Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/57889a-50df-4abf-81e5-1b12641f493b/1/y4zgX7Lvz7a-J26BXsPiVoxb_IM.roa
File: y4zgX7Lvz7a-J26BXsPiVoxb_IM.roa (raw, json)
Hash identifier: NtJpJ4/+lfRrM4AtabmrS2+ljg+xewyFLniZOgVUMdA=
Subject key identifier: CB:8C:E0:5F:B2:EF:CF:B6:BE:27:6E:81:5E:C3:E2:56:8C:5B:FC:83
Certificate issuer: /CN=6faae55613fc89586f7bd6de0edca097b8615a6a
Certificate serial: 019421B25549683610123B5A9C0895689954
Authority key identifier: 6F:AA:E5:56:13:FC:89:58:6F:7B:D6:DE:0E:DC:A0:97:B8:61:5A:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b6rlVhP8iVhve9beDtygl7hhWmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/57889a-50df-4abf-81e5-1b12641f493b/1/y4zgX7Lvz7a-J26BXsPiVoxb_IM.roa
Signing time: Wed 01 Jan 2025 11:48:42 +0000
ROA not before: Wed 01 Jan 2025 11:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31898
IP address blocks: 185.208.36.0/22 maxlen: 22
217.74.176.0/22 maxlen: 22
2001:1a30::/48 maxlen: 48
2001:1a30:c000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/57889a-50df-4abf-81e5-1b12641f493b/1/b6rlVhP8iVhve9beDtygl7hhWmo.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/57889a-50df-4abf-81e5-1b12641f493b/1/b6rlVhP8iVhve9beDtygl7hhWmo.mft
rsync://rpki.ripe.net/repository/DEFAULT/b6rlVhP8iVhve9beDtygl7hhWmo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 18:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:55:49:68:36:10:12:3b:5a:9c:08:95:68:99:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6faae55613fc89586f7bd6de0edca097b8615a6a
Validity
Not Before: Jan 1 11:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb8ce05fb2efcfb6be276e815ec3e2568c5bfc83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:65:b9:a7:d7:ac:53:e5:1b:ae:0a:d9:cd:82:
7d:80:a0:ea:ee:d2:5a:3e:af:76:71:14:25:59:0b:
62:45:e6:9c:b2:fe:fb:4f:ac:8f:f1:53:19:60:9f:
e7:53:f4:2a:ad:c1:cc:78:c2:13:0d:59:80:16:0d:
ba:74:cc:db:06:ea:c1:ce:d0:e2:f9:1a:0c:b9:7f:
ce:29:f2:cc:4f:97:26:a7:8b:a4:11:ae:25:0f:0d:
3c:cb:15:4b:6d:69:c1:b9:d6:ff:30:de:0f:b1:1c:
40:b7:44:a4:2f:3a:79:ef:63:df:e0:fc:75:e9:4b:
5c:d0:3e:f3:53:ac:0c:d3:67:dc:18:89:3a:7a:c0:
c2:4b:34:92:c2:3a:17:fd:c3:41:04:af:7d:f2:36:
e1:e6:84:ed:30:2a:b7:96:b8:74:92:2b:81:c4:f0:
96:10:89:aa:a8:8f:16:b5:2f:30:de:fd:b8:1a:79:
28:2c:e1:aa:5c:57:a3:4d:25:5e:05:34:3f:e4:4a:
1f:64:c4:7e:08:57:6f:ac:40:2e:9c:d8:a4:3b:b6:
a9:50:50:a2:ee:02:28:ea:09:5c:f1:62:9f:ca:a4:
8f:c5:9d:75:04:3d:8b:d3:f0:bf:98:83:ba:52:7c:
e9:19:04:59:d3:8f:99:6d:d7:d7:da:c4:1c:e3:ff:
eb:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:8C:E0:5F:B2:EF:CF:B6:BE:27:6E:81:5E:C3:E2:56:8C:5B:FC:83
X509v3 Authority Key Identifier:
keyid:6F:AA:E5:56:13:FC:89:58:6F:7B:D6:DE:0E:DC:A0:97:B8:61:5A:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6rlVhP8iVhve9beDtygl7hhWmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/57889a-50df-4abf-81e5-1b12641f493b/1/y4zgX7Lvz7a-J26BXsPiVoxb_IM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/57889a-50df-4abf-81e5-1b12641f493b/1/b6rlVhP8iVhve9beDtygl7hhWmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.36.0/22
217.74.176.0/22
IPv6:
2001:1a30::/48
2001:1a30:c000::/48
Signature Algorithm: sha256WithRSAEncryption
1b:2d:f1:eb:44:61:1e:0b:ad:18:d1:df:ec:e9:31:1d:74:e6:
35:7a:cb:f4:b7:9a:19:03:19:c4:a9:eb:67:b5:85:89:00:1d:
f5:c7:d2:f2:2c:c4:0e:f7:d3:36:26:96:cc:c8:dc:1b:b7:8b:
1c:36:6a:23:2b:fd:9c:2e:22:53:2c:b0:4a:61:6e:69:81:3f:
72:f4:f1:ac:f1:4c:9d:af:60:37:67:48:53:65:0b:25:cb:a8:
70:2b:d6:51:83:41:e0:0d:7d:12:c0:94:04:34:66:56:83:24:
fe:b1:a6:71:42:d2:81:96:24:f8:50:b4:82:d6:05:0b:09:bd:
98:1a:30:0c:84:57:b6:65:a5:85:0f:88:17:07:e9:e4:fc:de:
6d:e4:33:38:80:42:7a:e2:fd:f1:13:dd:83:01:06:f3:11:c4:
7e:9e:62:1f:47:d1:e8:6e:5b:70:c6:e1:b5:22:6b:57:a0:8f:
aa:5b:3a:47:28:34:2d:b6:78:af:1d:49:aa:98:0e:2a:f0:94:
4e:ee:73:64:6c:10:8a:ae:33:dc:04:b5:b0:75:78:08:c2:09:
6d:00:b5:4e:dc:c2:03:8e:4c:5a:24:1e:2f:c5:e4:40:74:57:
38:f1:97:ab:3c:59:89:ae:2b:7a:1d:64:c5:4c:05:01:6d:3c:
c0:7c:28:e7
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQhslVJaDYQEjtanAiVaJlUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYWFlNTU2MTNmYzg5NTg2ZjdiZDZkZTBlZGNhMDk3Yjg2
MTVhNmEwHhcNMjUwMTAxMTE0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjhjZTA1ZmIyZWZjZmI2YmUyNzZlODE1ZWMzZTI1NjhjNWJmYzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmW5p9esU+UbrgrZzYJ9gKDq7tJa
Pq92cRQlWQtiReacsv77T6yP8VMZYJ/nU/QqrcHMeMITDVmAFg26dMzbBurBztDi
+RoMuX/OKfLMT5cmp4ukEa4lDw08yxVLbWnBudb/MN4PsRxAt0SkLzp572Pf4Px1
6Utc0D7zU6wM02fcGIk6esDCSzSSwjoX/cNBBK998jbh5oTtMCq3lrh0kiuBxPCW
EImqqI8WtS8w3v24GnkoLOGqXFejTSVeBTQ/5EofZMR+CFdvrEAunNikO7apUFCi
7gIo6glc8WKfyqSPxZ11BD2L0/C/mIO6UnzpGQRZ04+ZbdfX2sQc4//rvwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFMuM4F+y78+2vidugV7D4laMW/yDMB8GA1UdIwQY
MBaAFG+q5VYT/IlYb3vW3g7coJe4YVpqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjZybFZoUDhpVmh2ZTliZUR0eWdsN2hoV21vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi81Nzg4OWEtNTBkZi00YWJmLTgxZTUt
MWIxMjY0MWY0OTNiLzEveTR6Z1g3THZ6N2EtSjI2QlhzUGlWb3hiX0lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi81Nzg4OWEtNTBkZi00YWJmLTgxZTUtMWIxMjY0MWY0OTNi
LzEvYjZybFZoUDhpVmh2ZTliZUR0eWdsN2hoV21vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQCudAkAwQC
2UqwMBgEAgACMBIDBwAgARowAAADBwAgARowwAAwDQYJKoZIhvcNAQELBQADggEB
ABst8etEYR4LrRjR3+zpMR105jV6y/S3mhkDGcSp62e1hYkAHfXH0vIsxA730zYm
lszI3Bu3ixw2aiMr/ZwuIlMssEphbmmBP3L08azxTJ2vYDdnSFNlCyXLqHAr1lGD
QeANfRLAlAQ0ZlaDJP6xpnFC0oGWJPhQtILWBQsJvZgaMAyEV7ZlpYUPiBcH6eT8
3m3kMziAQnri/fET3YMBBvMRxH6eYh9H0ehuW3DG4bUia1egj6pbOkcoNC22eK8d
SaqYDirwlE7uc2RsEIquM9wEtbB1eAjCCW0AtU7cwgOOTFokHi/F5EB0Vzjxl6s8
WYmuK3odZMVMBQFtPMB8KOc=
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:05:00 2025 by rpki-client