Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/be306f-0f8c-4674-93ff-2a9712bf603c/1/6zfU2J2wR6MMPAQDPcdRmDUSTTk.roa
File: 6zfU2J2wR6MMPAQDPcdRmDUSTTk.roa (raw, json)
Hash identifier: qvQ90YxdjeGEsA7jHHHCLNHaXx9teWbipOiBvb0hjRc=
Subject key identifier: EB:37:D4:D8:9D:B0:47:A3:0C:3C:04:03:3D:C7:51:98:35:12:4D:39
Certificate issuer: /CN=c00935185c68036a0faedeeaaa6bfef4e62a0c93
Certificate serial: 019421B25CCB3123FA39661C3D6458D71F3F
Authority key identifier: C0:09:35:18:5C:68:03:6A:0F:AE:DE:EA:AA:6B:FE:F4:E6:2A:0C:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wAk1GFxoA2oPrt7qqmv-9OYqDJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/be306f-0f8c-4674-93ff-2a9712bf603c/1/6zfU2J2wR6MMPAQDPcdRmDUSTTk.roa
Signing time: Wed 01 Jan 2025 11:48:44 +0000
ROA not before: Wed 01 Jan 2025 11:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60244
IP address blocks: 185.27.0.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/be306f-0f8c-4674-93ff-2a9712bf603c/1/wAk1GFxoA2oPrt7qqmv-9OYqDJM.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/be306f-0f8c-4674-93ff-2a9712bf603c/1/wAk1GFxoA2oPrt7qqmv-9OYqDJM.mft
rsync://rpki.ripe.net/repository/DEFAULT/wAk1GFxoA2oPrt7qqmv-9OYqDJM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 23:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:5c:cb:31:23:fa:39:66:1c:3d:64:58:d7:1f:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c00935185c68036a0faedeeaaa6bfef4e62a0c93
Validity
Not Before: Jan 1 11:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eb37d4d89db047a30c3c04033dc7519835124d39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:78:a2:bc:92:79:21:2c:95:f9:c6:1e:0f:48:
10:8d:b1:38:bb:74:66:f8:11:08:ad:42:fa:7d:db:
a4:cb:6d:51:48:7d:9b:15:d8:a7:d9:1d:d9:c6:c1:
6c:05:28:38:86:9c:44:19:bb:e9:4b:3c:a3:d2:a8:
ed:55:75:38:30:a7:39:1c:e1:98:ed:fe:c0:b5:b0:
0b:b9:06:29:be:2d:dc:88:5a:cb:9c:9a:84:ae:7b:
5e:20:57:bb:2b:ac:36:2f:69:c0:fe:d0:ed:f7:c8:
5f:4f:1b:ea:02:02:61:29:c0:e0:4f:5e:9a:f7:61:
2c:fe:73:0c:aa:8c:48:81:1b:7d:38:5f:5d:2d:54:
91:5b:04:3e:c8:e6:ec:eb:4c:a4:41:3a:8c:06:ee:
b6:6e:45:86:1f:9a:8b:d9:52:be:c3:97:4d:4e:2a:
c5:33:2a:ff:af:b8:8f:ef:f4:95:4f:59:d4:e3:69:
ac:ed:39:a3:d5:00:b1:52:d5:fd:59:75:45:d9:42:
e4:55:05:a3:84:39:4b:4b:78:ca:bc:df:38:80:c1:
a4:36:3f:44:97:6e:df:62:3f:13:ea:7a:56:2a:15:
3e:13:f0:ff:1a:d5:a9:86:36:23:0f:84:3b:c3:a7:
0f:a4:06:d2:67:02:03:79:b0:43:a1:2f:c2:23:8c:
45:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:37:D4:D8:9D:B0:47:A3:0C:3C:04:03:3D:C7:51:98:35:12:4D:39
X509v3 Authority Key Identifier:
keyid:C0:09:35:18:5C:68:03:6A:0F:AE:DE:EA:AA:6B:FE:F4:E6:2A:0C:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wAk1GFxoA2oPrt7qqmv-9OYqDJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/be306f-0f8c-4674-93ff-2a9712bf603c/1/6zfU2J2wR6MMPAQDPcdRmDUSTTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/be306f-0f8c-4674-93ff-2a9712bf603c/1/wAk1GFxoA2oPrt7qqmv-9OYqDJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.27.0.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:fe:69:8d:0b:51:a5:2e:da:80:31:bf:95:07:aa:d1:e0:9b:
c3:ac:85:7b:74:be:0f:91:7e:3d:57:1c:91:1e:33:09:ed:81:
ea:4a:0c:77:bf:cd:44:e5:7d:88:c2:2d:a9:ba:ac:b2:f2:33:
f5:a7:11:2d:3b:a9:ad:d2:f8:0d:23:df:a7:c7:e1:f9:2e:20:
6e:b4:81:d5:23:2a:c0:42:27:98:8d:12:d7:47:b7:92:d9:af:
82:6c:89:87:e5:f8:58:0c:af:49:30:d0:b1:a6:64:74:35:65:
f7:0e:f9:e6:19:6e:74:84:a5:c2:9e:48:7a:31:82:d6:cf:fb:
a0:de:26:40:d3:13:9d:57:99:8a:e5:08:50:6a:e0:e7:9d:34:
35:d9:5a:ee:ed:9f:da:9f:41:99:01:bf:4e:9d:7d:95:39:64:
70:bb:33:32:b9:84:68:46:5e:71:d2:2e:10:40:3c:52:e4:30:
51:c4:52:ae:e5:23:4d:0e:ff:31:53:12:69:19:0f:12:ea:24:
29:a3:2a:fa:a3:fd:22:5e:f5:6c:0f:af:6b:62:4b:b2:5c:da:
e5:44:e8:44:7a:7f:a0:bf:cb:d8:31:15:4e:3f:bb:e6:61:59:
82:a4:77:39:fa:ab:6b:c5:83:c3:13:40:ef:42:d9:44:47:ec:
47:94:2f:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhslzLMSP6OWYcPWRY1x8/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwMDkzNTE4NWM2ODAzNmEwZmFlZGVlYWFhNmJmZWY0ZTYy
YTBjOTMwHhcNMjUwMTAxMTE0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjM3ZDRkODlkYjA0N2EzMGMzYzA0MDMzZGM3NTE5ODM1MTI0ZDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqniivJJ5ISyV+cYeD0gQjbE4u3Rm
+BEIrUL6fduky21RSH2bFdin2R3ZxsFsBSg4hpxEGbvpSzyj0qjtVXU4MKc5HOGY
7f7AtbALuQYpvi3ciFrLnJqErnteIFe7K6w2L2nA/tDt98hfTxvqAgJhKcDgT16a
92Es/nMMqoxIgRt9OF9dLVSRWwQ+yObs60ykQTqMBu62bkWGH5qL2VK+w5dNTirF
Myr/r7iP7/SVT1nU42ms7Tmj1QCxUtX9WXVF2ULkVQWjhDlLS3jKvN84gMGkNj9E
l27fYj8T6npWKhU+E/D/GtWphjYjD4Q7w6cPpAbSZwIDebBDoS/CI4xF6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOs31NidsEejDDwEAz3HUZg1Ek05MB8GA1UdIwQY
MBaAFMAJNRhcaANqD67e6qpr/vTmKgyTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0FrMUdGeG9BMm9QcnQ3cXFtdi05T1lxREpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9iZTMwNmYtMGY4Yy00Njc0LTkzZmYt
MmE5NzEyYmY2MDNjLzEvNnpmVTJKMndSNk1NUEFRRFBjZFJtRFVTVFRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9iZTMwNmYtMGY4Yy00Njc0LTkzZmYtMmE5NzEyYmY2MDNj
LzEvd0FrMUdGeG9BMm9QcnQ3cXFtdi05T1lxREpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRsAMA0G
CSqGSIb3DQEBCwUAA4IBAQCi/mmNC1GlLtqAMb+VB6rR4JvDrIV7dL4PkX49VxyR
HjMJ7YHqSgx3v81E5X2Iwi2puqyy8jP1pxEtO6mt0vgNI9+nx+H5LiButIHVIyrA
QieYjRLXR7eS2a+CbImH5fhYDK9JMNCxpmR0NWX3DvnmGW50hKXCnkh6MYLWz/ug
3iZA0xOdV5mK5QhQauDnnTQ12Vru7Z/an0GZAb9OnX2VOWRwuzMyuYRoRl5x0i4Q
QDxS5DBRxFKu5SNNDv8xUxJpGQ8S6iQpoyr6o/0iXvVsD69rYkuyXNrlROhEen+g
v8vYMRVOP7vmYVmCpHc5+qtrxYPDE0DvQtlER+xHlC9V
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:55:26 2025 by rpki-client