Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/hZs6PbiV1FHRQvgoNjIWkApb1x4.roa
File: hZs6PbiV1FHRQvgoNjIWkApb1x4.roa (raw, json)
Hash identifier: slbvJPVch+dH2HvE/UBBZulZ2jCavWoY4Ccie6OcAiU=
Subject key identifier: 85:9B:3A:3D:B8:95:D4:51:D1:42:F8:28:36:32:16:90:0A:5B:D7:1E
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 0194282533056C8E0DC36E78D923612D68C0
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/hZs6PbiV1FHRQvgoNjIWkApb1x4.roa
Signing time: Thu 02 Jan 2025 17:51:54 +0000
ROA not before: Thu 02 Jan 2025 17:51:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199967
IP address blocks: 62.216.84.0/24 maxlen: 24
62.216.85.0/24 maxlen: 24
62.216.86.0/24 maxlen: 24
62.216.87.0/24 maxlen: 24
62.216.88.0/24 maxlen: 24
62.216.89.0/24 maxlen: 24
62.216.90.0/24 maxlen: 24
62.216.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:33:05:6c:8e:0d:c3:6e:78:d9:23:61:2d:68:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Jan 2 17:51:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=859b3a3db895d451d142f828363216900a5bd71e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:bb:54:ff:ed:19:cf:77:55:bf:9c:e7:7a:00:
6e:21:b1:3f:3f:e1:38:bd:13:d1:af:fa:bb:84:17:
e5:07:36:e4:13:74:57:c7:55:e9:19:9b:07:6d:af:
1f:32:94:97:64:43:82:89:5f:0a:de:cb:ef:28:bd:
0b:24:d7:47:54:58:6e:98:d9:21:f0:dc:58:27:38:
48:7a:88:70:4f:fe:39:69:fe:75:39:6c:3b:75:09:
9c:ce:8d:97:83:9d:9b:91:74:4a:6e:41:d4:d3:47:
a4:ed:12:33:dc:6f:50:dd:f9:b9:57:38:5a:70:ed:
46:e5:bd:1e:05:e2:15:66:f4:dd:a2:6b:d4:4a:3f:
4b:1f:00:e5:7d:b9:85:e3:60:1b:1c:be:59:e0:a6:
d5:7b:de:4e:95:e3:69:9c:7e:11:35:14:32:36:bd:
f9:1e:ea:2a:7f:34:2c:1e:1d:27:7e:82:1a:92:44:
bf:62:fc:28:40:ff:9e:66:20:63:da:04:52:6c:1d:
bb:8e:52:59:21:38:4c:2f:dc:be:b1:2c:ba:16:09:
14:1a:97:09:5e:4c:37:48:b0:2b:01:94:e9:e0:fa:
fa:20:32:5c:4c:32:f6:ff:ad:a0:77:38:f0:ed:f4:
d7:67:a3:30:0c:68:98:c3:0d:20:fe:a3:d1:9b:7a:
be:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:9B:3A:3D:B8:95:D4:51:D1:42:F8:28:36:32:16:90:0A:5B:D7:1E
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/hZs6PbiV1FHRQvgoNjIWkApb1x4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.216.84.0-62.216.91.255
Signature Algorithm: sha256WithRSAEncryption
79:b3:e4:67:d3:c9:d6:72:30:81:2a:ac:d2:6b:ca:8f:c0:3e:
a5:4d:d5:13:03:c8:20:33:a0:af:2d:6b:21:02:69:be:7d:17:
b0:a2:0c:d6:3f:f3:f2:70:64:9e:87:20:42:1c:57:92:51:21:
55:f3:02:9f:e5:af:cf:b6:03:68:6a:35:64:d0:ec:35:86:51:
78:e0:dd:3b:43:f0:ba:1e:19:c9:f7:9e:31:99:23:43:21:93:
f8:80:a4:53:62:74:f0:29:58:9a:44:f5:f7:24:89:9b:68:86:
c7:8d:fd:19:39:3b:20:b8:02:bb:0d:e6:9b:1c:74:67:9a:39:
c0:41:14:06:68:55:42:7b:2c:06:3b:a5:d6:80:88:61:11:f7:
af:34:8c:49:5d:b0:dc:47:02:40:6d:67:ae:b2:07:bd:0a:01:
9f:7a:04:21:19:7a:1f:7f:1b:9b:15:a2:76:30:9c:50:e4:79:
ce:3a:d8:57:1a:20:90:41:f4:cc:37:7e:5a:91:cf:42:51:d6:
ae:3d:7a:81:e8:97:cd:86:6f:5c:f6:12:1f:5f:95:74:c4:9b:
a5:28:e6:50:58:5c:e6:8f:f0:30:f7:f6:b9:57:3d:1f:41:3f:
51:09:7d:db:06:c9:2c:0c:eb:ae:ac:77:60:27:77:20:b8:71:
21:07:52:d0
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQoJTMFbI4Nw2542SNhLWjAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjUwMTAyMTc1MTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTliM2EzZGI4OTVkNDUxZDE0MmY4MjgzNjMyMTY5MDBhNWJkNzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbtU/+0Zz3dVv5znegBuIbE/P+E4
vRPRr/q7hBflBzbkE3RXx1XpGZsHba8fMpSXZEOCiV8K3svvKL0LJNdHVFhumNkh
8NxYJzhIeohwT/45af51OWw7dQmczo2Xg52bkXRKbkHU00ek7RIz3G9Q3fm5Vzha
cO1G5b0eBeIVZvTdomvUSj9LHwDlfbmF42AbHL5Z4KbVe95OleNpnH4RNRQyNr35
HuoqfzQsHh0nfoIakkS/YvwoQP+eZiBj2gRSbB27jlJZIThML9y+sSy6FgkUGpcJ
Xkw3SLArAZTp4Pr6IDJcTDL2/62gdzjw7fTXZ6MwDGiYww0g/qPRm3q+2wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIWbOj24ldRR0UL4KDYyFpAKW9ceMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvaFpzNlBiaVYxRkhSUXZnb05qSVdrQXBiMXg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAI+2FQD
BAI+2FgwDQYJKoZIhvcNAQELBQADggEBAHmz5GfTydZyMIEqrNJryo/APqVN1RMD
yCAzoK8tayECab59F7CiDNY/8/JwZJ6HIEIcV5JRIVXzAp/lr8+2A2hqNWTQ7DWG
UXjg3TtD8LoeGcn3njGZI0Mhk/iApFNidPApWJpE9fckiZtohseN/Rk5OyC4ArsN
5pscdGeaOcBBFAZoVUJ7LAY7pdaAiGER9680jEldsNxHAkBtZ66yB70KAZ96BCEZ
eh9/G5sVonYwnFDkec462FcaIJBB9Mw3flqRz0JR1q49eoHol82Gb1z2Eh9flXTE
m6Uo5lBYXOaP8DD39rlXPR9BP1EJfdsGySwM666sd2AndyC4cSEHUtA=
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:42:01 2025 by rpki-client