Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/22392e-aa67-4588-b809-ef1aaaabfe2b/1/CkA5P7l5ePDJ8YtVI5RwljhHN3I.roa
File: CkA5P7l5ePDJ8YtVI5RwljhHN3I.roa (raw, json)
Hash identifier: Rv4CNPYpNEer366FC8TAHEAISsXVQ6rJf8w+ppgPPgs=
Subject key identifier: 0A:40:39:3F:B9:79:78:F0:C9:F1:8B:55:23:94:70:96:38:47:37:72
Certificate issuer: /CN=6bc1ad1676a2a32a45a0cf392f7f9c5ea68e2dea
Certificate serial: 01942144165A2A81A440805DA5B68A63BC91
Authority key identifier: 6B:C1:AD:16:76:A2:A3:2A:45:A0:CF:39:2F:7F:9C:5E:A6:8E:2D:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8GtFnaioypFoM85L3-cXqaOLeo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/22392e-aa67-4588-b809-ef1aaaabfe2b/1/CkA5P7l5ePDJ8YtVI5RwljhHN3I.roa
Signing time: Wed 01 Jan 2025 09:48:17 +0000
ROA not before: Wed 01 Jan 2025 09:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33867
IP address blocks: 195.248.64.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/22392e-aa67-4588-b809-ef1aaaabfe2b/1/a8GtFnaioypFoM85L3-cXqaOLeo.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/22392e-aa67-4588-b809-ef1aaaabfe2b/1/a8GtFnaioypFoM85L3-cXqaOLeo.mft
rsync://rpki.ripe.net/repository/DEFAULT/a8GtFnaioypFoM85L3-cXqaOLeo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:16:5a:2a:81:a4:40:80:5d:a5:b6:8a:63:bc:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc1ad1676a2a32a45a0cf392f7f9c5ea68e2dea
Validity
Not Before: Jan 1 09:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a40393fb97978f0c9f18b552394709638473772
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:42:ac:d7:80:7e:6e:2b:72:b3:bc:db:00:c3:
1b:72:84:ef:c8:26:bb:b6:0a:b2:67:a8:65:b9:02:
70:8f:97:af:00:d9:53:04:9f:89:c7:a3:3b:31:41:
cc:86:c1:f5:d8:ab:7c:66:4a:b3:ee:69:61:6b:de:
d7:8b:18:b6:1c:a9:95:e4:7d:fd:97:7e:ad:a2:57:
3a:99:b0:40:d5:c1:c5:fc:70:bf:e7:4e:9b:34:b6:
f6:95:c2:52:a7:1c:15:64:13:e5:7b:47:93:75:6f:
d5:7b:95:57:53:8a:a4:f6:a4:38:0f:3a:7d:be:a9:
0d:18:c5:91:0d:4c:21:44:df:d8:0c:04:b9:46:44:
2c:b3:cb:e2:e1:6d:96:a5:39:b7:36:2e:57:d8:d5:
94:50:f6:9f:8d:b7:00:89:8c:52:6d:0f:1b:b3:50:
4e:21:23:82:5a:76:41:f9:76:da:ec:44:e3:a7:fa:
3a:0c:d8:e6:45:a8:b6:42:94:0b:28:eb:20:3c:85:
77:47:9c:9e:d8:2e:8f:0a:87:98:6c:55:a2:19:60:
28:27:eb:d2:21:e8:6f:c4:d7:c6:a6:06:e1:cf:06:
c0:1a:9f:57:c5:1a:fd:d5:43:3a:b6:3e:2a:d9:9a:
d8:71:79:b6:18:cb:d0:59:da:0d:ba:d8:f3:f4:f4:
aa:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:40:39:3F:B9:79:78:F0:C9:F1:8B:55:23:94:70:96:38:47:37:72
X509v3 Authority Key Identifier:
keyid:6B:C1:AD:16:76:A2:A3:2A:45:A0:CF:39:2F:7F:9C:5E:A6:8E:2D:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8GtFnaioypFoM85L3-cXqaOLeo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/22392e-aa67-4588-b809-ef1aaaabfe2b/1/CkA5P7l5ePDJ8YtVI5RwljhHN3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/22392e-aa67-4588-b809-ef1aaaabfe2b/1/a8GtFnaioypFoM85L3-cXqaOLeo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.248.64.0/24
Signature Algorithm: sha256WithRSAEncryption
84:f9:4e:55:19:dc:db:64:5f:ab:3e:9e:c8:16:8a:42:57:e9:
0d:52:39:9c:9f:1f:cb:29:86:ff:51:e6:93:3e:94:28:45:b7:
07:e3:64:a6:a9:8b:0d:30:f8:bc:f9:a0:1b:2f:8a:82:e2:76:
dd:a5:a6:14:ec:a2:02:53:40:ba:2e:9b:df:94:20:45:00:56:
7b:66:68:5a:4d:5c:e0:4d:db:ef:6e:8d:c1:5c:f3:5f:b9:fc:
9e:64:b9:44:6d:82:4d:1e:fe:45:a8:78:e4:34:f5:35:ab:48:
ed:8d:26:0d:f6:71:c8:41:1b:63:ec:97:cc:5f:c7:49:5d:4d:
ad:c1:fa:31:6a:38:d9:e8:e0:2e:9a:25:52:64:37:0f:d7:e8:
c2:ba:f5:be:57:19:d8:7e:a4:d3:33:0b:bb:a4:6a:b7:e6:45:
5e:c4:03:b4:dd:f3:3a:05:ac:72:44:c9:ab:07:f3:ec:09:a9:
26:92:7c:fe:77:8d:96:51:ab:f6:a0:09:ab:63:c2:4e:19:b2:
58:b5:16:d3:0c:e3:53:f7:ed:32:05:25:c6:6c:6f:ad:a4:5a:
69:1c:a8:7c:63:b1:d6:25:bc:ca:92:bc:a8:28:0a:e4:3d:da:
a7:9e:c9:33:f4:62:35:c4:8f:fc:53:84:48:ef:a8:f1:7f:07:
2b:1b:85:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRBZaKoGkQIBdpbaKY7yRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzFhZDE2NzZhMmEzMmE0NWEwY2YzOTJmN2Y5YzVlYTY4
ZTJkZWEwHhcNMjUwMTAxMDk0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTQwMzkzZmI5Nzk3OGYwYzlmMThiNTUyMzk0NzA5NjM4NDczNzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUKs14B+bitys7zbAMMbcoTvyCa7
tgqyZ6hluQJwj5evANlTBJ+Jx6M7MUHMhsH12Kt8Zkqz7mlha97Xixi2HKmV5H39
l36tolc6mbBA1cHF/HC/506bNLb2lcJSpxwVZBPle0eTdW/Ve5VXU4qk9qQ4Dzp9
vqkNGMWRDUwhRN/YDAS5RkQss8vi4W2WpTm3Ni5X2NWUUPafjbcAiYxSbQ8bs1BO
ISOCWnZB+Xba7ETjp/o6DNjmRai2QpQLKOsgPIV3R5ye2C6PCoeYbFWiGWAoJ+vS
IehvxNfGpgbhzwbAGp9XxRr91UM6tj4q2ZrYcXm2GMvQWdoNutjz9PSqgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFApAOT+5eXjwyfGLVSOUcJY4RzdyMB8GA1UdIwQY
MBaAFGvBrRZ2oqMqRaDPOS9/nF6mji3qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThHdEZuYWlveXBGb004NUwzLWNYcWFPTGVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8yMjM5MmUtYWE2Ny00NTg4LWI4MDkt
ZWYxYWFhYWJmZTJiLzEvQ2tBNVA3bDVlUERKOFl0Vkk1UndsamhITjNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8yMjM5MmUtYWE2Ny00NTg4LWI4MDktZWYxYWFhYWJmZTJi
LzEvYThHdEZuYWlveXBGb004NUwzLWNYcWFPTGVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw/hAMA0G
CSqGSIb3DQEBCwUAA4IBAQCE+U5VGdzbZF+rPp7IFopCV+kNUjmcnx/LKYb/UeaT
PpQoRbcH42SmqYsNMPi8+aAbL4qC4nbdpaYU7KICU0C6LpvflCBFAFZ7ZmhaTVzg
Tdvvbo3BXPNfufyeZLlEbYJNHv5FqHjkNPU1q0jtjSYN9nHIQRtj7JfMX8dJXU2t
wfoxajjZ6OAumiVSZDcP1+jCuvW+VxnYfqTTMwu7pGq35kVexAO03fM6BaxyRMmr
B/PsCakmknz+d42WUav2oAmrY8JOGbJYtRbTDONT9+0yBSXGbG+tpFppHKh8Y7HW
JbzKkryoKArkPdqnnskz9GI1xI/8U4RI76jxfwcrG4Uj
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:54:55 2025 by rpki-client