Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/tho_Oim2fG6oOpC9lm3_rQhkP6o.roa
File: tho_Oim2fG6oOpC9lm3_rQhkP6o.roa (raw, json)
Hash identifier: gajdNgv5VSm1WUaD3Z/cNT0EKo6yzIi0tQknhbdntgI=
Subject key identifier: B6:1A:3F:3A:29:B6:7C:6E:A8:3A:90:BD:96:6D:FF:AD:08:64:3F:AA
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0194236A3A0A577AAED1804EDB5ACDF12C98
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/tho_Oim2fG6oOpC9lm3_rQhkP6o.roa
Signing time: Wed 01 Jan 2025 19:49:11 +0000
ROA not before: Wed 01 Jan 2025 19:49:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 38047
IP address blocks: 85.209.254.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 06:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:3a:0a:57:7a:ae:d1:80:4e:db:5a:cd:f1:2c:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 19:49:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b61a3f3a29b67c6ea83a90bd966dffad08643faa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e5:54:26:2f:dd:ed:7a:fc:99:ee:12:4f:9f:
b8:be:b1:85:ba:d0:e4:0f:6a:9a:34:7f:28:bb:1d:
8c:6f:f6:f7:9f:52:43:44:71:ea:8e:0d:48:55:a4:
fd:da:f2:da:13:92:ac:ad:a5:ee:49:48:29:db:ec:
47:d0:b6:00:00:74:66:df:da:e0:ba:09:b1:f2:21:
66:9d:d6:79:26:be:e6:f8:78:a8:a2:b4:fd:67:f6:
50:92:68:4f:ef:fa:2d:de:d1:86:dc:66:83:1b:cb:
aa:80:a4:0e:2a:87:96:52:d9:4c:eb:4e:c9:01:27:
96:bc:ba:b2:4a:89:1d:17:f2:29:8a:23:c1:4b:e5:
6a:0f:62:70:8f:cb:9f:96:af:c0:b5:52:f7:92:8d:
0d:8d:2d:49:ea:28:4d:02:7c:d1:5a:52:5d:fc:2f:
62:80:db:cd:59:01:93:29:0a:9f:4c:e7:85:42:95:
39:80:18:5a:13:b8:80:c9:4d:2d:d2:94:0c:95:c4:
75:af:42:37:e5:8c:50:a8:ec:ab:30:89:0e:10:3a:
08:9f:c9:c3:f9:44:e3:aa:6e:1f:c3:1e:59:46:ee:
95:f4:6c:94:58:d9:81:06:06:0e:d0:9d:93:4a:1d:
83:76:42:0d:70:60:4d:ef:45:03:ce:ab:33:e0:65:
dc:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:1A:3F:3A:29:B6:7C:6E:A8:3A:90:BD:96:6D:FF:AD:08:64:3F:AA
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/tho_Oim2fG6oOpC9lm3_rQhkP6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.254.0/24
Signature Algorithm: sha256WithRSAEncryption
00:45:dc:72:c5:07:66:32:7a:9f:8a:55:11:1c:ae:78:d9:6b:
cd:aa:54:a5:c5:3d:d4:fe:67:58:4c:51:27:4f:25:4c:cb:7a:
1c:4e:5e:55:b7:9e:a9:44:e3:61:19:c8:c7:59:ea:c2:5b:10:
f3:7c:72:9d:72:ec:5f:71:60:07:76:2c:e7:ba:d5:23:99:d0:
e8:5d:fe:83:83:94:fe:07:d2:96:49:2f:69:ba:35:f0:f9:f5:
95:60:37:7d:fd:15:18:31:8b:7b:68:0c:1c:5b:7a:28:ea:2f:
a8:89:94:b0:d3:82:85:7a:8c:4f:a2:12:f6:cc:e0:58:39:c9:
bf:ca:e5:5d:3c:5a:17:26:26:c8:7a:9c:37:70:55:d0:41:23:
24:ad:9e:5e:af:f5:07:aa:15:bb:82:1f:18:d4:87:3b:b3:a5:
57:f0:45:58:df:d7:04:34:ee:18:c1:cc:d9:68:be:a6:02:74:
6f:7f:f4:97:11:cd:1f:dc:d9:ad:c1:34:64:87:45:ea:bc:42:
d7:0e:c8:1c:1e:6f:ef:d1:2e:b4:d8:8d:a5:3c:d9:3b:28:ad:
93:74:59:c4:8a:a0:e9:ae:57:07:42:2d:97:d0:98:7e:6d:4c:
85:74:1d:0c:d9:4e:57:9b:2d:41:60:e3:80:d4:e6:76:63:08:
5c:0c:87:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjajoKV3qu0YBO21rN8SyYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwMTAxMTk0OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjFhM2YzYTI5YjY3YzZlYTgzYTkwYmQ5NjZkZmZhZDA4NjQzZmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruVUJi/d7Xr8me4ST5+4vrGFutDk
D2qaNH8oux2Mb/b3n1JDRHHqjg1IVaT92vLaE5KsraXuSUgp2+xH0LYAAHRm39rg
ugmx8iFmndZ5Jr7m+HioorT9Z/ZQkmhP7/ot3tGG3GaDG8uqgKQOKoeWUtlM607J
ASeWvLqySokdF/IpiiPBS+VqD2Jwj8uflq/AtVL3ko0NjS1J6ihNAnzRWlJd/C9i
gNvNWQGTKQqfTOeFQpU5gBhaE7iAyU0t0pQMlcR1r0I35YxQqOyrMIkOEDoIn8nD
+UTjqm4fwx5ZRu6V9GyUWNmBBgYO0J2TSh2DdkINcGBN70UDzqsz4GXcnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLYaPzoptnxuqDqQvZZt/60IZD+qMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvdGhvX09pbTJmRzZvT3BDOWxtM19yUWhrUDZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdH+MA0G
CSqGSIb3DQEBCwUAA4IBAQAARdxyxQdmMnqfilURHK542WvNqlSlxT3U/mdYTFEn
TyVMy3ocTl5Vt56pRONhGcjHWerCWxDzfHKdcuxfcWAHdiznutUjmdDoXf6Dg5T+
B9KWSS9pujXw+fWVYDd9/RUYMYt7aAwcW3oo6i+oiZSw04KFeoxPohL2zOBYOcm/
yuVdPFoXJibIepw3cFXQQSMkrZ5er/UHqhW7gh8Y1Ic7s6VX8EVY39cENO4YwczZ
aL6mAnRvf/SXEc0f3NmtwTRkh0XqvELXDsgcHm/v0S602I2lPNk7KK2TdFnEiqDp
rlcHQi2X0Jh+bUyFdB0M2U5Xmy1BYOOA1OZ2YwhcDIed
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:36:50 2025 by rpki-client