Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/b1cc8d-8808-4c1e-81f0-23ac979d41ad/1/a6Ca0db6IRWqpeQUf-mkPOP5Y6E.roa
File: a6Ca0db6IRWqpeQUf-mkPOP5Y6E.roa (raw, json)
Hash identifier: +wI+O0cNbhPu/Y/iWm666e3mQkbcXkl04FBEwBpeXro=
Subject key identifier: 6B:A0:9A:D1:D6:FA:21:15:AA:A5:E4:14:7F:E9:A4:3C:E3:F9:63:A1
Certificate issuer: /CN=5ad1116513c23d87aacbf5b1bbee39981c7631c1
Certificate serial: 019424B37AC536EAD1B7FD7188A9B9B1CA16
Authority key identifier: 5A:D1:11:65:13:C2:3D:87:AA:CB:F5:B1:BB:EE:39:98:1C:76:31:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WtERZRPCPYeqy_Wxu-45mBx2McE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/b1cc8d-8808-4c1e-81f0-23ac979d41ad/1/a6Ca0db6IRWqpeQUf-mkPOP5Y6E.roa
Signing time: Thu 02 Jan 2025 01:48:49 +0000
ROA not before: Thu 02 Jan 2025 01:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57732
IP address blocks: 195.60.204.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/b1cc8d-8808-4c1e-81f0-23ac979d41ad/1/WtERZRPCPYeqy_Wxu-45mBx2McE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/b1cc8d-8808-4c1e-81f0-23ac979d41ad/1/WtERZRPCPYeqy_Wxu-45mBx2McE.mft
rsync://rpki.ripe.net/repository/DEFAULT/WtERZRPCPYeqy_Wxu-45mBx2McE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 07:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:7a:c5:36:ea:d1:b7:fd:71:88:a9:b9:b1:ca:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ad1116513c23d87aacbf5b1bbee39981c7631c1
Validity
Not Before: Jan 2 01:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ba09ad1d6fa2115aaa5e4147fe9a43ce3f963a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:e3:2d:73:63:16:92:17:b4:f1:a5:de:a6:0b:
41:55:3f:05:b6:7c:83:22:0d:4f:08:38:94:1b:24:
87:86:62:ba:08:80:86:b6:86:10:e8:44:51:f2:b2:
1d:66:ae:f6:52:80:dc:2f:c3:31:67:2e:37:c9:6e:
e4:72:72:f2:66:52:96:74:97:20:fa:c2:3e:0f:b7:
61:90:5a:81:6c:c2:7d:e2:45:96:a1:08:03:99:f6:
1f:f7:37:35:f3:8b:0d:d5:98:50:4c:29:c3:0f:a7:
ec:1d:1e:0c:90:f5:58:34:3f:b5:36:d8:53:6d:15:
a1:29:a2:fc:02:bc:cf:e1:b8:38:8b:15:5d:7b:d1:
26:d9:54:fe:93:11:54:d5:b7:7a:7c:a2:98:7c:81:
b4:7a:1c:15:0f:16:75:91:e3:ab:78:9e:94:f5:a2:
2b:48:8d:0e:53:eb:42:be:de:26:13:25:f5:35:9c:
c6:07:48:eb:eb:92:76:a6:9a:59:7b:ba:d3:ee:dd:
94:f3:e4:9f:7d:bb:fe:ca:13:d2:ff:ab:e7:6a:0b:
cd:72:48:57:6d:a6:94:dc:2e:3c:29:96:87:4f:6a:
3f:df:7c:f7:f9:f8:a5:79:76:67:1f:c7:05:e5:4c:
c8:93:29:7c:fd:84:60:cf:81:1b:12:43:a2:5b:db:
3e:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:A0:9A:D1:D6:FA:21:15:AA:A5:E4:14:7F:E9:A4:3C:E3:F9:63:A1
X509v3 Authority Key Identifier:
keyid:5A:D1:11:65:13:C2:3D:87:AA:CB:F5:B1:BB:EE:39:98:1C:76:31:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WtERZRPCPYeqy_Wxu-45mBx2McE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b1cc8d-8808-4c1e-81f0-23ac979d41ad/1/a6Ca0db6IRWqpeQUf-mkPOP5Y6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/b1cc8d-8808-4c1e-81f0-23ac979d41ad/1/WtERZRPCPYeqy_Wxu-45mBx2McE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.60.204.0/22
Signature Algorithm: sha256WithRSAEncryption
ab:5d:f5:f0:f3:b7:d8:09:82:9a:c0:39:aa:f4:80:28:13:67:
bf:64:28:cd:5e:cb:2c:e1:2d:30:fe:41:15:8a:4a:20:bb:94:
2b:1e:0d:c1:63:fd:db:f1:b2:9a:dd:0a:20:1b:a2:f6:23:80:
ac:2a:7a:3f:9d:b8:75:c3:81:3b:9c:de:3b:7c:f5:69:2e:e2:
d1:80:6c:75:4d:7f:46:05:7c:44:75:24:b1:0c:19:4b:fc:97:
e4:2b:54:49:8a:ff:59:23:04:01:0d:b9:5a:ad:2e:d5:97:96:
e6:73:cd:b9:96:04:67:22:d4:aa:60:76:d5:50:a6:b1:59:3e:
a6:0c:da:0e:af:d4:90:83:fb:88:04:77:c7:d0:a6:e9:f9:0e:
1a:5c:e6:25:5c:fc:f3:57:3b:3f:57:5e:24:d4:56:66:4a:de:
da:5c:8c:31:cb:b8:fd:a0:92:11:25:d7:fe:8c:92:0f:e1:f8:
15:40:91:a3:50:c7:c8:fc:9b:e3:34:97:45:07:dd:74:72:26:
31:aa:ab:f6:c4:43:a3:82:16:b1:2f:bc:ee:a7:b6:3b:7a:11:
7c:cf:f3:b3:74:a7:96:6e:43:8d:8c:ef:a0:57:a6:ce:3c:c6:
a4:21:a1:c7:d8:e6:3d:97:4f:18:c5:fb:f7:e2:46:eb:33:c7:
c3:db:e5:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks3rFNurRt/1xiKm5scoWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhZDExMTY1MTNjMjNkODdhYWNiZjViMWJiZWUzOTk4MWM3
NjMxYzEwHhcNMjUwMTAyMDE0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmEwOWFkMWQ2ZmEyMTE1YWFhNWU0MTQ3ZmU5YTQzY2UzZjk2M2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2uMtc2MWkhe08aXepgtBVT8FtnyD
Ig1PCDiUGySHhmK6CICGtoYQ6ERR8rIdZq72UoDcL8MxZy43yW7kcnLyZlKWdJcg
+sI+D7dhkFqBbMJ94kWWoQgDmfYf9zc184sN1ZhQTCnDD6fsHR4MkPVYND+1NthT
bRWhKaL8ArzP4bg4ixVde9Em2VT+kxFU1bd6fKKYfIG0ehwVDxZ1keOreJ6U9aIr
SI0OU+tCvt4mEyX1NZzGB0jr65J2pppZe7rT7t2U8+Sffbv+yhPS/6vnagvNckhX
baaU3C48KZaHT2o/33z3+fileXZnH8cF5UzIkyl8/YRgz4EbEkOiW9s+3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGugmtHW+iEVqqXkFH/ppDzj+WOhMB8GA1UdIwQY
MBaAFFrREWUTwj2Hqsv1sbvuOZgcdjHBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3RFUlpSUENQWWVxeV9XeHUtNDVtQngyTWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9iMWNjOGQtODgwOC00YzFlLTgxZjAt
MjNhYzk3OWQ0MWFkLzEvYTZDYTBkYjZJUldxcGVRVWYtbWtQT1A1WTZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9iMWNjOGQtODgwOC00YzFlLTgxZjAtMjNhYzk3OWQ0MWFk
LzEvV3RFUlpSUENQWWVxeV9XeHUtNDVtQngyTWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwzzMMA0G
CSqGSIb3DQEBCwUAA4IBAQCrXfXw87fYCYKawDmq9IAoE2e/ZCjNXsss4S0w/kEV
ikogu5QrHg3BY/3b8bKa3QogG6L2I4CsKno/nbh1w4E7nN47fPVpLuLRgGx1TX9G
BXxEdSSxDBlL/JfkK1RJiv9ZIwQBDblarS7Vl5bmc825lgRnItSqYHbVUKaxWT6m
DNoOr9SQg/uIBHfH0Kbp+Q4aXOYlXPzzVzs/V14k1FZmSt7aXIwxy7j9oJIRJdf+
jJIP4fgVQJGjUMfI/JvjNJdFB910ciYxqqv2xEOjghaxL7zup7Y7ehF8z/OzdKeW
bkONjO+gV6bOPMakIaHH2OY9l08Yxfv34kbrM8fD2+Xc
-----END CERTIFICATE-----
Generated at Fri Feb 21 13:06:10 2025 by rpki-client