Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/6IuPuaFxABeQWb6x_zYhmmCFESc.roa
File: 6IuPuaFxABeQWb6x_zYhmmCFESc.roa (raw, json)
Hash identifier: W1mppRccOYUUOAc+2G7QzTFEVMrDcNSAPPC+1HOfXM0=
Subject key identifier: E8:8B:8F:B9:A1:71:00:17:90:59:BE:B1:FF:36:21:9A:60:85:11:27
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019427B3B564CF8007DEF868A805DAE28F99
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/6IuPuaFxABeQWb6x_zYhmmCFESc.roa
Signing time: Thu 02 Jan 2025 15:47:56 +0000
ROA not before: Thu 02 Jan 2025 15:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396356
IP address blocks: 45.84.212.0/24 maxlen: 24
45.84.219.0/24 maxlen: 24
45.85.91.0/24 maxlen: 24
136.144.35.0/24 maxlen: 24
136.144.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:b5:64:cf:80:07:de:f8:68:a8:05:da:e2:8f:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 15:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e88b8fb9a17100179059beb1ff36219a60851127
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:98:bd:3f:0f:8a:fa:3b:21:ff:0a:28:a1:88:
75:df:f2:e9:43:02:a0:8c:3d:4e:7b:da:bf:5a:a4:
18:fb:c9:1a:42:03:1e:e8:1d:04:3d:53:1c:f5:32:
79:16:67:f8:06:0d:9f:3a:68:d5:6c:1b:d0:14:cd:
e0:ae:43:66:13:27:3a:24:99:ba:94:8f:5a:a3:76:
12:d3:5a:4c:0f:1c:66:a1:c5:70:f2:dd:30:b7:f3:
31:49:5b:e1:1b:7d:af:e5:21:3a:87:34:16:45:69:
a7:cb:f7:4e:8a:a3:a3:a9:e7:b4:0e:b8:b6:95:50:
6e:88:47:7e:be:5b:df:11:cb:34:85:11:3e:fe:81:
f7:dc:d0:a2:ea:82:cd:fc:45:91:5d:de:f8:ba:fd:
e6:bf:6c:ea:85:59:fc:83:60:17:b9:33:55:81:d9:
26:16:f4:bb:17:ab:4a:37:64:a2:ef:f9:b8:72:9d:
09:bb:f1:b5:4d:12:5f:e2:cc:31:9c:6d:8c:7a:0b:
e8:3e:47:1c:b6:6e:48:b3:45:c0:58:1f:b5:a4:a0:
01:84:e4:f6:a0:26:81:0b:63:91:2f:e1:93:d3:9c:
8f:cc:e0:f0:57:8d:2e:ba:29:ba:2e:4b:96:3c:fd:
6f:dd:7b:8c:f0:1e:3f:85:9f:e2:03:31:1b:2c:4a:
ca:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:8B:8F:B9:A1:71:00:17:90:59:BE:B1:FF:36:21:9A:60:85:11:27
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/6IuPuaFxABeQWb6x_zYhmmCFESc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.212.0/24
45.84.219.0/24
45.85.91.0/24
136.144.35.0/24
136.144.43.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:8d:cf:cc:90:00:2a:4c:df:3e:2c:f5:0c:6e:b2:9a:a0:9a:
d7:56:15:50:66:ae:f1:2e:26:e7:3f:8a:e0:65:b0:19:46:50:
80:bf:ea:12:af:dd:96:2e:c5:7a:a0:24:66:ff:1f:a7:00:8f:
7b:19:01:b2:06:83:db:ff:be:1a:f2:86:0f:98:cc:d7:60:a1:
1b:57:af:aa:64:e5:38:dc:d9:73:ce:b2:a1:1b:e9:b7:4a:36:
7f:8f:e3:67:6c:38:9c:4f:51:d9:9b:7e:f2:c4:a9:ef:59:8d:
ea:c0:a3:59:13:4a:22:a9:cc:16:00:e5:d2:28:5c:04:4c:71:
62:c3:51:6a:e0:55:2a:92:95:61:24:1b:55:26:b1:22:d3:b6:
78:46:11:cc:51:c7:86:e0:01:a2:4b:e1:3d:04:10:9d:54:a4:
26:f9:d3:c2:a3:a9:fe:ad:7d:ec:c4:b6:b0:cc:3c:f7:23:41:
e9:34:ce:ff:44:24:f7:50:b4:e7:79:7c:2a:8f:03:d6:3f:62:
3c:0d:a0:20:a8:e6:35:0c:9c:8e:c7:c4:f7:89:4e:4a:e2:dd:
9f:3c:42:81:92:e3:ea:b3:df:2c:8f:28:93:76:c9:23:7a:43:
b2:b7:fa:5d:f9:eb:b4:27:ee:90:fc:3b:6c:56:36:04:b6:22:
f1:de:f4:5c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQns7Vkz4AH3vhoqAXa4o+ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwMTAyMTU0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODhiOGZiOWExNzEwMDE3OTA1OWJlYjFmZjM2MjE5YTYwODUxMTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5i9Pw+K+jsh/woooYh13/LpQwKg
jD1Oe9q/WqQY+8kaQgMe6B0EPVMc9TJ5Fmf4Bg2fOmjVbBvQFM3grkNmEyc6JJm6
lI9ao3YS01pMDxxmocVw8t0wt/MxSVvhG32v5SE6hzQWRWmny/dOiqOjqee0Dri2
lVBuiEd+vlvfEcs0hRE+/oH33NCi6oLN/EWRXd74uv3mv2zqhVn8g2AXuTNVgdkm
FvS7F6tKN2Si7/m4cp0Ju/G1TRJf4swxnG2MegvoPkcctm5Is0XAWB+1pKABhOT2
oCaBC2ORL+GT05yPzODwV40uuim6LkuWPP1v3XuM8B4/hZ/iAzEbLErK5QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOiLj7mhcQAXkFm+sf82IZpghREnMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvNkl1UHVhRnhBQmVRV2I2eF96WWhtbUNGRVNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALVTUAwQA
LVTbAwQALVVbAwQAiJAjAwQAiJArMA0GCSqGSIb3DQEBCwUAA4IBAQAajc/MkAAq
TN8+LPUMbrKaoJrXVhVQZq7xLibnP4rgZbAZRlCAv+oSr92WLsV6oCRm/x+nAI97
GQGyBoPb/74a8oYPmMzXYKEbV6+qZOU43NlzzrKhG+m3SjZ/j+NnbDicT1HZm37y
xKnvWY3qwKNZE0oiqcwWAOXSKFwETHFiw1Fq4FUqkpVhJBtVJrEi07Z4RhHMUceG
4AGiS+E9BBCdVKQm+dPCo6n+rX3sxLawzDz3I0HpNM7/RCT3ULTneXwqjwPWP2I8
DaAgqOY1DJyOx8T3iU5K4t2fPEKBkuPqs98sjyiTdskjekOyt/pd+eu0J+6Q/Dts
VjYEtiLx3vRc
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:58:53 2025 by rpki-client