Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/dcf976-007d-4542-b0e2-5f8fc707836a/1/6EXhvKaYuiSv7QzpiDlEqKp3HxQ.roa
File: 6EXhvKaYuiSv7QzpiDlEqKp3HxQ.roa (raw, json)
Hash identifier: XgOtkTf6/3mw63PcUPKIMiqdp+H34pYiXMAQZ7u4ASY=
Subject key identifier: E8:45:E1:BC:A6:98:BA:24:AF:ED:0C:E9:88:39:44:A8:AA:77:1F:14
Certificate issuer: /CN=593897174f967490dbf6189d479df2c9371bf404
Certificate serial: 019422FB57D814664C4A757EE2E27DCFABCA
Authority key identifier: 59:38:97:17:4F:96:74:90:DB:F6:18:9D:47:9D:F2:C9:37:1B:F4:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WTiXF0-WdJDb9hidR53yyTcb9AQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/dcf976-007d-4542-b0e2-5f8fc707836a/1/6EXhvKaYuiSv7QzpiDlEqKp3HxQ.roa
Signing time: Wed 01 Jan 2025 17:48:04 +0000
ROA not before: Wed 01 Jan 2025 17:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8495
IP address blocks: 185.67.36.0/23 maxlen: 23
185.67.36.0/24 maxlen: 24
185.67.37.0/24 maxlen: 24
2a05:bc0::/32 maxlen: 32
2a05:bc0:1000::/47 maxlen: 47
2a05:bc0:1000::/48 maxlen: 48
2a05:bc0:1001::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/dcf976-007d-4542-b0e2-5f8fc707836a/1/WTiXF0-WdJDb9hidR53yyTcb9AQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/dcf976-007d-4542-b0e2-5f8fc707836a/1/WTiXF0-WdJDb9hidR53yyTcb9AQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/WTiXF0-WdJDb9hidR53yyTcb9AQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:57:d8:14:66:4c:4a:75:7e:e2:e2:7d:cf:ab:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=593897174f967490dbf6189d479df2c9371bf404
Validity
Not Before: Jan 1 17:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e845e1bca698ba24afed0ce9883944a8aa771f14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:be:5d:a7:d5:06:2c:23:df:80:6f:c1:98:65:
03:7b:6c:83:10:09:44:7e:20:3f:55:1d:9a:1e:cc:
8b:97:52:c0:ab:01:42:d0:e5:c1:47:75:38:99:f3:
d8:3c:d1:94:bf:fc:69:89:b7:83:fd:7f:17:7a:0d:
31:4e:17:1c:ab:a2:b0:b4:92:18:e3:87:23:1e:21:
17:04:c7:12:c2:b2:7d:c0:f9:16:2c:d5:de:76:d8:
e3:93:27:60:0b:e0:1d:e9:d3:9b:d5:dc:bb:fb:97:
30:fc:8c:13:25:46:e6:cd:ec:a6:e2:fa:6e:3d:16:
a8:90:31:e9:b2:7e:f7:bb:c1:dd:8e:ba:9d:1a:24:
77:ef:cb:b5:54:e8:b0:ba:90:4a:10:43:2a:54:7f:
66:16:6f:06:d8:67:fa:b1:51:d6:b8:18:da:63:eb:
67:8e:eb:09:c6:ca:49:0b:54:5d:68:54:fa:5f:48:
26:76:ec:31:bf:79:b9:6c:f7:83:a9:84:86:22:41:
6d:92:b2:f7:a3:5b:99:c8:e2:57:da:0b:52:91:52:
48:f9:81:63:22:0a:fe:f2:45:90:b6:c1:2f:ab:9e:
0a:ea:7c:56:2f:84:5b:5c:ef:12:e8:8b:b4:0a:69:
92:ec:7e:b6:b7:0b:82:f7:ed:e7:d7:71:55:eb:55:
ea:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:45:E1:BC:A6:98:BA:24:AF:ED:0C:E9:88:39:44:A8:AA:77:1F:14
X509v3 Authority Key Identifier:
keyid:59:38:97:17:4F:96:74:90:DB:F6:18:9D:47:9D:F2:C9:37:1B:F4:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WTiXF0-WdJDb9hidR53yyTcb9AQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/dcf976-007d-4542-b0e2-5f8fc707836a/1/6EXhvKaYuiSv7QzpiDlEqKp3HxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/dcf976-007d-4542-b0e2-5f8fc707836a/1/WTiXF0-WdJDb9hidR53yyTcb9AQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.36.0/23
IPv6:
2a05:bc0::/32
Signature Algorithm: sha256WithRSAEncryption
2a:83:91:6a:8a:a1:06:c1:9a:0a:ca:bc:51:e4:11:9f:85:8b:
15:77:03:90:83:5d:a4:3a:0d:00:c1:fc:68:9c:57:13:85:05:
1c:de:88:ef:fb:84:96:82:fe:9b:ee:4e:fc:92:b5:8f:94:80:
72:eb:44:68:fe:9c:5f:17:9c:5d:51:2c:2e:cf:de:59:eb:03:
9c:49:2e:65:09:ce:21:6c:b7:a4:0f:63:ec:7b:6c:37:25:16:
31:4e:83:14:7e:89:83:7a:b0:57:f1:96:15:4f:bc:5b:61:d5:
5b:e9:f9:6d:8a:78:92:a0:06:b7:b3:03:13:c9:ab:d6:28:49:
a1:0e:35:da:ef:ff:e4:6d:80:e8:95:2f:0e:ae:f7:7b:ec:fc:
61:0c:05:3e:bb:eb:52:01:42:3d:ed:e3:53:ca:3e:e6:0f:f3:
27:13:5b:18:d4:28:a5:29:79:49:47:9b:f4:7a:b4:62:cf:a5:
49:d0:34:2f:8a:d2:ae:d1:7e:d9:5a:b5:91:33:05:ea:ce:a3:
67:96:33:08:1d:b3:c6:10:b9:58:e6:1c:98:29:9e:d3:dd:89:
0c:26:d6:43:6c:b1:b0:4c:c1:3e:32:0e:d5:7e:3f:b4:3b:5d:
a6:62:cc:2e:5b:6c:be:e7:d6:93:35:e0:d0:ee:8d:b9:47:6e:
9a:67:e0:7f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQi+1fYFGZMSnV+4uJ9z6vKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5Mzg5NzE3NGY5Njc0OTBkYmY2MTg5ZDQ3OWRmMmM5Mzcx
YmY0MDQwHhcNMjUwMTAxMTc0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODQ1ZTFiY2E2OThiYTI0YWZlZDBjZTk4ODM5NDRhOGFhNzcxZjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArL5dp9UGLCPfgG/BmGUDe2yDEAlE
fiA/VR2aHsyLl1LAqwFC0OXBR3U4mfPYPNGUv/xpibeD/X8Xeg0xThccq6KwtJIY
44cjHiEXBMcSwrJ9wPkWLNXedtjjkydgC+Ad6dOb1dy7+5cw/IwTJUbmzeym4vpu
PRaokDHpsn73u8HdjrqdGiR378u1VOiwupBKEEMqVH9mFm8G2Gf6sVHWuBjaY+tn
jusJxspJC1RdaFT6X0gmduwxv3m5bPeDqYSGIkFtkrL3o1uZyOJX2gtSkVJI+YFj
Igr+8kWQtsEvq54K6nxWL4RbXO8S6Iu0CmmS7H62twuC9+3n13FV61XqTQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOhF4bymmLokr+0M6Yg5RKiqdx8UMB8GA1UdIwQY
MBaAFFk4lxdPlnSQ2/YYnUed8sk3G/QEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1RpWEYwLVdkSkRiOWhpZFI1M3l5VGNiOUFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9kY2Y5NzYtMDA3ZC00NTQyLWIwZTIt
NWY4ZmM3MDc4MzZhLzEvNkVYaHZLYVl1aVN2N1F6cGlEbEVxS3AzSHhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9kY2Y5NzYtMDA3ZC00NTQyLWIwZTItNWY4ZmM3MDc4MzZh
LzEvV1RpWEYwLVdkSkRiOWhpZFI1M3l5VGNiOUFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuUMkMA0E
AgACMAcDBQAqBQvAMA0GCSqGSIb3DQEBCwUAA4IBAQAqg5FqiqEGwZoKyrxR5BGf
hYsVdwOQg12kOg0AwfxonFcThQUc3ojv+4SWgv6b7k78krWPlIBy60Ro/pxfF5xd
USwuz95Z6wOcSS5lCc4hbLekD2Pse2w3JRYxToMUfomDerBX8ZYVT7xbYdVb6flt
iniSoAa3swMTyavWKEmhDjXa7//kbYDolS8Orvd77PxhDAU+u+tSAUI97eNTyj7m
D/MnE1sY1CilKXlJR5v0erRiz6VJ0DQvitKu0X7ZWrWRMwXqzqNnljMIHbPGELlY
5hyYKZ7T3YkMJtZDbLGwTME+Mg7Vfj+0O12mYswuW2y+59aTNeDQ7o25R26aZ+B/
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:33:02 2025 by rpki-client