Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/bEmneW6IzbBtlPPMQx-0yJ93b-w.roa
File: bEmneW6IzbBtlPPMQx-0yJ93b-w.roa (raw, json)
Hash identifier: 3HfO6P2h6i8rds9y/v29pBIa5L9isoyl8PZHwa6DXZk=
Subject key identifier: 6C:49:A7:79:6E:88:CD:B0:6D:94:F3:CC:43:1F:B4:C8:9F:77:6F:EC
Certificate issuer: /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial: 019427B67BCCA877C72FF49547D52A07963C
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/bEmneW6IzbBtlPPMQx-0yJ93b-w.roa
Signing time: Thu 02 Jan 2025 15:50:58 +0000
ROA not before: Thu 02 Jan 2025 15:50:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44341
IP address blocks: 195.211.160.0/24 maxlen: 24
195.211.161.0/24 maxlen: 24
195.211.162.0/24 maxlen: 24
195.211.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:7b:cc:a8:77:c7:2f:f4:95:47:d5:2a:07:96:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Validity
Not Before: Jan 2 15:50:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c49a7796e88cdb06d94f3cc431fb4c89f776fec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:d3:80:27:b8:5e:87:86:7e:21:96:71:30:a2:
5a:56:da:56:83:e1:90:82:77:25:ec:b9:50:ba:3a:
d0:c6:24:dc:f0:de:8e:3f:9e:60:a0:45:b8:76:c4:
f4:fa:5d:dd:bc:38:08:a3:cd:f6:df:42:a4:e6:db:
be:21:c9:71:e8:af:7a:db:63:82:04:df:20:36:02:
28:95:84:8c:31:c1:ad:57:0a:a7:0d:28:0a:db:b3:
6c:f2:00:ce:03:73:60:7f:4e:9c:99:37:ad:59:51:
a1:8a:cf:18:e1:8f:eb:a7:37:3b:f1:50:25:a9:25:
08:5b:91:7d:7e:19:dd:27:6a:6e:fc:a9:cc:92:d2:
00:67:a8:b6:70:08:6e:54:21:a5:06:ed:6b:42:3b:
88:3f:ff:90:08:db:d9:e0:b4:e7:e0:57:18:02:94:
bb:35:fb:e7:be:2a:3e:84:4c:df:b5:b1:e7:6a:82:
ed:41:9c:09:8a:44:ff:3b:7d:3d:40:cd:a0:ab:17:
56:0f:19:a6:f0:a4:5f:16:cc:90:a2:25:ec:e7:b1:
27:be:69:6b:f3:0d:d8:be:1b:dd:b2:be:42:dd:76:
3a:fe:aa:9e:80:c8:26:20:cb:ba:88:32:5e:39:63:
75:e7:c4:3b:27:35:ba:b2:d0:fb:b1:99:97:08:86:
09:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:49:A7:79:6E:88:CD:B0:6D:94:F3:CC:43:1F:B4:C8:9F:77:6F:EC
X509v3 Authority Key Identifier:
keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/bEmneW6IzbBtlPPMQx-0yJ93b-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.211.160.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:44:73:f6:76:aa:26:ec:1d:af:6d:f5:f1:ab:14:85:10:31:
d7:77:93:f0:dd:61:93:b6:ff:ff:7f:e5:a6:ac:ad:30:67:36:
ba:2e:0c:da:b7:80:21:b7:60:4b:13:8d:89:23:a0:0c:cc:70:
e5:55:39:77:9f:a1:36:3f:d9:57:74:27:ba:50:c1:ec:99:a0:
ec:ee:17:2f:33:80:67:f7:6e:f0:fe:3f:19:1d:48:c6:f4:cc:
88:4b:18:b9:19:cf:de:50:23:0c:69:6d:f7:9a:70:69:cd:d7:
29:37:04:fc:9f:17:5e:29:72:fd:a2:38:3b:97:7a:b0:4d:39:
e7:b4:f6:17:ee:72:7d:1b:88:a2:79:5a:24:7d:f2:5a:33:19:
20:2e:da:f7:31:bc:e6:3f:cf:11:ef:15:e4:3d:5c:93:0c:87:
48:41:75:5f:a2:c0:0e:64:9f:03:f7:4a:30:ba:50:07:4e:dc:
de:ca:1c:32:4c:a6:ab:c0:33:c2:23:a1:0d:14:9e:e4:22:86:
f5:de:15:ef:ac:14:b3:25:95:6a:92:27:d3:af:bb:10:90:b4:
19:61:47:2b:3a:20:05:06:80:f9:ba:41:94:f1:8f:12:f7:fe:
17:03:17:ed:86:cc:ef:37:90:71:27:b5:1a:24:d7:11:54:50:
05:ed:6c:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntnvMqHfHL/SVR9UqB5Y8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjUwMTAyMTU1MDU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzQ5YTc3OTZlODhjZGIwNmQ5NGYzY2M0MzFmYjRjODlmNzc2ZmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6NOAJ7heh4Z+IZZxMKJaVtpWg+GQ
gncl7LlQujrQxiTc8N6OP55goEW4dsT0+l3dvDgIo83230Kk5tu+Iclx6K9622OC
BN8gNgIolYSMMcGtVwqnDSgK27Ns8gDOA3Ngf06cmTetWVGhis8Y4Y/rpzc78VAl
qSUIW5F9fhndJ2pu/KnMktIAZ6i2cAhuVCGlBu1rQjuIP/+QCNvZ4LTn4FcYApS7
Nfvnvio+hEzftbHnaoLtQZwJikT/O309QM2gqxdWDxmm8KRfFsyQoiXs57Envmlr
8w3Yvhvdsr5C3XY6/qqegMgmIMu6iDJeOWN158Q7JzW6stD7sZmXCIYJGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGxJp3luiM2wbZTzzEMftMifd2/sMB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvYkVtbmVXNkl6YkJ0bFBQTVF4LTB5SjkzYi13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw9OgMA0G
CSqGSIb3DQEBCwUAA4IBAQCaRHP2dqom7B2vbfXxqxSFEDHXd5Pw3WGTtv//f+Wm
rK0wZza6Lgzat4Aht2BLE42JI6AMzHDlVTl3n6E2P9lXdCe6UMHsmaDs7hcvM4Bn
927w/j8ZHUjG9MyISxi5Gc/eUCMMaW33mnBpzdcpNwT8nxdeKXL9ojg7l3qwTTnn
tPYX7nJ9G4iieVokffJaMxkgLtr3MbzmP88R7xXkPVyTDIdIQXVfosAOZJ8D90ow
ulAHTtzeyhwyTKarwDPCI6ENFJ7kIob13hXvrBSzJZVqkifTr7sQkLQZYUcrOiAF
BoD5ukGU8Y8S9/4XAxfthszvN5BxJ7UaJNcRVFAF7WyG
-----END CERTIFICATE-----
Generated at Sun Apr 13 07:56:44 2025 by rpki-client