Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/n6uy5yf63ee42pOz7RxZ6WRGfIw.roa
File: n6uy5yf63ee42pOz7RxZ6WRGfIw.roa (raw, json)
Hash identifier: C+FIIOwL9+xzXqI/dxFjpGMxA4p4+5Gz8OJMoinPuyI=
Subject key identifier: 9F:AB:B2:E7:27:FA:DD:E7:B8:DA:93:B3:ED:1C:59:E9:64:46:7C:8C
Certificate issuer: /CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Certificate serial: 0194236A2F60E35418255CEFEF0954BB476B
Authority key identifier: E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/n6uy5yf63ee42pOz7RxZ6WRGfIw.roa
Signing time: Wed 01 Jan 2025 19:49:08 +0000
ROA not before: Wed 01 Jan 2025 19:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57801
IP address blocks: 84.245.96.0/24 maxlen: 24
195.12.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:2f:60:e3:54:18:25:5c:ef:ef:09:54:bb:47:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Validity
Not Before: Jan 1 19:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9fabb2e727fadde7b8da93b3ed1c59e964467c8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:76:12:bd:3c:97:57:d1:e6:1a:a1:1b:06:b4:
d9:cb:86:5b:ab:cc:f5:86:1e:88:46:6b:5a:6c:72:
3f:5b:dc:8b:4f:49:3b:a2:f8:4c:1b:9c:1d:e3:9a:
4e:ad:bc:44:d6:e9:5a:27:86:57:f2:8d:cb:81:0f:
9f:c2:36:c2:51:33:ff:1c:2b:7e:a6:cc:df:36:3d:
b9:42:67:61:0b:7f:53:e4:4f:b6:e5:fe:11:9b:15:
c0:50:ce:b3:f6:18:db:b1:0c:25:a4:52:39:9d:c4:
ed:88:99:6d:ba:3a:57:9b:c1:5a:91:f7:87:66:65:
ca:6e:7a:6c:59:74:03:a5:a3:ab:2a:b8:78:75:57:
fa:27:63:7a:49:66:19:ed:bd:cb:59:52:5c:cb:57:
30:a6:6b:ed:8f:9b:f6:44:ca:9c:c9:e5:7c:48:fd:
d8:07:51:21:2e:2f:c0:51:5c:b6:bf:21:fe:c5:3b:
8e:09:7c:2a:89:6b:c2:06:08:94:bd:e4:a7:d8:a8:
c3:20:44:f0:ed:71:d2:a1:e8:3e:6a:44:5d:81:26:
01:e1:46:2f:04:82:c8:94:7a:e4:a1:bf:96:23:74:
42:96:af:29:2c:d2:80:f4:06:f3:be:9b:5c:00:d5:
1e:1d:ef:e6:8a:21:91:f7:d9:54:c3:f1:4b:3c:ac:
f3:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:AB:B2:E7:27:FA:DD:E7:B8:DA:93:B3:ED:1C:59:E9:64:46:7C:8C
X509v3 Authority Key Identifier:
keyid:E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/n6uy5yf63ee42pOz7RxZ6WRGfIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.245.96.0/24
195.12.159.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:08:94:fa:f5:5e:ff:74:a2:22:4f:16:90:fa:54:7e:b5:c3:
11:10:24:5f:c7:10:83:18:34:38:cb:b8:43:e1:c0:4c:ae:a4:
59:77:98:6a:d7:30:ec:66:a4:89:61:51:d4:6f:26:17:be:8e:
a9:75:9b:6d:8f:32:23:e6:03:f1:97:98:45:a3:ca:09:94:5d:
3e:f6:e0:9d:e8:2f:ed:2d:56:93:d2:6a:da:79:47:08:68:b6:
26:0b:fe:e6:a5:22:0c:73:55:ae:87:a5:5d:7d:c1:a0:b4:1b:
e5:95:56:02:21:84:ae:d1:c6:f3:46:91:72:dd:28:a1:ba:4c:
7e:28:1c:8b:ec:ae:5f:99:01:11:41:2a:be:eb:92:d8:19:9c:
a8:96:0c:03:c6:9c:26:44:1b:dd:f4:04:8a:72:2f:74:d6:44:
21:38:b6:db:24:17:cd:68:07:08:37:ec:e2:8f:cf:55:34:0d:
69:70:a3:49:b5:00:6c:34:d2:4a:9e:a4:87:05:c9:f0:08:82:
db:97:9a:00:39:58:c7:9e:56:6a:c6:10:28:ea:12:d1:ce:f1:
cf:9c:0b:a9:f2:c3:02:06:6e:43:99:2d:cc:dc:ab:5c:e8:a4:
0d:18:57:94:5d:7f:c7:8f:17:a1:0e:6a:55:e2:42:3c:83:7c:
09:2c:1e:a5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQjai9g41QYJVzv7wlUu0drMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Zjg4MTQwMWFiYWNjODhjOTQxZmRmNzQwZjFhYjE1MzZm
MDVkYmEwHhcNMjUwMTAxMTk0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmFiYjJlNzI3ZmFkZGU3YjhkYTkzYjNlZDFjNTllOTY0NDY3YzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3YSvTyXV9HmGqEbBrTZy4Zbq8z1
hh6IRmtabHI/W9yLT0k7ovhMG5wd45pOrbxE1ulaJ4ZX8o3LgQ+fwjbCUTP/HCt+
pszfNj25QmdhC39T5E+25f4RmxXAUM6z9hjbsQwlpFI5ncTtiJltujpXm8FakfeH
ZmXKbnpsWXQDpaOrKrh4dVf6J2N6SWYZ7b3LWVJcy1cwpmvtj5v2RMqcyeV8SP3Y
B1EhLi/AUVy2vyH+xTuOCXwqiWvCBgiUveSn2KjDIETw7XHSoeg+akRdgSYB4UYv
BILIlHrkob+WI3RClq8pLNKA9AbzvptcANUeHe/miiGR99lUw/FLPKzzGQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ+rsucn+t3nuNqTs+0cWelkRnyMMB8GA1UdIwQY
MBaAFOf4gUAausyIyUH990DxqxU28F26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmIt
ZTJmYmMzYTY4ODAwLzEvbjZ1eTV5ZjYzZWU0MnBPejdSeFo2V1JHZkl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmItZTJmYmMzYTY4ODAw
LzEvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVPVgAwQA
wwyfMA0GCSqGSIb3DQEBCwUAA4IBAQBtCJT69V7/dKIiTxaQ+lR+tcMRECRfxxCD
GDQ4y7hD4cBMrqRZd5hq1zDsZqSJYVHUbyYXvo6pdZttjzIj5gPxl5hFo8oJlF0+
9uCd6C/tLVaT0mraeUcIaLYmC/7mpSIMc1Wuh6VdfcGgtBvllVYCIYSu0cbzRpFy
3Sihukx+KByL7K5fmQERQSq+65LYGZyolgwDxpwmRBvd9ASKci901kQhOLbbJBfN
aAcIN+zij89VNA1pcKNJtQBsNNJKnqSHBcnwCILbl5oAOVjHnlZqxhAo6hLRzvHP
nAup8sMCBm5DmS3M3Ktc6KQNGFeUXX/HjxehDmpV4kI8g3wJLB6l
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:48:00 2025 by rpki-client