Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/6y2PxXoNf17k752-h-Vh6181ybg.roa
File: 6y2PxXoNf17k752-h-Vh6181ybg.roa (raw, json)
Hash identifier: /D4LWQIJRMeiTsLLzqJFb6QygqeaBkt1FMx26cAAcmk=
Subject key identifier: EB:2D:8F:C5:7A:0D:7F:5E:E4:EF:9D:BE:87:E5:61:EB:5F:35:C9:B8
Certificate issuer: /CN=a47f708c34a5e71daf3d2e54b99ab74f069ef80b
Certificate serial: 0194221F961CBFA7E478E52582D8A5220997
Authority key identifier: A4:7F:70:8C:34:A5:E7:1D:AF:3D:2E:54:B9:9A:B7:4F:06:9E:F8:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pH9wjDSl5x2vPS5UuZq3Twae-As.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/6y2PxXoNf17k752-h-Vh6181ybg.roa
Signing time: Wed 01 Jan 2025 13:48:02 +0000
ROA not before: Wed 01 Jan 2025 13:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 109.202.124.0/24 maxlen: 24
109.202.126.0/24 maxlen: 24
2a03:e182::/32 maxlen: 32
2a03:e183::/32 maxlen: 32
2a03:e184::/32 maxlen: 32
2a03:e185::/32 maxlen: 32
2a03:e186::/32 maxlen: 32
2a03:e187::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/pH9wjDSl5x2vPS5UuZq3Twae-As.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/pH9wjDSl5x2vPS5UuZq3Twae-As.mft
rsync://rpki.ripe.net/repository/DEFAULT/pH9wjDSl5x2vPS5UuZq3Twae-As.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 16:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:96:1c:bf:a7:e4:78:e5:25:82:d8:a5:22:09:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a47f708c34a5e71daf3d2e54b99ab74f069ef80b
Validity
Not Before: Jan 1 13:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eb2d8fc57a0d7f5ee4ef9dbe87e561eb5f35c9b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:b2:9f:0b:9d:5a:73:0a:9d:0b:31:07:47:0d:
c0:6c:6d:27:5e:ec:73:84:5d:46:17:de:44:05:d8:
74:3a:25:27:3a:32:e9:ed:cc:b2:87:4a:0c:7f:2f:
da:98:28:d3:c0:98:57:80:3c:c1:08:32:e4:af:e9:
71:f6:e0:0e:88:dd:19:b6:d7:52:ad:87:06:fa:df:
94:74:fe:36:40:bd:a5:ae:b7:14:a4:01:79:c2:1f:
ea:d2:84:76:ae:55:35:ae:21:8c:ba:ad:f5:7b:a1:
23:24:7a:58:44:db:09:ec:b9:c3:92:0c:e1:3c:18:
14:90:0a:71:ff:35:d0:ef:c3:1c:e5:43:d1:15:81:
bc:56:b2:0e:96:9c:31:7f:d6:76:3c:26:a1:8a:2f:
68:9a:11:62:72:70:ef:4d:1f:37:fb:d0:8c:b0:e7:
58:39:07:8d:c2:f5:1e:f9:99:ad:1f:04:05:6f:12:
5f:01:b8:d1:7a:d5:5e:4d:ac:e4:e4:3e:d4:f0:40:
fe:61:28:51:fe:a9:10:81:1d:94:e7:01:36:0d:94:
53:fe:3a:3a:fd:a1:41:b9:bd:c5:10:ce:97:6c:60:
5a:f9:84:49:c5:6f:e4:8e:21:de:94:8b:99:4a:68:
af:a7:d6:0b:bf:d8:2a:f2:aa:44:91:dc:90:27:b4:
29:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:2D:8F:C5:7A:0D:7F:5E:E4:EF:9D:BE:87:E5:61:EB:5F:35:C9:B8
X509v3 Authority Key Identifier:
keyid:A4:7F:70:8C:34:A5:E7:1D:AF:3D:2E:54:B9:9A:B7:4F:06:9E:F8:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pH9wjDSl5x2vPS5UuZq3Twae-As.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/6y2PxXoNf17k752-h-Vh6181ybg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/019a1e-be98-414c-8c2c-6b27ff2257c6/1/pH9wjDSl5x2vPS5UuZq3Twae-As.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.202.124.0/24
109.202.126.0/24
IPv6:
2a03:e182::-2a03:e187:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6f:fc:93:50:80:21:a1:96:fa:dc:21:a3:f4:0c:6c:a2:23:b9:
31:38:a2:56:0c:0c:b0:ba:3c:5b:7a:6e:93:85:e7:60:0c:ed:
90:42:62:9e:7c:aa:99:8c:79:4d:c6:ec:34:27:84:22:db:3a:
9c:4f:38:cc:96:80:2e:95:7a:c6:40:55:aa:10:1e:59:80:ef:
56:b0:19:b9:3e:40:fb:67:14:44:b6:56:57:eb:0c:69:5e:a2:
75:ae:9a:d4:8b:4c:87:1d:05:d7:73:34:ca:04:65:d5:8f:90:
cf:a6:12:2f:81:2c:43:b1:5a:96:4a:04:dc:6b:ea:27:af:2b:
0c:ce:77:21:d1:87:0b:bd:57:2e:ee:5a:e9:a7:86:53:fc:e1:
7f:06:58:df:cc:a9:19:02:42:bf:c9:c6:48:50:f3:cc:8d:62:
89:0d:1f:3d:1e:60:dd:9e:27:75:06:d4:58:71:78:fb:78:7f:
7b:5f:ef:ea:5f:ae:59:a6:c7:df:9f:9c:3e:70:0c:2a:7a:2f:
44:fa:23:c3:f7:94:24:97:42:c3:11:83:85:a2:af:20:c7:6d:
c9:9d:8e:14:e9:3a:7e:f1:4a:f5:f4:20:b4:dc:40:1e:a6:7d:
eb:ca:87:d9:c5:82:86:0d:95:1c:f2:5d:a3:b5:c5:fd:f4:b5:
78:1b:e4:3d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQiH5Ycv6fkeOUlgtilIgmXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0N2Y3MDhjMzRhNWU3MWRhZjNkMmU1NGI5OWFiNzRmMDY5
ZWY4MGIwHhcNMjUwMTAxMTM0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjJkOGZjNTdhMGQ3ZjVlZTRlZjlkYmU4N2U1NjFlYjVmMzVjOWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz7KfC51acwqdCzEHRw3AbG0nXuxz
hF1GF95EBdh0OiUnOjLp7cyyh0oMfy/amCjTwJhXgDzBCDLkr+lx9uAOiN0ZttdS
rYcG+t+UdP42QL2lrrcUpAF5wh/q0oR2rlU1riGMuq31e6EjJHpYRNsJ7LnDkgzh
PBgUkApx/zXQ78Mc5UPRFYG8VrIOlpwxf9Z2PCahii9omhFicnDvTR83+9CMsOdY
OQeNwvUe+ZmtHwQFbxJfAbjRetVeTazk5D7U8ED+YShR/qkQgR2U5wE2DZRT/jo6
/aFBub3FEM6XbGBa+YRJxW/kjiHelIuZSmivp9YLv9gq8qpEkdyQJ7QpEwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOstj8V6DX9e5O+dvoflYetfNcm4MB8GA1UdIwQY
MBaAFKR/cIw0pecdrz0uVLmat08GnvgLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEg5d2pEU2w1eDJ2UFM1VXVacTNUd2FlLUFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8wMTlhMWUtYmU5OC00MTRjLThjMmMt
NmIyN2ZmMjI1N2M2LzEvNnkyUHhYb05mMTdrNzUyLWgtVmg2MTgxeWJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8wMTlhMWUtYmU5OC00MTRjLThjMmMtNmIyN2ZmMjI1N2M2
LzEvcEg5d2pEU2w1eDJ2UFM1VXVacTNUd2FlLUFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQAbcp8AwQA
bcp+MBYEAgACMBAwDgMFASoD4YIDBQMqA+GAMA0GCSqGSIb3DQEBCwUAA4IBAQBv
/JNQgCGhlvrcIaP0DGyiI7kxOKJWDAywujxbem6ThedgDO2QQmKefKqZjHlNxuw0
J4Qi2zqcTzjMloAulXrGQFWqEB5ZgO9WsBm5PkD7ZxREtlZX6wxpXqJ1rprUi0yH
HQXXczTKBGXVj5DPphIvgSxDsVqWSgTca+onrysMznch0YcLvVcu7lrpp4ZT/OF/
BljfzKkZAkK/ycZIUPPMjWKJDR89HmDdnid1BtRYcXj7eH97X+/qX65Zpsffn5w+
cAwqei9E+iPD95Qkl0LDEYOFoq8gx23JnY4U6Tp+8Ur19CC03EAepn3ryofZxYKG
DZUc8l2jtcX99LV4G+Q9
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:18:08 2025 by rpki-client