Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/323add-1d87-416a-bd05-1e9848cb1745/1/6fPKrr2WqJdenIvBOBD3KjEA0wk.roa
File: 6fPKrr2WqJdenIvBOBD3KjEA0wk.roa (raw, json)
Hash identifier: i2OyGf183j1iELGCpTBdb4xd43I9V5TO+gNqwj8iJKU=
Subject key identifier: E9:F3:CA:AE:BD:96:A8:97:5E:9C:8B:C1:38:10:F7:2A:31:00:D3:09
Certificate issuer: /CN=2e6d235bfd2bb77d9886b14cb10dc49c42082353
Certificate serial: 01942827E093425673261FCDF98E9F0B9BBA
Authority key identifier: 2E:6D:23:5B:FD:2B:B7:7D:98:86:B1:4C:B1:0D:C4:9C:42:08:23:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lm0jW_0rt32YhrFMsQ3EnEIII1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/323add-1d87-416a-bd05-1e9848cb1745/1/6fPKrr2WqJdenIvBOBD3KjEA0wk.roa
Signing time: Thu 02 Jan 2025 17:54:49 +0000
ROA not before: Thu 02 Jan 2025 17:54:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50157
IP address blocks: 62.76.121.0/24 maxlen: 24
195.209.152.0/24 maxlen: 24
195.209.153.0/24 maxlen: 24
195.209.154.0/24 maxlen: 24
195.209.155.0/24 maxlen: 24
195.209.156.0/24 maxlen: 24
195.209.157.0/24 maxlen: 24
195.209.158.0/24 maxlen: 24
195.209.159.0/24 maxlen: 24
212.192.191.0/24 maxlen: 24
2001:67c:614::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/323add-1d87-416a-bd05-1e9848cb1745/1/Lm0jW_0rt32YhrFMsQ3EnEIII1M.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/323add-1d87-416a-bd05-1e9848cb1745/1/Lm0jW_0rt32YhrFMsQ3EnEIII1M.mft
rsync://rpki.ripe.net/repository/DEFAULT/Lm0jW_0rt32YhrFMsQ3EnEIII1M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 17:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:e0:93:42:56:73:26:1f:cd:f9:8e:9f:0b:9b:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6d235bfd2bb77d9886b14cb10dc49c42082353
Validity
Not Before: Jan 2 17:54:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e9f3caaebd96a8975e9c8bc13810f72a3100d309
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:3e:4c:2a:4b:a2:94:d9:69:23:a9:3f:76:b0:
1c:12:20:83:46:81:16:5c:4b:d6:e6:62:6c:f4:f4:
40:4d:03:44:b5:fc:bb:3a:25:46:93:51:0e:62:cc:
a3:64:22:26:f5:8c:b8:52:b5:8d:40:18:54:4d:64:
9a:94:24:4e:8b:64:7d:92:19:58:c5:b6:89:e8:3a:
5d:1d:a3:31:5f:c6:a3:c2:c6:1e:16:dd:48:8e:9d:
73:d6:3f:e8:a9:b9:a0:e4:aa:46:3f:98:c9:ce:4e:
8c:7e:89:dd:ac:03:f5:04:ce:ae:8b:fe:75:47:64:
82:e2:d5:b5:a7:ec:20:de:50:76:65:b8:30:6a:a2:
3e:80:d9:c8:21:83:42:36:31:4e:26:95:40:c0:c6:
24:e4:c2:73:aa:5c:9c:5e:f2:51:82:45:fe:26:e9:
1f:90:4e:1c:45:cf:36:d4:b8:1a:80:85:e0:c0:ed:
10:f9:98:96:e6:73:ad:9d:cb:b3:68:80:2b:ab:9e:
41:eb:bc:aa:f8:ea:6d:54:72:78:a7:33:4c:95:7e:
7e:bc:33:f0:39:62:1c:70:4a:9a:50:ea:9d:15:e6:
2f:f2:28:8a:53:6c:8a:20:97:c6:fe:eb:ce:52:b6:
fb:74:3b:13:b6:c0:13:ce:ce:78:b9:d0:0c:08:9b:
20:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:F3:CA:AE:BD:96:A8:97:5E:9C:8B:C1:38:10:F7:2A:31:00:D3:09
X509v3 Authority Key Identifier:
keyid:2E:6D:23:5B:FD:2B:B7:7D:98:86:B1:4C:B1:0D:C4:9C:42:08:23:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lm0jW_0rt32YhrFMsQ3EnEIII1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/323add-1d87-416a-bd05-1e9848cb1745/1/6fPKrr2WqJdenIvBOBD3KjEA0wk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/323add-1d87-416a-bd05-1e9848cb1745/1/Lm0jW_0rt32YhrFMsQ3EnEIII1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.121.0/24
195.209.152.0/21
212.192.191.0/24
IPv6:
2001:67c:614::/48
Signature Algorithm: sha256WithRSAEncryption
4e:37:81:bb:5b:7f:0a:ae:96:ad:64:0c:60:7f:05:c5:32:99:
bd:e7:0a:97:20:df:ff:67:fa:52:e7:31:a0:85:0a:0b:f0:13:
af:2f:2b:e5:7d:36:91:e2:be:fc:04:38:1d:ec:ee:09:78:2a:
f4:19:6c:d8:2e:6f:79:84:6b:2c:f3:2d:34:72:bb:7a:33:c5:
9d:d6:f9:b7:07:e5:d6:7c:1d:32:6e:47:ba:ff:a2:fd:92:4c:
4f:ec:6d:2f:f8:5b:56:dd:93:45:d7:54:bd:75:8e:22:6d:ac:
fe:af:89:ae:c3:7f:00:65:f0:ff:77:5f:89:89:46:d3:5f:50:
c8:b7:8b:3d:f9:2d:2e:e3:aa:31:1e:4e:d1:0e:79:02:c6:8f:
ad:d4:a6:95:32:f2:b8:0e:26:4f:69:21:43:8b:7d:8a:41:0a:
94:22:d4:7f:14:9d:70:30:f6:15:56:07:86:56:cc:82:ca:10:
f1:14:d0:24:21:73:34:91:bf:f2:25:11:bc:f3:1d:d6:49:91:
87:fd:19:e0:c9:43:3f:32:59:d9:6d:d7:9b:43:49:1f:4c:8e:
a8:9e:c4:32:be:63:d9:b3:40:8c:14:14:9b:e6:cb:c5:b3:55:
eb:4d:e3:e6:20:f5:4d:72:be:6a:40:1e:7b:c7:fa:d5:c1:48:
71:5e:ac:a7
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQoJ+CTQlZzJh/N+Y6fC5u6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNmQyMzViZmQyYmI3N2Q5ODg2YjE0Y2IxMGRjNDljNDIw
ODIzNTMwHhcNMjUwMTAyMTc1NDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWYzY2FhZWJkOTZhODk3NWU5YzhiYzEzODEwZjcyYTMxMDBkMzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnz5MKkuilNlpI6k/drAcEiCDRoEW
XEvW5mJs9PRATQNEtfy7OiVGk1EOYsyjZCIm9Yy4UrWNQBhUTWSalCROi2R9khlY
xbaJ6DpdHaMxX8ajwsYeFt1Ijp1z1j/oqbmg5KpGP5jJzk6MfondrAP1BM6ui/51
R2SC4tW1p+wg3lB2ZbgwaqI+gNnIIYNCNjFOJpVAwMYk5MJzqlycXvJRgkX+Jukf
kE4cRc821LgagIXgwO0Q+ZiW5nOtncuzaIArq55B67yq+OptVHJ4pzNMlX5+vDPw
OWIccEqaUOqdFeYv8iiKU2yKIJfG/uvOUrb7dDsTtsATzs54udAMCJsg5QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFOnzyq69lqiXXpyLwTgQ9yoxANMJMB8GA1UdIwQY
MBaAFC5tI1v9K7d9mIaxTLENxJxCCCNTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG0waldfMHJ0MzJZaHJGTXNRM0VuRUlJSTFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8zMjNhZGQtMWQ4Ny00MTZhLWJkMDUt
MWU5ODQ4Y2IxNzQ1LzEvNmZQS3JyMldxSmRlbkl2Qk9CRDNLakVBMHdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8zMjNhZGQtMWQ4Ny00MTZhLWJkMDUtMWU5ODQ4Y2IxNzQ1
LzEvTG0waldfMHJ0MzJZaHJGTXNRM0VuRUlJSTFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAPkx5AwQD
w9GYAwQA1MC/MA8EAgACMAkDBwAgAQZ8BhQwDQYJKoZIhvcNAQELBQADggEBAE43
gbtbfwqulq1kDGB/BcUymb3nCpcg3/9n+lLnMaCFCgvwE68vK+V9NpHivvwEOB3s
7gl4KvQZbNgub3mEayzzLTRyu3ozxZ3W+bcH5dZ8HTJuR7r/ov2STE/sbS/4W1bd
k0XXVL11jiJtrP6via7DfwBl8P93X4mJRtNfUMi3iz35LS7jqjEeTtEOeQLGj63U
ppUy8rgOJk9pIUOLfYpBCpQi1H8UnXAw9hVWB4ZWzILKEPEU0CQhczSRv/IlEbzz
HdZJkYf9GeDJQz8yWdlt15tDSR9MjqiexDK+Y9mzQIwUFJvmy8WzVetN4+Yg9U1y
vmpAHnvH+tXBSHFerKc=
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:15:06 2025 by rpki-client