Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/c475ab-fdd5-492f-813a-61d9a23f3411/1/mz6tpSTyWG1tpsywf2xFprKsdgk.roa
File: mz6tpSTyWG1tpsywf2xFprKsdgk.roa (raw, json)
Hash identifier: TcXisvKqSL089bUIJMzgiUZfK9JnlvU+0pDp8FZCWe4=
Subject key identifier: 9B:3E:AD:A5:24:F2:58:6D:6D:A6:CC:B0:7F:6C:45:A6:B2:AC:76:09
Certificate issuer: /CN=c469fe3d882c93e38e8b6a286a3177dc17e99ac7
Certificate serial: 01941FFA87C1BCD760405FBD13FEEAB43568
Authority key identifier: C4:69:FE:3D:88:2C:93:E3:8E:8B:6A:28:6A:31:77:DC:17:E9:9A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGn-PYgsk-OOi2ooajF33Bfpmsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/c475ab-fdd5-492f-813a-61d9a23f3411/1/mz6tpSTyWG1tpsywf2xFprKsdgk.roa
Signing time: Wed 01 Jan 2025 03:48:19 +0000
ROA not before: Wed 01 Jan 2025 03:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208165
IP address blocks: 178.57.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/c475ab-fdd5-492f-813a-61d9a23f3411/1/xGn-PYgsk-OOi2ooajF33Bfpmsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/c475ab-fdd5-492f-813a-61d9a23f3411/1/xGn-PYgsk-OOi2ooajF33Bfpmsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/xGn-PYgsk-OOi2ooajF33Bfpmsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 15:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:87:c1:bc:d7:60:40:5f:bd:13:fe:ea:b4:35:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c469fe3d882c93e38e8b6a286a3177dc17e99ac7
Validity
Not Before: Jan 1 03:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b3eada524f2586d6da6ccb07f6c45a6b2ac7609
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:2e:0f:c6:66:81:83:33:f3:6f:55:f2:c2:1a:
34:5f:f0:49:5a:2c:22:6b:0d:48:7f:d0:06:ea:ed:
66:c4:ac:cd:01:51:9a:96:2b:03:0f:94:5d:a7:68:
99:e7:f6:7c:ae:db:af:27:2c:de:c2:95:ed:c1:e0:
87:18:62:d0:c6:33:ce:33:0d:c3:1d:75:5b:b7:5e:
87:6e:41:61:ed:d1:f6:a1:b8:e7:fa:e1:83:0e:72:
49:4a:41:9d:b7:86:b9:71:ad:b9:32:6c:07:21:e3:
8e:2b:56:d2:7a:34:c6:c4:c5:1e:b3:26:1f:8c:0b:
41:ff:bf:43:2c:36:99:8d:fc:dd:e1:07:22:bc:a7:
37:52:46:3d:02:41:dc:f4:66:e5:93:e1:d6:f1:44:
0a:f8:85:21:d2:4d:4a:ff:c0:1c:df:3a:d0:c6:30:
87:80:96:e6:54:50:40:f6:26:1a:70:ed:b1:06:37:
ed:2f:b8:fe:6b:42:58:99:e1:82:9e:ac:45:67:20:
3b:1c:98:fa:68:bc:5c:71:5c:6c:bb:a1:2b:16:c7:
c3:ce:83:ec:c0:4e:1c:1c:f4:fe:1b:00:66:25:c0:
6f:56:d6:c0:e9:10:67:db:b1:c0:09:84:5f:8c:72:
bb:91:3a:72:c9:09:d2:4b:44:5f:f5:20:f8:4c:9f:
ba:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:3E:AD:A5:24:F2:58:6D:6D:A6:CC:B0:7F:6C:45:A6:B2:AC:76:09
X509v3 Authority Key Identifier:
keyid:C4:69:FE:3D:88:2C:93:E3:8E:8B:6A:28:6A:31:77:DC:17:E9:9A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGn-PYgsk-OOi2ooajF33Bfpmsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/c475ab-fdd5-492f-813a-61d9a23f3411/1/mz6tpSTyWG1tpsywf2xFprKsdgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/c475ab-fdd5-492f-813a-61d9a23f3411/1/xGn-PYgsk-OOi2ooajF33Bfpmsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.57.95.0/24
Signature Algorithm: sha256WithRSAEncryption
01:6f:7b:7d:16:e1:0a:ec:88:bc:29:52:fb:0a:46:ad:16:0e:
ba:78:76:9f:1f:3f:28:77:9b:df:0e:db:41:cc:26:aa:f5:73:
25:b4:c2:3a:4e:36:7f:87:d7:71:1e:f3:a7:cf:af:06:52:f0:
3a:e5:dd:cb:9e:b8:cf:fe:af:12:7f:f2:fb:26:ec:6d:e4:28:
55:ae:49:38:98:e2:85:b3:aa:5c:58:1c:94:d0:33:0d:b9:22:
cb:c5:b9:5a:12:47:92:9e:28:0b:24:80:5c:3d:b6:38:00:d4:
fe:6e:c7:9f:f7:bd:ef:44:91:9d:21:8b:ed:cc:72:e9:be:8b:
9b:a6:aa:2b:5c:1a:a0:12:7e:b8:9f:87:41:79:6f:c3:00:0d:
d7:b8:a9:cc:1e:ef:f4:0c:b3:72:ab:f4:3b:86:b8:d3:56:d7:
ae:5c:d1:1f:ed:9e:d7:15:1e:65:05:f7:d2:07:32:53:87:a8:
73:e6:f9:52:e4:04:76:99:a6:b4:5e:d3:3a:00:67:e7:3d:eb:
b5:a7:15:52:49:38:58:d4:1e:d9:55:e8:46:60:97:e5:e2:fd:
96:8f:0b:0f:b8:89:6a:7b:a7:a5:08:62:b1:7c:86:d1:04:59:
52:82:31:4e:66:8b:b8:da:fe:80:48:23:1c:e8:d0:81:1d:a8:
37:94:51:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+ofBvNdgQF+9E/7qtDVoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NjlmZTNkODgyYzkzZTM4ZThiNmEyODZhMzE3N2RjMTdl
OTlhYzcwHhcNMjUwMTAxMDM0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjNlYWRhNTI0ZjI1ODZkNmRhNmNjYjA3ZjZjNDVhNmIyYWM3NjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApi4PxmaBgzPzb1Xywho0X/BJWiwi
aw1If9AG6u1mxKzNAVGalisDD5Rdp2iZ5/Z8rtuvJyzewpXtweCHGGLQxjPOMw3D
HXVbt16HbkFh7dH2objn+uGDDnJJSkGdt4a5ca25MmwHIeOOK1bSejTGxMUesyYf
jAtB/79DLDaZjfzd4QcivKc3UkY9AkHc9Gblk+HW8UQK+IUh0k1K/8Ac3zrQxjCH
gJbmVFBA9iYacO2xBjftL7j+a0JYmeGCnqxFZyA7HJj6aLxccVxsu6ErFsfDzoPs
wE4cHPT+GwBmJcBvVtbA6RBn27HACYRfjHK7kTpyyQnSS0Rf9SD4TJ+6lQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJs+raUk8lhtbabMsH9sRaayrHYJMB8GA1UdIwQY
MBaAFMRp/j2ILJPjjotqKGoxd9wX6ZrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEduLVBZZ3NrLU9PaTJvb2FqRjMzQmZwbXNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9jNDc1YWItZmRkNS00OTJmLTgxM2Et
NjFkOWEyM2YzNDExLzEvbXo2dHBTVHlXRzF0cHN5d2YyeEZwcktzZGdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9jNDc1YWItZmRkNS00OTJmLTgxM2EtNjFkOWEyM2YzNDEx
LzEveEduLVBZZ3NrLU9PaTJvb2FqRjMzQmZwbXNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsjlfMA0G
CSqGSIb3DQEBCwUAA4IBAQABb3t9FuEK7Ii8KVL7CkatFg66eHafHz8od5vfDttB
zCaq9XMltMI6TjZ/h9dxHvOnz68GUvA65d3LnrjP/q8Sf/L7Juxt5ChVrkk4mOKF
s6pcWByU0DMNuSLLxblaEkeSnigLJIBcPbY4ANT+bsef973vRJGdIYvtzHLpvoub
pqorXBqgEn64n4dBeW/DAA3XuKnMHu/0DLNyq/Q7hrjTVteuXNEf7Z7XFR5lBffS
BzJTh6hz5vlS5AR2maa0XtM6AGfnPeu1pxVSSThY1B7ZVehGYJfl4v2WjwsPuIlq
e6elCGKxfIbRBFlSgjFOZou42v6ASCMc6NCBHag3lFHJ
-----END CERTIFICATE-----
Generated at Wed Apr 30 00:12:41 2025 by rpki-client