Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/8qrXy8Q6IOvmRFa2BdiyfUkrMzE.roa
File: 8qrXy8Q6IOvmRFa2BdiyfUkrMzE.roa (raw, json)
Hash identifier: qRXi9zsrTMdGbyvne1sTEgP/YtX/quprNa5rw9UyfMw=
Subject key identifier: F2:AA:D7:CB:C4:3A:20:EB:E6:44:56:B6:05:D8:B2:7D:49:2B:33:31
Certificate issuer: /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial: 0194266BCA957E4C0BCC6C77A3068F91D7D0
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/8qrXy8Q6IOvmRFa2BdiyfUkrMzE.roa
Signing time: Thu 02 Jan 2025 09:49:45 +0000
ROA not before: Thu 02 Jan 2025 09:49:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199437
IP address blocks: 188.21.6.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.mft
rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:ca:95:7e:4c:0b:cc:6c:77:a3:06:8f:91:d7:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Validity
Not Before: Jan 2 09:49:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f2aad7cbc43a20ebe64456b605d8b27d492b3331
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a9:9c:6c:a0:30:c2:75:01:94:0d:97:dd:5b:
01:e1:6a:7e:d9:c9:2d:40:b2:40:04:c9:8f:c2:1d:
04:7a:81:1b:e1:d9:67:9e:bb:7d:b0:a4:67:71:3f:
9c:8e:27:69:97:4a:79:81:eb:be:fe:27:bb:c9:0d:
c3:f0:6c:d1:99:e6:b8:d3:2d:a8:79:d9:45:63:5c:
be:12:76:1f:0a:58:65:ac:86:7b:c0:53:c8:77:c3:
97:cd:57:eb:ec:4c:57:3c:76:dc:4f:1e:c1:a6:17:
45:8a:54:59:ca:a3:af:8e:39:d2:1d:7f:d1:08:95:
46:35:e0:0b:80:72:2c:52:b7:b0:71:e6:0b:45:1f:
31:cf:59:cd:0b:09:61:2e:f5:1e:1c:3e:46:ca:2e:
f5:81:85:af:26:cf:f9:48:c5:2f:c4:1b:e9:43:3b:
1c:b6:69:56:ad:2e:ab:12:2b:7c:7f:88:62:fa:6d:
fb:94:2a:10:ac:08:ae:7d:c4:d5:10:78:b0:07:f7:
27:66:41:d4:6a:57:e3:8a:79:02:93:91:e9:7e:0b:
b4:01:cf:e8:f2:b1:03:ad:36:00:13:3b:a1:f3:ee:
8f:62:b8:22:d9:0d:85:95:db:bc:91:68:76:b9:2f:
b6:99:70:05:e4:ab:fa:b2:a5:9f:65:32:1a:70:d0:
99:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:AA:D7:CB:C4:3A:20:EB:E6:44:56:B6:05:D8:B2:7D:49:2B:33:31
X509v3 Authority Key Identifier:
keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/8qrXy8Q6IOvmRFa2BdiyfUkrMzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.21.6.0/24
Signature Algorithm: sha256WithRSAEncryption
24:11:2a:64:e4:fc:4e:a4:b2:bd:04:a3:0e:4a:bb:8f:63:cf:
36:2a:07:74:5d:b4:28:00:03:9a:82:65:71:f3:ac:fe:91:02:
63:9e:97:86:ba:68:e0:78:33:39:75:10:aa:4e:95:dc:a3:20:
7c:eb:00:ab:30:ee:b9:13:2e:fc:e1:39:3f:82:fc:6d:09:89:
1e:d3:5b:50:7b:67:d4:2b:f4:10:61:f9:3f:7a:af:10:8e:9e:
e7:2a:85:fc:c7:6d:19:80:73:8b:7a:8c:65:3d:16:6e:1d:df:
a0:68:a1:35:bd:39:60:08:8f:96:04:0c:17:56:31:97:ae:52:
78:0d:69:9e:5c:cc:68:ad:36:b4:b4:7a:d7:3f:0f:99:7f:e7:
2d:f3:48:d6:79:69:fc:86:c9:2f:02:6c:0e:dd:cc:6f:55:e7:
70:32:06:64:c7:72:ae:d5:ff:a8:05:bc:a2:5b:0a:1e:4d:61:
78:ed:27:04:4a:2a:1f:33:9b:e1:20:92:b7:90:c2:58:3e:64:
9e:bf:a0:ae:72:1b:a8:9e:10:fd:a0:ce:01:ab:64:89:f4:cd:
f3:44:ff:74:e4:a6:9f:53:f6:90:45:f8:8e:a4:83:ba:f2:48:
cd:fb:dc:12:96:8d:f2:40:c8:04:2e:ee:07:df:c9:9c:f8:8a:
08:ea:cc:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma8qVfkwLzGx3owaPkdfQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjUwMTAyMDk0OTQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmFhZDdjYmM0M2EyMGViZTY0NDU2YjYwNWQ4YjI3ZDQ5MmIzMzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6mcbKAwwnUBlA2X3VsB4Wp+2ckt
QLJABMmPwh0EeoEb4dlnnrt9sKRncT+cjidpl0p5geu+/ie7yQ3D8GzRmea40y2o
edlFY1y+EnYfClhlrIZ7wFPId8OXzVfr7ExXPHbcTx7BphdFilRZyqOvjjnSHX/R
CJVGNeALgHIsUrewceYLRR8xz1nNCwlhLvUeHD5Gyi71gYWvJs/5SMUvxBvpQzsc
tmlWrS6rEit8f4hi+m37lCoQrAiufcTVEHiwB/cnZkHUalfjinkCk5Hpfgu0Ac/o
8rEDrTYAEzuh8+6PYrgi2Q2Fldu8kWh2uS+2mXAF5Kv6sqWfZTIacNCZJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPKq18vEOiDr5kRWtgXYsn1JKzMxMB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEvOHFyWHk4UTZJT3ZtUkZhMkJkaXlmVWtyTXpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvBUGMA0G
CSqGSIb3DQEBCwUAA4IBAQAkESpk5PxOpLK9BKMOSruPY882Kgd0XbQoAAOagmVx
86z+kQJjnpeGumjgeDM5dRCqTpXcoyB86wCrMO65Ey784Tk/gvxtCYke01tQe2fU
K/QQYfk/eq8Qjp7nKoX8x20ZgHOLeoxlPRZuHd+gaKE1vTlgCI+WBAwXVjGXrlJ4
DWmeXMxorTa0tHrXPw+Zf+ct80jWeWn8hskvAmwO3cxvVedwMgZkx3Ku1f+oBbyi
WwoeTWF47ScESiofM5vhIJK3kMJYPmSev6CuchuonhD9oM4Bq2SJ9M3zRP905Kaf
U/aQRfiOpIO68kjN+9wSlo3yQMgELu4H38mc+IoI6swm
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:34:31 2025 by rpki-client