Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/03c9d3-0e25-4cc7-96a3-117bf42941ca/1/avdVBk-rHRbW-M4AabpJX7CSjxg.roa
File: avdVBk-rHRbW-M4AabpJX7CSjxg.roa (raw, json)
Hash identifier: XlwxkSLG5mJnTFp/kB80ylCJ16RiA9KQHhkduE06FV0=
Subject key identifier: 6A:F7:55:06:4F:AB:1D:16:D6:F8:CE:00:69:BA:49:5F:B0:92:8F:18
Certificate issuer: /CN=6be39c31be93f56e63bd26d5b1c072dc775319e6
Certificate serial: 019424B39FBE8D010F1420BB7D2BDFDFD050
Authority key identifier: 6B:E3:9C:31:BE:93:F5:6E:63:BD:26:D5:B1:C0:72:DC:77:53:19:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a-OcMb6T9W5jvSbVscBy3HdTGeY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/03c9d3-0e25-4cc7-96a3-117bf42941ca/1/avdVBk-rHRbW-M4AabpJX7CSjxg.roa
Signing time: Thu 02 Jan 2025 01:48:59 +0000
ROA not before: Thu 02 Jan 2025 01:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51597
IP address blocks: 91.219.80.0/22 maxlen: 22
91.219.80.0/24 maxlen: 24
91.219.81.0/24 maxlen: 24
91.219.82.0/24 maxlen: 24
91.219.83.0/24 maxlen: 24
176.116.192.0/21 maxlen: 21
176.116.192.0/24 maxlen: 24
176.116.193.0/24 maxlen: 24
176.116.194.0/24 maxlen: 24
176.116.195.0/24 maxlen: 24
176.116.196.0/24 maxlen: 24
176.116.197.0/24 maxlen: 24
2001:678:318::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/03c9d3-0e25-4cc7-96a3-117bf42941ca/1/a-OcMb6T9W5jvSbVscBy3HdTGeY.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/03c9d3-0e25-4cc7-96a3-117bf42941ca/1/a-OcMb6T9W5jvSbVscBy3HdTGeY.mft
rsync://rpki.ripe.net/repository/DEFAULT/a-OcMb6T9W5jvSbVscBy3HdTGeY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:9f:be:8d:01:0f:14:20:bb:7d:2b:df:df:d0:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6be39c31be93f56e63bd26d5b1c072dc775319e6
Validity
Not Before: Jan 2 01:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6af755064fab1d16d6f8ce0069ba495fb0928f18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:38:6b:02:2b:0c:50:89:28:f8:15:9c:ff:ba:
5b:74:a9:4b:36:88:b3:83:f1:7c:25:d5:84:b7:1a:
5b:99:d7:8a:12:6c:e3:fb:43:b0:8c:7a:f1:4c:f7:
e2:a4:3b:6f:88:23:a7:a0:f2:9e:f5:e9:aa:95:9c:
a0:9a:fc:f9:c2:c6:95:0c:0c:1d:ec:6a:03:1a:91:
0e:8a:e8:67:65:d2:cc:95:21:bd:03:41:24:74:e9:
77:29:eb:ce:2c:62:6a:90:13:50:0c:c2:81:1c:30:
40:c4:2a:6b:dd:58:a2:88:dc:57:16:98:1b:9e:96:
17:39:7a:36:f7:5e:45:3f:b5:6b:de:1d:91:0f:3b:
b8:38:1c:2c:8d:fc:3c:52:09:ff:ee:ce:b9:f8:e6:
93:0d:1e:8a:37:14:c5:b7:29:57:e1:66:d4:bb:0e:
e9:dc:58:25:b7:a3:06:c1:ce:4a:c9:20:30:31:33:
79:e0:92:61:8e:65:cb:dc:3e:79:b9:5f:4d:ec:4c:
21:6c:c3:af:9b:36:c2:7b:fa:34:c1:c2:2f:a2:39:
73:11:ea:4e:9a:e5:78:cc:bc:91:bb:b5:8b:50:15:
2e:88:4a:77:99:7b:f8:9d:91:bc:6c:8c:05:d7:69:
30:79:d8:e3:e7:61:c2:1b:d5:53:12:41:57:2c:38:
dc:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:F7:55:06:4F:AB:1D:16:D6:F8:CE:00:69:BA:49:5F:B0:92:8F:18
X509v3 Authority Key Identifier:
keyid:6B:E3:9C:31:BE:93:F5:6E:63:BD:26:D5:B1:C0:72:DC:77:53:19:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a-OcMb6T9W5jvSbVscBy3HdTGeY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/03c9d3-0e25-4cc7-96a3-117bf42941ca/1/avdVBk-rHRbW-M4AabpJX7CSjxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/03c9d3-0e25-4cc7-96a3-117bf42941ca/1/a-OcMb6T9W5jvSbVscBy3HdTGeY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.80.0/22
176.116.192.0/21
IPv6:
2001:678:318::/48
Signature Algorithm: sha256WithRSAEncryption
ad:b7:02:4e:ba:75:08:ae:18:27:00:82:2c:80:ae:f3:e0:33:
bb:41:28:6f:59:35:c1:55:b9:72:56:8d:6c:86:db:a0:b6:e9:
41:6f:5d:4b:30:7b:53:58:4a:f1:bd:b0:33:b2:c2:f3:a3:ef:
2e:d8:97:04:87:2d:f0:3d:ca:73:a9:46:13:c4:90:19:c2:6f:
7a:0f:d0:bd:86:c7:3d:79:58:fe:fa:f6:a3:f3:35:61:5e:85:
9c:ce:1a:e6:a0:e5:ac:0e:84:16:74:08:99:f3:bd:98:e0:24:
6c:19:a6:7e:08:d1:7d:13:6b:75:b1:ff:42:9d:c4:5b:15:ff:
fc:a9:a9:2a:aa:1d:00:98:43:cc:8c:b4:e2:c6:9e:d5:c9:6d:
2b:32:28:b7:45:01:f6:13:51:8c:ba:75:5a:3b:94:32:29:ea:
c6:e0:67:1d:89:26:e5:db:1b:4c:71:94:a7:48:4c:10:38:6c:
c3:f6:e1:aa:c5:57:bc:60:5c:99:e0:79:39:ea:22:f2:2a:2c:
a7:57:85:00:22:79:28:54:fd:d1:75:07:e5:87:af:02:99:c5:
d6:d2:bd:3b:40:0e:2d:a9:25:71:20:6f:22:8d:a4:a2:b5:93:
f3:b1:e3:2c:e9:74:f0:0f:43:59:ee:5c:c4:51:2f:27:91:66:
c3:e3:59:2c
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQks5++jQEPFCC7fSvf39BQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiZTM5YzMxYmU5M2Y1NmU2M2JkMjZkNWIxYzA3MmRjNzc1
MzE5ZTYwHhcNMjUwMTAyMDE0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWY3NTUwNjRmYWIxZDE2ZDZmOGNlMDA2OWJhNDk1ZmIwOTI4ZjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjhrAisMUIko+BWc/7pbdKlLNoiz
g/F8JdWEtxpbmdeKEmzj+0OwjHrxTPfipDtviCOnoPKe9emqlZygmvz5wsaVDAwd
7GoDGpEOiuhnZdLMlSG9A0EkdOl3KevOLGJqkBNQDMKBHDBAxCpr3ViiiNxXFpgb
npYXOXo2915FP7Vr3h2RDzu4OBwsjfw8Ugn/7s65+OaTDR6KNxTFtylX4WbUuw7p
3Fglt6MGwc5KySAwMTN54JJhjmXL3D55uV9N7EwhbMOvmzbCe/o0wcIvojlzEepO
muV4zLyRu7WLUBUuiEp3mXv4nZG8bIwF12kwedjj52HCG9VTEkFXLDjcGwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGr3VQZPqx0W1vjOAGm6SV+wko8YMB8GA1UdIwQY
MBaAFGvjnDG+k/VuY70m1bHActx3UxnmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYS1PY01iNlQ5VzVqdlNiVnNjQnkzSGRUR2VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8wM2M5ZDMtMGUyNS00Y2M3LTk2YTMt
MTE3YmY0Mjk0MWNhLzEvYXZkVkJrLXJIUmJXLU00QWFicEpYN0NTanhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8wM2M5ZDMtMGUyNS00Y2M3LTk2YTMtMTE3YmY0Mjk0MWNh
LzEvYS1PY01iNlQ5VzVqdlNiVnNjQnkzSGRUR2VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCW9tQAwQD
sHTAMA8EAgACMAkDBwAgAQZ4AxgwDQYJKoZIhvcNAQELBQADggEBAK23Ak66dQiu
GCcAgiyArvPgM7tBKG9ZNcFVuXJWjWyG26C26UFvXUswe1NYSvG9sDOywvOj7y7Y
lwSHLfA9ynOpRhPEkBnCb3oP0L2Gxz15WP769qPzNWFehZzOGuag5awOhBZ0CJnz
vZjgJGwZpn4I0X0Ta3Wx/0KdxFsV//ypqSqqHQCYQ8yMtOLGntXJbSsyKLdFAfYT
UYy6dVo7lDIp6sbgZx2JJuXbG0xxlKdITBA4bMP24arFV7xgXJngeTnqIvIqLKdX
hQAieShU/dF1B+WHrwKZxdbSvTtADi2pJXEgbyKNpKK1k/Ox4yzpdPAPQ1nuXMRR
LyeRZsPjWSw=
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:28:36 2025 by rpki-client