Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/309d36-c420-4321-9540-f3df673ea58c/1/a6Whh1qMHaCLz9si7bMkIx4xg1Y.roa
File: a6Whh1qMHaCLz9si7bMkIx4xg1Y.roa (raw, json)
Hash identifier: R/Syehgq2eEOSio/8bhqr2YXvz+4Ke3qpd0G80XikQo=
Subject key identifier: 6B:A5:A1:87:5A:8C:1D:A0:8B:CF:DB:22:ED:B3:24:23:1E:31:83:56
Certificate issuer: /CN=4d1527d1839bf830360d71590134354e6d904697
Certificate serial: 019422FB2C2CB806D25717E817971AC6ECCA
Authority key identifier: 4D:15:27:D1:83:9B:F8:30:36:0D:71:59:01:34:35:4E:6D:90:46:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TRUn0YOb-DA2DXFZATQ1Tm2QRpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/309d36-c420-4321-9540-f3df673ea58c/1/a6Whh1qMHaCLz9si7bMkIx4xg1Y.roa
Signing time: Wed 01 Jan 2025 17:47:53 +0000
ROA not before: Wed 01 Jan 2025 17:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197033
IP address blocks: 91.224.230.0/23 maxlen: 23
185.97.204.0/22 maxlen: 22
193.34.32.0/22 maxlen: 22
193.34.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/309d36-c420-4321-9540-f3df673ea58c/1/TRUn0YOb-DA2DXFZATQ1Tm2QRpc.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/309d36-c420-4321-9540-f3df673ea58c/1/TRUn0YOb-DA2DXFZATQ1Tm2QRpc.mft
rsync://rpki.ripe.net/repository/DEFAULT/TRUn0YOb-DA2DXFZATQ1Tm2QRpc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 17:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:2c:2c:b8:06:d2:57:17:e8:17:97:1a:c6:ec:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d1527d1839bf830360d71590134354e6d904697
Validity
Not Before: Jan 1 17:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ba5a1875a8c1da08bcfdb22edb324231e318356
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e1:6a:95:41:86:b1:5a:09:e5:ba:05:0b:92:
12:bd:b8:bb:7b:eb:b7:21:7d:c1:0d:52:5c:02:37:
bc:78:22:c3:07:49:f4:20:6d:b7:d8:f8:1c:06:9b:
a2:fc:c5:1e:74:bc:22:5b:8c:d3:72:02:40:b7:84:
7b:c8:76:d5:8a:d9:b4:9f:9b:92:8b:74:62:b2:47:
34:fb:ce:f1:b7:45:c6:49:f2:52:47:06:d9:a2:5f:
0d:74:a4:26:20:13:67:ad:98:eb:07:a1:aa:7e:fc:
41:07:d8:69:81:f9:b3:2f:08:2a:15:41:27:cb:f5:
bf:65:c6:9e:1c:e1:07:d1:df:f8:2a:cb:65:9c:f1:
97:4d:e8:e3:92:83:83:1c:8d:b1:ac:24:1d:ef:bb:
1c:61:5c:8f:5c:da:e7:60:5c:46:fa:5e:43:af:14:
78:61:eb:01:c0:ff:fc:53:99:80:d5:05:91:7d:ff:
03:3c:e0:51:9b:7b:22:b4:51:40:58:c4:99:22:24:
79:ae:b1:6b:8c:35:31:7b:22:1e:48:d0:6a:aa:19:
25:33:c3:98:f8:6c:c3:08:ed:48:dc:d0:3a:f2:41:
43:28:e8:8e:22:46:06:53:9b:3a:1a:6b:00:77:fa:
25:77:8f:55:43:f9:74:fb:61:83:d5:4d:55:c0:7c:
c1:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:A5:A1:87:5A:8C:1D:A0:8B:CF:DB:22:ED:B3:24:23:1E:31:83:56
X509v3 Authority Key Identifier:
keyid:4D:15:27:D1:83:9B:F8:30:36:0D:71:59:01:34:35:4E:6D:90:46:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TRUn0YOb-DA2DXFZATQ1Tm2QRpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/309d36-c420-4321-9540-f3df673ea58c/1/a6Whh1qMHaCLz9si7bMkIx4xg1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/309d36-c420-4321-9540-f3df673ea58c/1/TRUn0YOb-DA2DXFZATQ1Tm2QRpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.230.0/23
185.97.204.0/22
193.34.32.0/22
Signature Algorithm: sha256WithRSAEncryption
85:fd:4c:89:01:7c:bb:2d:6c:4e:f7:ab:93:6f:eb:fc:56:96:
c4:26:04:4d:f5:e0:8a:20:42:df:29:38:e0:2f:45:c2:68:89:
06:75:4e:10:65:88:fb:3f:9c:f4:b4:7b:dd:81:16:15:a8:a2:
38:8d:60:c2:80:12:12:c1:0f:29:83:94:58:64:3b:de:25:24:
a1:e4:37:d5:97:0e:ce:18:23:7a:ea:75:2d:d7:82:f6:67:90:
86:2b:3b:46:e4:a8:66:87:70:17:83:1d:ca:58:2f:bb:f6:56:
99:83:61:73:16:b9:98:c7:34:47:e7:c5:ab:9e:82:8f:22:b3:
92:05:c1:58:83:2d:10:57:6a:a7:fc:d6:1c:6c:5c:fc:b0:a3:
13:9e:8c:e6:18:a9:05:56:be:1e:c2:b5:e6:85:a8:2f:d6:4a:
74:7e:7d:3c:1e:37:10:57:37:20:aa:66:27:5a:fe:e1:3a:78:
8f:da:06:d0:67:06:a1:bb:80:76:24:01:e2:59:77:05:d4:a6:
f8:c5:ee:5a:79:64:de:46:cf:ca:6e:77:0f:26:fe:39:fe:48:
22:a6:17:24:bd:b7:0e:31:8f:b0:19:07:3f:a1:a0:8a:4c:cb:
9b:d8:72:ae:92:d3:ea:45:26:ca:74:fa:66:9c:d1:7c:65:3d:
5b:d7:f2:73
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQi+ywsuAbSVxfoF5caxuzKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMTUyN2QxODM5YmY4MzAzNjBkNzE1OTAxMzQzNTRlNmQ5
MDQ2OTcwHhcNMjUwMTAxMTc0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmE1YTE4NzVhOGMxZGEwOGJjZmRiMjJlZGIzMjQyMzFlMzE4MzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOFqlUGGsVoJ5boFC5ISvbi7e+u3
IX3BDVJcAje8eCLDB0n0IG232PgcBpui/MUedLwiW4zTcgJAt4R7yHbVitm0n5uS
i3Riskc0+87xt0XGSfJSRwbZol8NdKQmIBNnrZjrB6GqfvxBB9hpgfmzLwgqFUEn
y/W/ZcaeHOEH0d/4KstlnPGXTejjkoODHI2xrCQd77scYVyPXNrnYFxG+l5DrxR4
YesBwP/8U5mA1QWRff8DPOBRm3sitFFAWMSZIiR5rrFrjDUxeyIeSNBqqhklM8OY
+GzDCO1I3NA68kFDKOiOIkYGU5s6GmsAd/old49VQ/l0+2GD1U1VwHzBKQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGuloYdajB2gi8/bIu2zJCMeMYNWMB8GA1UdIwQY
MBaAFE0VJ9GDm/gwNg1xWQE0NU5tkEaXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFJVbjBZT2ItREEyRFhGWkFUUTFUbTJRUnBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8zMDlkMzYtYzQyMC00MzIxLTk1NDAt
ZjNkZjY3M2VhNThjLzEvYTZXaGgxcU1IYUNMejlzaTdiTWtJeDR4ZzFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8zMDlkMzYtYzQyMC00MzIxLTk1NDAtZjNkZjY3M2VhNThj
LzEvVFJVbjBZT2ItREEyRFhGWkFUUTFUbTJRUnBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW+DmAwQC
uWHMAwQCwSIgMA0GCSqGSIb3DQEBCwUAA4IBAQCF/UyJAXy7LWxO96uTb+v8VpbE
JgRN9eCKIELfKTjgL0XCaIkGdU4QZYj7P5z0tHvdgRYVqKI4jWDCgBISwQ8pg5RY
ZDveJSSh5DfVlw7OGCN66nUt14L2Z5CGKztG5Khmh3AXgx3KWC+79laZg2FzFrmY
xzRH58WrnoKPIrOSBcFYgy0QV2qn/NYcbFz8sKMTnozmGKkFVr4ewrXmhagv1kp0
fn08HjcQVzcgqmYnWv7hOniP2gbQZwahu4B2JAHiWXcF1Kb4xe5aeWTeRs/KbncP
Jv45/kgiphckvbcOMY+wGQc/oaCKTMub2HKuktPqRSbKdPpmnNF8ZT1b1/Jz
-----END CERTIFICATE-----
Generated at Wed Apr 23 01:56:38 2025 by rpki-client