Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/aRuqoKzrVyCBgBvhTo1HHtouJPM.roa
File: aRuqoKzrVyCBgBvhTo1HHtouJPM.roa (raw, json)
Hash identifier: HGBs+eB5mXTSEG4iTpCiLHNHLkRlwSYhq8mqO8iXTIg=
Subject key identifier: 69:1B:AA:A0:AC:EB:57:20:81:80:1B:E1:4E:8D:47:1E:DA:2E:24:F3
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 019420D5B6EA97D773B18A55720496A7784C
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/aRuqoKzrVyCBgBvhTo1HHtouJPM.roa
Signing time: Wed 01 Jan 2025 07:47:44 +0000
ROA not before: Wed 01 Jan 2025 07:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199140
IP address blocks: 80.12.212.0/24 maxlen: 24
80.12.213.0/24 maxlen: 24
80.12.240.0/23 maxlen: 24
80.12.243.0/24 maxlen: 24
80.12.249.0/24 maxlen: 24
80.12.250.0/24 maxlen: 24
80.12.253.0/24 maxlen: 25
80.12.254.0/24 maxlen: 24
81.252.94.184/29 maxlen: 29
83.206.119.208/28 maxlen: 28
195.101.150.152/29 maxlen: 29
195.101.150.160/28 maxlen: 28
2a01:cb22:4000::/36 maxlen: 56
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.mft
rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 07:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:b6:ea:97:d7:73:b1:8a:55:72:04:96:a7:78:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 07:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=691baaa0aceb572081801be14e8d471eda2e24f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:18:3b:31:75:31:7a:c0:6b:f9:a2:3e:48:af:
2b:ef:ec:dd:8f:ab:59:8a:0a:f7:72:2f:08:72:5c:
dd:44:a6:5d:50:d5:ed:c8:04:6a:7d:fa:04:a3:18:
f0:35:ec:3b:57:bc:2b:1b:f2:e6:58:ff:77:01:65:
de:37:db:d8:6e:7f:44:18:e5:54:43:8f:42:a1:7a:
94:e4:ee:1c:2c:0b:b6:7f:31:f2:35:80:93:6a:f9:
3c:85:c3:80:97:99:b1:eb:aa:73:91:b8:35:62:66:
10:0d:6a:c9:64:27:b6:c6:9e:04:26:63:31:04:f6:
ed:c7:87:db:ee:e7:2b:f7:35:1d:65:f1:39:68:a7:
a7:f4:01:c7:33:b9:69:9f:b1:d4:b8:ad:b2:46:1b:
20:50:57:b6:e7:16:d3:e7:1c:67:da:c0:4d:3c:ab:
af:24:db:e6:33:17:a2:bf:b2:31:df:df:0e:3f:06:
cf:44:53:4c:ab:4b:2a:53:4d:84:08:4a:bb:57:cf:
96:a1:18:1a:d5:4a:b8:dc:b0:6b:8d:7b:04:d6:44:
77:95:87:88:cd:ab:51:6a:42:83:42:5b:2a:16:4c:
eb:68:d0:b2:6f:c5:58:11:ab:68:ee:97:90:72:3f:
eb:f9:55:2b:47:46:16:35:b3:4a:3b:3a:19:70:56:
4a:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:1B:AA:A0:AC:EB:57:20:81:80:1B:E1:4E:8D:47:1E:DA:2E:24:F3
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/aRuqoKzrVyCBgBvhTo1HHtouJPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.12.212.0/23
80.12.240.0/23
80.12.243.0/24
80.12.249.0-80.12.250.255
80.12.253.0-80.12.254.255
81.252.94.184/29
83.206.119.208/28
195.101.150.152-195.101.150.175
IPv6:
2a01:cb22:4000::/36
Signature Algorithm: sha256WithRSAEncryption
9b:84:e6:a6:33:65:9f:d4:90:4d:58:38:e4:d6:6b:11:a9:e4:
8e:d6:fd:b6:01:f0:8c:06:b0:07:3b:01:ac:14:a4:fa:cb:d6:
d8:b2:33:26:09:88:4a:30:2a:34:34:86:07:69:c8:bc:f0:5e:
28:e6:46:b6:58:c4:8f:7b:dd:bd:a2:e8:ae:fd:45:9b:5b:01:
42:8b:f3:12:7e:7f:09:dc:48:e7:6f:7a:85:3d:5c:7a:4e:71:
d7:53:86:dd:f9:f1:02:73:43:38:ba:0a:d3:dd:7b:20:24:31:
c7:4d:d9:6d:bd:df:0d:d9:aa:bd:6e:f3:84:86:df:67:18:e7:
69:f4:5d:60:8e:e0:ba:19:b4:ae:85:0c:b0:a2:5e:43:46:d8:
c0:c1:97:3a:9b:4c:d7:9d:51:13:15:e4:fd:e8:c1:5d:47:fe:
d5:55:f8:8e:2c:0d:32:62:12:7b:5f:de:2f:74:52:7e:f4:64:
40:fd:05:7a:a3:0c:fe:b1:95:70:e1:7b:63:38:17:15:39:5e:
62:b8:21:74:e9:70:20:7e:b1:98:3b:57:12:a0:94:e6:e4:48:
10:06:42:01:5e:3f:f1:ec:3e:45:95:8a:df:8b:5e:88:e7:ac:
f7:1b:26:9e:75:28:31:ec:ae:b5:d6:33:9f:65:eb:6f:f8:81:
e7:0a:fc:e5
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZQg1bbql9dzsYpVcgSWp3hMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjUwMTAxMDc0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTFiYWFhMGFjZWI1NzIwODE4MDFiZTE0ZThkNDcxZWRhMmUyNGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRg7MXUxesBr+aI+SK8r7+zdj6tZ
igr3ci8IclzdRKZdUNXtyARqffoEoxjwNew7V7wrG/LmWP93AWXeN9vYbn9EGOVU
Q49CoXqU5O4cLAu2fzHyNYCTavk8hcOAl5mx66pzkbg1YmYQDWrJZCe2xp4EJmMx
BPbtx4fb7ucr9zUdZfE5aKen9AHHM7lpn7HUuK2yRhsgUFe25xbT5xxn2sBNPKuv
JNvmMxeiv7Ix398OPwbPRFNMq0sqU02ECEq7V8+WoRga1Uq43LBrjXsE1kR3lYeI
zatRakKDQlsqFkzraNCyb8VYEato7peQcj/r+VUrR0YWNbNKOzoZcFZK0wIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFGkbqqCs61cggYAb4U6NRx7aLiTzMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvYVJ1cW9LenJWeUNCZ0J2aFRvMUhIdG91SlBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBSBAIAATBMAwQBUAzUAwQB
UAzwAwQAUAzzMAwDBABQDPkDBABQDPowDAMEAFAM/QMEAFAM/gMFA1H8XrgDBQRT
znfQMA4DBQPDZZaYAwUEw2WWoDAOBAIAAjAIAwYEKgHLIkAwDQYJKoZIhvcNAQEL
BQADggEBAJuE5qYzZZ/UkE1YOOTWaxGp5I7W/bYB8IwGsAc7AawUpPrL1tiyMyYJ
iEowKjQ0hgdpyLzwXijmRrZYxI973b2i6K79RZtbAUKL8xJ+fwncSOdveoU9XHpO
cddTht358QJzQzi6CtPdeyAkMcdN2W293w3Zqr1u84SG32cY52n0XWCO4LoZtK6F
DLCiXkNG2MDBlzqbTNedURMV5P3owV1H/tVV+I4sDTJiEntf3i90Un70ZED9BXqj
DP6xlXDhe2M4FxU5XmK4IXTpcCB+sZg7VxKglObkSBAGQgFeP/HsPkWVit+LXojn
rPcbJp51KDHsrrXWM59l62/4gecK/OU=
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:01:49 2025 by rpki-client