Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/b069f9-f146-4247-bacc-be6304c252c7/1/Z6jijp-NqGecwIu65j-qEMAm0nw.roa
File: Z6jijp-NqGecwIu65j-qEMAm0nw.roa (raw, json)
Hash identifier: 19TQbomnm0YTugnf3c9Z0fKykpuT1EtKWHuZ0GsZG+A=
Subject key identifier: 67:A8:E2:8E:9F:8D:A8:67:9C:C0:8B:BA:E6:3F:AA:10:C0:26:D2:7C
Certificate issuer: /CN=d1d30b774b280c37e1c5ed5d8a69cb9af648b065
Certificate serial: 01941F8C890D35B265B2A3E76F2ED3620A1D
Authority key identifier: D1:D3:0B:77:4B:28:0C:37:E1:C5:ED:5D:8A:69:CB:9A:F6:48:B0:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0dMLd0soDDfhxe1dimnLmvZIsGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/b069f9-f146-4247-bacc-be6304c252c7/1/Z6jijp-NqGecwIu65j-qEMAm0nw.roa
Signing time: Wed 01 Jan 2025 01:48:11 +0000
ROA not before: Wed 01 Jan 2025 01:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62121
IP address blocks: 91.209.39.0/24 maxlen: 24
193.46.69.0/24 maxlen: 24
195.242.130.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/b069f9-f146-4247-bacc-be6304c252c7/1/0dMLd0soDDfhxe1dimnLmvZIsGU.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/b069f9-f146-4247-bacc-be6304c252c7/1/0dMLd0soDDfhxe1dimnLmvZIsGU.mft
rsync://rpki.ripe.net/repository/DEFAULT/0dMLd0soDDfhxe1dimnLmvZIsGU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:89:0d:35:b2:65:b2:a3:e7:6f:2e:d3:62:0a:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1d30b774b280c37e1c5ed5d8a69cb9af648b065
Validity
Not Before: Jan 1 01:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67a8e28e9f8da8679cc08bbae63faa10c026d27c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:52:78:ea:81:89:86:4c:ba:de:6a:df:81:b1:
20:fd:f4:53:b7:ad:63:61:94:1a:cb:74:fb:11:75:
cc:f7:6e:8f:b6:d5:9e:56:13:6b:46:b2:c7:3a:9c:
f2:df:90:5e:45:c4:a1:c9:da:12:d5:74:bf:9f:14:
24:7b:8a:db:d6:1f:db:d1:e6:2d:4c:81:51:ea:22:
9b:96:63:2a:d1:b4:77:d0:1d:d5:38:bd:8b:f2:a6:
cb:d0:1e:57:7f:92:d8:28:1d:10:e7:ee:91:be:eb:
66:52:e9:d4:86:48:d9:0b:87:26:3c:61:9c:99:8b:
0a:16:1c:66:e3:7e:6d:58:4f:39:48:00:42:71:98:
92:cc:a5:31:e6:09:b5:26:5c:49:92:8c:7b:80:b5:
19:ff:14:79:95:43:85:9b:e9:26:68:2d:90:9d:4e:
08:0e:22:56:5b:e0:30:af:7e:a3:b8:04:78:20:e6:
06:dd:c6:fc:ad:1e:3b:d0:ba:45:b4:1d:17:ce:02:
e8:81:2f:36:78:70:cf:c7:4f:1a:af:92:ea:4d:cd:
5b:29:d1:e0:e7:1b:13:e3:e2:e5:ee:94:31:95:d1:
12:7a:47:f5:74:ff:b7:8b:44:b2:ed:7e:34:9d:0c:
45:6d:66:be:91:dd:62:7f:c4:a6:a4:a9:c8:57:cc:
51:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:A8:E2:8E:9F:8D:A8:67:9C:C0:8B:BA:E6:3F:AA:10:C0:26:D2:7C
X509v3 Authority Key Identifier:
keyid:D1:D3:0B:77:4B:28:0C:37:E1:C5:ED:5D:8A:69:CB:9A:F6:48:B0:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0dMLd0soDDfhxe1dimnLmvZIsGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/b069f9-f146-4247-bacc-be6304c252c7/1/Z6jijp-NqGecwIu65j-qEMAm0nw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/b069f9-f146-4247-bacc-be6304c252c7/1/0dMLd0soDDfhxe1dimnLmvZIsGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.39.0/24
193.46.69.0/24
195.242.130.0/23
Signature Algorithm: sha256WithRSAEncryption
28:17:31:3c:16:a0:c0:18:80:c4:5f:3b:f3:0e:7e:aa:fa:57:
01:09:52:fc:56:37:38:3a:48:7b:1f:55:96:94:76:2d:b8:a0:
64:c1:ff:31:94:7d:71:d1:ab:77:7f:7e:db:71:a7:17:fc:f7:
b3:82:83:25:d8:7c:a8:3e:fe:ac:2e:8d:66:fe:26:43:12:84:
93:41:0c:2d:ad:65:63:1f:95:71:5d:d0:6b:cc:34:90:22:51:
1c:1e:c2:56:4e:aa:4c:a2:b5:09:6b:6a:bc:08:7e:d1:88:05:
ac:25:a5:5c:45:2e:32:df:af:19:92:e5:4a:6c:28:17:bf:f6:
ab:73:67:c0:01:21:25:e0:91:6e:02:ee:12:db:a4:cc:0e:bc:
d8:89:e6:ec:61:d5:a8:63:5b:68:02:1d:fe:55:ab:4b:da:23:
66:79:6c:f3:81:cc:23:dc:05:f6:fc:27:5d:86:44:0c:85:05:
98:7a:ea:d3:86:3e:a3:91:93:cb:91:a2:9e:f1:4a:5e:a1:b9:
67:7f:80:6b:a7:e1:7e:e9:36:50:36:1a:a6:4a:77:34:4b:97:
98:be:cc:ea:7d:a1:46:9e:4e:64:9a:c6:ec:83:74:92:da:96:
41:f5:cb:43:91:3e:77:98:02:58:6a:1e:2e:72:d1:ff:f7:67:
fc:1a:d7:77
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQfjIkNNbJlsqPnby7TYgodMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZDMwYjc3NGIyODBjMzdlMWM1ZWQ1ZDhhNjljYjlhZjY0
OGIwNjUwHhcNMjUwMTAxMDE0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2E4ZTI4ZTlmOGRhODY3OWNjMDhiYmFlNjNmYWExMGMwMjZkMjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7VJ46oGJhky63mrfgbEg/fRTt61j
YZQay3T7EXXM926PttWeVhNrRrLHOpzy35BeRcShydoS1XS/nxQke4rb1h/b0eYt
TIFR6iKblmMq0bR30B3VOL2L8qbL0B5Xf5LYKB0Q5+6RvutmUunUhkjZC4cmPGGc
mYsKFhxm435tWE85SABCcZiSzKUx5gm1JlxJkox7gLUZ/xR5lUOFm+kmaC2QnU4I
DiJWW+Awr36juAR4IOYG3cb8rR470LpFtB0XzgLogS82eHDPx08ar5LqTc1bKdHg
5xsT4+Ll7pQxldESekf1dP+3i0Sy7X40nQxFbWa+kd1if8SmpKnIV8xR1wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGeo4o6fjahnnMCLuuY/qhDAJtJ8MB8GA1UdIwQY
MBaAFNHTC3dLKAw34cXtXYppy5r2SLBlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGRNTGQwc29ERGZoeGUxZGltbkxtdlpJc0dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9iMDY5ZjktZjE0Ni00MjQ3LWJhY2Mt
YmU2MzA0YzI1MmM3LzEvWjZqaWpwLU5xR2Vjd0l1NjVqLXFFTUFtMG53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9iMDY5ZjktZjE0Ni00MjQ3LWJhY2MtYmU2MzA0YzI1MmM3
LzEvMGRNTGQwc29ERGZoeGUxZGltbkxtdlpJc0dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9EnAwQA
wS5FAwQBw/KCMA0GCSqGSIb3DQEBCwUAA4IBAQAoFzE8FqDAGIDEXzvzDn6q+lcB
CVL8Vjc4Okh7H1WWlHYtuKBkwf8xlH1x0at3f37bcacX/PezgoMl2HyoPv6sLo1m
/iZDEoSTQQwtrWVjH5VxXdBrzDSQIlEcHsJWTqpMorUJa2q8CH7RiAWsJaVcRS4y
368ZkuVKbCgXv/arc2fAASEl4JFuAu4S26TMDrzYiebsYdWoY1toAh3+VatL2iNm
eWzzgcwj3AX2/CddhkQMhQWYeurThj6jkZPLkaKe8Upeoblnf4Brp+F+6TZQNhqm
Snc0S5eYvszqfaFGnk5kmsbsg3SS2pZB9ctDkT53mAJYah4uctH/92f8Gtd3
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:53:25 2025 by rpki-client