Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/6PjJU2maC5af1_WcBne5RM5qkVU.roa
File: 6PjJU2maC5af1_WcBne5RM5qkVU.roa (raw, json)
Hash identifier: gUwcleCE8ot0WJp7nTIpqBcv92UeUI17+t36BuV/54Q=
Subject key identifier: E8:F8:C9:53:69:9A:0B:96:9F:D7:F5:9C:06:77:B9:44:CE:6A:91:55
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 019422200B40B6AC36A05669CA2A397B0CFE
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/6PjJU2maC5af1_WcBne5RM5qkVU.roa
Signing time: Wed 01 Jan 2025 13:48:32 +0000
ROA not before: Wed 01 Jan 2025 13:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8151
IP address blocks: 45.144.224.0/24 maxlen: 24
194.5.84.0/24 maxlen: 24
194.242.3.0/24 maxlen: 24
2a10:6c00::/32 maxlen: 32
2a10:7406::/32 maxlen: 32
2a10:7407::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:0b:40:b6:ac:36:a0:56:69:ca:2a:39:7b:0c:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 13:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e8f8c953699a0b969fd7f59c0677b944ce6a9155
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:28:7e:70:17:b4:8f:0f:68:33:73:6b:7c:0c:
cb:8b:5a:42:f4:85:d4:6f:1e:7b:f7:2c:b0:c3:f0:
23:cb:a8:19:aa:85:95:8d:72:33:30:1c:2c:77:d9:
3f:3a:61:9d:6d:a0:5f:d2:b9:e9:fe:35:33:2b:6c:
ae:ad:50:12:87:35:f6:e0:cf:89:8f:74:25:6d:05:
9c:22:92:dc:77:35:20:eb:c5:47:0e:cc:96:0c:ee:
9e:61:40:62:7a:a6:97:f7:42:db:e3:1c:61:f6:ad:
eb:e5:19:48:3f:ad:5f:f6:ad:9c:3b:c6:f6:28:46:
5a:34:2c:4b:95:06:40:9d:19:0f:2b:f2:24:4d:14:
1e:82:9e:fe:9c:71:7b:f7:13:4e:c3:bc:7b:eb:06:
a8:f3:8b:d8:76:55:d1:17:88:79:20:fd:e4:3c:b5:
6e:88:e9:2b:30:e5:dc:fd:16:3b:51:76:45:d8:72:
42:3b:21:7b:f3:38:d2:07:aa:5a:84:33:4c:66:9f:
f7:38:5f:5f:85:2d:51:4b:b0:0f:0c:b5:d1:85:45:
77:0f:a5:4c:27:aa:cd:dd:f0:22:79:ab:f2:71:c7:
02:fc:ef:f4:14:3d:39:97:d0:e4:d2:c2:38:c5:3f:
27:c5:98:d9:e9:b8:fd:d8:01:28:dc:31:3a:49:e3:
d8:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:F8:C9:53:69:9A:0B:96:9F:D7:F5:9C:06:77:B9:44:CE:6A:91:55
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/6PjJU2maC5af1_WcBne5RM5qkVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.224.0/24
194.5.84.0/24
194.242.3.0/24
IPv6:
2a10:6c00::/32
2a10:7406::/31
Signature Algorithm: sha256WithRSAEncryption
47:33:3b:03:41:06:af:92:dc:c3:eb:d5:08:4f:cb:39:8b:59:
63:48:78:0c:94:00:4c:8a:bb:4e:69:8e:9b:9b:a3:d6:7c:80:
18:46:c1:88:4b:8a:02:bc:6f:57:c5:15:2f:2f:89:e9:47:02:
23:b4:6a:d2:f0:e2:00:4c:97:01:70:15:08:17:d1:0e:3b:c1:
d7:3c:80:c7:4d:7b:6f:79:c1:a2:a1:d5:03:f4:00:83:35:84:
42:6f:59:b3:f5:91:a1:a2:01:15:08:2f:ea:05:f0:61:1d:70:
95:fd:31:a8:79:ad:df:f9:85:f0:49:d7:37:b4:78:77:84:5c:
69:3c:28:08:c3:ea:1f:6e:b6:3d:df:10:2e:f9:93:c1:4c:8b:
33:8b:61:df:6d:50:b1:7d:6a:af:5d:31:7f:de:3d:06:9b:3b:
6c:6c:47:ef:02:ff:13:e8:6b:3e:e4:bb:39:37:b0:39:2f:a4:
d6:70:cf:57:bf:12:37:30:27:ad:99:04:fd:c9:ee:6b:ca:42:
c1:19:9f:af:58:a9:32:46:02:b2:89:04:d6:18:32:47:f2:a9:
cf:37:6f:bf:19:5d:a3:be:ee:a3:c6:b2:37:c4:f5:c5:36:66:
5f:ae:ec:98:90:be:f8:a4:93:3a:a7:ae:a6:50:be:41:d3:f6:
31:83:f3:0c
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQiIAtAtqw2oFZpyio5ewz+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjUwMTAxMTM0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGY4Yzk1MzY5OWEwYjk2OWZkN2Y1OWMwNjc3Yjk0NGNlNmE5MTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyh+cBe0jw9oM3NrfAzLi1pC9IXU
bx579yyww/Ajy6gZqoWVjXIzMBwsd9k/OmGdbaBf0rnp/jUzK2yurVAShzX24M+J
j3QlbQWcIpLcdzUg68VHDsyWDO6eYUBieqaX90Lb4xxh9q3r5RlIP61f9q2cO8b2
KEZaNCxLlQZAnRkPK/IkTRQegp7+nHF79xNOw7x76wao84vYdlXRF4h5IP3kPLVu
iOkrMOXc/RY7UXZF2HJCOyF78zjSB6pahDNMZp/3OF9fhS1RS7APDLXRhUV3D6VM
J6rN3fAieavycccC/O/0FD05l9Dk0sI4xT8nxZjZ6bj92AEo3DE6SePYwwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFOj4yVNpmguWn9f1nAZ3uUTOapFVMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvNlBqSlUybWFDNWFmMV9XY0JuZTVSTTVxa1ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQALZDgAwQA
wgVUAwQAwvIDMBQEAgACMA4DBQAqEGwAAwUBKhB0BjANBgkqhkiG9w0BAQsFAAOC
AQEARzM7A0EGr5Lcw+vVCE/LOYtZY0h4DJQATIq7TmmOm5uj1nyAGEbBiEuKArxv
V8UVLy+J6UcCI7Rq0vDiAEyXAXAVCBfRDjvB1zyAx017b3nBoqHVA/QAgzWEQm9Z
s/WRoaIBFQgv6gXwYR1wlf0xqHmt3/mF8EnXN7R4d4RcaTwoCMPqH262Pd8QLvmT
wUyLM4th321QsX1qr10xf949Bps7bGxH7wL/E+hrPuS7OTewOS+k1nDPV78SNzAn
rZkE/cnua8pCwRmfr1ipMkYCsokE1hgyR/Kpzzdvvxldo77uo8ayN8T1xTZmX67s
mJC++KSTOqeuplC+QdP2MYPzDA==
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:54:32 2025 by rpki-client