Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/28debb-3a59-4ee1-bd37-84ed91ec1c65/1/CQJ6ohZvy-FZZPX13I33PQeWztA.roa
File: CQJ6ohZvy-FZZPX13I33PQeWztA.roa (raw, json)
Hash identifier: nsudiYfFNFSH0ilCwJgap+Pn3CDxs0wAg3DCTTYrGPQ=
Subject key identifier: 09:02:7A:A2:16:6F:CB:E1:59:64:F5:F5:DC:8D:F7:3D:07:96:CE:D0
Certificate issuer: /CN=30706b2b95588d780e36ef82a8f54a317d5869e2
Certificate serial: 019425FCAA000E3F726561165ACAD6D45283
Authority key identifier: 30:70:6B:2B:95:58:8D:78:0E:36:EF:82:A8:F5:4A:31:7D:58:69:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MHBrK5VYjXgONu-CqPVKMX1YaeI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/28debb-3a59-4ee1-bd37-84ed91ec1c65/1/CQJ6ohZvy-FZZPX13I33PQeWztA.roa
Signing time: Thu 02 Jan 2025 07:48:23 +0000
ROA not before: Thu 02 Jan 2025 07:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 185.64.6.0/24 maxlen: 24
2a10:2307:fffd::/48 maxlen: 48
2a10:2307:fffe::/48 maxlen: 48
2a10:2307:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/28debb-3a59-4ee1-bd37-84ed91ec1c65/1/MHBrK5VYjXgONu-CqPVKMX1YaeI.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/28debb-3a59-4ee1-bd37-84ed91ec1c65/1/MHBrK5VYjXgONu-CqPVKMX1YaeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MHBrK5VYjXgONu-CqPVKMX1YaeI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 10 Mar 2025 15:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:aa:00:0e:3f:72:65:61:16:5a:ca:d6:d4:52:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30706b2b95588d780e36ef82a8f54a317d5869e2
Validity
Not Before: Jan 2 07:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=09027aa2166fcbe15964f5f5dc8df73d0796ced0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:db:15:68:27:e5:82:35:f0:79:68:78:be:21:
3c:8a:6e:93:8f:7c:24:e1:59:f5:84:38:46:fb:a2:
61:a8:dc:28:c9:f4:91:1a:84:84:a5:27:94:38:f2:
6e:13:d3:a9:09:88:70:97:c6:d6:f0:c3:80:18:fd:
f8:4f:67:73:c0:5f:47:a9:0e:85:f3:6f:a7:27:f7:
81:9c:52:0c:8e:00:a0:6b:df:27:02:73:f8:22:3b:
80:ed:39:5a:d9:0e:40:bb:a1:f2:98:ef:19:76:11:
52:f1:43:02:22:27:12:d0:fa:f2:e2:88:ca:27:d6:
ea:2c:14:75:d9:0a:1c:84:d9:07:ec:37:e6:65:5a:
bb:7d:97:80:69:84:f4:b7:3a:7f:ca:a4:46:78:11:
33:b6:5c:cb:0d:68:46:bb:e9:64:12:14:e5:bd:16:
3b:84:dc:98:b0:e2:60:21:91:91:be:50:d0:fa:8a:
e0:97:90:5f:c6:fd:42:d9:7d:a4:b5:a5:fe:2b:57:
7e:22:ca:2c:c0:e1:d2:31:bb:e2:58:ac:1a:6a:28:
c6:4b:6e:a9:36:66:c4:8d:8b:a6:65:a0:fa:e2:e0:
f9:14:4e:37:ee:c2:38:b5:69:b5:60:93:91:01:9b:
86:2e:38:a5:f7:8a:8e:1b:71:e6:de:0a:4b:71:07:
92:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:02:7A:A2:16:6F:CB:E1:59:64:F5:F5:DC:8D:F7:3D:07:96:CE:D0
X509v3 Authority Key Identifier:
keyid:30:70:6B:2B:95:58:8D:78:0E:36:EF:82:A8:F5:4A:31:7D:58:69:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MHBrK5VYjXgONu-CqPVKMX1YaeI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/28debb-3a59-4ee1-bd37-84ed91ec1c65/1/CQJ6ohZvy-FZZPX13I33PQeWztA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/28debb-3a59-4ee1-bd37-84ed91ec1c65/1/MHBrK5VYjXgONu-CqPVKMX1YaeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.64.6.0/24
IPv6:
2a10:2307:fffd::-2a10:2307:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4d:49:89:26:42:e5:af:29:97:1b:9b:92:23:92:fe:d3:33:55:
c4:aa:ea:0a:96:86:78:00:83:dd:8c:c5:97:14:cb:39:2f:7d:
d4:09:63:67:50:9e:b4:75:6a:25:9e:2f:8a:96:a7:18:b5:c2:
41:b8:fa:10:7c:2b:fb:f4:06:75:f4:fc:29:55:a1:0f:7c:9d:
35:01:b1:7f:d0:1a:52:c0:e4:f1:eb:7b:ae:d1:d0:24:16:2d:
f5:7f:f9:c0:5a:16:da:41:52:21:6e:74:1e:77:7c:26:f9:20:
ab:ce:62:1d:4e:8f:d4:f8:ef:5b:9c:db:08:60:90:fa:57:44:
69:94:df:c5:57:5e:3b:bd:7c:e3:b3:1e:c3:35:d1:9d:07:98:
74:f0:e8:6d:fa:76:df:81:50:c5:60:c6:29:83:d6:a4:4f:fe:
16:9e:93:02:e7:fc:f5:f7:97:26:b5:44:f2:71:4a:7a:b9:98:
fb:20:ae:85:0b:f6:29:ff:d1:b9:a5:9c:20:f6:cb:46:04:f3:
cd:23:2c:ab:29:78:2e:a2:f4:19:5f:af:d7:b4:4e:a6:bd:6a:
62:bc:ae:fa:a4:c1:60:ff:37:74:3d:86:7c:ad:ad:bd:8b:81:
37:9c:fb:24:25:a5:26:4f:16:5f:35:af:8b:be:3e:17:fb:01:
e6:a8:b1:f6
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQl/KoADj9yZWEWWsrW1FKDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNzA2YjJiOTU1ODhkNzgwZTM2ZWY4MmE4ZjU0YTMxN2Q1
ODY5ZTIwHhcNMjUwMTAyMDc0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTAyN2FhMjE2NmZjYmUxNTk2NGY1ZjVkYzhkZjczZDA3OTZjZWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9sVaCflgjXweWh4viE8im6Tj3wk
4Vn1hDhG+6JhqNwoyfSRGoSEpSeUOPJuE9OpCYhwl8bW8MOAGP34T2dzwF9HqQ6F
82+nJ/eBnFIMjgCga98nAnP4IjuA7Tla2Q5Au6HymO8ZdhFS8UMCIicS0Pry4ojK
J9bqLBR12QochNkH7DfmZVq7fZeAaYT0tzp/yqRGeBEztlzLDWhGu+lkEhTlvRY7
hNyYsOJgIZGRvlDQ+orgl5Bfxv1C2X2ktaX+K1d+IsoswOHSMbviWKwaaijGS26p
NmbEjYumZaD64uD5FE437sI4tWm1YJORAZuGLjil94qOG3Hm3gpLcQeS4QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFAkCeqIWb8vhWWT19dyN9z0Hls7QMB8GA1UdIwQY
MBaAFDBwayuVWI14Djbvgqj1SjF9WGniMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUhCcks1VllqWGdPTnUtQ3FQVktNWDFZYWVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8yOGRlYmItM2E1OS00ZWUxLWJkMzct
ODRlZDkxZWMxYzY1LzEvQ1FKNm9oWnZ5LUZaWlBYMTNJMzNQUWVXenRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8yOGRlYmItM2E1OS00ZWUxLWJkMzctODRlZDkxZWMxYzY1
LzEvTUhCcks1VllqWGdPTnUtQ3FQVktNWDFZYWVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAuUAGMBgE
AgACMBIwEAMHACoQIwf//QMFAyoQIwAwDQYJKoZIhvcNAQELBQADggEBAE1JiSZC
5a8plxubkiOS/tMzVcSq6gqWhngAg92MxZcUyzkvfdQJY2dQnrR1aiWeL4qWpxi1
wkG4+hB8K/v0BnX0/ClVoQ98nTUBsX/QGlLA5PHre67R0CQWLfV/+cBaFtpBUiFu
dB53fCb5IKvOYh1Oj9T471uc2whgkPpXRGmU38VXXju9fOOzHsM10Z0HmHTw6G36
dt+BUMVgximD1qRP/haekwLn/PX3lya1RPJxSnq5mPsgroUL9in/0bmlnCD2y0YE
880jLKspeC6i9Blfr9e0Tqa9amK8rvqkwWD/N3Q9hnytrb2LgTec+yQlpSZPFl81
r4u+Phf7AeaosfY=
-----END CERTIFICATE-----
Generated at Sun Mar 9 18:26:58 2025 by rpki-client