Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/1e01d2-1a1d-4dc1-a8d5-e45863eac2b4/1/OcEbn_XmC6O6gZW7SE3MnKGMWjc.roa
File: OcEbn_XmC6O6gZW7SE3MnKGMWjc.roa (raw, json)
Hash identifier: Fe9Ge8j9ipTZxLe40zNMZ4cZEJGLX2F8Cq4Mb+IDII4=
Subject key identifier: 39:C1:1B:9F:F5:E6:0B:A3:BA:81:95:BB:48:4D:CC:9C:A1:8C:5A:37
Certificate issuer: /CN=6a0c867c979871c7adb09f7c6219ba5b0645931c
Certificate serial: 019423D6F5F5C103660B120B16FDCB993734
Authority key identifier: 6A:0C:86:7C:97:98:71:C7:AD:B0:9F:7C:62:19:BA:5B:06:45:93:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/agyGfJeYccetsJ98Yhm6WwZFkxw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/1e01d2-1a1d-4dc1-a8d5-e45863eac2b4/1/OcEbn_XmC6O6gZW7SE3MnKGMWjc.roa
Signing time: Wed 01 Jan 2025 21:47:57 +0000
ROA not before: Wed 01 Jan 2025 21:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62434
IP address blocks: 193.28.130.0/24 maxlen: 24
193.28.131.0/24 maxlen: 24
193.28.132.0/24 maxlen: 24
194.49.134.0/24 maxlen: 24
194.49.171.0/24 maxlen: 24
194.49.177.0/24 maxlen: 24
194.49.178.0/24 maxlen: 24
194.49.205.0/24 maxlen: 24
194.49.207.0/24 maxlen: 24
194.49.218.0/24 maxlen: 24
194.49.220.0/24 maxlen: 24
194.49.221.0/24 maxlen: 24
2001:67c:194c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/1e01d2-1a1d-4dc1-a8d5-e45863eac2b4/1/agyGfJeYccetsJ98Yhm6WwZFkxw.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/1e01d2-1a1d-4dc1-a8d5-e45863eac2b4/1/agyGfJeYccetsJ98Yhm6WwZFkxw.mft
rsync://rpki.ripe.net/repository/DEFAULT/agyGfJeYccetsJ98Yhm6WwZFkxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 09:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:f5:f5:c1:03:66:0b:12:0b:16:fd:cb:99:37:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a0c867c979871c7adb09f7c6219ba5b0645931c
Validity
Not Before: Jan 1 21:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=39c11b9ff5e60ba3ba8195bb484dcc9ca18c5a37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:98:48:e6:38:71:54:fd:13:a3:e4:91:c1:a1:
5a:36:19:f4:29:bd:22:d1:e6:12:75:b0:2d:7a:37:
78:d2:ad:1e:d3:4d:16:74:42:32:27:03:c8:da:7e:
b4:0d:c7:ad:6c:15:6a:5d:14:e7:1d:e2:e6:dd:af:
78:6e:5d:71:b0:86:bf:dc:cd:d1:b4:68:70:66:32:
ea:d5:10:5f:72:fe:6d:78:cf:52:1f:5f:21:ce:c0:
d8:de:75:b6:40:54:ca:32:99:3b:67:74:7f:9b:e2:
df:ae:a2:9c:5c:5c:5b:03:9c:37:48:84:5b:62:dc:
c8:f6:a7:d7:3a:ee:84:6a:e7:46:56:08:4e:28:02:
f9:67:e0:fe:63:48:6d:2b:86:f3:89:5e:e7:9c:24:
38:44:5e:6d:62:2a:04:09:47:a1:59:61:f6:b2:84:
72:12:61:fb:ad:41:f5:86:24:72:e9:d7:9a:27:8c:
99:fc:60:a3:51:9b:7f:07:ab:37:31:5d:89:7e:c1:
98:a1:c9:af:b0:0f:74:3b:da:de:1e:91:aa:86:e9:
c2:cc:35:0e:5f:5a:de:1c:c6:86:ff:fe:b4:93:35:
6b:50:35:2e:ae:d4:32:1a:c6:d4:9e:5c:44:7b:a9:
12:09:72:19:c5:81:86:5b:35:fc:de:24:90:ad:0d:
a9:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:C1:1B:9F:F5:E6:0B:A3:BA:81:95:BB:48:4D:CC:9C:A1:8C:5A:37
X509v3 Authority Key Identifier:
keyid:6A:0C:86:7C:97:98:71:C7:AD:B0:9F:7C:62:19:BA:5B:06:45:93:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/agyGfJeYccetsJ98Yhm6WwZFkxw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1e01d2-1a1d-4dc1-a8d5-e45863eac2b4/1/OcEbn_XmC6O6gZW7SE3MnKGMWjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1e01d2-1a1d-4dc1-a8d5-e45863eac2b4/1/agyGfJeYccetsJ98Yhm6WwZFkxw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.28.130.0-193.28.132.255
194.49.134.0/24
194.49.171.0/24
194.49.177.0-194.49.178.255
194.49.205.0/24
194.49.207.0/24
194.49.218.0/24
194.49.220.0/23
IPv6:
2001:67c:194c::/48
Signature Algorithm: sha256WithRSAEncryption
6d:fe:38:74:dc:1c:5d:db:bc:93:ae:05:e7:77:6f:04:89:25:
f0:12:ec:1f:bd:39:a0:53:78:21:b1:78:28:63:07:a6:33:f1:
dd:53:b4:be:31:f2:c2:a9:e4:53:96:d0:5c:59:1a:d8:95:5c:
06:e1:4a:a6:90:4c:10:8a:94:ba:03:d8:76:2c:c5:26:dc:54:
f0:da:8d:5c:1b:b6:e7:77:da:25:b8:63:c3:46:61:a3:27:06:
00:dd:f3:89:55:05:0c:3a:7f:ec:42:84:be:b8:c5:a5:a3:b0:
be:6c:34:c0:1d:ec:47:48:14:83:6a:8b:a0:d4:52:b9:7c:c2:
a0:c7:d5:e3:e4:5f:f2:25:26:37:5f:37:03:32:9e:8e:c8:00:
35:4e:8e:24:d2:bb:a4:23:75:64:84:19:ce:72:16:5b:37:c4:
3d:29:86:2b:50:f5:f7:95:7f:e7:f8:4a:b6:cc:26:e9:d7:2e:
aa:b1:61:e0:3b:7b:88:56:da:d8:12:51:6b:c3:3b:52:10:7f:
e8:f1:31:82:d3:88:9b:07:00:03:a4:06:2d:29:d4:1c:5e:c1:
72:c4:a4:03:92:74:d4:f0:53:b4:a4:62:fa:e4:19:cd:41:ed:
af:0f:a7:60:1c:34:57:06:4d:ca:d4:63:f6:87:43:d1:5e:9f:
61:06:5d:53
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAZQj1vX1wQNmCxILFv3LmTc0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhMGM4NjdjOTc5ODcxYzdhZGIwOWY3YzYyMTliYTViMDY0
NTkzMWMwHhcNMjUwMTAxMjE0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWMxMWI5ZmY1ZTYwYmEzYmE4MTk1YmI0ODRkY2M5Y2ExOGM1YTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ZhI5jhxVP0To+SRwaFaNhn0Kb0i
0eYSdbAtejd40q0e000WdEIyJwPI2n60DcetbBVqXRTnHeLm3a94bl1xsIa/3M3R
tGhwZjLq1RBfcv5teM9SH18hzsDY3nW2QFTKMpk7Z3R/m+LfrqKcXFxbA5w3SIRb
YtzI9qfXOu6EaudGVghOKAL5Z+D+Y0htK4bziV7nnCQ4RF5tYioECUehWWH2soRy
EmH7rUH1hiRy6deaJ4yZ/GCjUZt/B6s3MV2JfsGYocmvsA90O9reHpGqhunCzDUO
X1reHMaG//60kzVrUDUurtQyGsbUnlxEe6kSCXIZxYGGWzX83iSQrQ2pFQIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFDnBG5/15gujuoGVu0hNzJyhjFo3MB8GA1UdIwQY
MBaAFGoMhnyXmHHHrbCffGIZulsGRZMcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWd5R2ZKZVljY2V0c0o5OFlobTZXd1pGa3h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi8xZTAxZDItMWExZC00ZGMxLWE4ZDUt
ZTQ1ODYzZWFjMmI0LzEvT2NFYm5fWG1DNk82Z1pXN1NFM01uS0dNV2pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi8xZTAxZDItMWExZC00ZGMxLWE4ZDUtZTQ1ODYzZWFjMmI0
LzEvYWd5R2ZKZVljY2V0c0o5OFlobTZXd1pGa3h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBGBAIAATBAMAwDBAHBHIID
BADBHIQDBADCMYYDBADCMaswDAMEAMIxsQMEAMIxsgMEAMIxzQMEAMIxzwMEAMIx
2gMEAcIx3DAPBAIAAjAJAwcAIAEGfBlMMA0GCSqGSIb3DQEBCwUAA4IBAQBt/jh0
3Bxd27yTrgXnd28EiSXwEuwfvTmgU3ghsXgoYwemM/HdU7S+MfLCqeRTltBcWRrY
lVwG4UqmkEwQipS6A9h2LMUm3FTw2o1cG7bnd9oluGPDRmGjJwYA3fOJVQUMOn/s
QoS+uMWlo7C+bDTAHexHSBSDaoug1FK5fMKgx9Xj5F/yJSY3XzcDMp6OyAA1To4k
0rukI3VkhBnOchZbN8Q9KYYrUPX3lX/n+Eq2zCbp1y6qsWHgO3uIVtrYElFrwztS
EH/o8TGC04ibBwADpAYtKdQcXsFyxKQDknTU8FO0pGL65BnNQe2vD6dgHDRXBk3K
1GP2h0PRXp9hBl1T
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:02:34 2025 by rpki-client