Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/J6V38H8YoI17U_6ZK87Tdnr9D6E.roa
File: J6V38H8YoI17U_6ZK87Tdnr9D6E.roa (raw, json)
Hash identifier: raWkVSI8/jwN4Seiq8VvscBLScbGAuD9ueNsJNFPab0=
Subject key identifier: 27:A5:77:F0:7F:18:A0:8D:7B:53:FE:99:2B:CE:D3:76:7A:FD:0F:A1
Certificate issuer: /CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Certificate serial: 0194236A3C606B06D153C19A03BB43DB9B5F
Authority key identifier: 29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/J6V38H8YoI17U_6ZK87Tdnr9D6E.roa
Signing time: Wed 01 Jan 2025 19:49:12 +0000
ROA not before: Wed 01 Jan 2025 19:49:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203744
IP address blocks: 45.131.116.0/24 maxlen: 24
45.131.117.0/24 maxlen: 24
45.131.119.0/24 maxlen: 24
89.111.240.0/24 maxlen: 24
185.125.120.0/22 maxlen: 22
185.125.120.0/24 maxlen: 24
185.125.121.0/24 maxlen: 24
185.125.122.0/24 maxlen: 24
185.125.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.crl
rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.mft
rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 22:01:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:3c:60:6b:06:d1:53:c1:9a:03:bb:43:db:9b:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Validity
Not Before: Jan 1 19:49:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=27a577f07f18a08d7b53fe992bced3767afd0fa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ad:f4:93:78:93:b8:2d:4b:5b:b5:a3:0f:1b:
85:7d:93:1d:6d:92:65:81:49:1b:a0:8c:af:07:19:
ae:ff:f8:7d:6b:00:aa:07:81:00:ef:6d:ce:ca:6e:
a9:39:00:9e:bf:f4:06:56:c3:f9:bf:dc:1f:8f:f0:
cc:e0:4f:b1:6c:77:22:d4:5b:7d:c0:89:04:2d:d7:
ff:c3:b4:91:6f:31:28:f4:3c:a7:17:7c:2b:89:68:
bb:ee:c7:71:32:5b:22:25:ec:0a:27:bc:f1:7d:6f:
41:4e:a9:1e:ad:6b:c4:78:34:fc:e3:8e:d7:54:91:
17:c7:19:3e:d7:30:a8:12:52:63:87:8f:56:32:36:
6c:bb:be:be:91:d9:c9:e7:83:58:85:70:28:eb:e0:
03:02:80:b3:a2:49:57:ad:d6:f2:96:dc:f8:bc:05:
78:1d:8d:fd:cb:17:86:94:f1:55:d2:72:c4:3d:5c:
0f:3c:f9:4e:2c:61:8e:8e:9f:58:65:a9:40:fb:4b:
7b:3a:ba:77:11:ec:1d:c1:e3:f9:30:99:82:db:4f:
5a:4e:5e:69:7d:18:f8:dd:08:c5:ee:52:99:cf:1e:
8c:2b:61:3d:18:eb:b4:82:69:80:4b:96:8f:0a:b7:
97:fc:53:4f:69:94:7a:b7:1b:8a:b2:aa:c6:c9:0e:
2f:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:A5:77:F0:7F:18:A0:8D:7B:53:FE:99:2B:CE:D3:76:7A:FD:0F:A1
X509v3 Authority Key Identifier:
keyid:29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/J6V38H8YoI17U_6ZK87Tdnr9D6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.116.0/23
45.131.119.0/24
89.111.240.0/24
185.125.120.0/22
Signature Algorithm: sha256WithRSAEncryption
be:9d:4f:1d:80:96:af:7e:00:c2:7f:37:bd:54:36:7d:34:74:
2e:ff:da:b2:8d:12:2d:15:f0:35:58:33:84:50:f1:dd:0f:7e:
12:73:65:03:d8:8a:fa:53:1d:70:07:68:ec:e3:02:a1:fd:1a:
6c:e5:71:28:49:3f:c4:e3:4d:4f:32:83:1f:6d:c7:94:03:22:
31:37:7e:fd:81:0b:f1:c1:a0:bb:9c:9a:b0:6f:85:2f:a5:b7:
f8:b2:b6:18:15:3e:29:2e:36:b0:7e:ae:6c:71:9d:84:5d:ac:
01:9a:ff:2c:eb:40:02:86:c8:4e:c9:56:8e:5b:46:a5:f0:40:
76:c3:c1:de:d6:80:38:e2:f0:60:88:0b:60:ae:08:d0:0b:12:
95:e6:b3:43:c9:1a:18:85:d8:27:94:23:90:c1:ae:ad:cb:57:
e3:ab:4a:b8:fb:25:a8:a1:9b:6b:06:bf:a2:d1:bd:2b:e3:24:
d1:47:6c:ca:61:8f:ec:3f:58:49:8f:15:79:73:55:6b:fa:62:
f6:b5:7f:10:af:ce:54:b5:b8:a0:0d:7c:87:8c:5a:14:52:f8:
4f:9c:22:46:d7:8b:f5:39:d8:e6:ba:6d:3c:0f:65:1a:ca:5b:
b3:d5:78:a5:41:cb:3f:04:43:e6:6d:38:50:65:4c:22:22:c1:
38:06:c8:79
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQjajxgawbRU8GaA7tD25tfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YTk5NjRlMGNkMzVmYjM2NzU3ZTU2NTNmZmE3NjI2YWM1
ZGVlZTgwHhcNMjUwMTAxMTk0OTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2E1NzdmMDdmMThhMDhkN2I1M2ZlOTkyYmNlZDM3NjdhZmQwZmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAza30k3iTuC1LW7WjDxuFfZMdbZJl
gUkboIyvBxmu//h9awCqB4EA723Oym6pOQCev/QGVsP5v9wfj/DM4E+xbHci1Ft9
wIkELdf/w7SRbzEo9DynF3wriWi77sdxMlsiJewKJ7zxfW9BTqkerWvEeDT8447X
VJEXxxk+1zCoElJjh49WMjZsu76+kdnJ54NYhXAo6+ADAoCzoklXrdbyltz4vAV4
HY39yxeGlPFV0nLEPVwPPPlOLGGOjp9YZalA+0t7Orp3EewdweP5MJmC209aTl5p
fRj43QjF7lKZzx6MK2E9GOu0gmmAS5aPCreX/FNPaZR6txuKsqrGyQ4vnwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCeld/B/GKCNe1P+mSvO03Z6/Q+hMB8GA1UdIwQY
MBaAFCmplk4M01+zZ1flZT/6diasXe7oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTIt
ZDliNTMzZjdmYmMzLzEvSjZWMzhIOFlvSTE3VV82Wks4N1RkbnI5RDZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTItZDliNTMzZjdmYmMz
LzEvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLYN0AwQA
LYN3AwQAWW/wAwQCuX14MA0GCSqGSIb3DQEBCwUAA4IBAQC+nU8dgJavfgDCfze9
VDZ9NHQu/9qyjRItFfA1WDOEUPHdD34Sc2UD2Ir6Ux1wB2js4wKh/Rps5XEoST/E
401PMoMfbceUAyIxN379gQvxwaC7nJqwb4Uvpbf4srYYFT4pLjawfq5scZ2EXawB
mv8s60AChshOyVaOW0al8EB2w8He1oA44vBgiAtgrgjQCxKV5rNDyRoYhdgnlCOQ
wa6ty1fjq0q4+yWooZtrBr+i0b0r4yTRR2zKYY/sP1hJjxV5c1Vr+mL2tX8Qr85U
tbigDXyHjFoUUvhPnCJG14v1Odjmum08D2Uayluz1XilQcs/BEPmbThQZUwiIsE4
Bsh5
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:16:19 2025 by rpki-client