Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/cfn6TKAW88btuv56jlvkSc2ZInk.roa
File: cfn6TKAW88btuv56jlvkSc2ZInk.roa (raw, json)
Hash identifier: GSGgn7QP7V/hmoIOAOv2QAlHSZilqTl5HGYQXt+bdrs=
Subject key identifier: 71:F9:FA:4C:A0:16:F3:C6:ED:BA:FE:7A:8E:5B:E4:49:CD:99:22:79
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0196D0EC51889EA794BB5D0B2843A4887558
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/cfn6TKAW88btuv56jlvkSc2ZInk.roa
Signing time: Wed 14 May 2025 22:31:10 +0000
ROA not before: Wed 14 May 2025 22:31:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214834
IP address blocks: 89.144.15.0/24 maxlen: 24
2a02:2fc0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Jun 2025 04:49:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d0:ec:51:88:9e:a7:94:bb:5d:0b:28:43:a4:88:75:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: May 14 22:31:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=71f9fa4ca016f3c6edbafe7a8e5be449cd992279
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:21:1e:67:55:ef:fe:a6:56:5a:b7:7f:cf:2d:
4b:24:53:45:8a:cc:7a:99:d8:d3:2f:b5:d6:f5:b0:
a7:f9:ff:a3:ad:1a:e1:5e:15:d9:7c:7a:57:98:a3:
a7:a4:3f:22:97:e5:31:ab:f9:01:02:8c:a5:43:c5:
74:03:52:dd:75:bc:7b:62:96:8a:7c:4a:cc:0b:60:
23:15:ee:f4:59:80:1c:73:fb:4d:f8:8a:80:67:30:
f4:46:c0:b5:ab:03:2e:70:81:fb:c0:ae:95:f4:af:
60:7e:9b:a6:e4:09:be:ab:e0:fb:bd:19:34:38:46:
6b:dd:ac:8f:c7:4f:6d:ff:c1:71:48:05:83:1e:a4:
b4:88:73:40:23:ad:64:6b:43:2c:b1:19:cf:fc:87:
1d:6a:a6:be:d5:33:1b:f2:ba:6c:42:88:17:a8:dd:
ea:47:50:1a:c6:80:eb:61:21:8b:34:b0:f7:fb:87:
7e:4d:d2:87:72:2c:b7:78:cc:f4:2e:aa:bb:16:49:
4c:3b:35:d7:92:a6:e4:dd:45:9c:98:d5:77:3c:cc:
3e:1a:a3:4f:ae:c6:79:ec:8e:9d:6f:b1:56:8a:98:
43:94:eb:c2:84:11:ec:9c:42:d0:09:d2:79:67:0a:
25:e5:1b:41:5c:d0:ab:04:36:eb:8a:39:44:bf:3d:
68:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:F9:FA:4C:A0:16:F3:C6:ED:BA:FE:7A:8E:5B:E4:49:CD:99:22:79
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/cfn6TKAW88btuv56jlvkSc2ZInk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.144.15.0/24
IPv6:
2a02:2fc0:1::/48
Signature Algorithm: sha256WithRSAEncryption
60:b6:e5:df:38:c3:c9:d3:f6:5d:73:83:4e:50:11:98:3f:25:
20:cb:ea:13:39:9c:28:88:3b:ef:35:5e:89:ca:67:f3:0c:07:
fd:32:85:aa:8a:12:9d:31:63:62:20:8a:7a:ca:73:b0:f9:80:
be:b5:9c:1e:b9:37:f7:b9:ba:a7:82:97:ff:4a:8d:8c:8f:19:
e8:11:e9:9f:8d:4c:25:19:01:22:f5:6b:25:1c:79:91:23:a1:
ba:78:85:51:99:a5:6c:7d:ca:e8:dc:53:10:75:85:66:5d:24:
e0:ea:5b:4f:9b:0e:3f:b2:15:2d:0e:58:17:99:26:2d:9c:7c:
35:e7:dc:89:a2:4d:ed:68:67:c2:fc:79:1f:94:42:75:7f:fd:
a5:4b:66:f0:8d:96:e0:fd:0b:5e:15:cd:a5:65:a6:98:7c:8b:
5a:28:ff:41:a9:4e:b1:19:6a:e8:2c:74:11:26:97:a2:a2:12:
e7:e6:d5:aa:1c:56:9e:60:c8:57:f0:b0:d9:a6:04:aa:94:ff:
b6:27:63:59:77:e3:b6:75:f7:bd:92:5c:42:14:fc:6a:01:b3:
7d:92:29:12:ee:43:15:66:e3:43:81:2a:15:19:97:70:3a:37:
d6:3d:7b:06:b4:63:23:20:34:e4:0c:0a:90:77:96:f0:2e:a4:
83:9a:2b:6f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZbQ7FGInqeUu10LKEOkiHVYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNTE0MjIzMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWY5ZmE0Y2EwMTZmM2M2ZWRiYWZlN2E4ZTViZTQ0OWNkOTkyMjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSEeZ1Xv/qZWWrd/zy1LJFNFisx6
mdjTL7XW9bCn+f+jrRrhXhXZfHpXmKOnpD8il+Uxq/kBAoylQ8V0A1Lddbx7YpaK
fErMC2AjFe70WYAcc/tN+IqAZzD0RsC1qwMucIH7wK6V9K9gfpum5Am+q+D7vRk0
OEZr3ayPx09t/8FxSAWDHqS0iHNAI61ka0MssRnP/Icdaqa+1TMb8rpsQogXqN3q
R1AaxoDrYSGLNLD3+4d+TdKHciy3eMz0Lqq7FklMOzXXkqbk3UWcmNV3PMw+GqNP
rsZ57I6db7FWiphDlOvChBHsnELQCdJ5Zwol5RtBXNCrBDbrijlEvz1oxwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHH5+kygFvPG7br+eo5b5EnNmSJ5MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvY2ZuNlRLQVc4OGJ0dXY1NmpsdmtTYzJaSW5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAWZAPMA8E
AgACMAkDBwAqAi/AAAEwDQYJKoZIhvcNAQELBQADggEBAGC25d84w8nT9l1zg05Q
EZg/JSDL6hM5nCiIO+81XonKZ/MMB/0yhaqKEp0xY2IginrKc7D5gL61nB65N/e5
uqeCl/9KjYyPGegR6Z+NTCUZASL1ayUceZEjobp4hVGZpWx9yujcUxB1hWZdJODq
W0+bDj+yFS0OWBeZJi2cfDXn3ImiTe1oZ8L8eR+UQnV//aVLZvCNluD9C14VzaVl
pph8i1oo/0GpTrEZaugsdBEml6KiEufm1aocVp5gyFfwsNmmBKqU/7YnY1l347Z1
972SXEIU/GoBs32SKRLuQxVm40OBKhUZl3A6N9Y9ewa0YyMgNOQMCpB3lvAupIOa
K28=
-----END CERTIFICATE-----
Generated at Mon Jun 16 09:27:46 2025 by rpki-client