Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/93620e-7528-4aac-9212-c7857a033962/1/n66sSu3oH6YqRjQYMkqXYnUVvGI.roa
File: n66sSu3oH6YqRjQYMkqXYnUVvGI.roa (raw, json)
Hash identifier: oBf8U9TtdYD0BgLgRABjFu+My106UWYSpVHQ13ZhmvY=
Subject key identifier: 9F:AE:AC:4A:ED:E8:1F:A6:2A:46:34:18:32:4A:97:62:75:15:BC:62
Certificate issuer: /CN=c3a882b10f1ba9ea4ba1fa7706db64747e62a413
Certificate serial: 01942368E5707C648FA78279FC3AE315EA3D
Authority key identifier: C3:A8:82:B1:0F:1B:A9:EA:4B:A1:FA:77:06:DB:64:74:7E:62:A4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w6iCsQ8bqepLofp3BttkdH5ipBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/93620e-7528-4aac-9212-c7857a033962/1/n66sSu3oH6YqRjQYMkqXYnUVvGI.roa
Signing time: Wed 01 Jan 2025 19:47:44 +0000
ROA not before: Wed 01 Jan 2025 19:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 185.220.160.0/22 maxlen: 24
2a0b:f940:1af2::/48 maxlen: 48
2a0b:f940:2af2::/48 maxlen: 48
2a0b:f940:3af2::/48 maxlen: 48
2a0b:f940:4af2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/93620e-7528-4aac-9212-c7857a033962/1/w6iCsQ8bqepLofp3BttkdH5ipBM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/93620e-7528-4aac-9212-c7857a033962/1/w6iCsQ8bqepLofp3BttkdH5ipBM.mft
rsync://rpki.ripe.net/repository/DEFAULT/w6iCsQ8bqepLofp3BttkdH5ipBM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 05:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:e5:70:7c:64:8f:a7:82:79:fc:3a:e3:15:ea:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3a882b10f1ba9ea4ba1fa7706db64747e62a413
Validity
Not Before: Jan 1 19:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9faeac4aede81fa62a463418324a97627515bc62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:5a:3a:88:68:af:08:c4:48:eb:2d:4a:67:89:
b1:5d:79:1d:65:f7:6c:46:0f:ce:52:19:1c:23:ec:
8a:91:b1:06:b2:11:a4:34:bc:17:bb:39:18:47:e5:
a4:0e:16:fe:86:6b:cd:a8:63:fd:c2:d3:a2:a4:13:
64:d2:30:82:48:ab:f0:89:5d:49:ec:5a:fd:1a:48:
64:73:64:13:a8:ca:a4:fe:f5:58:09:da:78:59:76:
3f:05:f7:6a:38:8c:e3:60:32:17:9d:3d:37:f5:3c:
63:fa:cc:7b:97:a6:a2:78:23:f7:68:c5:3b:a7:f4:
72:2e:2d:85:cb:4d:d6:18:1c:98:0b:8b:4d:c9:64:
9e:d6:fd:23:a8:29:87:15:73:16:18:66:b8:27:f6:
bb:29:91:b6:54:8f:21:7d:5f:3e:f2:3f:0b:9b:87:
44:e2:74:92:4a:d4:ea:db:91:ff:22:36:18:5c:5b:
09:1d:b9:ea:d1:7d:14:0d:f6:a1:59:26:1e:23:53:
3b:64:d0:ab:87:bf:6c:12:b1:9f:a0:4d:71:cd:c5:
fb:e1:64:67:39:d4:f9:38:c4:67:ae:cb:f3:5b:fa:
96:e4:04:0f:03:dc:3e:02:83:ed:e9:54:20:80:9c:
55:54:1c:94:68:b1:13:e1:75:7d:3b:74:d5:87:4d:
83:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:AE:AC:4A:ED:E8:1F:A6:2A:46:34:18:32:4A:97:62:75:15:BC:62
X509v3 Authority Key Identifier:
keyid:C3:A8:82:B1:0F:1B:A9:EA:4B:A1:FA:77:06:DB:64:74:7E:62:A4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w6iCsQ8bqepLofp3BttkdH5ipBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/93620e-7528-4aac-9212-c7857a033962/1/n66sSu3oH6YqRjQYMkqXYnUVvGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/93620e-7528-4aac-9212-c7857a033962/1/w6iCsQ8bqepLofp3BttkdH5ipBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.160.0/22
IPv6:
2a0b:f940:1af2::/48
2a0b:f940:2af2::/48
2a0b:f940:3af2::/48
2a0b:f940:4af2::/48
Signature Algorithm: sha256WithRSAEncryption
53:bb:ea:7a:4e:76:6e:6f:29:66:53:86:2d:fb:9c:fe:09:1e:
bf:b5:f2:6f:d6:cd:74:6c:cb:39:3a:36:00:28:5d:5c:25:fd:
2e:40:fa:ae:c4:36:06:2b:82:ab:7a:c9:c2:5d:92:23:55:f4:
c0:ed:b9:a3:87:ff:92:05:41:5a:58:ed:8c:1c:16:f6:22:ab:
42:4f:6b:df:b7:8e:9b:e0:75:93:97:72:93:cb:65:4c:13:18:
1c:57:b1:3f:aa:96:0e:9e:ac:9a:fe:ab:01:57:c9:21:30:aa:
fb:5b:2b:13:03:47:b4:10:61:49:f3:b8:b6:b7:74:86:9d:cc:
39:ce:07:9b:4f:07:f6:20:4f:69:2b:a5:da:2f:7d:8a:34:3f:
0a:fe:f1:fb:7e:e2:bf:c7:05:37:6c:2f:83:cd:34:71:f5:25:
8f:93:3a:72:d8:6e:40:c4:02:0a:3b:ab:ee:0e:a6:a4:ee:5f:
e0:ad:39:90:59:ab:63:12:f1:d9:c4:30:8e:9a:57:c0:ad:3c:
f8:b3:e9:05:0e:b4:ce:fb:0d:9c:e8:72:62:b2:85:35:fb:c8:
de:42:0c:f6:2b:61:61:75:52:ab:a7:b5:5f:73:b1:b1:fb:f8:
1f:24:04:77:40:0d:f5:51:e5:2d:d9:d6:c6:5b:60:ff:91:fa:
95:b8:5f:d4
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZQjaOVwfGSPp4J5/DrjFeo9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYTg4MmIxMGYxYmE5ZWE0YmExZmE3NzA2ZGI2NDc0N2U2
MmE0MTMwHhcNMjUwMTAxMTk0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmFlYWM0YWVkZTgxZmE2MmE0NjM0MTgzMjRhOTc2Mjc1MTViYzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1lo6iGivCMRI6y1KZ4mxXXkdZfds
Rg/OUhkcI+yKkbEGshGkNLwXuzkYR+WkDhb+hmvNqGP9wtOipBNk0jCCSKvwiV1J
7Fr9Gkhkc2QTqMqk/vVYCdp4WXY/BfdqOIzjYDIXnT039Txj+sx7l6aieCP3aMU7
p/RyLi2Fy03WGByYC4tNyWSe1v0jqCmHFXMWGGa4J/a7KZG2VI8hfV8+8j8Lm4dE
4nSSStTq25H/IjYYXFsJHbnq0X0UDfahWSYeI1M7ZNCrh79sErGfoE1xzcX74WRn
OdT5OMRnrsvzW/qW5AQPA9w+AoPt6VQggJxVVByUaLET4XV9O3TVh02D7QIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFJ+urErt6B+mKkY0GDJKl2J1FbxiMB8GA1UdIwQY
MBaAFMOogrEPG6nqS6H6dwbbZHR+YqQTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzZpQ3NROGJxZXBMb2ZwM0J0dGtkSDVpcEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85MzYyMGUtNzUyOC00YWFjLTkyMTIt
Yzc4NTdhMDMzOTYyLzEvbjY2c1N1M29INllxUmpRWU1rcVhZblVWdkdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85MzYyMGUtNzUyOC00YWFjLTkyMTItYzc4NTdhMDMzOTYy
LzEvdzZpQ3NROGJxZXBMb2ZwM0J0dGtkSDVpcEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAMBAIAATAGAwQCudygMCoE
AgACMCQDBwAqC/lAGvIDBwAqC/lAKvIDBwAqC/lAOvIDBwAqC/lASvIwDQYJKoZI
hvcNAQELBQADggEBAFO76npOdm5vKWZThi37nP4JHr+18m/WzXRsyzk6NgAoXVwl
/S5A+q7ENgYrgqt6ycJdkiNV9MDtuaOH/5IFQVpY7YwcFvYiq0JPa9+3jpvgdZOX
cpPLZUwTGBxXsT+qlg6erJr+qwFXySEwqvtbKxMDR7QQYUnzuLa3dIadzDnOB5tP
B/YgT2krpdovfYo0Pwr+8ft+4r/HBTdsL4PNNHH1JY+TOnLYbkDEAgo7q+4OpqTu
X+CtOZBZq2MS8dnEMI6aV8CtPPiz6QUOtM77DZzocmKyhTX7yN5CDPYrYWF1Uqun
tV9zsbH7+B8kBHdADfVR5S3Z1sZbYP+R+pW4X9Q=
-----END CERTIFICATE-----
Generated at Sat Apr 12 16:17:38 2025 by rpki-client