Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/6H0jPgZ40-qSdMrUIpXtjHxd2VA.roa
File: 6H0jPgZ40-qSdMrUIpXtjHxd2VA.roa (raw, json)
Hash identifier: bKX7Wm+km5brNebStx9trC9lQWDSYN+gli61DR2OFCc=
Subject key identifier: E8:7D:23:3E:06:78:D3:EA:92:74:CA:D4:22:95:ED:8C:7C:5D:D9:50
Certificate issuer: /CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Certificate serial: 0194266BEB176A1355600918B9CC7B8906BF
Authority key identifier: 1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/6H0jPgZ40-qSdMrUIpXtjHxd2VA.roa
Signing time: Thu 02 Jan 2025 09:49:54 +0000
ROA not before: Thu 02 Jan 2025 09:49:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 2.255.190.0/24 maxlen: 24
2.255.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.mft
rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:eb:17:6a:13:55:60:09:18:b9:cc:7b:89:06:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Validity
Not Before: Jan 2 09:49:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e87d233e0678d3ea9274cad42295ed8c7c5dd950
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:bf:32:dc:9c:be:e9:f6:dc:89:26:ba:c2:7e:
3b:eb:13:4e:ff:3e:5c:7a:ad:3f:a3:46:93:25:ae:
a8:38:35:48:de:85:6f:94:da:66:ff:a8:89:a8:f6:
66:9c:69:ae:4f:88:19:15:34:bc:33:40:9c:18:c7:
41:0c:34:9d:e6:ee:ea:54:e7:b0:df:57:31:53:dd:
da:41:f0:c7:47:80:0c:2a:e1:d8:43:74:f5:fe:4b:
05:68:d6:00:97:dc:1e:69:59:79:32:ef:04:dd:af:
5d:31:0b:6b:2f:23:5b:a3:d5:df:55:57:cf:08:4b:
c1:1f:b1:c6:a6:4b:b0:16:02:e5:71:49:6c:40:fc:
50:a7:e4:3f:ea:4f:a8:b8:cb:49:6d:2f:9b:06:54:
46:ef:56:98:91:79:7d:ac:2d:a2:f9:df:ce:05:ae:
b1:5f:99:6d:70:92:a7:28:27:39:2b:ec:85:ab:a1:
a4:21:8f:83:41:f2:ae:53:27:f3:73:5b:f5:9b:f5:
20:94:77:36:c4:3e:8f:eb:ca:df:c3:79:69:ff:84:
2d:7d:fe:d8:0c:ce:be:9a:3e:85:8c:12:f2:e0:9d:
13:21:59:d9:89:6a:b3:5a:bc:8d:13:88:f9:3b:79:
fb:a7:75:14:51:6f:df:16:35:62:77:63:30:1a:54:
e6:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:7D:23:3E:06:78:D3:EA:92:74:CA:D4:22:95:ED:8C:7C:5D:D9:50
X509v3 Authority Key Identifier:
keyid:1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/6H0jPgZ40-qSdMrUIpXtjHxd2VA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.255.190.0/23
Signature Algorithm: sha256WithRSAEncryption
26:1f:8b:40:4d:1f:6f:de:a3:6e:a8:09:df:5e:31:32:ca:78:
64:35:b0:91:fd:ff:54:67:57:37:72:b6:43:df:a3:1f:c6:3e:
3f:a4:64:fb:f9:c5:e6:d1:cb:75:0a:0a:99:10:87:6b:37:a5:
44:d3:06:7b:d7:98:04:ce:17:1a:40:dc:aa:98:d6:5f:4b:7f:
9d:7e:d6:3a:9a:a3:cf:a5:87:45:70:47:e1:17:73:5d:32:7e:
a4:e8:53:02:28:9c:a1:9d:03:ff:20:36:cf:f5:07:7b:8b:6b:
c1:cb:9a:0a:c5:5e:1d:be:06:07:d4:89:25:ec:a5:1a:1b:01:
0a:c6:35:3d:9a:44:f1:51:26:82:7d:52:4f:82:c6:1e:ef:3e:
5c:b2:91:8f:3c:fc:41:0a:9a:6f:ba:c3:de:c7:c7:87:26:44:
8d:39:82:bc:a9:aa:00:cf:85:df:de:3f:64:05:38:7d:f6:c5:
d7:7d:22:d7:a5:e2:60:ad:74:96:46:32:58:eb:af:e6:f7:52:
86:7f:e1:d7:d7:2a:ea:21:b6:82:75:1d:dd:25:bf:01:9a:e9:
7b:90:66:25:a0:b5:78:ff:8d:20:12:a2:8f:da:86:48:c6:39:
e2:84:e5:eb:33:0b:8e:87:30:cc:a9:4b:ba:1a:a5:99:15:fa:
3c:d0:46:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma+sXahNVYAkYucx7iQa/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNjgxMzhkNGVjMmVhNTFjYWNlZjA5ZmYxMDU4YTM3MGE1
YmUxOTAwHhcNMjUwMTAyMDk0OTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODdkMjMzZTA2NzhkM2VhOTI3NGNhZDQyMjk1ZWQ4YzdjNWRkOTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3b8y3Jy+6fbciSa6wn476xNO/z5c
eq0/o0aTJa6oODVI3oVvlNpm/6iJqPZmnGmuT4gZFTS8M0CcGMdBDDSd5u7qVOew
31cxU93aQfDHR4AMKuHYQ3T1/ksFaNYAl9weaVl5Mu8E3a9dMQtrLyNbo9XfVVfP
CEvBH7HGpkuwFgLlcUlsQPxQp+Q/6k+ouMtJbS+bBlRG71aYkXl9rC2i+d/OBa6x
X5ltcJKnKCc5K+yFq6GkIY+DQfKuUyfzc1v1m/UglHc2xD6P68rfw3lp/4Qtff7Y
DM6+mj6FjBLy4J0TIVnZiWqzWryNE4j5O3n7p3UUUW/fFjVid2MwGlTm0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOh9Iz4GeNPqknTK1CKV7Yx8XdlQMB8GA1UdIwQY
MBaAFB9oE41OwupRys7wn/EFijcKW+GQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgt
NjA4NTY0ODM5ZmQwLzEvNkgwalBnWjQwLXFTZE1yVUlwWHRqSHhkMlZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgtNjA4NTY0ODM5ZmQw
LzEvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBAv++MA0G
CSqGSIb3DQEBCwUAA4IBAQAmH4tATR9v3qNuqAnfXjEyynhkNbCR/f9UZ1c3crZD
36Mfxj4/pGT7+cXm0ct1CgqZEIdrN6VE0wZ715gEzhcaQNyqmNZfS3+dftY6mqPP
pYdFcEfhF3NdMn6k6FMCKJyhnQP/IDbP9Qd7i2vBy5oKxV4dvgYH1Ikl7KUaGwEK
xjU9mkTxUSaCfVJPgsYe7z5cspGPPPxBCppvusPex8eHJkSNOYK8qaoAz4Xf3j9k
BTh99sXXfSLXpeJgrXSWRjJY66/m91KGf+HX1yrqIbaCdR3dJb8Bmul7kGYloLV4
/40gEqKP2oZIxjnihOXrMwuOhzDMqUu6GqWZFfo80EYm
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:51 2025 by rpki-client