Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/8NPxvkyTqR6Ixim3mZg9TjHpYek.roa
File: 8NPxvkyTqR6Ixim3mZg9TjHpYek.roa (raw, json)
Hash identifier: ZCVW/q5EFz/5xn4Q+Zzpnh05uWai5OkH+s04UcENNhw=
Subject key identifier: F0:D3:F1:BE:4C:93:A9:1E:88:C6:29:B7:99:98:3D:4E:31:E9:61:E9
Certificate issuer: /CN=6161470d39be4ba2dd5df8fa47b16396278e670a
Certificate serial: 0196C44395BE5237E90695A9C0BB7D383184
Authority key identifier: 61:61:47:0D:39:BE:4B:A2:DD:5D:F8:FA:47:B1:63:96:27:8E:67:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YWFHDTm-S6LdXfj6R7FjlieOZwo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/8NPxvkyTqR6Ixim3mZg9TjHpYek.roa
Signing time: Mon 12 May 2025 11:31:25 +0000
ROA not before: Mon 12 May 2025 11:31:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213922
IP address blocks: 62.164.156.0/22 maxlen: 24
91.202.245.0/24 maxlen: 24
91.202.246.0/23 maxlen: 24
2a0c:6ec0:a01::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/YWFHDTm-S6LdXfj6R7FjlieOZwo.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/YWFHDTm-S6LdXfj6R7FjlieOZwo.mft
rsync://rpki.ripe.net/repository/DEFAULT/YWFHDTm-S6LdXfj6R7FjlieOZwo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c4:43:95:be:52:37:e9:06:95:a9:c0:bb:7d:38:31:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6161470d39be4ba2dd5df8fa47b16396278e670a
Validity
Not Before: May 12 11:31:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f0d3f1be4c93a91e88c629b799983d4e31e961e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:88:19:01:b6:ec:c2:43:e6:66:5f:d5:b1:53:
88:d7:2e:b1:80:40:c1:35:1d:fc:ae:f8:7c:5e:b7:
a0:e4:7f:6c:ac:39:18:09:c0:4c:e9:33:02:ba:ef:
dd:0d:78:4e:0f:df:56:1e:22:0a:5e:68:66:15:df:
fb:9b:8e:8a:f8:c1:4d:04:90:c7:35:1b:6b:15:ed:
d9:15:1f:f2:88:26:6b:f7:c5:0f:4c:2b:b3:af:33:
a1:22:28:58:25:40:c5:32:29:c9:3a:11:64:bb:4e:
b3:fc:ca:cb:b9:da:f7:70:5d:fe:c8:57:65:1d:d2:
17:1a:5c:c9:17:fd:fc:68:d8:9b:b0:7f:4b:64:ca:
44:a9:dd:67:bf:4d:f8:55:9d:a4:54:dd:12:ea:10:
a6:c0:b5:05:8b:97:98:0a:32:2a:6a:90:e8:dc:8e:
42:69:b6:0e:90:97:ae:80:cd:22:0e:d0:e8:3c:76:
4c:8b:01:d2:07:a4:a0:68:2a:39:91:40:38:b5:f0:
2a:8b:ec:29:c1:eb:d0:d2:ec:98:22:e4:00:ed:c0:
f0:33:a1:0e:f9:67:33:c6:4b:36:e9:72:cd:4b:1c:
12:ad:51:c6:34:00:20:ea:f6:9f:a5:92:49:d7:5c:
f7:02:81:8e:a7:6e:a8:7a:d5:9b:66:67:56:d6:3d:
8a:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:D3:F1:BE:4C:93:A9:1E:88:C6:29:B7:99:98:3D:4E:31:E9:61:E9
X509v3 Authority Key Identifier:
keyid:61:61:47:0D:39:BE:4B:A2:DD:5D:F8:FA:47:B1:63:96:27:8E:67:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YWFHDTm-S6LdXfj6R7FjlieOZwo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/8NPxvkyTqR6Ixim3mZg9TjHpYek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/YWFHDTm-S6LdXfj6R7FjlieOZwo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.156.0/22
91.202.245.0-91.202.247.255
IPv6:
2a0c:6ec0:a01::/48
Signature Algorithm: sha256WithRSAEncryption
de:fa:90:d7:cf:1f:00:e5:66:e4:2c:79:b4:ca:95:de:92:8f:
02:c6:78:5e:b5:68:16:45:ad:9a:21:99:77:4a:a4:41:77:b4:
af:b1:03:f8:91:a7:a7:0d:cf:04:e2:0a:ef:c7:d6:95:79:20:
cd:77:38:d2:c9:d0:0c:e6:fa:c6:56:9f:99:b6:54:2d:e8:ae:
06:29:f9:6e:8d:2a:21:bf:a7:ab:96:26:5c:05:93:51:6f:ae:
87:26:d2:0a:e0:1a:5c:b4:df:a3:9e:54:cb:99:94:05:eb:af:
59:0f:6f:7f:ee:ec:80:2a:c9:22:f1:de:65:ff:43:67:4d:ab:
83:7c:81:8e:38:f7:46:2c:4f:87:a2:3d:ce:1d:83:4a:08:e9:
07:58:0e:e1:cd:c1:12:41:33:9c:0f:96:a1:e2:30:d6:77:92:
34:fd:05:c4:4d:94:1b:50:09:d3:cf:b4:c8:e1:ae:e6:a0:e5:
4d:6a:16:bd:06:d7:5f:16:ed:39:fd:cd:25:fb:8b:d4:cf:7b:
a2:5e:f7:b8:71:cd:be:0c:5d:b6:09:46:1b:47:0b:3c:77:59:
15:3b:7c:53:fe:37:b0:68:c7:f4:b0:0f:a4:98:d1:34:5e:ce:
28:44:c9:9a:3b:52:f3:0d:ba:5a:c9:49:fe:43:94:f6:17:0f:
82:b6:ae:ee
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZbEQ5W+UjfpBpWpwLt9ODGEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNjE0NzBkMzliZTRiYTJkZDVkZjhmYTQ3YjE2Mzk2Mjc4
ZTY3MGEwHhcNMjUwNTEyMTEzMTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGQzZjFiZTRjOTNhOTFlODhjNjI5Yjc5OTk4M2Q0ZTMxZTk2MWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4gZAbbswkPmZl/VsVOI1y6xgEDB
NR38rvh8Xreg5H9srDkYCcBM6TMCuu/dDXhOD99WHiIKXmhmFd/7m46K+MFNBJDH
NRtrFe3ZFR/yiCZr98UPTCuzrzOhIihYJUDFMinJOhFku06z/MrLudr3cF3+yFdl
HdIXGlzJF/38aNibsH9LZMpEqd1nv034VZ2kVN0S6hCmwLUFi5eYCjIqapDo3I5C
abYOkJeugM0iDtDoPHZMiwHSB6SgaCo5kUA4tfAqi+wpwevQ0uyYIuQA7cDwM6EO
+Wczxks26XLNSxwSrVHGNAAg6vafpZJJ11z3AoGOp26oetWbZmdW1j2KgQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFPDT8b5Mk6keiMYpt5mYPU4x6WHpMB8GA1UdIwQY
MBaAFGFhRw05vkui3V34+kexY5YnjmcKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVdGSERUbS1TNkxkWGZqNlI3RmpsaWVPWndvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9lNTE4NTYtZTUyZS00YjI0LThjOTkt
YzI0MGJmYzljYmMxLzEvOE5QeHZreVRxUjZJeGltM21aZzlUakhwWWVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9lNTE4NTYtZTUyZS00YjI0LThjOTktYzI0MGJmYzljYmMx
LzEvWVdGSERUbS1TNkxkWGZqNlI3RmpsaWVPWndvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUAwQCPqScMAwD
BABbyvUDBANbyvAwDwQCAAIwCQMHACoMbsAKATANBgkqhkiG9w0BAQsFAAOCAQEA
3vqQ188fAOVm5Cx5tMqV3pKPAsZ4XrVoFkWtmiGZd0qkQXe0r7ED+JGnpw3PBOIK
78fWlXkgzXc40snQDOb6xlafmbZULeiuBin5bo0qIb+nq5YmXAWTUW+uhybSCuAa
XLTfo55Uy5mUBeuvWQ9vf+7sgCrJIvHeZf9DZ02rg3yBjjj3RixPh6I9zh2DSgjp
B1gO4c3BEkEznA+WoeIw1neSNP0FxE2UG1AJ08+0yOGu5qDlTWoWvQbXXxbtOf3N
JfuL1M97ol73uHHNvgxdtglGG0cLPHdZFTt8U/43sGjH9LAPpJjRNF7OKETJmjtS
8w26WslJ/kOU9hcPgrau7g==
-----END CERTIFICATE-----
Generated at Tue May 13 07:16:16 2025 by rpki-client