Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/OgjliE6pWri7ucI5Jq2KFtp62gI.roa
File: OgjliE6pWri7ucI5Jq2KFtp62gI.roa (raw, json)
Hash identifier: Hf4JrLQhIUJxZqZbto4mhLJBjxWqH58JmSQYEwumMM8=
Subject key identifier: 3A:08:E5:88:4E:A9:5A:B8:BB:B9:C2:39:26:AD:8A:16:DA:7A:DA:02
Certificate issuer: /CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Certificate serial: 0194EF19EA68A4643970F985329629D6AE38
Authority key identifier: 6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/OgjliE6pWri7ucI5Jq2KFtp62gI.roa
Signing time: Mon 10 Feb 2025 09:04:00 +0000
ROA not before: Mon 10 Feb 2025 09:04:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212988
IP address blocks: 185.194.26.0/24 maxlen: 24
185.194.27.0/24 maxlen: 24
185.219.218.0/24 maxlen: 24
185.221.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/a6MYZZd0KpJs0mUE4e12-FQ_2yY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/a6MYZZd0KpJs0mUE4e12-FQ_2yY.mft
rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ef:19:ea:68:a4:64:39:70:f9:85:32:96:29:d6:ae:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Validity
Not Before: Feb 10 09:04:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a08e5884ea95ab8bbb9c23926ad8a16da7ada02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a8:63:4e:a1:96:dc:55:92:ad:d2:0a:35:f1:
b2:e2:3b:a8:a3:40:f5:0d:ec:a9:46:96:d0:5d:da:
88:7f:de:7e:4e:59:b7:d3:7f:b3:4d:bc:bc:e4:3b:
a6:4d:89:ef:f7:fb:89:d8:7d:db:d7:02:98:d3:4e:
b9:b6:80:04:f8:80:ff:7f:5c:ed:b8:3f:47:9d:bb:
42:9a:42:cf:36:2b:6a:9a:2f:50:e3:8e:db:2c:0b:
82:c0:13:5f:33:2e:8a:fd:9c:41:a6:ca:25:28:3c:
bf:23:1d:2e:ba:90:50:5b:19:c9:a1:64:2e:74:16:
b9:45:56:3e:63:43:1b:c3:4c:6a:c7:ee:e2:5e:52:
3e:59:f3:43:62:b8:11:3a:c5:52:ba:fc:01:2f:ef:
7b:5a:59:c0:58:3a:c6:7d:56:e5:94:83:05:08:17:
f7:80:b1:49:ca:cd:f2:55:35:9c:b4:57:50:b8:4a:
1b:fa:3b:c2:81:7a:c9:26:c4:62:f4:3c:30:00:21:
53:bb:06:44:08:c1:18:5c:57:3a:10:67:8b:11:de:
33:59:0b:1d:20:0f:7d:54:dc:40:89:ec:18:30:a3:
68:c8:be:de:fc:2d:de:4b:50:6c:4b:b2:76:29:2d:
5b:83:9c:4b:03:a2:96:ab:06:8f:b6:dc:52:1b:87:
f9:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:08:E5:88:4E:A9:5A:B8:BB:B9:C2:39:26:AD:8A:16:DA:7A:DA:02
X509v3 Authority Key Identifier:
keyid:6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/OgjliE6pWri7ucI5Jq2KFtp62gI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/a6MYZZd0KpJs0mUE4e12-FQ_2yY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.26.0/23
185.219.218.0/24
185.221.188.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:fb:9f:f9:90:15:8a:74:b5:06:41:f4:ea:7d:9b:12:00:c0:
d6:6b:ba:1c:fc:6e:87:84:c2:59:8f:04:72:e4:24:47:a6:9c:
16:29:b4:0f:d2:41:d4:0f:38:90:32:7a:10:d0:55:5c:c1:b4:
5b:50:c2:66:82:65:8a:c1:80:d0:1e:37:48:d6:e7:8f:f0:cd:
4c:16:45:f8:6c:cd:db:6b:60:23:e4:f3:39:b2:b5:63:65:57:
0d:46:46:bb:18:c5:9f:51:fe:40:5b:f8:77:c5:36:2e:ea:86:
3d:5c:cd:38:41:37:46:5c:9a:4c:42:51:e0:f7:e4:d1:04:85:
16:10:e4:52:13:3a:ba:04:76:cc:a9:d9:01:4f:0a:19:8d:03:
a1:0e:61:45:25:66:83:cf:fa:5f:d4:f5:97:28:d7:f3:ff:8c:
5a:ad:9c:13:8f:92:6a:c1:5b:4f:16:2c:da:65:c2:cf:cf:a7:
db:31:16:3f:2e:d4:67:0e:cd:fb:2c:65:3f:ed:a2:37:71:2b:
d3:f4:c3:b1:a5:7a:42:30:b0:f8:29:03:08:6a:ab:44:88:52:
62:ca:96:ff:5d:2a:54:9b:80:f1:f8:7b:25:26:94:61:ca:d8:
0c:f8:43:f3:76:e1:8d:ba:39:17:ad:3f:16:37:f9:72:d2:97:
8e:9d:0c:c3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZTvGepopGQ5cPmFMpYp1q44MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYTMxODY1OTc3NDJhOTI2Y2QyNjUwNGUxZWQ3NmY4NTQz
ZmRiMjYwHhcNMjUwMjEwMDkwNDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTA4ZTU4ODRlYTk1YWI4YmJiOWMyMzkyNmFkOGExNmRhN2FkYTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqhjTqGW3FWSrdIKNfGy4juoo0D1
DeypRpbQXdqIf95+Tlm303+zTby85DumTYnv9/uJ2H3b1wKY0065toAE+ID/f1zt
uD9HnbtCmkLPNitqmi9Q447bLAuCwBNfMy6K/ZxBpsolKDy/Ix0uupBQWxnJoWQu
dBa5RVY+Y0Mbw0xqx+7iXlI+WfNDYrgROsVSuvwBL+97WlnAWDrGfVbllIMFCBf3
gLFJys3yVTWctFdQuEob+jvCgXrJJsRi9DwwACFTuwZECMEYXFc6EGeLEd4zWQsd
IA99VNxAiewYMKNoyL7e/C3eS1BsS7J2KS1bg5xLA6KWqwaPttxSG4f52wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDoI5YhOqVq4u7nCOSatihbaetoCMB8GA1UdIwQY
MBaAFGujGGWXdCqSbNJlBOHtdvhUP9smMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2Mt
YmMwMDdmMmRhYzI0LzEvT2dqbGlFNnBXcmk3dWNJNUpxMktGdHA2MmdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2MtYmMwMDdmMmRhYzI0
LzEvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBucIaAwQA
udvaAwQAud28MA0GCSqGSIb3DQEBCwUAA4IBAQAu+5/5kBWKdLUGQfTqfZsSAMDW
a7oc/G6HhMJZjwRy5CRHppwWKbQP0kHUDziQMnoQ0FVcwbRbUMJmgmWKwYDQHjdI
1ueP8M1MFkX4bM3ba2Aj5PM5srVjZVcNRka7GMWfUf5AW/h3xTYu6oY9XM04QTdG
XJpMQlHg9+TRBIUWEORSEzq6BHbMqdkBTwoZjQOhDmFFJWaDz/pf1PWXKNfz/4xa
rZwTj5JqwVtPFizaZcLPz6fbMRY/LtRnDs37LGU/7aI3cSvT9MOxpXpCMLD4KQMI
aqtEiFJiypb/XSpUm4Dx+HslJpRhytgM+EPzduGNujkXrT8WN/ly0peOnQzD
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:38:53 2025 by rpki-client