Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/6b4AHjXfOHFUEdEDBM6-xLegu7Q.roa
File: 6b4AHjXfOHFUEdEDBM6-xLegu7Q.roa (raw, json)
Hash identifier: CQELJJywFd1M5FK0UrmCcbVe48IaobjwIah37IGH5ZI=
Subject key identifier: E9:BE:00:1E:35:DF:38:71:54:11:D1:03:04:CE:BE:C4:B7:A0:BB:B4
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0197513CA38B144C654A15F247C1C22F5D8C
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/6b4AHjXfOHFUEdEDBM6-xLegu7Q.roa
Signing time: Sun 08 Jun 2025 20:30:17 +0000
ROA not before: Sun 08 Jun 2025 20:30:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212177
IP address blocks: 128.0.117.0/24 maxlen: 32
185.120.15.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 20:30:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:51:3c:a3:8b:14:4c:65:4a:15:f2:47:c1:c2:2f:5d:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jun 8 20:30:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e9be001e35df38715411d10304cebec4b7a0bbb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:8d:6e:e3:60:91:71:2f:66:0f:52:f1:f2:cb:
da:f1:0f:55:2e:fb:7f:b7:b2:f2:b3:9f:00:1b:a0:
e6:9b:a2:56:0f:b9:23:a6:40:74:83:17:db:2f:ae:
22:5d:8e:5b:17:f0:8b:84:b7:5a:7d:b7:55:b1:bc:
b6:24:df:c2:36:50:03:c7:b4:e9:35:0e:c1:c7:2c:
17:ac:a0:f4:28:04:6e:09:0a:2c:ef:a7:4b:29:82:
93:9a:c2:f9:ab:25:a6:f5:da:09:79:c6:7f:1d:96:
87:67:64:c2:2f:77:82:f0:8a:1f:79:7e:8a:dc:60:
c6:c7:61:7e:ce:fd:ac:e1:a7:d5:28:7a:e5:de:8f:
b0:38:6d:74:b0:83:7b:04:51:28:8b:17:29:de:ed:
46:60:de:b3:5c:e9:d3:df:08:e2:66:4d:29:58:54:
d2:5b:65:c2:e4:b8:fa:bd:c9:6d:84:9f:7a:57:ba:
81:f0:f1:57:bd:dd:1d:64:fa:33:b3:0c:05:ab:80:
39:b5:10:03:0b:5f:7f:9a:f8:66:54:80:92:b5:50:
48:3b:58:0c:e1:d6:ae:64:e6:85:bb:1c:2e:0b:9b:
f4:44:a4:6a:b2:2a:d0:22:c2:47:88:0f:cc:c8:8a:
a0:c8:a0:ce:d3:9f:fd:dd:10:88:43:be:32:d4:57:
14:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:BE:00:1E:35:DF:38:71:54:11:D1:03:04:CE:BE:C4:B7:A0:BB:B4
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/6b4AHjXfOHFUEdEDBM6-xLegu7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.0.117.0/24
185.120.15.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:70:5d:a1:3a:a9:11:59:90:7b:9c:ad:0d:88:92:4a:ad:ea:
55:8b:ec:ba:7f:c8:88:28:a6:5c:01:7a:bb:f2:4c:29:38:f8:
0b:1e:44:79:66:70:17:0f:37:b5:16:c2:be:eb:bb:5d:b2:ea:
bb:24:b3:6a:9f:05:7b:25:15:bd:3a:b0:90:cc:8a:74:bc:28:
b1:f6:af:6e:97:a8:9e:42:31:ba:40:dc:08:c2:3c:42:19:4b:
19:20:5b:82:22:71:7a:d9:95:9b:3f:cc:ad:4f:68:fd:81:2f:
25:42:59:5c:59:c9:7b:85:3c:81:9e:b8:d0:d5:df:34:dc:33:
06:82:08:f8:91:df:bb:a2:f2:c0:05:48:40:00:d8:4e:3f:76:
0c:ab:a0:28:8e:1e:bb:93:de:3a:b7:87:87:d4:d0:97:8e:15:
0a:2c:5e:34:eb:d1:9f:de:f4:a5:fb:88:75:72:9b:3b:8b:c9:
e0:a0:5e:a7:71:b4:bc:77:79:42:2d:a0:9e:93:f2:ab:59:ba:
8c:b7:ac:e0:c8:c3:76:36:28:1a:b7:8d:8a:21:1c:df:32:8c:
b3:13:eb:63:23:23:fc:4d:f4:58:3a:77:55:e9:7b:63:f0:15:
c9:ff:40:fc:0b:b1:59:9e:a4:d4:32:0f:96:61:84:78:ec:42:
16:45:5b:be
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZdRPKOLFExlShXyR8HCL12MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwNjA4MjAzMDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWJlMDAxZTM1ZGYzODcxNTQxMWQxMDMwNGNlYmVjNGI3YTBiYmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwY1u42CRcS9mD1Lx8sva8Q9VLvt/
t7Lys58AG6Dmm6JWD7kjpkB0gxfbL64iXY5bF/CLhLdafbdVsby2JN/CNlADx7Tp
NQ7BxywXrKD0KARuCQos76dLKYKTmsL5qyWm9doJecZ/HZaHZ2TCL3eC8IofeX6K
3GDGx2F+zv2s4afVKHrl3o+wOG10sIN7BFEoixcp3u1GYN6zXOnT3wjiZk0pWFTS
W2XC5Lj6vclthJ96V7qB8PFXvd0dZPozswwFq4A5tRADC19/mvhmVICStVBIO1gM
4dauZOaFuxwuC5v0RKRqsirQIsJHiA/MyIqgyKDO05/93RCIQ74y1FcULQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOm+AB413zhxVBHRAwTOvsS3oLu0MB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvNmI0QUhqWGZPSEZVRWRFREJNNi14TGVndTdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAgAB1AwQA
uXgPMA0GCSqGSIb3DQEBCwUAA4IBAQC0cF2hOqkRWZB7nK0NiJJKrepVi+y6f8iI
KKZcAXq78kwpOPgLHkR5ZnAXDze1FsK+67tdsuq7JLNqnwV7JRW9OrCQzIp0vCix
9q9ul6ieQjG6QNwIwjxCGUsZIFuCInF62ZWbP8ytT2j9gS8lQllcWcl7hTyBnrjQ
1d803DMGggj4kd+7ovLABUhAANhOP3YMq6Aojh67k946t4eH1NCXjhUKLF4069Gf
3vSl+4h1cps7i8ngoF6ncbS8d3lCLaCek/KrWbqMt6zgyMN2Nigat42KIRzfMoyz
E+tjIyP8TfRYOndV6Xtj8BXJ/0D8C7FZnqTUMg+WYYR47EIWRVu+
-----END CERTIFICATE-----
Generated at Mon Jun 9 06:05:16 2025 by rpki-client