53:39:8f:e5:8f:81:2e:ed:e3:2d:a9:ca:26:
18:63:11:ec:f8:95:2b:b9:5e:61:36:3c:f8:0c:17:46:c9:1a:
c0:93:d0:a0:d1:9a:ba:ca:c2:55:e0:47:37:d0:d4:66:5d:82:
59:39:b5:34:f3:6c:51:27:06:c7:41:4c:4a:ac:60:eb:11:a4:
9d:a2:45:fd:4a:5a:0e:48:cf:e4:8e:22:bd:61:40:39:cc:7c:
e0:0d:a2:c7:07:37:53:64:ed:a4:a6:3e:3a:1e:61:bf:0f:b6:
0a:a2:20:dd:58:9c:06:12:05:ac:1c:d3:90:1d:23:18:70:b9:
69:ea:87:b3:20:47:ee:87:d6:8d:03:6b:98:10:1c:42:13:61:
af:17:a8:57:60:2d:1e:6a:93:4b:ed:4e:01:20:bf:8e:a8:d4:
6d:6a:f1:98:1b:eb:e3:92:b4:99:01:73:82:b3:41:31:8d:3e:
ab:9d:6c:5d:c4:83:0f:8c:75:5f:37:ad:f0:97:ff:86:4e:70:
51:52:b6:e0:84:1f:15:4b:e8:51:48:60:1e:99:a3:fd:54:d4:
c4:fd:10:1f:7b:02:cd:9c:43:d1:d9:fd:c5:98:75:0b:6b:df:
d0:9d:f5:f1:36:2e:65:c5:ff:19:d4:8a:b9:6b:00:ec:2c:25:
5b:5d:a3:7a
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAZQlj8qyPlqZwyj8buMe1BieMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlZWJhZjE1MjMzZDk4ZWI4ZWYwNjJjMjQ1ZjkxNzM2MmU2
MzI2NTYwHhcNMjUwMTAyMDU0OTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTY3OGFhNTNkNmIxMzkwZjc4ZDA3NmEzNWY2MDMzMWE0OTE0M2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0ENJX7AwMDKsTpiHkNK3r0Avc0v
nsIu3o14gCn5vsbiPXAnODBF9b/HEENF70APoaM5kZk7kMmwwOncjqo2SJa9n/sB
azg60DTdIcFuKPsq4Xht9bs6krcryGhsUMlU09ZuOy5pCcZrqAddQeH/mvplVAkk
nuvFDzYJG3VVcm0bHCDyZ20JpP2cSCWxZV58Pof4w0duiDN5mZqr6XE1jmnowCnU
iUegFxoW/PKLOvVuCh+QkepJALyUJ/khaLdHpQdNytbp+mLkhsFYKsR3EK+1u4B7
L6a89Yf+RRLzKfbp8B/YbH3Jg7aQBeJRps24CL34UTuxoVLqgtwO9ZgEeQIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFGFniqU9axOQ940HajX2AzGkkUPqMB8GA1UdIwQY
MBaAFG7rrxUjPZjrjvBiwkX5FzYuYyZWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnV1dkZTTTltT3VPOEdMQ1Jma1hOaTVqSmxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8yNzEzZWQtY2IzMi00MDdlLTg2Mjgt
MGU0NjdlNTFiYTA2LzEvWVdlS3BUMXJFNUQzalFkcU5mWURNYVNSUS1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8yNzEzZWQtY2IzMi00MDdlLTg2MjgtMGU0NjdlNTFiYTA2
LzEvYnV1dkZTTTltT3VPOEdMQ1Jma1hOaTVqSmxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTAgBAIAATAaAwQCAjgEMAwD
BABtXzkDBABtXzoDBADDCMIwIQQCAAIwGzAQAwUGKg1NQAMHACoNTUAAGAMHACoN
TUAAGjANBgkqhkiG9w0BAQsFAAOCAQEAp4NaGgBTOY/lj4Eu7eMtqcomGGMR7PiV
K7leYTY8+AwXRskawJPQoNGausrCVeBHN9DUZl2CWTm1NPNsUScGx0FMSqxg6xGk
naJF/UpaDkjP5I4ivWFAOcx84A2ixwc3U2TtpKY+Oh5hvw+2CqIg3VicBhIFrBzT
kB0jGHC5aeqHsyBH7ofWjQNrmBAcQhNhrxeoV2AtHmqTS+1OASC/jqjUbWrxmBvr
45K0mQFzgrNBMY0+q51sXcSDD4x1Xzet8Jf/hk5wUVK24IQfFUvoUUhgHpmj/VTU
xP0QH3sCzZxD0dn9xZh1C2vf0J318TYuZcX/GdSKuWsA7CwlW12jeg==
-----END CERTIFICATE-----
Generated at Wed Apr 16 15:22:49 2025 by rpki-client