Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/a6qbXteGKWwMlIeihawaSomclXw.roa
File: a6qbXteGKWwMlIeihawaSomclXw.roa (raw, json)
Hash identifier: aQEkpjVqh2P/hiA0BknVxaoIS4XGPZ4dAO9uuXoQ6mE=
Subject key identifier: 6B:AA:9B:5E:D7:86:29:6C:0C:94:87:A2:85:AC:1A:4A:89:9C:95:7C
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 019470A9D7A55857061737C27644DA705636
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/a6qbXteGKWwMlIeihawaSomclXw.roa
Signing time: Thu 16 Jan 2025 19:49:26 +0000
ROA not before: Thu 16 Jan 2025 19:49:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30254
IP address blocks: 185.92.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:70:a9:d7:a5:58:57:06:17:37:c2:76:44:da:70:56:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Jan 16 19:49:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6baa9b5ed786296c0c9487a285ac1a4a899c957c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:14:d9:8b:06:13:43:95:a9:5f:5e:73:cf:dd:
e2:fd:bb:26:92:db:8c:07:9e:90:bd:13:bd:ea:68:
78:f2:c9:7a:d2:15:3c:1f:b8:6c:02:6c:20:7e:58:
bd:e1:e1:cd:e4:23:c4:15:6b:ae:d2:60:97:97:14:
57:4f:e6:40:e0:9e:46:35:42:fc:d7:a5:da:7a:73:
b3:4a:48:5b:5e:1e:28:54:40:4c:cf:f6:5c:14:2c:
c9:98:e5:cc:d9:92:a8:67:7f:d1:20:95:da:37:ad:
40:0f:81:18:08:67:2f:14:f8:b7:62:f6:51:17:5f:
be:10:67:bb:b3:09:5f:44:89:dd:d0:85:d1:29:74:
f4:d1:85:4b:51:91:94:da:28:74:23:44:4d:1c:a2:
97:ea:4c:fa:93:33:00:08:03:d5:5e:fa:22:5f:d2:
7b:29:a7:f4:98:de:05:dd:9e:87:f1:80:a3:3d:ea:
d2:6b:12:f5:d2:d5:25:d6:34:85:51:e6:82:21:44:
8d:a8:9b:c3:6b:64:b5:99:02:05:12:42:8a:3d:54:
14:ba:d6:ce:f6:96:4e:8e:16:ac:c3:02:ce:d3:92:
96:9a:38:ea:49:13:d1:88:9a:f7:5b:39:8d:86:26:
28:c7:f2:2d:15:17:a4:f8:ef:6c:da:71:ad:d9:09:
40:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:AA:9B:5E:D7:86:29:6C:0C:94:87:A2:85:AC:1A:4A:89:9C:95:7C
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/a6qbXteGKWwMlIeihawaSomclXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.92.209.0/24
Signature Algorithm: sha256WithRSAEncryption
27:0a:b6:49:69:f3:1f:71:d4:f2:da:2a:71:ca:ed:03:5c:45:
3d:72:d2:b0:ec:eb:a1:75:ca:d3:1a:70:80:af:24:6f:00:42:
06:58:fd:26:a6:48:e0:5f:61:9a:4d:7d:54:d9:98:7a:53:97:
04:ef:fa:fb:90:2c:02:12:cf:7b:eb:9c:d4:e7:8e:ce:e9:0b:
c2:d2:0a:df:4f:19:81:ff:b5:5a:4d:16:c7:dc:1f:4f:e8:a1:
25:48:5f:a1:d7:6b:b3:4b:94:cc:e1:0d:8a:5d:d0:80:2b:ef:
af:ca:8e:3a:7e:4b:02:b6:49:1c:5a:0f:9d:1b:d6:8a:e6:13:
91:11:a4:37:95:bd:c1:25:e9:97:79:92:2c:e7:49:7d:a0:cd:
45:d8:38:e9:90:a0:de:3d:ae:62:67:a9:b5:80:2b:08:91:7c:
f2:39:1e:e7:4c:88:d7:cd:c1:88:7d:11:b7:fa:68:31:4f:de:
d3:6a:cc:76:58:e5:58:d1:24:e6:11:8a:eb:26:e7:8a:6a:44:
4c:db:97:7a:11:66:73:55:6b:b6:a7:1a:8f:7b:52:b1:14:e3:
f3:84:9c:e0:84:66:67:21:5b:9e:ea:42:67:38:b6:a8:43:e7:
4a:b1:04:e8:2b:41:c7:9f:21:ee:bc:b3:3d:90:8d:f1:f0:dc:
45:40:88:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRwqdelWFcGFzfCdkTacFY2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwMTE2MTk0OTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmFhOWI1ZWQ3ODYyOTZjMGM5NDg3YTI4NWFjMWE0YTg5OWM5NTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshTZiwYTQ5WpX15zz93i/bsmktuM
B56QvRO96mh48sl60hU8H7hsAmwgfli94eHN5CPEFWuu0mCXlxRXT+ZA4J5GNUL8
16XaenOzSkhbXh4oVEBMz/ZcFCzJmOXM2ZKoZ3/RIJXaN61AD4EYCGcvFPi3YvZR
F1++EGe7swlfRInd0IXRKXT00YVLUZGU2ih0I0RNHKKX6kz6kzMACAPVXvoiX9J7
Kaf0mN4F3Z6H8YCjPerSaxL10tUl1jSFUeaCIUSNqJvDa2S1mQIFEkKKPVQUutbO
9pZOjhaswwLO05KWmjjqSRPRiJr3WzmNhiYox/ItFRek+O9s2nGt2QlAGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGuqm17XhilsDJSHooWsGkqJnJV8MB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvYTZxYlh0ZUdLV3dNbEllaWhhd2FTb21jbFh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVzRMA0G
CSqGSIb3DQEBCwUAA4IBAQAnCrZJafMfcdTy2ipxyu0DXEU9ctKw7OuhdcrTGnCA
ryRvAEIGWP0mpkjgX2GaTX1U2Zh6U5cE7/r7kCwCEs9765zU547O6QvC0grfTxmB
/7VaTRbH3B9P6KElSF+h12uzS5TM4Q2KXdCAK++vyo46fksCtkkcWg+dG9aK5hOR
EaQ3lb3BJemXeZIs50l9oM1F2DjpkKDePa5iZ6m1gCsIkXzyOR7nTIjXzcGIfRG3
+mgxT97Tasx2WOVY0STmEYrrJueKakRM25d6EWZzVWu2pxqPe1KxFOPzhJzghGZn
IVue6kJnOLaoQ+dKsQToK0HHnyHuvLM9kI3x8NxFQIiS
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:42:56 2025 by rpki-client