Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/65PxZkKge2KcDSHmnzKee_I1TgU.roa
File: 65PxZkKge2KcDSHmnzKee_I1TgU.roa (raw, json)
Hash identifier: B6kl8z2Er9m2W2tI7YjVF79IW9fUOyaWbdVvhfONBi4=
Subject key identifier: EB:93:F1:66:42:A0:7B:62:9C:0D:21:E6:9F:32:9E:7B:F2:35:4E:05
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 019420D5B8902EC1F0C783A8B28D0715256C
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/65PxZkKge2KcDSHmnzKee_I1TgU.roa
Signing time: Wed 01 Jan 2025 07:47:44 +0000
ROA not before: Wed 01 Jan 2025 07:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205113
IP address blocks: 86.240.128.0/22 maxlen: 24
86.240.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.mft
rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 07:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:b8:90:2e:c1:f0:c7:83:a8:b2:8d:07:15:25:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 07:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eb93f16642a07b629c0d21e69f329e7bf2354e05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:bf:18:2a:fd:0c:02:86:f7:d8:fe:1b:62:86:
39:6f:a5:2c:03:cc:7c:a4:19:5a:64:32:51:ac:c8:
03:8d:7c:d4:60:bf:a5:a6:06:14:c9:57:cc:f4:68:
1c:41:fb:b5:ce:47:ad:15:09:30:de:5e:5b:de:b5:
08:79:75:26:9c:da:18:0d:9a:fc:4e:e2:02:6d:93:
9f:68:1e:91:d6:d9:32:e5:89:0a:ed:54:da:3d:66:
85:8a:a4:df:06:28:ec:9e:10:a7:04:db:03:40:99:
6e:fd:44:7c:ba:54:2c:0d:b1:3c:3e:92:82:5a:56:
c5:8e:6e:df:7d:0d:9f:40:4b:56:ac:0d:bd:c3:c4:
8e:77:a8:15:b4:4a:4d:86:47:9f:a6:2c:56:6a:7e:
dd:b3:ab:fc:d9:3c:b3:ea:d8:00:46:e4:93:de:f5:
d9:d1:f7:07:fa:7d:6d:c8:7f:76:a3:ff:e0:f2:d3:
07:7d:ad:e5:6f:0e:3a:77:7c:11:18:3e:e2:b9:c5:
51:e1:6a:5f:fa:7c:6f:fc:1b:40:e5:03:39:4f:a2:
0a:bf:23:48:63:9d:e0:1e:a2:cf:35:1e:3b:0c:15:
c5:08:3a:5d:f3:a5:01:82:22:56:c9:14:ba:9d:ea:
fc:6d:4f:f8:44:1a:cc:1d:aa:b5:1c:d3:33:2b:3f:
c0:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:93:F1:66:42:A0:7B:62:9C:0D:21:E6:9F:32:9E:7B:F2:35:4E:05
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/65PxZkKge2KcDSHmnzKee_I1TgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.240.128.0/22
86.240.240.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:d4:c5:1b:3d:d4:ae:db:c8:a8:ac:50:e2:5d:19:bd:f4:22:
6a:1d:c3:8c:26:d8:16:e8:4c:9c:d7:62:46:ea:a4:73:ef:9e:
e0:47:05:86:d4:72:ce:de:19:ad:06:1e:b2:8c:dc:f9:64:5d:
2b:cf:4d:33:e2:48:a2:ca:12:70:52:ac:b9:0f:fe:ad:9d:bd:
47:5a:05:0d:47:5d:a4:6a:37:5d:ec:54:4a:0a:db:b1:99:a1:
65:c9:15:9d:07:e8:65:95:56:90:d0:b6:e7:b0:4d:e1:f9:60:
cc:f0:92:0a:e3:82:1f:19:ea:28:a4:6f:bd:a8:b3:da:4b:f2:
6e:01:2b:91:b5:81:cd:0e:70:0d:8c:9d:7a:16:70:43:97:49:
06:a8:12:83:45:ce:53:87:8b:47:03:e5:24:c3:cd:bd:2f:05:
38:37:e1:25:83:73:4a:16:f3:68:55:71:2a:b1:da:16:09:eb:
8c:26:16:63:77:f3:b6:7f:50:b8:74:8e:3c:ab:40:bd:cd:5d:
15:06:8c:3f:17:fd:f2:eb:72:3d:86:7c:64:34:2a:26:c9:9d:
8b:1a:54:c5:e2:3e:43:46:96:ba:a7:fb:a0:5a:fb:3b:88:b0:
15:8d:45:56:31:08:32:27:94:d1:9e:56:ce:bf:f1:93:a4:7b:
a3:e3:ba:86
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQg1biQLsHwx4Ooso0HFSVsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjUwMTAxMDc0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjkzZjE2NjQyYTA3YjYyOWMwZDIxZTY5ZjMyOWU3YmYyMzU0ZTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv78YKv0MAob32P4bYoY5b6UsA8x8
pBlaZDJRrMgDjXzUYL+lpgYUyVfM9GgcQfu1zketFQkw3l5b3rUIeXUmnNoYDZr8
TuICbZOfaB6R1tky5YkK7VTaPWaFiqTfBijsnhCnBNsDQJlu/UR8ulQsDbE8PpKC
WlbFjm7ffQ2fQEtWrA29w8SOd6gVtEpNhkefpixWan7ds6v82Tyz6tgARuST3vXZ
0fcH+n1tyH92o//g8tMHfa3lbw46d3wRGD7iucVR4Wpf+nxv/BtA5QM5T6IKvyNI
Y53gHqLPNR47DBXFCDpd86UBgiJWyRS6ner8bU/4RBrMHaq1HNMzKz/AzwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOuT8WZCoHtinA0h5p8ynnvyNU4FMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvNjVQeFprS2dlMktjRFNIbW56S2VlX0kxVGdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVvCAAwQA
VvDwMA0GCSqGSIb3DQEBCwUAA4IBAQAr1MUbPdSu28iorFDiXRm99CJqHcOMJtgW
6Eyc12JG6qRz757gRwWG1HLO3hmtBh6yjNz5ZF0rz00z4kiiyhJwUqy5D/6tnb1H
WgUNR12kajdd7FRKCtuxmaFlyRWdB+hllVaQ0LbnsE3h+WDM8JIK44IfGeoopG+9
qLPaS/JuASuRtYHNDnANjJ16FnBDl0kGqBKDRc5Th4tHA+Ukw829LwU4N+Elg3NK
FvNoVXEqsdoWCeuMJhZjd/O2f1C4dI48q0C9zV0VBow/F/3y63I9hnxkNComyZ2L
GlTF4j5DRpa6p/ugWvs7iLAVjUVWMQgyJ5TRnlbOv/GTpHuj47qG
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:25:51 2025 by rpki-client