Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/6fnqLfSahcPJljn9BxT97gT8whY.roa
File: 6fnqLfSahcPJljn9BxT97gT8whY.roa (raw, json)
Hash identifier: XWm/mCKGznzpRI3lncIjTtbaQ3ZRS1sxiBsRGlYEzuM=
Subject key identifier: E9:F9:EA:2D:F4:9A:85:C3:C9:96:39:FD:07:14:FD:EE:04:FC:C2:16
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 0194221FC7792375AB40AF36909E3C7F9AB9
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/6fnqLfSahcPJljn9BxT97gT8whY.roa
Signing time: Wed 01 Jan 2025 13:48:15 +0000
ROA not before: Wed 01 Jan 2025 13:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197600
IP address blocks: 85.219.142.0/24 maxlen: 24
157.25.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:c7:79:23:75:ab:40:af:36:90:9e:3c:7f:9a:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 1 13:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e9f9ea2df49a85c3c99639fd0714fdee04fcc216
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:65:a9:6f:ec:31:5a:e9:2c:ce:c3:1a:83:75:
4f:11:10:28:ee:3e:b4:7f:db:dc:77:08:5b:95:c1:
83:a5:3a:05:f2:fb:36:d3:c4:47:ad:84:86:40:ef:
69:e8:4d:c9:84:05:70:27:8b:f1:d6:b1:9a:1d:72:
1c:80:57:c5:2b:13:de:19:74:b2:3b:2b:01:6b:55:
79:c9:69:45:1e:51:47:15:c5:d0:aa:8d:d3:ba:87:
e5:21:00:2e:35:ae:6c:7f:bf:ae:81:ee:9a:63:48:
01:d5:7d:82:c3:57:9e:2a:49:e8:ea:7e:84:86:93:
bf:f2:3f:68:19:78:8e:74:bd:17:3d:46:28:81:16:
07:3d:14:29:1d:7f:bd:0a:87:9a:8d:26:b4:be:a7:
8a:de:4e:80:03:42:ab:a4:2c:03:7e:44:a7:e5:26:
32:f9:3d:90:b4:e8:f7:48:ce:ff:08:43:7e:bd:aa:
52:c4:75:14:7e:b7:d1:71:3c:6b:8b:3b:c3:85:9a:
3c:f2:63:a8:37:44:57:e2:9e:93:0f:bf:1e:4b:f1:
6f:cb:a0:f6:40:97:c6:e9:cf:8b:42:1b:2e:c8:fe:
55:83:06:2f:99:1e:3b:01:59:d8:62:fb:8e:f2:ca:
b1:75:b4:a6:a5:1b:b9:13:44:a8:53:5e:76:b8:6e:
61:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:F9:EA:2D:F4:9A:85:C3:C9:96:39:FD:07:14:FD:EE:04:FC:C2:16
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/6fnqLfSahcPJljn9BxT97gT8whY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.219.142.0/24
157.25.123.0/24
Signature Algorithm: sha256WithRSAEncryption
68:18:fe:cc:fa:19:9c:d8:46:6b:ea:d1:b0:72:f2:47:c4:05:
ff:02:15:70:c0:8e:06:1d:7c:a8:a5:79:f5:e1:06:c8:02:49:
fa:3d:0a:56:e7:48:bf:31:fe:3f:5d:08:e1:41:51:2f:a7:95:
7b:28:97:92:2a:ef:6b:a2:58:3e:aa:ab:a0:91:cb:8d:e5:69:
0c:b2:a9:f6:ec:c8:01:03:38:98:a6:93:91:87:cf:91:5b:0e:
4e:63:cc:64:9c:1a:48:b5:98:3a:f4:c6:b3:6c:5e:89:87:6d:
26:77:aa:18:f8:cc:f0:2f:1b:80:b1:2d:03:df:c1:ea:64:5c:
dc:be:1d:e8:83:c4:59:22:c1:32:e2:4d:6a:36:7c:0e:49:82:
60:e1:6f:6b:47:ba:98:4f:21:24:af:e3:1e:9b:4f:96:48:86:
bb:de:fb:c3:eb:65:ba:fa:c5:1d:fa:22:26:c7:9f:09:f4:4f:
ce:ca:71:a7:fe:29:14:56:29:31:d4:e9:22:eb:a7:99:54:92:
a4:31:5f:ce:fe:e6:4a:55:58:de:19:52:56:bd:1b:74:3a:04:
ef:72:ae:32:fc:3f:3c:2a:9b:39:cf:a5:b9:7f:a7:c6:dd:93:
ea:03:b1:f6:5a:f7:05:e0:d9:62:8d:92:a6:28:99:51:01:bf:
61:1b:9e:c8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQiH8d5I3WrQK82kJ48f5q5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjUwMTAxMTM0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWY5ZWEyZGY0OWE4NWMzYzk5NjM5ZmQwNzE0ZmRlZTA0ZmNjMjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWWpb+wxWukszsMag3VPERAo7j60
f9vcdwhblcGDpToF8vs208RHrYSGQO9p6E3JhAVwJ4vx1rGaHXIcgFfFKxPeGXSy
OysBa1V5yWlFHlFHFcXQqo3TuoflIQAuNa5sf7+uge6aY0gB1X2Cw1eeKkno6n6E
hpO/8j9oGXiOdL0XPUYogRYHPRQpHX+9CoeajSa0vqeK3k6AA0KrpCwDfkSn5SYy
+T2QtOj3SM7/CEN+vapSxHUUfrfRcTxrizvDhZo88mOoN0RX4p6TD78eS/Fvy6D2
QJfG6c+LQhsuyP5VgwYvmR47AVnYYvuO8sqxdbSmpRu5E0SoU152uG5hlQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOn56i30moXDyZY5/QcU/e4E/MIWMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvNmZucUxmU2FoY1BKbGpuOUJ4VDk3Z1Q4d2hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVduOAwQA
nRl7MA0GCSqGSIb3DQEBCwUAA4IBAQBoGP7M+hmc2EZr6tGwcvJHxAX/AhVwwI4G
HXyopXn14QbIAkn6PQpW50i/Mf4/XQjhQVEvp5V7KJeSKu9rolg+qqugkcuN5WkM
sqn27MgBAziYppORh8+RWw5OY8xknBpItZg69MazbF6Jh20md6oY+MzwLxuAsS0D
38HqZFzcvh3og8RZIsEy4k1qNnwOSYJg4W9rR7qYTyEkr+Mem0+WSIa73vvD62W6
+sUd+iImx58J9E/OynGn/ikUVikx1Oki66eZVJKkMV/O/uZKVVjeGVJWvRt0OgTv
cq4y/D88Kps5z6W5f6fG3ZPqA7H2WvcF4NlijZKmKJlRAb9hG57I
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:27:44 2025 by rpki-client