Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/6094af-72c5-4eb5-98ea-0e2ea6a02182/1/y6xk5yyaeCIuQcfJUMGsvyLuakI.roa
File: y6xk5yyaeCIuQcfJUMGsvyLuakI.roa (raw, json)
Hash identifier: 5cTQO7InxQ4ef2VY7Tlc4nQ2LkIPqai+B4whSvQRHdc=
Subject key identifier: CB:AC:64:E7:2C:9A:78:22:2E:41:C7:C9:50:C1:AC:BF:22:EE:6A:42
Certificate issuer: /CN=4c3393b2a1bd7919859807838ab1e3b0037b8b4f
Certificate serial: 0194221FE8A0ADBBFFD5BF14EB5AE451C464
Authority key identifier: 4C:33:93:B2:A1:BD:79:19:85:98:07:83:8A:B1:E3:B0:03:7B:8B:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TDOTsqG9eRmFmAeDirHjsAN7i08.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/6094af-72c5-4eb5-98ea-0e2ea6a02182/1/y6xk5yyaeCIuQcfJUMGsvyLuakI.roa
Signing time: Wed 01 Jan 2025 13:48:24 +0000
ROA not before: Wed 01 Jan 2025 13:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208138
IP address blocks: 185.251.40.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/6094af-72c5-4eb5-98ea-0e2ea6a02182/1/TDOTsqG9eRmFmAeDirHjsAN7i08.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/6094af-72c5-4eb5-98ea-0e2ea6a02182/1/TDOTsqG9eRmFmAeDirHjsAN7i08.mft
rsync://rpki.ripe.net/repository/DEFAULT/TDOTsqG9eRmFmAeDirHjsAN7i08.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:e8:a0:ad:bb:ff:d5:bf:14:eb:5a:e4:51:c4:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c3393b2a1bd7919859807838ab1e3b0037b8b4f
Validity
Not Before: Jan 1 13:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cbac64e72c9a78222e41c7c950c1acbf22ee6a42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:37:2f:c0:21:31:d1:b1:bc:24:66:5f:85:ff:
ea:3d:73:34:da:4c:fc:93:3c:61:23:65:3a:08:a0:
5c:ec:85:28:bf:13:dc:12:3f:9b:e9:68:99:7e:85:
a4:8d:7f:bd:4a:08:3d:dc:83:5d:4d:f7:ba:5e:80:
c4:61:ef:1a:3f:38:a1:e0:f4:a1:53:ef:8e:25:2e:
1f:8b:39:92:50:8a:7f:2f:34:5a:bb:1a:68:75:e5:
7d:98:49:e4:e1:b2:1e:33:ab:cd:79:3f:25:8a:bd:
2e:14:7c:4d:27:38:85:ba:6b:ae:1b:27:1a:95:e0:
f6:90:25:6f:1a:ed:9b:02:7a:86:af:65:55:b2:99:
15:90:f2:71:cb:81:82:94:21:df:24:27:06:72:3e:
7d:01:9f:3d:c3:2b:bc:37:0f:a0:bb:5c:db:e5:1e:
69:ea:c2:6f:d0:fe:dc:92:68:db:e1:e8:e6:1c:b1:
33:0d:14:6b:b8:cd:91:e1:e0:10:6e:ef:1c:da:8d:
89:d3:bd:20:ca:5b:21:81:b7:b5:75:76:79:68:22:
86:00:12:0d:44:b2:1d:9b:5d:cc:4c:61:3e:65:6e:
fe:97:f7:4d:11:f6:a0:da:ef:38:61:41:38:19:d6:
23:36:8e:39:af:32:b4:b3:1d:67:89:41:c1:8a:c7:
04:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:AC:64:E7:2C:9A:78:22:2E:41:C7:C9:50:C1:AC:BF:22:EE:6A:42
X509v3 Authority Key Identifier:
keyid:4C:33:93:B2:A1:BD:79:19:85:98:07:83:8A:B1:E3:B0:03:7B:8B:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDOTsqG9eRmFmAeDirHjsAN7i08.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/6094af-72c5-4eb5-98ea-0e2ea6a02182/1/y6xk5yyaeCIuQcfJUMGsvyLuakI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/6094af-72c5-4eb5-98ea-0e2ea6a02182/1/TDOTsqG9eRmFmAeDirHjsAN7i08.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.251.40.0/22
Signature Algorithm: sha256WithRSAEncryption
16:36:24:95:ce:80:1a:b5:48:01:7d:82:cf:aa:d0:4d:46:31:
69:d5:2d:b2:53:49:1d:03:45:4c:ee:ba:82:e4:0b:e1:d9:a8:
2e:33:4c:43:54:df:86:c9:91:9c:dd:e7:50:e0:ab:38:25:2f:
47:2e:40:d7:14:e3:e7:78:f0:bd:df:a3:6b:7f:02:8b:1d:0a:
a6:be:c9:0d:39:fa:8d:1a:23:a1:5e:98:63:91:ed:76:1b:18:
2f:96:23:15:d6:38:3a:ab:21:75:53:8c:7f:f6:fb:7a:f7:25:
31:a2:eb:58:4b:39:33:90:35:e1:14:02:83:eb:8c:a7:b7:71:
bf:18:8f:f0:5b:72:60:f3:58:5e:71:91:53:c5:57:d6:f7:83:
e7:32:a3:85:7e:a4:8f:b4:09:be:15:df:df:f5:d3:07:fd:55:
b5:68:ed:d2:e6:03:f1:5a:3e:b7:ae:6e:03:32:a9:29:d6:b3:
d2:70:c2:86:67:7f:3a:81:0c:3b:5b:dc:80:29:b2:35:d6:5a:
b8:52:cc:c2:19:3e:6b:7a:d2:d3:7e:97:45:65:d8:7e:3d:76:
a8:67:ac:dc:c3:a9:2b:e5:65:11:59:70:56:3c:43:ac:05:f0:
9b:bb:d3:f0:f7:9b:37:86:be:4f:03:b8:5e:3c:46:99:ce:7b:
17:01:b0:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH+igrbv/1b8U61rkUcRkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzM5M2IyYTFiZDc5MTk4NTk4MDc4MzhhYjFlM2IwMDM3
YjhiNGYwHhcNMjUwMTAxMTM0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmFjNjRlNzJjOWE3ODIyMmU0MWM3Yzk1MGMxYWNiZjIyZWU2YTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojcvwCEx0bG8JGZfhf/qPXM02kz8
kzxhI2U6CKBc7IUovxPcEj+b6WiZfoWkjX+9Sgg93INdTfe6XoDEYe8aPzih4PSh
U++OJS4fizmSUIp/LzRauxpodeV9mEnk4bIeM6vNeT8lir0uFHxNJziFumuuGyca
leD2kCVvGu2bAnqGr2VVspkVkPJxy4GClCHfJCcGcj59AZ89wyu8Nw+gu1zb5R5p
6sJv0P7ckmjb4ejmHLEzDRRruM2R4eAQbu8c2o2J070gylshgbe1dXZ5aCKGABIN
RLIdm13MTGE+ZW7+l/dNEfag2u84YUE4GdYjNo45rzK0sx1niUHBiscEqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMusZOcsmngiLkHHyVDBrL8i7mpCMB8GA1UdIwQY
MBaAFEwzk7KhvXkZhZgHg4qx47ADe4tPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERPVHNxRzllUm1GbUFlRGlySGpzQU43aTA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi82MDk0YWYtNzJjNS00ZWI1LTk4ZWEt
MGUyZWE2YTAyMTgyLzEveTZ4azV5eWFlQ0l1UWNmSlVNR3N2eUx1YWtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi82MDk0YWYtNzJjNS00ZWI1LTk4ZWEtMGUyZWE2YTAyMTgy
LzEvVERPVHNxRzllUm1GbUFlRGlySGpzQU43aTA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufsoMA0G
CSqGSIb3DQEBCwUAA4IBAQAWNiSVzoAatUgBfYLPqtBNRjFp1S2yU0kdA0VM7rqC
5Avh2aguM0xDVN+GyZGc3edQ4Ks4JS9HLkDXFOPnePC936NrfwKLHQqmvskNOfqN
GiOhXphjke12GxgvliMV1jg6qyF1U4x/9vt69yUxoutYSzkzkDXhFAKD64ynt3G/
GI/wW3Jg81hecZFTxVfW94PnMqOFfqSPtAm+Fd/f9dMH/VW1aO3S5gPxWj63rm4D
Mqkp1rPScMKGZ386gQw7W9yAKbI11lq4UszCGT5retLTfpdFZdh+PXaoZ6zcw6kr
5WURWXBWPEOsBfCbu9Pw95s3hr5PA7hePEaZznsXAbBD
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:57:03 2025 by rpki-client