Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/n6PPvLqOIY-a_F3MLESyDvcvXY0.roa
File: n6PPvLqOIY-a_F3MLESyDvcvXY0.roa (raw, json)
Hash identifier: xZoHr4CQMcrmIiMPTjA0BdI8KURWGLmYwPAm6zg2CKo=
Subject key identifier: 9F:A3:CF:BC:BA:8E:21:8F:9A:FC:5D:CC:2C:44:B2:0E:F7:2F:5D:8D
Certificate issuer: /CN=411dea53467b6c7143eb23d284569a8183b2e82f
Certificate serial: 019421B1E25FD0401449F90A2502CF373807
Authority key identifier: 41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/n6PPvLqOIY-a_F3MLESyDvcvXY0.roa
Signing time: Wed 01 Jan 2025 11:48:13 +0000
ROA not before: Wed 01 Jan 2025 11:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201308
IP address blocks: 84.239.46.0/24 maxlen: 24
2a02:2160:7111::/48 maxlen: 48
2a02:2160:7112::/48 maxlen: 48
2a02:2160:7113::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.mft
rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:e2:5f:d0:40:14:49:f9:0a:25:02:cf:37:38:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=411dea53467b6c7143eb23d284569a8183b2e82f
Validity
Not Before: Jan 1 11:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9fa3cfbcba8e218f9afc5dcc2c44b20ef72f5d8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:4c:9c:30:4e:19:57:51:21:21:a1:d6:a7:58:
3e:ed:0c:2c:e7:eb:08:b8:98:90:4a:ad:f4:c8:d6:
10:41:f3:10:93:3f:50:0a:87:7a:8e:d2:5a:6e:7f:
78:9a:32:78:43:e2:74:62:bf:3c:b7:e1:0f:c3:5f:
78:35:3c:60:4c:de:53:26:d7:1b:b6:a1:0a:36:a4:
e9:d6:7e:7d:fb:55:e1:43:ba:2a:4c:66:39:04:33:
de:cd:31:4c:be:1a:54:4a:3a:80:71:1f:6e:f3:4b:
04:64:ba:ac:9b:ce:83:57:2c:a9:0f:c9:9a:f9:6c:
85:ef:19:2b:4f:b2:32:e1:0a:fe:fd:07:35:42:80:
c3:e4:f3:91:4d:f9:ea:05:84:ed:71:d4:68:de:7e:
26:65:05:d3:a2:b1:67:b3:79:d3:89:9f:da:ee:76:
08:1f:89:ef:6e:89:96:80:23:64:e0:97:36:3e:f9:
c4:11:03:75:d3:0c:3f:60:5a:49:a6:fc:3b:40:ca:
91:b1:e7:1c:57:fa:ea:90:76:c2:4c:7a:69:4a:3f:
d3:84:3a:17:b4:fc:06:0f:8c:37:51:4c:54:ef:3c:
96:88:00:2a:2f:56:40:01:b5:9c:64:19:8f:cb:fe:
50:89:2e:5f:b2:8f:e0:48:45:ae:30:2d:fb:29:48:
05:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:A3:CF:BC:BA:8E:21:8F:9A:FC:5D:CC:2C:44:B2:0E:F7:2F:5D:8D
X509v3 Authority Key Identifier:
keyid:41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/n6PPvLqOIY-a_F3MLESyDvcvXY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.239.46.0/24
IPv6:
2a02:2160:7111::-2a02:2160:7113:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0b:d1:aa:f9:3b:97:d3:b8:ff:4b:66:83:31:8a:3c:3f:eb:4b:
89:36:99:e0:f5:6e:bd:8f:06:4d:63:c0:aa:e2:d7:0a:e7:96:
fc:d7:e3:f8:51:7b:93:a3:cb:6a:83:6b:e8:05:02:08:8e:6d:
8c:27:10:85:97:dd:8e:25:17:7e:eb:7d:7c:9d:8c:56:2f:8b:
48:7f:de:5e:0b:f2:ca:25:f1:9b:12:dd:7a:66:b7:61:36:1c:
ca:08:2c:75:04:69:f0:9b:e8:46:97:6e:4e:00:25:b3:e7:c6:
45:a4:c6:c8:c2:a2:63:6c:50:ad:3f:95:e6:62:ac:6f:fa:7f:
bf:05:57:1a:c8:f6:8a:10:0e:e4:9b:31:a8:18:f3:76:4d:cb:
3a:dc:19:26:10:c6:38:f7:3e:4c:cc:1b:2d:b2:b8:60:ae:03:
4b:c7:49:ee:61:f4:6b:e2:3a:79:aa:ab:39:2e:3f:7b:fa:9d:
c0:3d:8c:b2:78:0c:d9:c1:2e:81:b4:e3:9c:57:9b:02:6a:c6:
d7:7d:5f:3a:df:15:7f:b8:ef:00:70:38:d0:25:d5:cd:36:b4:
e4:36:13:f3:63:b9:c3:58:07:32:b2:a6:3c:dc:fc:38:a3:1e:
bb:d4:c4:30:68:e2:d5:df:88:e6:ff:35:a0:35:6c:76:98:3f:
5a:00:2c:72
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQhseJf0EAUSfkKJQLPNzgHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMWRlYTUzNDY3YjZjNzE0M2ViMjNkMjg0NTY5YTgxODNi
MmU4MmYwHhcNMjUwMTAxMTE0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmEzY2ZiY2JhOGUyMThmOWFmYzVkY2MyYzQ0YjIwZWY3MmY1ZDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUycME4ZV1EhIaHWp1g+7Qws5+sI
uJiQSq30yNYQQfMQkz9QCod6jtJabn94mjJ4Q+J0Yr88t+EPw194NTxgTN5TJtcb
tqEKNqTp1n59+1XhQ7oqTGY5BDPezTFMvhpUSjqAcR9u80sEZLqsm86DVyypD8ma
+WyF7xkrT7Iy4Qr+/Qc1QoDD5PORTfnqBYTtcdRo3n4mZQXTorFns3nTiZ/a7nYI
H4nvbomWgCNk4Jc2PvnEEQN10ww/YFpJpvw7QMqRseccV/rqkHbCTHppSj/ThDoX
tPwGD4w3UUxU7zyWiAAqL1ZAAbWcZBmPy/5QiS5fso/gSEWuMC37KUgF5QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFJ+jz7y6jiGPmvxdzCxEsg73L12NMB8GA1UdIwQY
MBaAFEEd6lNGe2xxQ+sj0oRWmoGDsugvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEt
NDcxMjBiOTA2OWI3LzEvbjZQUHZMcU9JWS1hX0YzTUxFU3lEdmN2WFkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEtNDcxMjBiOTA2OWI3
LzEvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQAVO8uMBoE
AgACMBQwEgMHACoCIWBxEQMHAioCIWBxEDANBgkqhkiG9w0BAQsFAAOCAQEAC9Gq
+TuX07j/S2aDMYo8P+tLiTaZ4PVuvY8GTWPAquLXCueW/Nfj+FF7k6PLaoNr6AUC
CI5tjCcQhZfdjiUXfut9fJ2MVi+LSH/eXgvyyiXxmxLdema3YTYcyggsdQRp8Jvo
RpduTgAls+fGRaTGyMKiY2xQrT+V5mKsb/p/vwVXGsj2ihAO5JsxqBjzdk3LOtwZ
JhDGOPc+TMwbLbK4YK4DS8dJ7mH0a+I6eaqrOS4/e/qdwD2MsngM2cEugbTjnFeb
AmrG131fOt8Vf7jvAHA40CXVzTa05DYT82O5w1gHMrKmPNz8OKMeu9TEMGji1d+I
5v81oDVsdpg/WgAscg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:59 2025 by rpki-client