Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/6QLt8gn6308YVRHTv77skONgyv0.roa
File: 6QLt8gn6308YVRHTv77skONgyv0.roa (raw, json)
Hash identifier: WOVtEt3WWdPmMOLnSpBdtQecprDqkDjMDowLpoTrLSs=
Subject key identifier: E9:02:ED:F2:09:FA:DF:4F:18:55:11:D3:BF:BE:EC:90:E3:60:CA:FD
Certificate issuer: /CN=de87d35bdcab123affc1a91d1736867969709a23
Certificate serial: 0196D297DEC6B0BCA74867C32185A7AB16C0
Authority key identifier: DE:87:D3:5B:DC:AB:12:3A:FF:C1:A9:1D:17:36:86:79:69:70:9A:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ofTW9yrEjr_wakdFzaGeWlwmiM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/6QLt8gn6308YVRHTv77skONgyv0.roa
Signing time: Thu 15 May 2025 06:18:10 +0000
ROA not before: Thu 15 May 2025 06:18:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12686
IP address blocks: 91.199.205.0/24 maxlen: 24
194.8.224.0/23 maxlen: 23
194.8.224.0/24 maxlen: 24
194.8.225.0/24 maxlen: 24
194.145.158.0/24 maxlen: 24
217.14.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/3ofTW9yrEjr_wakdFzaGeWlwmiM.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/3ofTW9yrEjr_wakdFzaGeWlwmiM.mft
rsync://rpki.ripe.net/repository/DEFAULT/3ofTW9yrEjr_wakdFzaGeWlwmiM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 21:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d2:97:de:c6:b0:bc:a7:48:67:c3:21:85:a7:ab:16:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de87d35bdcab123affc1a91d1736867969709a23
Validity
Not Before: May 15 06:18:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e902edf209fadf4f185511d3bfbeec90e360cafd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:3a:d1:32:26:45:ed:0b:42:df:2b:ab:c9:7e:
38:7c:6a:e5:24:5d:c4:09:1f:d4:cb:f7:0c:cc:f8:
59:9c:c3:47:c9:ef:10:29:0a:58:e2:8b:e1:95:26:
0c:b3:ee:3d:91:71:c2:b8:81:7d:ce:88:02:80:8f:
48:38:9b:6b:01:9a:05:fe:ac:e3:a5:9c:f7:9c:95:
22:85:b3:ff:16:ce:24:bd:6a:b9:af:fb:e3:7b:73:
94:61:c9:04:29:20:cc:80:99:49:dd:32:b6:5f:a8:
e0:27:aa:b0:c7:e9:94:29:21:64:1d:79:3d:6b:ce:
9b:92:48:64:b0:35:b5:31:77:8b:81:c8:27:42:8d:
c1:70:a6:cb:c9:1b:30:14:26:46:dd:49:49:6b:f6:
d7:f4:52:27:3f:c6:7b:6a:c2:4a:23:bf:3c:b6:d5:
f8:8d:11:5f:1e:af:74:93:3a:93:0b:23:fc:11:ac:
71:c1:17:b5:4f:a0:7b:b8:ce:d7:ef:30:03:19:e8:
f6:8a:1a:38:e5:96:99:22:a1:2e:3a:38:6c:cf:d2:
d6:f3:01:a0:b1:35:74:41:9d:c2:68:46:89:84:c0:
52:64:96:34:49:34:d3:73:1f:71:2e:75:34:36:ca:
89:5d:fd:52:10:48:64:42:9d:3a:57:91:1d:e5:6e:
59:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:02:ED:F2:09:FA:DF:4F:18:55:11:D3:BF:BE:EC:90:E3:60:CA:FD
X509v3 Authority Key Identifier:
keyid:DE:87:D3:5B:DC:AB:12:3A:FF:C1:A9:1D:17:36:86:79:69:70:9A:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ofTW9yrEjr_wakdFzaGeWlwmiM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/6QLt8gn6308YVRHTv77skONgyv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/3ofTW9yrEjr_wakdFzaGeWlwmiM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.205.0/24
194.8.224.0/23
194.145.158.0/24
217.14.23.0/24
Signature Algorithm: sha256WithRSAEncryption
13:74:00:50:a5:08:82:29:28:43:66:61:36:b5:6f:4a:b9:3c:
f8:7f:2f:ef:68:97:03:00:f9:a3:2a:c6:78:c0:c6:3f:3f:70:
5a:69:ae:11:b2:8c:b5:6a:36:b1:a1:d1:26:32:4c:d6:13:f9:
d7:b0:a4:2e:ad:24:cd:3f:79:a2:81:19:ff:22:45:dc:8b:ce:
4b:39:ba:16:89:bf:92:30:96:49:90:e3:fe:df:2b:dd:e2:87:
00:d0:1e:d2:bd:f9:b8:51:9c:d5:29:09:cd:8a:45:4d:d2:72:
8e:5d:cd:16:40:a2:93:83:a8:f4:da:2e:a4:4d:02:7c:c9:53:
7e:48:44:62:af:fd:1a:37:09:89:b6:13:4a:ac:4e:20:0e:08:
95:88:fb:c5:88:a5:a5:4d:f8:43:1c:ca:d6:63:9e:c9:4c:d7:
5b:ee:66:d0:c8:b5:60:9b:1c:4a:35:73:00:29:4b:4f:e6:68:
0e:5e:d3:6b:ea:40:42:ad:f6:3a:b8:a9:7e:e0:c0:af:c1:ea:
5e:53:b7:c4:93:99:66:8f:63:bc:81:24:f2:c7:5c:e2:b4:b9:
26:89:38:fa:b3:47:88:71:99:1d:1f:ba:75:37:31:f0:4c:53:
8d:ba:bd:a1:4d:95:a3:68:b9:62:24:19:f9:5c:de:16:34:8f:
4b:9d:09:a0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZbSl97GsLynSGfDIYWnqxbAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlODdkMzViZGNhYjEyM2FmZmMxYTkxZDE3MzY4Njc5Njk3
MDlhMjMwHhcNMjUwNTE1MDYxODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTAyZWRmMjA5ZmFkZjRmMTg1NTExZDNiZmJlZWM5MGUzNjBjYWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjrRMiZF7QtC3yuryX44fGrlJF3E
CR/Uy/cMzPhZnMNHye8QKQpY4ovhlSYMs+49kXHCuIF9zogCgI9IOJtrAZoF/qzj
pZz3nJUihbP/Fs4kvWq5r/vje3OUYckEKSDMgJlJ3TK2X6jgJ6qwx+mUKSFkHXk9
a86bkkhksDW1MXeLgcgnQo3BcKbLyRswFCZG3UlJa/bX9FInP8Z7asJKI788ttX4
jRFfHq90kzqTCyP8EaxxwRe1T6B7uM7X7zADGej2iho45ZaZIqEuOjhsz9LW8wGg
sTV0QZ3CaEaJhMBSZJY0STTTcx9xLnU0NsqJXf1SEEhkQp06V5Ed5W5ZhwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOkC7fIJ+t9PGFUR07++7JDjYMr9MB8GA1UdIwQY
MBaAFN6H01vcqxI6/8GpHRc2hnlpcJojMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM29mVFc5eXJFanJfd2FrZEZ6YUdlV2x3bWlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS85MTA3MTYtZjI2Ni00N2YwLTliYWQt
YzIyMzkwZThkOWE2LzEvNlFMdDhnbjYzMDhZVlJIVHY3N3NrT05neXYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS85MTA3MTYtZjI2Ni00N2YwLTliYWQtYzIyMzkwZThkOWE2
LzEvM29mVFc5eXJFanJfd2FrZEZ6YUdlV2x3bWlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW8fNAwQB
wgjgAwQAwpGeAwQA2Q4XMA0GCSqGSIb3DQEBCwUAA4IBAQATdABQpQiCKShDZmE2
tW9KuTz4fy/vaJcDAPmjKsZ4wMY/P3Baaa4Rsoy1ajaxodEmMkzWE/nXsKQurSTN
P3migRn/IkXci85LOboWib+SMJZJkOP+3yvd4ocA0B7Svfm4UZzVKQnNikVN0nKO
Xc0WQKKTg6j02i6kTQJ8yVN+SERir/0aNwmJthNKrE4gDgiViPvFiKWlTfhDHMrW
Y57JTNdb7mbQyLVgmxxKNXMAKUtP5mgOXtNr6kBCrfY6uKl+4MCvwepeU7fEk5lm
j2O8gSTyx1zitLkmiTj6s0eIcZkdH7p1NzHwTFONur2hTZWjaLliJBn5XN4WNI9L
nQmg
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:35:56 2025 by rpki-client