Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/eafefe-787d-4b2d-b530-8af05ae3192c/1/DFaeiuG21JQh7LgP1wreIhkJwBQ.roa
File: DFaeiuG21JQh7LgP1wreIhkJwBQ.roa (raw, json)
Hash identifier: wxSUZZvHSXnKRZev5eL/xbvmkg1KjmEbGMojvHEIEo0=
Subject key identifier: 0C:56:9E:8A:E1:B6:D4:94:21:EC:B8:0F:D7:0A:DE:22:19:09:C0:14
Certificate issuer: /CN=ebe324c4fff07240eeb1f00e63e635f7cb902f98
Certificate serial: 019420685E3D0F854AB56001202B26E23B31
Authority key identifier: EB:E3:24:C4:FF:F0:72:40:EE:B1:F0:0E:63:E6:35:F7:CB:90:2F:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6-MkxP_wckDusfAOY-Y198uQL5g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/eafefe-787d-4b2d-b530-8af05ae3192c/1/DFaeiuG21JQh7LgP1wreIhkJwBQ.roa
Signing time: Wed 01 Jan 2025 05:48:18 +0000
ROA not before: Wed 01 Jan 2025 05:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60764
IP address blocks: 86.62.12.0/24 maxlen: 32
86.62.13.0/24 maxlen: 32
86.62.14.0/24 maxlen: 32
86.62.15.0/24 maxlen: 32
185.174.192.0/24 maxlen: 32
185.174.193.0/24 maxlen: 32
185.174.194.0/24 maxlen: 32
185.174.195.0/24 maxlen: 32
2a09:3300::/32 maxlen: 32
2a0b:b500::/30 maxlen: 30
2a0b:b500::/31 maxlen: 31
2a0b:b500::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/eafefe-787d-4b2d-b530-8af05ae3192c/1/6-MkxP_wckDusfAOY-Y198uQL5g.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/eafefe-787d-4b2d-b530-8af05ae3192c/1/6-MkxP_wckDusfAOY-Y198uQL5g.mft
rsync://rpki.ripe.net/repository/DEFAULT/6-MkxP_wckDusfAOY-Y198uQL5g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:5e:3d:0f:85:4a:b5:60:01:20:2b:26:e2:3b:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebe324c4fff07240eeb1f00e63e635f7cb902f98
Validity
Not Before: Jan 1 05:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c569e8ae1b6d49421ecb80fd70ade221909c014
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:5e:fd:c2:3a:da:80:46:dd:3c:50:15:38:99:
dd:77:0d:06:06:66:4b:72:32:19:e6:e9:a0:49:f4:
bc:7b:10:e2:86:e4:48:0f:54:52:f9:f2:a4:e0:c4:
f6:fa:a8:0a:6e:1a:08:63:3f:b6:95:af:15:9c:6e:
0a:4e:03:23:6b:72:6d:0c:65:d1:7c:23:4b:a6:14:
55:5f:a9:15:aa:f5:0d:47:b9:01:f3:86:6a:04:71:
66:fa:96:2e:c8:ae:67:03:b4:eb:24:fd:f8:55:c9:
0f:68:d7:6f:f0:6a:21:8c:28:7e:5d:d0:cb:ac:02:
50:56:ee:cc:2a:66:2c:d8:64:39:78:bb:8b:3e:28:
68:ca:51:bf:1c:7d:d7:54:b6:c4:ee:70:b2:0f:c4:
98:c3:7d:86:9e:50:81:10:60:e6:fe:84:72:60:59:
12:07:db:ad:a0:5d:cc:7c:b3:ba:5f:55:cf:a1:a5:
94:e7:24:48:4e:1a:65:ef:cb:22:89:17:50:79:81:
26:9c:d4:bb:92:e5:03:94:73:96:e0:74:82:47:0d:
0c:45:2b:bc:9f:1b:2c:b2:7b:79:90:a9:b0:d9:6f:
72:e0:e1:42:43:67:d3:35:db:4a:c8:64:64:57:83:
e8:50:db:7e:45:fc:07:ad:33:fc:70:ad:8a:1a:cc:
e9:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:56:9E:8A:E1:B6:D4:94:21:EC:B8:0F:D7:0A:DE:22:19:09:C0:14
X509v3 Authority Key Identifier:
keyid:EB:E3:24:C4:FF:F0:72:40:EE:B1:F0:0E:63:E6:35:F7:CB:90:2F:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-MkxP_wckDusfAOY-Y198uQL5g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/eafefe-787d-4b2d-b530-8af05ae3192c/1/DFaeiuG21JQh7LgP1wreIhkJwBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/eafefe-787d-4b2d-b530-8af05ae3192c/1/6-MkxP_wckDusfAOY-Y198uQL5g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.62.12.0/22
185.174.192.0/22
IPv6:
2a09:3300::/32
2a0b:b500::/30
Signature Algorithm: sha256WithRSAEncryption
0e:d1:7f:ec:9d:13:90:e7:59:24:01:26:bf:b4:94:de:e1:06:
92:7d:f5:04:58:b5:2f:20:2f:57:a6:78:90:74:af:e2:03:4f:
f8:ff:9d:7d:b1:a1:b9:0e:f5:b2:76:59:8e:ec:bd:cb:f8:60:
dc:df:2c:80:d2:90:84:4d:18:5c:67:e9:32:d4:3e:77:04:49:
3a:63:66:4a:d8:21:25:18:4e:0f:42:1f:0f:b2:90:e7:27:64:
2f:cf:0c:f3:c5:2b:57:c8:5c:a4:df:59:de:f4:46:ba:83:b9:
f5:41:84:23:0b:6b:e1:07:2d:01:e4:9e:45:ec:2b:37:4c:e3:
ab:f3:60:20:55:03:20:0f:1a:56:77:04:a5:a7:4f:64:e0:18:
c8:6a:dd:40:16:d3:e0:b9:91:fe:ed:94:86:d3:df:4f:6f:ec:
56:37:d1:84:65:47:f7:76:bc:90:29:cd:0f:2c:a5:6c:b1:9f:
e6:ca:45:82:0b:ce:67:4e:ee:4f:e3:00:ef:bc:f7:94:e4:c0:
d4:42:17:be:5c:ce:c6:e1:f2:92:81:2b:46:64:f2:1a:a5:78:
95:29:0b:76:03:87:20:18:99:66:f6:0f:1c:e3:b7:3d:23:09:
d8:d0:b9:08:dc:b0:0d:d6:66:76:5c:c4:4e:81:91:06:92:25:
88:c3:31:ba
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQgaF49D4VKtWABICsm4jsxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZTMyNGM0ZmZmMDcyNDBlZWIxZjAwZTYzZTYzNWY3Y2I5
MDJmOTgwHhcNMjUwMTAxMDU0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzU2OWU4YWUxYjZkNDk0MjFlY2I4MGZkNzBhZGUyMjE5MDljMDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAql79wjragEbdPFAVOJnddw0GBmZL
cjIZ5umgSfS8exDihuRID1RS+fKk4MT2+qgKbhoIYz+2la8VnG4KTgMja3JtDGXR
fCNLphRVX6kVqvUNR7kB84ZqBHFm+pYuyK5nA7TrJP34VckPaNdv8GohjCh+XdDL
rAJQVu7MKmYs2GQ5eLuLPihoylG/HH3XVLbE7nCyD8SYw32GnlCBEGDm/oRyYFkS
B9utoF3MfLO6X1XPoaWU5yRIThpl78siiRdQeYEmnNS7kuUDlHOW4HSCRw0MRSu8
nxsssnt5kKmw2W9y4OFCQ2fTNdtKyGRkV4PoUNt+RfwHrTP8cK2KGszpfQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFAxWnorhttSUIey4D9cK3iIZCcAUMB8GA1UdIwQY
MBaAFOvjJMT/8HJA7rHwDmPmNffLkC+YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNi1Na3hQX3dja0R1c2ZBT1ktWTE5OHVRTDVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9lYWZlZmUtNzg3ZC00YjJkLWI1MzAt
OGFmMDVhZTMxOTJjLzEvREZhZWl1RzIxSlFoN0xnUDF3cmVJaGtKd0JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9lYWZlZmUtNzg3ZC00YjJkLWI1MzAtOGFmMDVhZTMxOTJj
LzEvNi1Na3hQX3dja0R1c2ZBT1ktWTE5OHVRTDVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCVj4MAwQC
ua7AMBQEAgACMA4DBQAqCTMAAwUCKgu1ADANBgkqhkiG9w0BAQsFAAOCAQEADtF/
7J0TkOdZJAEmv7SU3uEGkn31BFi1LyAvV6Z4kHSv4gNP+P+dfbGhuQ71snZZjuy9
y/hg3N8sgNKQhE0YXGfpMtQ+dwRJOmNmStghJRhOD0IfD7KQ5ydkL88M88UrV8hc
pN9Z3vRGuoO59UGEIwtr4QctAeSeRewrN0zjq/NgIFUDIA8aVncEpadPZOAYyGrd
QBbT4LmR/u2UhtPfT2/sVjfRhGVH93a8kCnNDyylbLGf5spFggvOZ07uT+MA77z3
lOTA1EIXvlzOxuHykoErRmTyGqV4lSkLdgOHIBiZZvYPHOO3PSMJ2NC5CNywDdZm
dlzEToGRBpIliMMxug==
-----END CERTIFICATE-----
Generated at Tue May 6 14:12:31 2025 by rpki-client