Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/ff2ceb-e9a8-478c-88c1-3de4ece3ab2a/1/NBepUJO_wJpnxRX9pJTgcXP4eoA.roa
File: NBepUJO_wJpnxRX9pJTgcXP4eoA.roa (raw, json)
Hash identifier: s4sVSw+QsBgi1se1V8v61lF7jwGyJQc1wtJojCUHwDE=
Subject key identifier: 34:17:A9:50:93:BF:C0:9A:67:C5:15:FD:A4:94:E0:71:73:F8:7A:80
Certificate issuer: /CN=6b6199e55c353ef7f3d2bf4a4fe38dd1a0ad8565
Certificate serial: 01942521D9ECF971EE57F6DFC32478721BBF
Authority key identifier: 6B:61:99:E5:5C:35:3E:F7:F3:D2:BF:4A:4F:E3:8D:D1:A0:AD:85:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a2GZ5Vw1Pvfz0r9KT-ON0aCthWU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/ff2ceb-e9a8-478c-88c1-3de4ece3ab2a/1/NBepUJO_wJpnxRX9pJTgcXP4eoA.roa
Signing time: Thu 02 Jan 2025 03:49:22 +0000
ROA not before: Thu 02 Jan 2025 03:49:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61395
IP address blocks: 5.83.56.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/ff2ceb-e9a8-478c-88c1-3de4ece3ab2a/1/a2GZ5Vw1Pvfz0r9KT-ON0aCthWU.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/ff2ceb-e9a8-478c-88c1-3de4ece3ab2a/1/a2GZ5Vw1Pvfz0r9KT-ON0aCthWU.mft
rsync://rpki.ripe.net/repository/DEFAULT/a2GZ5Vw1Pvfz0r9KT-ON0aCthWU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 21:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:d9:ec:f9:71:ee:57:f6:df:c3:24:78:72:1b:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b6199e55c353ef7f3d2bf4a4fe38dd1a0ad8565
Validity
Not Before: Jan 2 03:49:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3417a95093bfc09a67c515fda494e07173f87a80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:0a:d4:ad:66:32:be:e1:c2:b1:8d:5f:7a:2e:
99:0f:bb:ee:5f:b5:b9:c7:cd:a2:48:a8:af:a3:c4:
ff:fe:d9:ee:a5:3f:5d:72:1e:4b:3e:a3:86:ce:bf:
29:2e:52:04:ca:c5:14:43:06:8e:05:b7:dc:7e:c8:
90:da:c4:32:9e:f5:30:23:3b:c6:16:a0:f9:1b:62:
11:69:fa:9a:68:7c:42:f3:b3:eb:00:23:39:b0:96:
cb:d9:f0:63:e9:ff:86:e9:20:85:02:af:6b:46:7c:
40:4b:78:e0:9e:e3:1f:14:7c:d5:bf:e0:0c:a4:26:
a6:db:e9:94:36:0c:23:00:31:d1:33:41:04:79:e9:
d2:a1:67:21:07:07:cb:21:9b:d4:ec:6d:4d:61:6d:
cb:24:40:83:e9:ce:35:c1:52:92:9c:63:66:66:12:
6c:3d:3c:8a:10:2e:5d:4e:9b:6c:64:2b:fe:f1:31:
a5:a8:fb:96:7e:59:ae:71:1b:87:ef:83:28:5d:6b:
c2:eb:69:3c:d4:0f:07:6f:94:18:ce:b9:e2:25:60:
c1:92:84:ce:f4:e9:9a:a6:b0:be:98:ce:14:de:db:
32:93:58:8f:60:c8:3b:ee:b3:c3:c8:62:0a:13:f4:
36:df:e8:8b:1d:3c:8e:0a:3e:80:ad:c1:fe:a4:a9:
63:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:17:A9:50:93:BF:C0:9A:67:C5:15:FD:A4:94:E0:71:73:F8:7A:80
X509v3 Authority Key Identifier:
keyid:6B:61:99:E5:5C:35:3E:F7:F3:D2:BF:4A:4F:E3:8D:D1:A0:AD:85:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2GZ5Vw1Pvfz0r9KT-ON0aCthWU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/ff2ceb-e9a8-478c-88c1-3de4ece3ab2a/1/NBepUJO_wJpnxRX9pJTgcXP4eoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/ff2ceb-e9a8-478c-88c1-3de4ece3ab2a/1/a2GZ5Vw1Pvfz0r9KT-ON0aCthWU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.56.0/21
Signature Algorithm: sha256WithRSAEncryption
65:c7:ed:ab:40:73:f1:9a:9a:de:6c:95:7a:7d:46:6c:27:58:
33:14:c0:10:3a:4a:f8:0c:aa:27:88:47:52:a8:c6:e5:0e:51:
68:93:07:d4:85:5d:f4:e7:7b:9c:b7:3d:7d:e1:80:19:e4:d1:
93:9f:d9:43:22:51:1f:9a:12:bf:06:78:c7:d8:fc:f4:b8:3a:
a8:8b:52:14:ab:a2:2f:25:0b:b6:e8:85:7b:b9:e1:3a:07:0c:
45:c9:2d:2e:81:31:5b:ae:d8:34:76:44:45:d4:75:13:94:e1:
9d:07:6d:a1:0d:0b:50:af:89:29:2e:ec:8e:03:18:db:71:bc:
21:68:00:de:04:e2:d9:0d:f9:6e:4e:0b:80:55:08:fa:fc:64:
f1:d6:e8:99:b5:48:83:27:0d:53:04:d5:80:60:34:ea:65:d3:
00:56:f8:d2:e0:91:1b:18:ce:e0:9b:4e:d2:06:1c:10:04:64:
c9:c8:de:a7:7e:b1:66:09:c8:c7:5c:00:3f:91:4e:bb:94:b0:
3f:2e:5e:62:8e:bf:5d:9d:87:c7:9d:74:d9:9a:c2:1d:55:19:
50:c2:f3:ba:f0:9e:f2:a3:72:61:48:e5:f7:7e:f2:cc:fe:87:
68:90:89:06:ff:ef:4f:c6:bc:0a:8b:34:ed:79:44:04:44:d5:
f3:0c:02:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIdns+XHuV/bfwyR4chu/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNjE5OWU1NWMzNTNlZjdmM2QyYmY0YTRmZTM4ZGQxYTBh
ZDg1NjUwHhcNMjUwMTAyMDM0OTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDE3YTk1MDkzYmZjMDlhNjdjNTE1ZmRhNDk0ZTA3MTczZjg3YTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0QrUrWYyvuHCsY1fei6ZD7vuX7W5
x82iSKivo8T//tnupT9dch5LPqOGzr8pLlIEysUUQwaOBbfcfsiQ2sQynvUwIzvG
FqD5G2IRafqaaHxC87PrACM5sJbL2fBj6f+G6SCFAq9rRnxAS3jgnuMfFHzVv+AM
pCam2+mUNgwjADHRM0EEeenSoWchBwfLIZvU7G1NYW3LJECD6c41wVKSnGNmZhJs
PTyKEC5dTptsZCv+8TGlqPuWflmucRuH74MoXWvC62k81A8Hb5QYzrniJWDBkoTO
9OmaprC+mM4U3tsyk1iPYMg77rPDyGIKE/Q23+iLHTyOCj6ArcH+pKljZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDQXqVCTv8CaZ8UV/aSU4HFz+HqAMB8GA1UdIwQY
MBaAFGthmeVcNT7389K/Sk/jjdGgrYVlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTJHWjVWdzFQdmZ6MHI5S1QtT04wYUN0aFdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9mZjJjZWItZTlhOC00NzhjLTg4YzEt
M2RlNGVjZTNhYjJhLzEvTkJlcFVKT193SnBueFJYOXBKVGdjWFA0ZW9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9mZjJjZWItZTlhOC00NzhjLTg4YzEtM2RlNGVjZTNhYjJh
LzEvYTJHWjVWdzFQdmZ6MHI5S1QtT04wYUN0aFdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDBVM4MA0G
CSqGSIb3DQEBCwUAA4IBAQBlx+2rQHPxmprebJV6fUZsJ1gzFMAQOkr4DKoniEdS
qMblDlFokwfUhV3053uctz194YAZ5NGTn9lDIlEfmhK/BnjH2Pz0uDqoi1IUq6Iv
JQu26IV7ueE6BwxFyS0ugTFbrtg0dkRF1HUTlOGdB22hDQtQr4kpLuyOAxjbcbwh
aADeBOLZDfluTguAVQj6/GTx1uiZtUiDJw1TBNWAYDTqZdMAVvjS4JEbGM7gm07S
BhwQBGTJyN6nfrFmCcjHXAA/kU67lLA/Ll5ijr9dnYfHnXTZmsIdVRlQwvO68J7y
o3JhSOX3fvLM/odokIkG/+9PxrwKizTteUQERNXzDAJ3
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:31:23 2025 by rpki-client