Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4b4df7-d72b-474f-963f-59e6a6d4d576/1/6HOoB-xFW732_7qK2qidP05AsQk.roa
File: 6HOoB-xFW732_7qK2qidP05AsQk.roa (raw, json)
Hash identifier: hf9bIGWJZ6Oc66PzG2IxognJ3wYESBBpOFaaQJOqtDo=
Subject key identifier: E8:73:A8:07:EC:45:5B:BD:F6:FF:BA:8A:DA:A8:9D:3F:4E:40:B1:09
Certificate issuer: /CN=0b1b318e5057a1c10341607cddddadb46d71abf5
Certificate serial: 019420D63B79C5FF2EB61DCA99CC0D0C54E0
Authority key identifier: 0B:1B:31:8E:50:57:A1:C1:03:41:60:7C:DD:DD:AD:B4:6D:71:AB:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CxsxjlBXocEDQWB83d2ttG1xq_U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4b4df7-d72b-474f-963f-59e6a6d4d576/1/6HOoB-xFW732_7qK2qidP05AsQk.roa
Signing time: Wed 01 Jan 2025 07:48:18 +0000
ROA not before: Wed 01 Jan 2025 07:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42160
IP address blocks: 81.95.112.0/20 maxlen: 20
81.95.112.0/22 maxlen: 24
81.95.112.0/24 maxlen: 24
81.95.113.0/24 maxlen: 24
81.95.114.0/24 maxlen: 24
81.95.115.0/24 maxlen: 24
81.95.116.0/24 maxlen: 24
81.95.117.0/24 maxlen: 24
81.95.118.0/23 maxlen: 23
81.95.118.0/24 maxlen: 24
81.95.119.0/24 maxlen: 24
81.95.120.0/23 maxlen: 23
81.95.120.0/24 maxlen: 24
81.95.121.0/24 maxlen: 24
81.95.122.0/23 maxlen: 23
81.95.122.0/24 maxlen: 24
81.95.123.0/24 maxlen: 24
81.95.124.0/22 maxlen: 22
81.95.124.0/24 maxlen: 24
81.95.125.0/24 maxlen: 24
81.95.126.0/24 maxlen: 24
81.95.127.0/24 maxlen: 24
185.55.92.0/22 maxlen: 22
185.55.92.0/24 maxlen: 24
185.55.93.0/24 maxlen: 24
185.55.94.0/24 maxlen: 24
185.55.95.0/24 maxlen: 24
193.110.248.0/21 maxlen: 21
193.110.248.0/23 maxlen: 23
193.110.248.0/24 maxlen: 24
193.110.249.0/24 maxlen: 24
193.110.250.0/23 maxlen: 23
193.110.250.0/24 maxlen: 24
193.110.251.0/24 maxlen: 24
193.110.252.0/22 maxlen: 22
193.110.252.0/24 maxlen: 24
193.110.253.0/24 maxlen: 24
193.110.254.0/24 maxlen: 24
193.110.255.0/24 maxlen: 24
2a02:5940::/32 maxlen: 34
2a02:5940::/34 maxlen: 34
2a02:5940:4000::/34 maxlen: 34
2a02:5940:8000::/34 maxlen: 34
2a02:5940:c000::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4b4df7-d72b-474f-963f-59e6a6d4d576/1/CxsxjlBXocEDQWB83d2ttG1xq_U.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4b4df7-d72b-474f-963f-59e6a6d4d576/1/CxsxjlBXocEDQWB83d2ttG1xq_U.mft
rsync://rpki.ripe.net/repository/DEFAULT/CxsxjlBXocEDQWB83d2ttG1xq_U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 19:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:3b:79:c5:ff:2e:b6:1d:ca:99:cc:0d:0c:54:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b1b318e5057a1c10341607cddddadb46d71abf5
Validity
Not Before: Jan 1 07:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e873a807ec455bbdf6ffba8adaa89d3f4e40b109
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:9d:3f:b5:6b:89:70:ba:0f:83:28:6e:93:89:
7a:af:33:a1:96:d6:2d:db:38:14:6f:99:f7:f3:36:
e5:2f:67:58:7e:3b:8c:63:fe:f5:d2:61:9c:cc:5c:
c9:33:eb:ca:fc:f8:d9:24:0a:33:9c:86:e8:60:d3:
df:15:ae:fa:bb:6b:fc:ee:e8:6f:ca:80:eb:a3:af:
70:a7:bc:31:56:62:c7:fd:c0:70:71:ee:0d:bf:e2:
20:65:ab:ad:fe:fb:c5:87:e1:2d:d4:fd:d2:9b:45:
47:c6:7e:02:94:eb:40:38:b8:4a:04:fe:06:2f:cb:
e5:4f:39:e4:84:e6:ba:27:79:06:fc:5f:46:3c:5b:
bf:08:a0:64:e8:a6:d6:94:8d:a3:46:1e:f1:57:3f:
7e:55:74:6c:35:38:06:b7:e6:33:64:bb:29:59:54:
ba:10:06:c4:fa:71:c9:71:c1:5c:39:13:94:01:18:
da:9f:f3:a6:51:4e:ca:11:55:ae:c7:45:ca:24:a3:
79:4a:dd:af:d9:54:40:67:f2:b2:66:78:29:27:c1:
03:d9:47:36:a6:66:45:bd:4a:b0:c9:39:10:c0:2e:
29:51:30:bd:b9:81:19:b0:5d:15:8a:7e:d6:05:28:
90:af:30:07:4a:b0:f7:d3:3f:1f:39:20:50:26:46:
59:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:73:A8:07:EC:45:5B:BD:F6:FF:BA:8A:DA:A8:9D:3F:4E:40:B1:09
X509v3 Authority Key Identifier:
keyid:0B:1B:31:8E:50:57:A1:C1:03:41:60:7C:DD:DD:AD:B4:6D:71:AB:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CxsxjlBXocEDQWB83d2ttG1xq_U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4b4df7-d72b-474f-963f-59e6a6d4d576/1/6HOoB-xFW732_7qK2qidP05AsQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4b4df7-d72b-474f-963f-59e6a6d4d576/1/CxsxjlBXocEDQWB83d2ttG1xq_U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.95.112.0/20
185.55.92.0/22
193.110.248.0/21
IPv6:
2a02:5940::/32
Signature Algorithm: sha256WithRSAEncryption
0a:03:fb:d8:2a:ce:45:96:c3:ec:11:e8:ba:bc:45:30:6f:05:
c7:50:2e:c4:b2:fc:27:99:79:19:49:f9:fd:3f:63:e6:0c:b0:
d4:fe:87:bd:a1:2e:f8:b4:e2:fc:85:0c:c0:a2:78:d6:b4:ab:
5e:84:90:3a:0f:ed:b0:45:c4:eb:25:51:29:e1:89:bc:2e:6f:
ea:54:47:70:f1:12:b3:46:79:63:ad:76:06:ff:c9:32:4b:ae:
df:e5:d4:2e:de:59:18:d7:fe:89:3c:b6:44:2a:1c:ec:e6:a7:
16:da:41:3e:97:e6:f4:a6:0d:6f:98:c5:fa:8e:cd:57:d6:94:
6f:f8:6f:a3:69:4b:03:34:cd:43:22:e7:b3:12:45:8d:f1:2f:
8f:f5:9d:00:24:22:7c:d4:fd:c2:87:4d:36:f2:fd:f4:f4:69:
f8:cd:25:27:eb:80:fe:2e:31:d1:aa:30:5e:3a:1b:a7:4e:e0:
3f:a6:66:ec:4e:88:d8:df:6a:5f:af:b9:9c:96:07:28:fe:74:
be:b6:66:a2:e1:40:03:23:18:f0:fe:91:ce:55:fb:8d:dd:dc:
ea:cd:f9:51:60:fb:80:07:4d:0c:8f:57:ff:90:94:49:f8:79:
5f:b0:94:60:1c:f3:54:bb:d0:d2:18:08:df:c7:88:b8:94:26:
73:26:ce:46
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQg1jt5xf8uth3KmcwNDFTgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMWIzMThlNTA1N2ExYzEwMzQxNjA3Y2RkZGRhZGI0NmQ3
MWFiZjUwHhcNMjUwMTAxMDc0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODczYTgwN2VjNDU1YmJkZjZmZmJhOGFkYWE4OWQzZjRlNDBiMTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu50/tWuJcLoPgyhuk4l6rzOhltYt
2zgUb5n38zblL2dYfjuMY/710mGczFzJM+vK/PjZJAoznIboYNPfFa76u2v87uhv
yoDro69wp7wxVmLH/cBwce4Nv+IgZaut/vvFh+Et1P3Sm0VHxn4ClOtAOLhKBP4G
L8vlTznkhOa6J3kG/F9GPFu/CKBk6KbWlI2jRh7xVz9+VXRsNTgGt+YzZLspWVS6
EAbE+nHJccFcOROUARjan/OmUU7KEVWux0XKJKN5St2v2VRAZ/KyZngpJ8ED2Uc2
pmZFvUqwyTkQwC4pUTC9uYEZsF0Vin7WBSiQrzAHSrD30z8fOSBQJkZZMwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOhzqAfsRVu99v+6itqonT9OQLEJMB8GA1UdIwQY
MBaAFAsbMY5QV6HBA0FgfN3drbRtcav1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3hzeGpsQlhvY0VEUVdCODNkMnR0RzF4cV9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YjRkZjctZDcyYi00NzRmLTk2M2Yt
NTllNmE2ZDRkNTc2LzEvNkhPb0IteEZXNzMyXzdxSzJxaWRQMDVBc1FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YjRkZjctZDcyYi00NzRmLTk2M2YtNTllNmE2ZDRkNTc2
LzEvQ3hzeGpsQlhvY0VEUVdCODNkMnR0RzF4cV9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEUV9wAwQC
uTdcAwQDwW74MA0EAgACMAcDBQAqAllAMA0GCSqGSIb3DQEBCwUAA4IBAQAKA/vY
Ks5FlsPsEei6vEUwbwXHUC7EsvwnmXkZSfn9P2PmDLDU/oe9oS74tOL8hQzAonjW
tKtehJA6D+2wRcTrJVEp4Ym8Lm/qVEdw8RKzRnljrXYG/8kyS67f5dQu3lkY1/6J
PLZEKhzs5qcW2kE+l+b0pg1vmMX6js1X1pRv+G+jaUsDNM1DIuezEkWN8S+P9Z0A
JCJ81P3Ch0028v309Gn4zSUn64D+LjHRqjBeOhunTuA/pmbsTojY32pfr7mclgco
/nS+tmai4UADIxjw/pHOVfuN3dzqzflRYPuAB00Mj1f/kJRJ+HlfsJRgHPNUu9DS
GAjfx4i4lCZzJs5G
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:54:30 2025 by rpki-client