Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/6aROOc_I6YXbzneKGrZKgT18xbE.roa
File: 6aROOc_I6YXbzneKGrZKgT18xbE.roa (raw, json)
Hash identifier: 0jVK3W8o+aKCAOL7SBhYKVHttG3tb4G36I0oe88QcUw=
Subject key identifier: E9:A4:4E:39:CF:C8:E9:85:DB:CE:77:8A:1A:B6:4A:81:3D:7C:C5:B1
Certificate issuer: /CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Certificate serial: 0194236A2BB75F71D095F603F81606E145C9
Authority key identifier: E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/6aROOc_I6YXbzneKGrZKgT18xbE.roa
Signing time: Wed 01 Jan 2025 19:49:07 +0000
ROA not before: Wed 01 Jan 2025 19:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41318
IP address blocks: 195.168.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:2b:b7:5f:71:d0:95:f6:03:f8:16:06:e1:45:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Validity
Not Before: Jan 1 19:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e9a44e39cfc8e985dbce778a1ab64a813d7cc5b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d4:c6:73:22:50:28:24:ab:29:b6:54:31:60:
d4:87:d1:ce:08:76:a4:b9:37:ca:74:7c:47:2f:7f:
ae:b3:98:16:32:33:b4:f5:71:4f:45:b3:cb:15:e8:
9d:67:93:a2:f5:ca:63:39:48:4d:07:78:14:8f:59:
e8:55:06:68:99:10:53:45:09:53:83:f4:18:fc:3c:
85:26:92:fe:67:d8:5e:6e:b9:ee:4b:bd:3d:08:6f:
83:b7:18:19:ab:43:2a:54:cc:0b:16:f9:8b:24:7a:
be:b1:68:13:66:8f:eb:c6:ad:99:3f:56:85:75:b2:
f6:71:1b:0a:c3:a6:be:d0:73:8d:21:fa:0f:4a:ea:
0c:ec:f9:77:44:8a:bf:81:c5:37:11:7a:eb:69:00:
ed:72:28:a7:54:7f:70:48:d2:27:aa:20:b8:92:f6:
b5:7d:c5:3f:fa:a6:70:5c:a0:cd:94:b8:25:64:4b:
4d:bc:12:b2:21:39:32:a8:9a:35:0f:c8:e9:ad:61:
ca:dc:77:dd:3b:6b:4a:8e:bf:12:54:fd:65:d2:3a:
9b:1d:3d:7e:20:7a:51:23:c2:e9:b8:5c:00:29:f9:
b1:86:c6:0e:f8:0a:47:c2:fe:03:bb:6f:a7:43:95:
12:f2:83:41:41:dd:a4:c1:9f:25:44:0b:59:1a:61:
d9:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:A4:4E:39:CF:C8:E9:85:DB:CE:77:8A:1A:B6:4A:81:3D:7C:C5:B1
X509v3 Authority Key Identifier:
keyid:E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/6aROOc_I6YXbzneKGrZKgT18xbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.168.208.0/24
Signature Algorithm: sha256WithRSAEncryption
57:e7:3e:da:7e:73:fc:fc:15:5c:40:09:bb:77:36:46:ab:01:
ff:67:64:5d:2c:c8:31:09:e2:ba:8e:a0:89:55:84:a3:10:f7:
42:6f:7d:0b:1e:97:ae:85:4d:b5:32:95:08:03:cd:a8:42:13:
2c:33:9d:39:a0:8e:c7:0f:47:2d:da:6d:28:6a:01:bc:1c:d9:
10:12:21:b5:b4:95:d0:67:f8:41:85:77:9b:e6:b0:39:e0:1a:
0b:d5:84:32:0c:68:d1:eb:65:76:6a:3d:1f:f8:30:b6:e8:ff:
13:f1:2a:90:01:9a:a1:77:c8:b4:bd:68:be:37:64:5b:f6:52:
8d:f2:fc:02:08:46:08:96:ff:b6:e0:e0:31:48:bc:9e:37:ee:
b6:7e:96:8b:c0:cb:fe:af:ce:2f:e7:e0:84:53:4b:04:5b:53:
12:77:41:d0:ab:01:f7:97:39:27:d6:83:06:d3:f4:d9:7e:f8:
b2:19:19:37:68:53:88:4f:98:05:05:1d:3f:95:88:49:bb:a3:
41:6d:54:9f:38:11:1b:52:72:fa:8f:88:42:28:28:3b:07:1b:
c7:04:ce:dd:3c:ea:1a:8b:22:c1:ca:81:5d:03:ec:38:bd:e9:
13:f1:7c:f4:95:d1:3f:90:22:de:2d:f1:07:c3:36:8b:a5:31:
fd:11:ae:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaiu3X3HQlfYD+BYG4UXJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Zjg4MTQwMWFiYWNjODhjOTQxZmRmNzQwZjFhYjE1MzZm
MDVkYmEwHhcNMjUwMTAxMTk0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWE0NGUzOWNmYzhlOTg1ZGJjZTc3OGExYWI2NGE4MTNkN2NjNWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytTGcyJQKCSrKbZUMWDUh9HOCHak
uTfKdHxHL3+us5gWMjO09XFPRbPLFeidZ5Oi9cpjOUhNB3gUj1noVQZomRBTRQlT
g/QY/DyFJpL+Z9hebrnuS709CG+DtxgZq0MqVMwLFvmLJHq+sWgTZo/rxq2ZP1aF
dbL2cRsKw6a+0HONIfoPSuoM7Pl3RIq/gcU3EXrraQDtciinVH9wSNInqiC4kva1
fcU/+qZwXKDNlLglZEtNvBKyITkyqJo1D8jprWHK3HfdO2tKjr8SVP1l0jqbHT1+
IHpRI8LpuFwAKfmxhsYO+ApHwv4Du2+nQ5US8oNBQd2kwZ8lRAtZGmHZHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOmkTjnPyOmF2853ihq2SoE9fMWxMB8GA1UdIwQY
MBaAFOf4gUAausyIyUH990DxqxU28F26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmIt
ZTJmYmMzYTY4ODAwLzEvNmFST09jX0k2WVhiem5lS0dyWktnVDE4eGJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmItZTJmYmMzYTY4ODAw
LzEvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw6jQMA0G
CSqGSIb3DQEBCwUAA4IBAQBX5z7afnP8/BVcQAm7dzZGqwH/Z2RdLMgxCeK6jqCJ
VYSjEPdCb30LHpeuhU21MpUIA82oQhMsM505oI7HD0ct2m0oagG8HNkQEiG1tJXQ
Z/hBhXeb5rA54BoL1YQyDGjR62V2aj0f+DC26P8T8SqQAZqhd8i0vWi+N2Rb9lKN
8vwCCEYIlv+24OAxSLyeN+62fpaLwMv+r84v5+CEU0sEW1MSd0HQqwH3lzkn1oMG
0/TZfviyGRk3aFOIT5gFBR0/lYhJu6NBbVSfOBEbUnL6j4hCKCg7BxvHBM7dPOoa
iyLByoFdA+w4vekT8Xz0ldE/kCLeLfEHwzaLpTH9Ea59
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:11 2025 by rpki-client