Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/ddac11-2e63-4aae-940f-023203947d9d/1/6AoJ7puhHnYzj6v7_JPCzu5FfUo.roa
File: 6AoJ7puhHnYzj6v7_JPCzu5FfUo.roa (raw, json)
Hash identifier: 1YbtOUbaL4s5vaWRStnbRN7vJ3y+tKcYzUFA1VaqV5A=
Subject key identifier: E8:0A:09:EE:9B:A1:1E:76:33:8F:AB:FB:FC:93:C2:CE:EE:45:7D:4A
Certificate issuer: /CN=955dbebbc1070b99e4fb372117df2620038603e9
Certificate serial: 0194258EE0A4F5F40B7690916843864784EA
Authority key identifier: 95:5D:BE:BB:C1:07:0B:99:E4:FB:37:21:17:DF:26:20:03:86:03:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lV2-u8EHC5nk-zchF98mIAOGA-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/ddac11-2e63-4aae-940f-023203947d9d/1/6AoJ7puhHnYzj6v7_JPCzu5FfUo.roa
Signing time: Thu 02 Jan 2025 05:48:28 +0000
ROA not before: Thu 02 Jan 2025 05:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13039
IP address blocks: 193.228.188.0/22 maxlen: 22
212.20.160.0/19 maxlen: 19
217.14.112.0/20 maxlen: 24
2001:40b8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/ddac11-2e63-4aae-940f-023203947d9d/1/lV2-u8EHC5nk-zchF98mIAOGA-k.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/ddac11-2e63-4aae-940f-023203947d9d/1/lV2-u8EHC5nk-zchF98mIAOGA-k.mft
rsync://rpki.ripe.net/repository/DEFAULT/lV2-u8EHC5nk-zchF98mIAOGA-k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 02:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:e0:a4:f5:f4:0b:76:90:91:68:43:86:47:84:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=955dbebbc1070b99e4fb372117df2620038603e9
Validity
Not Before: Jan 2 05:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e80a09ee9ba11e76338fabfbfc93c2ceee457d4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:08:d1:8f:1c:31:8f:d8:c3:82:07:84:c8:26:
eb:95:02:57:a1:ee:58:b5:d7:3b:2d:8f:aa:49:d8:
a4:b8:93:98:ad:68:87:d7:b4:7f:41:cd:2a:5a:93:
77:ef:3d:09:5a:f2:25:62:62:c8:54:4b:0b:ec:3f:
08:0c:0d:ef:ed:24:cf:b5:3b:59:af:95:04:97:cd:
94:eb:c9:69:ef:bd:f1:ba:41:65:92:ba:6f:bb:e1:
ca:4c:9c:8d:e8:e6:f4:f7:e5:a3:4c:a8:8f:31:53:
34:b5:68:9e:4d:d1:4d:fe:d3:c1:6d:f3:2e:a5:41:
b5:ee:0e:ab:8e:48:f3:83:5d:65:8c:ac:57:f2:31:
c0:0a:d1:cd:dd:84:3c:37:26:fb:14:e9:4c:1e:a5:
75:c8:38:d1:69:04:27:1d:a7:8f:03:f8:e9:30:c7:
b0:c5:2f:6f:cb:63:70:bf:fc:5e:93:8a:a1:6b:b0:
3d:0b:4e:20:6b:8d:9c:ea:9f:50:2a:c7:25:cb:16:
02:ea:8a:fd:ad:68:35:2b:e7:c9:5f:30:8b:e3:c8:
63:67:5e:ad:9b:e0:e2:8d:58:57:37:b4:fc:0e:c1:
5d:b6:c6:0f:26:0f:77:2e:4b:fe:3c:05:c5:d1:3c:
32:01:1d:7d:0d:5d:8c:3a:1d:cc:ad:8c:12:49:b1:
2a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:0A:09:EE:9B:A1:1E:76:33:8F:AB:FB:FC:93:C2:CE:EE:45:7D:4A
X509v3 Authority Key Identifier:
keyid:95:5D:BE:BB:C1:07:0B:99:E4:FB:37:21:17:DF:26:20:03:86:03:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lV2-u8EHC5nk-zchF98mIAOGA-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/ddac11-2e63-4aae-940f-023203947d9d/1/6AoJ7puhHnYzj6v7_JPCzu5FfUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/ddac11-2e63-4aae-940f-023203947d9d/1/lV2-u8EHC5nk-zchF98mIAOGA-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.228.188.0/22
212.20.160.0/19
217.14.112.0/20
IPv6:
2001:40b8::/32
Signature Algorithm: sha256WithRSAEncryption
30:dc:b8:32:e4:a7:d2:be:56:1b:db:21:fc:ce:9a:a9:07:85:
25:8f:4c:3f:b6:de:28:d8:dd:be:ca:26:16:64:a9:05:9b:34:
b4:3a:48:60:90:fd:dc:60:ec:11:e8:2c:0c:4e:2c:d9:45:b1:
5d:67:19:a1:61:d5:09:3d:3a:54:3c:96:06:ce:fb:59:46:91:
41:51:49:de:de:10:5c:a8:a1:07:e7:af:4f:eb:44:42:66:b1:
f6:0f:fc:0e:08:5a:7b:70:3d:e5:9c:db:69:1a:41:99:a3:c6:
63:b5:49:23:3e:cd:1a:09:e5:1d:41:0b:4c:d5:8d:b9:77:37:
fa:cf:84:8e:8a:cc:da:4f:60:7b:6b:70:8c:26:05:bd:ed:00:
72:ca:f6:4c:0d:a9:fd:54:cb:48:f5:fb:d1:1c:52:fa:c4:5c:
cb:62:7f:9b:aa:62:6b:f9:7d:46:62:91:69:15:64:88:c3:2a:
fc:b6:e4:be:ae:f5:f0:e2:0e:05:74:30:65:f6:63:ed:fb:49:
23:56:d9:7a:5b:6b:99:28:96:d3:06:13:95:8c:e9:60:18:e0:
f2:c9:81:06:c3:79:97:e6:06:97:a5:4d:11:16:e9:74:40:ef:
c3:ce:99:57:31:6e:d0:32:e0:37:a3:36:85:7f:7d:d3:6b:41:
e3:f9:3b:08
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQljuCk9fQLdpCRaEOGR4TqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NWRiZWJiYzEwNzBiOTllNGZiMzcyMTE3ZGYyNjIwMDM4
NjAzZTkwHhcNMjUwMTAyMDU0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODBhMDllZTliYTExZTc2MzM4ZmFiZmJmYzkzYzJjZWVlNDU3ZDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwjRjxwxj9jDggeEyCbrlQJXoe5Y
tdc7LY+qSdikuJOYrWiH17R/Qc0qWpN37z0JWvIlYmLIVEsL7D8IDA3v7STPtTtZ
r5UEl82U68lp773xukFlkrpvu+HKTJyN6Ob09+WjTKiPMVM0tWieTdFN/tPBbfMu
pUG17g6rjkjzg11ljKxX8jHACtHN3YQ8Nyb7FOlMHqV1yDjRaQQnHaePA/jpMMew
xS9vy2Nwv/xek4qha7A9C04ga42c6p9QKsclyxYC6or9rWg1K+fJXzCL48hjZ16t
m+DijVhXN7T8DsFdtsYPJg93Lkv+PAXF0TwyAR19DV2MOh3MrYwSSbEqxwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOgKCe6boR52M4+r+/yTws7uRX1KMB8GA1UdIwQY
MBaAFJVdvrvBBwuZ5Ps3IRffJiADhgPpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFYyLXU4RUhDNW5rLXpjaEY5OG1JQU9HQS1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9kZGFjMTEtMmU2My00YWFlLTk0MGYt
MDIzMjAzOTQ3ZDlkLzEvNkFvSjdwdWhIbll6ajZ2N19KUEN6dTVGZlVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9kZGFjMTEtMmU2My00YWFlLTk0MGYtMDIzMjAzOTQ3ZDlk
LzEvbFYyLXU4RUhDNW5rLXpjaEY5OG1JQU9HQS1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCweS8AwQF
1BSgAwQE2Q5wMA0EAgACMAcDBQAgAUC4MA0GCSqGSIb3DQEBCwUAA4IBAQAw3Lgy
5KfSvlYb2yH8zpqpB4Ulj0w/tt4o2N2+yiYWZKkFmzS0OkhgkP3cYOwR6CwMTizZ
RbFdZxmhYdUJPTpUPJYGzvtZRpFBUUne3hBcqKEH569P60RCZrH2D/wOCFp7cD3l
nNtpGkGZo8ZjtUkjPs0aCeUdQQtM1Y25dzf6z4SOiszaT2B7a3CMJgW97QByyvZM
Dan9VMtI9fvRHFL6xFzLYn+bqmJr+X1GYpFpFWSIwyr8tuS+rvXw4g4FdDBl9mPt
+0kjVtl6W2uZKJbTBhOVjOlgGODyyYEGw3mX5gaXpU0RFul0QO/DzplXMW7QMuA3
ozaFf33Ta0Hj+TsI
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:12:16 2025 by rpki-client