Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/400685-f48e-4ab9-8e3f-042446b70fb1/1/60HEsBaMqcn-eIgLR5xlDOKT3H4.roa
File: 60HEsBaMqcn-eIgLR5xlDOKT3H4.roa (raw, json)
Hash identifier: 92TWLG+yrUdSGxzPqHvt67q91xHgIIuyd/z6PMj19WQ=
Subject key identifier: EB:41:C4:B0:16:8C:A9:C9:FE:78:88:0B:47:9C:65:0C:E2:93:DC:7E
Certificate issuer: /CN=c6169716d0ae64068703140aa3730e3788fdd4c6
Certificate serial: 019659AA3AFCD78563F03091DDF6251DA016
Authority key identifier: C6:16:97:16:D0:AE:64:06:87:03:14:0A:A3:73:0E:37:88:FD:D4:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhaXFtCuZAaHAxQKo3MON4j91MY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/400685-f48e-4ab9-8e3f-042446b70fb1/1/60HEsBaMqcn-eIgLR5xlDOKT3H4.roa
Signing time: Mon 21 Apr 2025 18:44:10 +0000
ROA not before: Mon 21 Apr 2025 18:44:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12679
IP address blocks: 212.8.224.0/23 maxlen: 23
2a07:500::/32 maxlen: 32
2a07:501::/32 maxlen: 32
2a07:502::/32 maxlen: 32
2a07:503::/32 maxlen: 32
2a07:504::/32 maxlen: 32
2a07:505::/32 maxlen: 32
2a07:506::/32 maxlen: 32
2a07:507::/32 maxlen: 32
2a0e:7c40::/32 maxlen: 32
2a0e:7c41::/32 maxlen: 32
2a0e:7c42::/32 maxlen: 32
2a0e:7c43::/32 maxlen: 32
2a0e:7c44::/32 maxlen: 32
2a0e:7c45::/32 maxlen: 32
2a0e:7c46::/32 maxlen: 32
2a0e:7c47::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/400685-f48e-4ab9-8e3f-042446b70fb1/1/xhaXFtCuZAaHAxQKo3MON4j91MY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/400685-f48e-4ab9-8e3f-042446b70fb1/1/xhaXFtCuZAaHAxQKo3MON4j91MY.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhaXFtCuZAaHAxQKo3MON4j91MY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:59:aa:3a:fc:d7:85:63:f0:30:91:dd:f6:25:1d:a0:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6169716d0ae64068703140aa3730e3788fdd4c6
Validity
Not Before: Apr 21 18:44:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eb41c4b0168ca9c9fe78880b479c650ce293dc7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:9c:7e:5e:53:fa:d7:4c:79:02:b0:c8:ae:ff:
e7:2b:1d:f7:23:51:29:fc:d5:f5:7e:a9:b4:2f:7c:
fa:7d:90:58:10:ea:f7:06:7f:45:3e:19:45:6b:59:
5d:3e:dc:57:bc:6c:f5:ba:50:0b:96:0d:8a:13:95:
31:db:83:55:53:f8:83:e4:42:61:6e:e7:5e:99:7d:
c8:fa:2f:a8:f7:ac:9d:c2:34:60:e6:88:d8:4e:d3:
13:6a:f6:f7:a0:df:7f:47:67:d5:7d:54:4d:c6:71:
7f:73:c2:2a:ce:16:0d:77:7c:7a:cd:da:b5:9e:a0:
d8:72:d3:57:1c:c5:76:75:90:e5:93:b0:5f:c7:cf:
a7:3d:df:09:3f:73:23:5b:a3:52:43:8d:86:25:cf:
6a:bc:af:ec:6d:1c:56:f1:7e:ba:5c:29:13:52:28:
11:a4:00:ce:0c:3c:fd:65:30:5a:81:ec:7f:70:e3:
45:b0:f4:f1:2c:8d:70:6b:e6:05:57:68:d8:d4:b8:
4a:9c:15:13:06:53:14:39:f1:89:7c:7a:59:77:14:
f6:89:c1:8f:9f:85:32:fa:47:ce:a4:ed:17:62:85:
68:cb:31:2e:21:d3:4a:77:15:a0:19:55:d3:ea:39:
28:bf:fa:e5:d9:8c:26:58:e6:11:c8:6b:42:e7:6b:
46:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:41:C4:B0:16:8C:A9:C9:FE:78:88:0B:47:9C:65:0C:E2:93:DC:7E
X509v3 Authority Key Identifier:
keyid:C6:16:97:16:D0:AE:64:06:87:03:14:0A:A3:73:0E:37:88:FD:D4:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhaXFtCuZAaHAxQKo3MON4j91MY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/400685-f48e-4ab9-8e3f-042446b70fb1/1/60HEsBaMqcn-eIgLR5xlDOKT3H4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/400685-f48e-4ab9-8e3f-042446b70fb1/1/xhaXFtCuZAaHAxQKo3MON4j91MY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.8.224.0/23
IPv6:
2a07:500::/29
2a0e:7c40::/29
Signature Algorithm: sha256WithRSAEncryption
94:40:22:3e:20:78:a4:5e:8e:b8:9c:cf:a5:4b:5b:49:49:5a:
5a:a3:75:18:71:2f:ef:c3:59:4d:05:f4:03:5f:78:73:1c:fd:
61:f8:1f:29:1a:d3:db:d6:5f:c6:22:ea:2e:4b:fb:a0:85:f4:
2f:fa:cc:33:48:46:fe:da:23:3f:87:09:eb:c5:9d:16:db:9e:
f1:9f:8e:02:bf:db:b5:c3:8a:c8:61:51:40:6d:4d:db:2f:e5:
f9:09:b4:69:e2:89:af:5b:a3:38:a2:82:af:64:b1:1a:c0:85:
13:77:d9:65:d1:23:61:69:08:0f:d5:33:e1:36:c3:8b:2a:d6:
c2:77:2d:98:2d:3b:ab:1b:37:ff:9b:88:9f:65:3d:a9:f2:3d:
4a:43:b7:de:8a:29:84:c8:92:f5:9d:65:64:0f:22:50:e4:62:
4e:f0:ef:a6:e1:bb:83:2a:98:fd:08:ed:c2:fa:38:bc:5f:00:
04:32:4f:d3:1d:58:fc:de:63:e9:85:1c:a2:07:c0:22:74:d2:
eb:f8:b7:42:7a:27:7b:eb:0b:6b:d4:cf:78:77:fc:ee:9d:3a:
a8:cf:d7:77:a8:59:97:4e:cf:f1:72:60:5b:23:24:ea:2b:75:
f6:93:0e:6c:b1:b0:59:d3:1d:4e:3b:1c:9f:53:f7:40:aa:92:
da:9a:d4:7b
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZZZqjr814Vj8DCR3fYlHaAWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTY5NzE2ZDBhZTY0MDY4NzAzMTQwYWEzNzMwZTM3ODhm
ZGQ0YzYwHhcNMjUwNDIxMTg0NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjQxYzRiMDE2OGNhOWM5ZmU3ODg4MGI0NzljNjUwY2UyOTNkYzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJx+XlP610x5ArDIrv/nKx33I1Ep
/NX1fqm0L3z6fZBYEOr3Bn9FPhlFa1ldPtxXvGz1ulALlg2KE5Ux24NVU/iD5EJh
budemX3I+i+o96ydwjRg5ojYTtMTavb3oN9/R2fVfVRNxnF/c8IqzhYNd3x6zdq1
nqDYctNXHMV2dZDlk7Bfx8+nPd8JP3MjW6NSQ42GJc9qvK/sbRxW8X66XCkTUigR
pADODDz9ZTBagex/cONFsPTxLI1wa+YFV2jY1LhKnBUTBlMUOfGJfHpZdxT2icGP
n4Uy+kfOpO0XYoVoyzEuIdNKdxWgGVXT6jkov/rl2YwmWOYRyGtC52tGIQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFOtBxLAWjKnJ/niIC0ecZQzik9x+MB8GA1UdIwQY
MBaAFMYWlxbQrmQGhwMUCqNzDjeI/dTGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhhWEZ0Q3VaQWFIQXhRS28zTU9ONGo5MU1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC80MDA2ODUtZjQ4ZS00YWI5LThlM2Yt
MDQyNDQ2YjcwZmIxLzEvNjBIRXNCYU1xY24tZUlnTFI1eGxET0tUM0g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC80MDA2ODUtZjQ4ZS00YWI5LThlM2YtMDQyNDQ2YjcwZmIx
LzEveGhhWEZ0Q3VaQWFIQXhRS28zTU9ONGo5MU1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQB1AjgMBQE
AgACMA4DBQMqBwUAAwUDKg58QDANBgkqhkiG9w0BAQsFAAOCAQEAlEAiPiB4pF6O
uJzPpUtbSUlaWqN1GHEv78NZTQX0A194cxz9YfgfKRrT29ZfxiLqLkv7oIX0L/rM
M0hG/tojP4cJ68WdFtue8Z+OAr/btcOKyGFRQG1N2y/l+Qm0aeKJr1ujOKKCr2Sx
GsCFE3fZZdEjYWkID9Uz4TbDiyrWwnctmC07qxs3/5uIn2U9qfI9SkO33oophMiS
9Z1lZA8iUORiTvDvpuG7gyqY/Qjtwvo4vF8ABDJP0x1Y/N5j6YUcogfAInTS6/i3
Qnone+sLa9TPeHf87p06qM/Xd6hZl07P8XJgWyMk6it19pMObLGwWdMdTjscn1P3
QKqS2prUew==
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:20:34 2025 by rpki-client