Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/Jm7SMMzLF7_5MDCh5Y02qECnHz8.roa
File: Jm7SMMzLF7_5MDCh5Y02qECnHz8.roa (raw, json)
Hash identifier: riP9RQHRkB7J8WrFHbcO6lj526dMWJM+emj0CRiPnlQ=
Subject key identifier: 26:6E:D2:30:CC:CB:17:BF:F9:30:30:A1:E5:8D:36:A8:40:A7:1F:3F
Certificate issuer: /CN=c6f53c03d2f4e7f07a81ea903ecef01d68c68137
Certificate serial: 019493794990A305E237BD4C2875D6C2DA8C
Authority key identifier: C6:F5:3C:03:D2:F4:E7:F0:7A:81:EA:90:3E:CE:F0:1D:68:C6:81:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xvU8A9L05_B6geqQPs7wHWjGgTc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/Jm7SMMzLF7_5MDCh5Y02qECnHz8.roa
Signing time: Thu 23 Jan 2025 14:03:06 +0000
ROA not before: Thu 23 Jan 2025 14:03:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 398549
IP address blocks: 176.10.89.0/24 maxlen: 24
2a13:d8c0::/32 maxlen: 32
2a13:d8c1::/32 maxlen: 32
2a13:d8c2::/32 maxlen: 32
2a13:d8c3::/32 maxlen: 32
2a13:d8c4::/32 maxlen: 32
2a13:d8c5::/32 maxlen: 32
2a13:d8c6::/32 maxlen: 32
2a13:d8c7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/xvU8A9L05_B6geqQPs7wHWjGgTc.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/xvU8A9L05_B6geqQPs7wHWjGgTc.mft
rsync://rpki.ripe.net/repository/DEFAULT/xvU8A9L05_B6geqQPs7wHWjGgTc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:93:79:49:90:a3:05:e2:37:bd:4c:28:75:d6:c2:da:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6f53c03d2f4e7f07a81ea903ecef01d68c68137
Validity
Not Before: Jan 23 14:03:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=266ed230cccb17bff93030a1e58d36a840a71f3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:e2:8b:65:c1:4f:63:1a:3e:5d:20:2d:a9:f4:
b0:69:f0:a2:2e:5e:59:05:13:fa:d2:a3:b8:3c:96:
3a:15:a3:af:f9:18:0e:1a:13:95:a0:0c:3b:93:0b:
4b:f6:d5:25:6a:38:f2:eb:d4:07:bd:2d:bd:73:9a:
28:db:63:a2:f4:ec:65:30:c3:64:4f:68:ae:98:67:
84:35:9d:40:44:53:9f:95:12:93:32:fc:97:88:83:
bc:8e:98:23:9c:76:67:a8:fb:ed:61:77:1f:4a:cc:
46:33:ea:06:f9:69:1d:ce:ee:43:0b:fb:a5:e1:09:
fd:29:f1:b9:4f:88:93:39:3f:11:73:2f:9e:2f:2e:
69:20:bf:a3:44:17:c5:b2:eb:ff:c9:89:3e:5f:06:
f6:d6:ca:bd:d6:58:c2:cd:ad:9e:83:ad:2d:3a:ed:
8a:76:60:b2:4f:12:84:af:d2:1c:05:e7:31:83:cc:
74:82:4e:75:c6:3c:68:dc:f5:13:5a:b7:fc:5e:90:
20:be:2a:66:ec:1a:a4:c6:05:d9:ed:78:7e:76:3b:
a6:a8:54:55:58:f2:78:14:c3:ba:3c:80:e9:5d:ba:
d0:36:98:fa:a4:15:1f:3a:63:e2:7e:d4:ce:9f:a5:
ce:f3:fe:38:df:00:cb:89:e2:53:ac:d0:f0:03:6e:
0f:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:6E:D2:30:CC:CB:17:BF:F9:30:30:A1:E5:8D:36:A8:40:A7:1F:3F
X509v3 Authority Key Identifier:
keyid:C6:F5:3C:03:D2:F4:E7:F0:7A:81:EA:90:3E:CE:F0:1D:68:C6:81:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xvU8A9L05_B6geqQPs7wHWjGgTc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/Jm7SMMzLF7_5MDCh5Y02qECnHz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/xvU8A9L05_B6geqQPs7wHWjGgTc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.10.89.0/24
IPv6:
2a13:d8c0::/29
Signature Algorithm: sha256WithRSAEncryption
6e:44:53:b1:2a:14:e3:f3:7a:53:5c:3c:68:ab:bc:cd:cf:cf:
45:fa:b2:a3:72:69:20:64:3d:a4:6c:b3:51:65:9d:74:2a:66:
f4:fd:c9:26:d6:d0:0c:19:39:ef:b3:fb:67:68:f9:a6:86:26:
53:c2:ee:c1:dc:c3:bc:ad:3f:96:d0:10:45:bb:ad:8a:79:c1:
a0:81:be:ef:ce:8b:ad:e2:ac:70:c6:04:8e:39:e7:88:96:a3:
08:fe:58:26:9a:4f:96:e9:d9:07:6b:ae:87:23:4a:08:1f:d2:
63:ed:15:b9:82:4b:7f:2d:97:74:a1:12:d8:aa:f1:c7:50:f3:
95:e1:bc:03:01:cc:90:97:73:56:f4:57:76:50:e8:b5:db:e1:
dc:ba:22:93:7a:e8:61:82:00:8d:8f:0f:bc:3c:2b:4b:bc:28:
cf:3b:21:07:f1:b8:40:b2:af:9e:63:5b:f1:70:9b:12:9b:c4:
41:4e:21:e1:f3:d0:ea:67:b8:7c:ad:40:9d:d8:bf:87:02:ea:
9e:62:99:ba:9e:06:c1:78:9f:c3:8e:48:b5:90:6b:2b:2c:b9:
2c:ba:35:7f:75:20:b6:0b:d5:ca:cb:44:2e:55:89:04:82:b6:
02:2f:49:0b:4c:6d:34:18:0f:b2:e5:3d:56:2d:a9:06:9a:29:
e3:21:aa:10
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZSTeUmQowXiN71MKHXWwtqMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZjUzYzAzZDJmNGU3ZjA3YTgxZWE5MDNlY2VmMDFkNjhj
NjgxMzcwHhcNMjUwMTIzMTQwMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjZlZDIzMGNjY2IxN2JmZjkzMDMwYTFlNThkMzZhODQwYTcxZjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7eKLZcFPYxo+XSAtqfSwafCiLl5Z
BRP60qO4PJY6FaOv+RgOGhOVoAw7kwtL9tUlajjy69QHvS29c5oo22Oi9OxlMMNk
T2iumGeENZ1ARFOflRKTMvyXiIO8jpgjnHZnqPvtYXcfSsxGM+oG+Wkdzu5DC/ul
4Qn9KfG5T4iTOT8Rcy+eLy5pIL+jRBfFsuv/yYk+Xwb21sq91ljCza2eg60tOu2K
dmCyTxKEr9IcBecxg8x0gk51xjxo3PUTWrf8XpAgvipm7BqkxgXZ7Xh+djumqFRV
WPJ4FMO6PIDpXbrQNpj6pBUfOmPiftTOn6XO8/443wDLieJTrNDwA24PKwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCZu0jDMyxe/+TAwoeWNNqhApx8/MB8GA1UdIwQY
MBaAFMb1PAPS9OfweoHqkD7O8B1oxoE3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHZVOEE5TDA1X0I2Z2VxUVBzN3dIV2pHZ1RjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8zYzIyN2MtNDcwNi00Nzg3LTlhMDct
OTBlYTM3MjljNTc0LzEvSm03U01NekxGN181TURDaDVZMDJxRUNuSHo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8zYzIyN2MtNDcwNi00Nzg3LTlhMDctOTBlYTM3MjljNTc0
LzEveHZVOEE5TDA1X0I2Z2VxUVBzN3dIV2pHZ1RjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAsApZMA0E
AgACMAcDBQMqE9jAMA0GCSqGSIb3DQEBCwUAA4IBAQBuRFOxKhTj83pTXDxoq7zN
z89F+rKjcmkgZD2kbLNRZZ10Kmb0/ckm1tAMGTnvs/tnaPmmhiZTwu7B3MO8rT+W
0BBFu62KecGggb7vzout4qxwxgSOOeeIlqMI/lgmmk+W6dkHa66HI0oIH9Jj7RW5
gkt/LZd0oRLYqvHHUPOV4bwDAcyQl3NW9Fd2UOi12+HcuiKTeuhhggCNjw+8PCtL
vCjPOyEH8bhAsq+eY1vxcJsSm8RBTiHh89DqZ7h8rUCd2L+HAuqeYpm6ngbBeJ/D
jki1kGsrLLksujV/dSC2C9XKy0QuVYkEgrYCL0kLTG00GA+y5T1WLakGminjIaoQ
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:00 2025 by rpki-client