Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/tD6SxEXXy-4UgES6PP0c07bLAVc.roa
File: tD6SxEXXy-4UgES6PP0c07bLAVc.roa (raw, json)
Hash identifier: JGnxbPJtrvJAJ/M+kc98TO8RBhzsr5QCqBtFJeovRoA=
Subject key identifier: B4:3E:92:C4:45:D7:CB:EE:14:80:44:BA:3C:FD:1C:D3:B6:CB:01:57
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 019422200A52CF7F16015F16553AE1749ED2
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/tD6SxEXXy-4UgES6PP0c07bLAVc.roa
Signing time: Wed 01 Jan 2025 13:48:32 +0000
ROA not before: Wed 01 Jan 2025 13:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6762
IP address blocks: 62.197.136.0/21 maxlen: 24
89.33.85.0/24 maxlen: 24
89.39.163.0/24 maxlen: 24
89.39.164.0/24 maxlen: 24
93.114.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:0a:52:cf:7f:16:01:5f:16:55:3a:e1:74:9e:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 13:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b43e92c445d7cbee148044ba3cfd1cd3b6cb0157
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:93:8d:87:8b:71:e8:76:98:0c:be:06:55:d3:
75:ac:2a:d0:87:4d:6c:19:b7:c6:92:58:f8:2c:6e:
06:da:27:c7:96:64:9a:b8:4c:b5:4d:44:03:32:d7:
0a:34:98:15:52:16:4e:76:be:8c:5c:de:07:e0:2f:
a4:e9:53:9b:f1:c6:8a:5f:9b:6e:d3:92:0b:eb:92:
04:d1:8c:aa:20:e6:70:44:14:e3:6e:60:e3:7f:1b:
91:02:af:9e:09:6f:8c:fb:47:18:48:00:bd:23:dd:
ea:0e:84:9c:13:5d:67:29:bb:35:9d:b1:bb:98:93:
bd:f3:b7:69:20:5f:39:d9:68:0e:39:45:3d:fc:15:
6f:67:97:a7:7e:8f:79:52:0c:ad:42:f6:bc:a0:84:
00:0f:3b:2c:3f:f8:9b:77:e9:54:b0:04:82:51:86:
a9:23:d2:bc:d9:59:c3:5c:5f:33:75:47:06:31:6a:
e4:86:c7:54:9d:3a:ba:d7:42:aa:e5:29:e5:13:97:
44:dd:9e:2f:76:5c:80:aa:5c:fd:02:b9:11:9b:fc:
8a:36:3b:cc:2d:c2:88:9c:f4:34:6b:05:fa:bb:e9:
c0:2b:2b:dc:ba:c8:b0:ae:03:7b:e6:29:70:e7:e8:
d5:ff:f8:fe:10:54:e2:63:39:54:0d:90:0c:62:f1:
65:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:3E:92:C4:45:D7:CB:EE:14:80:44:BA:3C:FD:1C:D3:B6:CB:01:57
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/tD6SxEXXy-4UgES6PP0c07bLAVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.197.136.0/21
89.33.85.0/24
89.39.163.0-89.39.164.255
93.114.195.0/24
Signature Algorithm: sha256WithRSAEncryption
47:f3:ee:23:71:a5:37:88:1f:f7:27:2a:c4:a4:e4:2a:37:ab:
82:7f:5c:2a:36:9b:e5:1b:19:1e:26:6b:da:54:59:6c:4d:a9:
d8:eb:ec:7a:a5:00:21:82:53:cc:21:b7:a6:40:54:ce:9a:d7:
4d:80:65:44:f3:06:e3:97:92:a2:cd:41:92:56:80:52:30:90:
56:a8:82:be:00:51:b9:0f:60:fa:25:80:9f:c3:90:96:40:89:
e1:eb:2d:3c:6e:04:ae:c5:2c:25:d7:37:fc:7e:24:10:1e:11:
a3:62:84:b0:89:6e:d3:a0:49:3e:dd:a6:96:f6:13:09:9e:78:
5f:63:0e:da:5c:a1:81:c8:9f:9d:8e:0a:a2:aa:9e:00:0d:40:
88:f8:f9:35:02:3c:10:c5:43:87:61:65:7e:b1:3f:bf:14:6f:
f1:ae:48:df:1d:f5:8b:78:f3:c4:2b:a4:6b:e1:7b:68:eb:92:
9a:69:79:48:61:3f:8a:bb:7a:b6:7f:eb:fd:a0:19:f4:c2:78:
2f:87:15:53:7f:25:fa:7a:c4:22:dc:aa:33:4b:94:fc:c8:d8:
22:2b:32:fa:04:99:5a:fe:3b:f8:fa:18:e5:c8:a9:f1:92:97:
cf:8a:95:02:15:b4:06:ae:1f:ee:f0:8e:01:9f:f5:90:60:e6:
22:e5:f3:5d
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQiIApSz38WAV8WVTrhdJ7SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjUwMTAxMTM0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDNlOTJjNDQ1ZDdjYmVlMTQ4MDQ0YmEzY2ZkMWNkM2I2Y2IwMTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5ONh4tx6HaYDL4GVdN1rCrQh01s
GbfGklj4LG4G2ifHlmSauEy1TUQDMtcKNJgVUhZOdr6MXN4H4C+k6VOb8caKX5tu
05IL65IE0YyqIOZwRBTjbmDjfxuRAq+eCW+M+0cYSAC9I93qDoScE11nKbs1nbG7
mJO987dpIF852WgOOUU9/BVvZ5enfo95UgytQva8oIQADzssP/ibd+lUsASCUYap
I9K82VnDXF8zdUcGMWrkhsdUnTq610Kq5SnlE5dE3Z4vdlyAqlz9ArkRm/yKNjvM
LcKInPQ0awX6u+nAKyvcusiwrgN75ilw5+jV//j+EFTiYzlUDZAMYvFlGQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLQ+ksRF18vuFIBEujz9HNO2ywFXMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvdEQ2U3hFWFh5LTRVZ0VTNlBQMGMwN2JMQVZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQDPsWIAwQA
WSFVMAwDBABZJ6MDBABZJ6QDBABdcsMwDQYJKoZIhvcNAQELBQADggEBAEfz7iNx
pTeIH/cnKsSk5Co3q4J/XCo2m+UbGR4ma9pUWWxNqdjr7HqlACGCU8wht6ZAVM6a
102AZUTzBuOXkqLNQZJWgFIwkFaogr4AUbkPYPolgJ/DkJZAieHrLTxuBK7FLCXX
N/x+JBAeEaNihLCJbtOgST7dppb2EwmeeF9jDtpcoYHIn52OCqKqngANQIj4+TUC
PBDFQ4dhZX6xP78Ub/GuSN8d9Yt488QrpGvhe2jrkpppeUhhP4q7erZ/6/2gGfTC
eC+HFVN/Jfp6xCLcqjNLlPzI2CIrMvoEmVr+O/j6GOXIqfGSl8+KlQIVtAauH+7w
jgGf9ZBg5iLl810=
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:46:05 2025 by rpki-client