Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/c5d4b2-b57f-4562-aabe-c8ceab8bc050/1/F8WpKfkO6WPBdgcnLvLi6tQEwfY.roa
File: F8WpKfkO6WPBdgcnLvLi6tQEwfY.roa (raw, json)
Hash identifier: aC9X5Qw0ukYXbx0znES1kvpxFjIQA5ZR++ffurv/QKw=
Subject key identifier: 17:C5:A9:29:F9:0E:E9:63:C1:76:07:27:2E:F2:E2:EA:D4:04:C1:F6
Certificate issuer: /CN=9d3b3ff93b833735cacd652ce349fa323402432b
Certificate serial: 019420D59DE0C424294E64F2A37C9433EBE3
Authority key identifier: 9D:3B:3F:F9:3B:83:37:35:CA:CD:65:2C:E3:49:FA:32:34:02:43:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nTs_-TuDNzXKzWUs40n6MjQCQys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/c5d4b2-b57f-4562-aabe-c8ceab8bc050/1/F8WpKfkO6WPBdgcnLvLi6tQEwfY.roa
Signing time: Wed 01 Jan 2025 07:47:37 +0000
ROA not before: Wed 01 Jan 2025 07:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15576
IP address blocks: 88.214.4.0/22 maxlen: 22
217.197.128.0/21 maxlen: 21
2a03:580::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/c5d4b2-b57f-4562-aabe-c8ceab8bc050/1/nTs_-TuDNzXKzWUs40n6MjQCQys.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/c5d4b2-b57f-4562-aabe-c8ceab8bc050/1/nTs_-TuDNzXKzWUs40n6MjQCQys.mft
rsync://rpki.ripe.net/repository/DEFAULT/nTs_-TuDNzXKzWUs40n6MjQCQys.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 04:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:9d:e0:c4:24:29:4e:64:f2:a3:7c:94:33:eb:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d3b3ff93b833735cacd652ce349fa323402432b
Validity
Not Before: Jan 1 07:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=17c5a929f90ee963c17607272ef2e2ead404c1f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d6:7d:82:16:bf:3a:b6:23:28:a9:2d:0c:8d:
5f:1c:85:09:d6:a3:5c:37:df:cb:2e:d9:02:10:37:
36:30:7a:1c:d9:6e:09:e0:eb:69:9c:5a:19:c6:1c:
24:f6:a4:42:9d:ba:1c:07:03:78:9c:1d:bf:f7:f4:
0a:42:1b:91:6a:06:bd:d8:a0:0e:b2:1d:fa:80:e3:
7e:f3:e3:34:bf:be:9a:45:20:ac:f1:58:c0:97:90:
a2:4f:eb:f2:ab:08:c1:a9:8c:33:17:17:20:11:27:
49:d5:d5:8a:4b:7f:94:54:ec:f1:c2:61:68:63:3d:
3a:4b:f4:78:52:7a:eb:45:1e:ea:72:e9:8d:d0:a7:
6a:e6:0c:d1:31:bd:62:63:96:5e:61:4c:9a:74:c5:
25:54:0d:2c:55:25:90:27:86:ea:7d:62:cc:80:8a:
4c:19:9e:f3:b5:28:d2:04:4c:85:16:c5:e3:60:23:
08:67:a0:5f:fc:49:d1:6c:12:21:fb:d5:f8:1b:75:
fe:dd:99:51:58:b2:46:d0:3d:bc:a6:0f:ae:e6:28:
65:33:d4:cc:8c:42:f8:29:a5:63:62:25:6d:77:fa:
01:c7:6f:7b:ad:bf:49:0a:fd:06:c8:dd:c6:47:5d:
0f:9c:6f:43:0a:e6:39:a9:ff:05:c6:4e:40:3c:5f:
f2:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:C5:A9:29:F9:0E:E9:63:C1:76:07:27:2E:F2:E2:EA:D4:04:C1:F6
X509v3 Authority Key Identifier:
keyid:9D:3B:3F:F9:3B:83:37:35:CA:CD:65:2C:E3:49:FA:32:34:02:43:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nTs_-TuDNzXKzWUs40n6MjQCQys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c5d4b2-b57f-4562-aabe-c8ceab8bc050/1/F8WpKfkO6WPBdgcnLvLi6tQEwfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c5d4b2-b57f-4562-aabe-c8ceab8bc050/1/nTs_-TuDNzXKzWUs40n6MjQCQys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.214.4.0/22
217.197.128.0/21
IPv6:
2a03:580::/32
Signature Algorithm: sha256WithRSAEncryption
35:94:74:b3:5d:75:0e:8f:30:29:57:e3:05:1e:69:7a:a1:ba:
3e:ed:61:36:71:da:65:cc:0f:b1:55:df:78:5d:54:10:57:78:
7f:38:90:a2:3f:56:89:c8:ff:4f:3d:75:af:0a:bb:18:43:2a:
d6:a5:7a:50:fd:eb:9e:10:87:84:e2:8e:4f:ba:85:8a:17:5e:
db:fb:ed:f2:31:28:5e:aa:7a:5d:4a:4a:d2:94:ce:02:a7:24:
44:72:99:7f:a5:0f:69:30:f7:48:6d:65:05:c6:01:db:62:30:
18:5c:4c:96:7c:39:4b:38:6e:1c:ac:bb:27:be:b4:a6:be:0e:
26:d0:b9:fe:1d:00:59:78:96:02:8f:7e:b2:01:b2:23:04:58:
0b:41:5f:fa:c5:52:9f:47:94:d4:4e:b9:2d:99:87:96:80:45:
c4:a6:9c:21:15:20:8e:31:24:ef:42:8c:0e:a9:02:1c:3c:3b:
5a:5e:ba:92:39:dd:5d:1b:7e:13:4d:bf:44:c1:e4:13:f7:3f:
46:0f:d4:ef:c1:69:a1:fb:92:d8:eb:fb:7e:12:13:fc:51:cd:
1e:43:d0:93:1c:35:fb:e6:52:fc:e9:14:62:58:38:c2:b0:0b:
b7:bd:59:68:e6:e7:b6:08:c6:f8:85:24:1c:96:ba:7a:91:89:
8a:33:9f:62
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQg1Z3gxCQpTmTyo3yUM+vjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkM2IzZmY5M2I4MzM3MzVjYWNkNjUyY2UzNDlmYTMyMzQw
MjQzMmIwHhcNMjUwMTAxMDc0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2M1YTkyOWY5MGVlOTYzYzE3NjA3MjcyZWYyZTJlYWQ0MDRjMWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstZ9gha/OrYjKKktDI1fHIUJ1qNc
N9/LLtkCEDc2MHoc2W4J4OtpnFoZxhwk9qRCnbocBwN4nB2/9/QKQhuRaga92KAO
sh36gON+8+M0v76aRSCs8VjAl5CiT+vyqwjBqYwzFxcgESdJ1dWKS3+UVOzxwmFo
Yz06S/R4UnrrRR7qcumN0Kdq5gzRMb1iY5ZeYUyadMUlVA0sVSWQJ4bqfWLMgIpM
GZ7ztSjSBEyFFsXjYCMIZ6Bf/EnRbBIh+9X4G3X+3ZlRWLJG0D28pg+u5ihlM9TM
jEL4KaVjYiVtd/oBx297rb9JCv0GyN3GR10PnG9DCuY5qf8Fxk5APF/yCQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBfFqSn5DuljwXYHJy7y4urUBMH2MB8GA1UdIwQY
MBaAFJ07P/k7gzc1ys1lLONJ+jI0AkMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblRzXy1UdUROelhLeldVczQwbjZNalFDUXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9jNWQ0YjItYjU3Zi00NTYyLWFhYmUt
YzhjZWFiOGJjMDUwLzEvRjhXcEtma082V1BCZGdjbkx2TGk2dFFFd2ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9jNWQ0YjItYjU3Zi00NTYyLWFhYmUtYzhjZWFiOGJjMDUw
LzEvblRzXy1UdUROelhLeldVczQwbjZNalFDUXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCWNYEAwQD
2cWAMA0EAgACMAcDBQAqAwWAMA0GCSqGSIb3DQEBCwUAA4IBAQA1lHSzXXUOjzAp
V+MFHml6obo+7WE2cdplzA+xVd94XVQQV3h/OJCiP1aJyP9PPXWvCrsYQyrWpXpQ
/eueEIeE4o5PuoWKF17b++3yMSheqnpdSkrSlM4CpyREcpl/pQ9pMPdIbWUFxgHb
YjAYXEyWfDlLOG4crLsnvrSmvg4m0Ln+HQBZeJYCj36yAbIjBFgLQV/6xVKfR5TU
TrktmYeWgEXEppwhFSCOMSTvQowOqQIcPDtaXrqSOd1dG34TTb9EweQT9z9GD9Tv
wWmh+5LY6/t+EhP8Uc0eQ9CTHDX75lL86RRiWDjCsAu3vVlo5ue2CMb4hSQclrp6
kYmKM59i
-----END CERTIFICATE-----
Generated at Tue Apr 15 09:50:12 2025 by rpki-client