Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/28debb-3a59-4ee1-bd37-84ed91ec1c65/1/qAyS6UgRnbonyCG8G2WAnc_nGD8.roa
File: qAyS6UgRnbonyCG8G2WAnc_nGD8.roa (raw, json)
Hash identifier: U80b7Joby5I0WdUM0LGoeNRmJLv7IvwDUZz80x7LHFc=
Subject key identifier: A8:0C:92:E9:48:11:9D:BA:27:C8:21:BC:1B:65:80:9D:CF:E7:18:3F
Certificate issuer: /CN=30706b2b95588d780e36ef82a8f54a317d5869e2
Certificate serial: 019425FCA9C58675AA51F5B722E553989C2A
Authority key identifier: 30:70:6B:2B:95:58:8D:78:0E:36:EF:82:A8:F5:4A:31:7D:58:69:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MHBrK5VYjXgONu-CqPVKMX1YaeI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/28debb-3a59-4ee1-bd37-84ed91ec1c65/1/qAyS6UgRnbonyCG8G2WAnc_nGD8.roa
Signing time: Thu 02 Jan 2025 07:48:23 +0000
ROA not before: Thu 02 Jan 2025 07:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 185.64.6.0/24 maxlen: 24
2a10:2307:fffd::/48 maxlen: 48
2a10:2307:fffe::/48 maxlen: 48
2a10:2307:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/28debb-3a59-4ee1-bd37-84ed91ec1c65/1/MHBrK5VYjXgONu-CqPVKMX1YaeI.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/28debb-3a59-4ee1-bd37-84ed91ec1c65/1/MHBrK5VYjXgONu-CqPVKMX1YaeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MHBrK5VYjXgONu-CqPVKMX1YaeI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:a9:c5:86:75:aa:51:f5:b7:22:e5:53:98:9c:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30706b2b95588d780e36ef82a8f54a317d5869e2
Validity
Not Before: Jan 2 07:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a80c92e948119dba27c821bc1b65809dcfe7183f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:57:98:40:e7:e7:4b:e0:1b:cb:1b:c9:3a:1d:
31:11:a7:06:1e:c5:44:ad:01:9a:3c:83:4c:a7:f9:
de:24:fa:95:12:99:89:38:4b:74:c9:cd:f4:9a:ad:
0e:8e:a4:23:48:00:69:2e:04:33:02:f1:9e:33:e6:
9b:bb:e8:1c:57:37:65:f3:16:2c:d4:8d:5e:08:c3:
73:a5:dc:94:39:18:ea:96:dd:8d:72:d4:c2:00:6e:
20:4f:d9:59:84:97:b6:7b:3b:9b:c1:98:cc:da:1d:
a3:be:ad:49:82:81:88:2a:7b:7e:62:1d:39:a6:3b:
9b:dc:e4:01:60:51:0c:70:2a:89:44:9b:70:16:a4:
71:6a:99:1b:5c:fa:6c:8f:b9:6c:2a:4d:ba:15:52:
5c:50:4c:88:63:55:f0:14:33:f5:e5:d0:dc:7b:7c:
e0:90:3c:7f:86:78:ac:f9:1d:f1:f6:1c:dc:c9:3d:
c1:95:14:b5:ad:c6:a5:c0:04:12:42:88:2b:c5:6c:
8e:0d:8e:c1:9e:d8:66:84:fb:c6:00:af:dc:88:0f:
cb:10:16:79:1e:6d:0e:84:4a:92:b7:d6:79:86:88:
36:2d:1f:61:4d:90:44:5b:ca:d5:0d:bd:46:a8:73:
16:7b:b8:e6:87:7b:57:15:44:57:a4:d9:53:c6:e8:
76:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:0C:92:E9:48:11:9D:BA:27:C8:21:BC:1B:65:80:9D:CF:E7:18:3F
X509v3 Authority Key Identifier:
keyid:30:70:6B:2B:95:58:8D:78:0E:36:EF:82:A8:F5:4A:31:7D:58:69:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MHBrK5VYjXgONu-CqPVKMX1YaeI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/28debb-3a59-4ee1-bd37-84ed91ec1c65/1/qAyS6UgRnbonyCG8G2WAnc_nGD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/28debb-3a59-4ee1-bd37-84ed91ec1c65/1/MHBrK5VYjXgONu-CqPVKMX1YaeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.64.6.0/24
IPv6:
2a10:2307:fffd::-2a10:2307:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
26:ab:05:0d:41:4d:6f:71:f7:d8:1e:a0:59:46:af:fe:a3:3d:
05:b1:fc:3c:29:2a:21:fb:96:5e:47:e7:43:0a:e5:89:70:89:
87:d7:ee:d2:2e:d6:bf:37:b7:33:c1:c4:77:73:23:cd:ac:c0:
5a:ed:1b:33:a0:23:7f:6a:9c:82:d5:39:c4:c6:54:7a:5b:9c:
41:14:7f:b1:d0:41:c1:86:53:e4:66:5d:ba:5c:29:97:ad:ed:
25:8e:51:5e:28:fc:e0:5a:e2:3a:0f:f5:1f:b2:85:85:29:0e:
e3:c2:1d:e1:a8:fb:b3:16:a6:1b:22:50:53:ef:65:f4:1a:e0:
e7:59:42:90:c5:f3:f8:95:b5:93:a4:42:83:62:47:dc:8e:6f:
a9:23:3b:21:d9:f6:56:22:a9:bc:18:9c:60:fe:3b:ca:18:b3:
61:cc:03:4d:83:28:3a:69:b8:89:b8:ba:0d:d2:aa:89:f1:ee:
15:1e:08:6c:fc:20:64:56:ab:77:56:01:80:b6:ec:16:8b:e4:
5b:04:cc:ed:ad:ad:46:8d:a2:2d:f8:f1:11:2c:5a:1e:c7:35:
67:ed:f2:55:0c:bc:d1:48:57:82:a0:2e:da:12:59:17:4d:77:
d9:da:50:a2:52:d8:87:44:7a:b6:a9:56:b2:8e:60:ba:87:50:
f6:f4:67:67
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQl/KnFhnWqUfW3IuVTmJwqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNzA2YjJiOTU1ODhkNzgwZTM2ZWY4MmE4ZjU0YTMxN2Q1
ODY5ZTIwHhcNMjUwMTAyMDc0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODBjOTJlOTQ4MTE5ZGJhMjdjODIxYmMxYjY1ODA5ZGNmZTcxODNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVeYQOfnS+AbyxvJOh0xEacGHsVE
rQGaPINMp/neJPqVEpmJOEt0yc30mq0OjqQjSABpLgQzAvGeM+abu+gcVzdl8xYs
1I1eCMNzpdyUORjqlt2NctTCAG4gT9lZhJe2ezubwZjM2h2jvq1JgoGIKnt+Yh05
pjub3OQBYFEMcCqJRJtwFqRxapkbXPpsj7lsKk26FVJcUEyIY1XwFDP15dDce3zg
kDx/hnis+R3x9hzcyT3BlRS1rcalwAQSQogrxWyODY7BnthmhPvGAK/ciA/LEBZ5
Hm0OhEqSt9Z5hog2LR9hTZBEW8rVDb1GqHMWe7jmh3tXFURXpNlTxuh2SwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKgMkulIEZ26J8ghvBtlgJ3P5xg/MB8GA1UdIwQY
MBaAFDBwayuVWI14Djbvgqj1SjF9WGniMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUhCcks1VllqWGdPTnUtQ3FQVktNWDFZYWVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8yOGRlYmItM2E1OS00ZWUxLWJkMzct
ODRlZDkxZWMxYzY1LzEvcUF5UzZVZ1JuYm9ueUNHOEcyV0FuY19uR0Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8yOGRlYmItM2E1OS00ZWUxLWJkMzctODRlZDkxZWMxYzY1
LzEvTUhCcks1VllqWGdPTnUtQ3FQVktNWDFZYWVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAuUAGMBgE
AgACMBIwEAMHACoQIwf//QMFAyoQIwAwDQYJKoZIhvcNAQELBQADggEBACarBQ1B
TW9x99geoFlGr/6jPQWx/DwpKiH7ll5H50MK5YlwiYfX7tIu1r83tzPBxHdzI82s
wFrtGzOgI39qnILVOcTGVHpbnEEUf7HQQcGGU+RmXbpcKZet7SWOUV4o/OBa4joP
9R+yhYUpDuPCHeGo+7MWphsiUFPvZfQa4OdZQpDF8/iVtZOkQoNiR9yOb6kjOyHZ
9lYiqbwYnGD+O8oYs2HMA02DKDppuIm4ug3Sqonx7hUeCGz8IGRWq3dWAYC27BaL
5FsEzO2trUaNoi348REsWh7HNWft8lUMvNFIV4KgLtoSWRdNd9naUKJS2IdEerap
VrKOYLqHUPb0Z2c=
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:45:33 2025 by rpki-client