Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/c5f714-472c-4856-aa4b-9b21b6f6679a/1/s6yEWsPPsE_jYMdwsDZUmjp8J4Q.roa
File: s6yEWsPPsE_jYMdwsDZUmjp8J4Q.roa (raw, json)
Hash identifier: 7aHvy02DcE2m3coLCeXBwZHNGiDhkrKOoU9qLdUUABA=
Subject key identifier: B3:AC:84:5A:C3:CF:B0:4F:E3:60:C7:70:B0:36:54:9A:3A:7C:27:84
Certificate issuer: /CN=f4c6b7dd5175be8db7a0522f7d4e41c5c42c6b29
Certificate serial: 019695CF90DCBEF02C4E15B9F5F6157695F7
Authority key identifier: F4:C6:B7:DD:51:75:BE:8D:B7:A0:52:2F:7D:4E:41:C5:C4:2C:6B:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Ma33VF1vo23oFIvfU5BxcQsayk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/c5f714-472c-4856-aa4b-9b21b6f6679a/1/s6yEWsPPsE_jYMdwsDZUmjp8J4Q.roa
Signing time: Sat 03 May 2025 11:02:10 +0000
ROA not before: Sat 03 May 2025 11:02:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212136
IP address blocks: 5.172.178.0/24 maxlen: 24
5.181.12.0/24 maxlen: 24
81.22.46.0/24 maxlen: 24
81.22.47.0/24 maxlen: 24
91.214.116.0/24 maxlen: 24
176.56.32.0/24 maxlen: 24
185.228.248.0/24 maxlen: 24
185.247.187.0/24 maxlen: 24
194.31.9.0/24 maxlen: 24
213.232.254.0/24 maxlen: 24
2a10:aa80::/30 maxlen: 30
2a10:aa84::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/c5f714-472c-4856-aa4b-9b21b6f6679a/1/9Ma33VF1vo23oFIvfU5BxcQsayk.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/c5f714-472c-4856-aa4b-9b21b6f6679a/1/9Ma33VF1vo23oFIvfU5BxcQsayk.mft
rsync://rpki.ripe.net/repository/DEFAULT/9Ma33VF1vo23oFIvfU5BxcQsayk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 11:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:95:cf:90:dc:be:f0:2c:4e:15:b9:f5:f6:15:76:95:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4c6b7dd5175be8db7a0522f7d4e41c5c42c6b29
Validity
Not Before: May 3 11:02:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3ac845ac3cfb04fe360c770b036549a3a7c2784
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:35:20:d6:1d:77:a9:2c:fe:e1:7e:da:c4:07:
84:f4:52:ed:b0:a8:53:12:d8:c2:77:3b:70:ff:0a:
16:6d:17:b3:d0:ab:32:29:37:64:8f:2c:78:91:80:
cc:05:d9:96:88:ba:f3:85:00:49:bb:17:e9:4d:22:
46:b4:4f:ef:a9:a2:80:4d:98:52:01:82:fc:fa:70:
27:57:39:31:d8:06:47:f1:5b:d8:7a:cc:00:c8:20:
a3:39:6c:77:8d:97:34:a2:de:c6:b0:e8:d3:4b:f9:
b8:55:f1:90:46:15:ab:c6:fc:62:8c:cf:2f:ad:38:
17:42:97:29:8a:41:81:c6:30:14:a5:ed:86:b3:40:
d8:1f:15:cb:28:b2:cc:40:c4:6e:d3:3f:94:2d:2f:
76:bf:91:2d:49:69:30:9d:42:47:9a:53:55:13:a5:
13:f5:3f:b8:e6:c1:9e:65:6a:54:ba:b2:c9:7a:6b:
4d:29:60:fa:0f:74:d4:8a:66:ce:5d:e6:7e:58:10:
4b:c2:94:f9:f5:93:65:d8:29:67:76:8f:b5:f8:3d:
47:17:80:b1:7b:ba:67:c8:51:fe:a6:01:2a:75:ef:
d8:c6:4b:82:04:1b:09:b7:9b:7e:c5:78:e0:d7:81:
9f:08:a9:22:10:d1:df:44:87:44:2d:de:d6:5c:4f:
97:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:AC:84:5A:C3:CF:B0:4F:E3:60:C7:70:B0:36:54:9A:3A:7C:27:84
X509v3 Authority Key Identifier:
keyid:F4:C6:B7:DD:51:75:BE:8D:B7:A0:52:2F:7D:4E:41:C5:C4:2C:6B:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Ma33VF1vo23oFIvfU5BxcQsayk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c5f714-472c-4856-aa4b-9b21b6f6679a/1/s6yEWsPPsE_jYMdwsDZUmjp8J4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c5f714-472c-4856-aa4b-9b21b6f6679a/1/9Ma33VF1vo23oFIvfU5BxcQsayk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.178.0/24
5.181.12.0/24
81.22.46.0/23
91.214.116.0/24
176.56.32.0/24
185.228.248.0/24
185.247.187.0/24
194.31.9.0/24
213.232.254.0/24
IPv6:
2a10:aa80::/29
Signature Algorithm: sha256WithRSAEncryption
8f:b0:a3:e6:3b:ad:cf:1f:89:0d:59:cd:dc:f8:eb:c8:fe:2f:
f3:4f:b1:a5:1e:87:0a:90:6c:f2:dd:b6:ee:36:82:05:5d:6b:
d6:fe:33:5c:90:1b:fd:ab:78:2d:2a:6f:88:83:13:fe:ad:77:
7f:79:89:18:60:79:9d:15:30:3c:62:ca:f3:71:40:52:d5:6c:
6a:36:7d:b5:d7:4c:bb:85:33:30:f1:9d:29:57:e8:e9:62:0a:
87:39:ed:9f:f8:76:0a:a3:ed:a8:f1:96:72:d4:fe:66:5f:5a:
cc:f0:c0:0c:0d:8e:1e:28:73:19:6b:0d:6d:ee:4e:3f:35:22:
86:3d:35:40:d9:ed:82:c4:1a:a0:e0:c8:84:fe:9b:cb:b5:f8:
a2:f9:28:a7:5b:55:b5:47:04:b1:66:3a:85:4a:86:88:95:65:
4f:47:6e:39:a5:ca:2a:51:ce:e3:c5:36:36:86:38:22:73:32:
cb:49:a1:af:c2:a0:26:f5:f8:9c:39:0f:71:62:d7:70:2a:f2:
f2:ee:39:60:d9:6d:6d:dd:75:68:04:25:76:f9:0a:61:4b:36:
2e:4e:da:ca:17:b5:95:18:e7:f5:ac:0f:6a:57:ff:59:78:91:
e5:b6:77:19:9c:ca:f6:9f:68:b5:1c:ba:7f:f0:97:52:1f:3c:
9f:ba:d7:b5
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZaVz5DcvvAsThW59fYVdpX3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YzZiN2RkNTE3NWJlOGRiN2EwNTIyZjdkNGU0MWM1YzQy
YzZiMjkwHhcNMjUwNTAzMTEwMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2FjODQ1YWMzY2ZiMDRmZTM2MGM3NzBiMDM2NTQ5YTNhN2MyNzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDUg1h13qSz+4X7axAeE9FLtsKhT
EtjCdztw/woWbRez0KsyKTdkjyx4kYDMBdmWiLrzhQBJuxfpTSJGtE/vqaKATZhS
AYL8+nAnVzkx2AZH8VvYeswAyCCjOWx3jZc0ot7GsOjTS/m4VfGQRhWrxvxijM8v
rTgXQpcpikGBxjAUpe2Gs0DYHxXLKLLMQMRu0z+ULS92v5EtSWkwnUJHmlNVE6UT
9T+45sGeZWpUurLJemtNKWD6D3TUimbOXeZ+WBBLwpT59ZNl2Clndo+1+D1HF4Cx
e7pnyFH+pgEqde/YxkuCBBsJt5t+xXjg14GfCKkiENHfRIdELd7WXE+XsQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFLOshFrDz7BP42DHcLA2VJo6fCeEMB8GA1UdIwQY
MBaAFPTGt91Rdb6Nt6BSL31OQcXELGspMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU1hMzNWRjF2bzIzb0ZJdmZVNUJ4Y1FzYXlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9jNWY3MTQtNDcyYy00ODU2LWFhNGIt
OWIyMWI2ZjY2NzlhLzEvczZ5RVdzUFBzRV9qWU1kd3NEWlVtanA4SjRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9jNWY3MTQtNDcyYy00ODU2LWFhNGItOWIyMWI2ZjY2Nzlh
LzEvOU1hMzNWRjF2bzIzb0ZJdmZVNUJ4Y1FzYXlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQABayyAwQA
BbUMAwQBURYuAwQAW9Z0AwQAsDggAwQAueT4AwQAufe7AwQAwh8JAwQA1ej+MA0E
AgACMAcDBQMqEKqAMA0GCSqGSIb3DQEBCwUAA4IBAQCPsKPmO63PH4kNWc3c+OvI
/i/zT7GlHocKkGzy3bbuNoIFXWvW/jNckBv9q3gtKm+IgxP+rXd/eYkYYHmdFTA8
YsrzcUBS1WxqNn2110y7hTMw8Z0pV+jpYgqHOe2f+HYKo+2o8ZZy1P5mX1rM8MAM
DY4eKHMZaw1t7k4/NSKGPTVA2e2CxBqg4MiE/pvLtfii+SinW1W1RwSxZjqFSoaI
lWVPR245pcoqUc7jxTY2hjgiczLLSaGvwqAm9ficOQ9xYtdwKvLy7jlg2W1t3XVo
BCV2+QphSzYuTtrKF7WVGOf1rA9qV/9ZeJHltncZnMr2n2i1HLp/8JdSHzyfute1
-----END CERTIFICATE-----
Generated at Tue May 6 17:58:26 2025 by rpki-client