Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/K6GiiZJ71L0lYgovFnICdAk-1Ks.roa
File: K6GiiZJ71L0lYgovFnICdAk-1Ks.roa (raw, json)
Hash identifier: 6qHwOyZ8UfE4rkOQqwwP70JdW41FclRsGgCcII3xOE8=
Subject key identifier: 2B:A1:A2:89:92:7B:D4:BD:25:62:0A:2F:16:72:02:74:09:3E:D4:AB
Certificate issuer: /CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Certificate serial: 01967DE39B49E755E2A1C1743FF577B9E652
Authority key identifier: 1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/K6GiiZJ71L0lYgovFnICdAk-1Ks.roa
Signing time: Mon 28 Apr 2025 19:33:10 +0000
ROA not before: Mon 28 Apr 2025 19:33:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209242
IP address blocks: 92.243.74.0/24 maxlen: 24
92.243.75.0/24 maxlen: 24
109.120.153.0/24 maxlen: 24
176.98.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 08 May 2025 01:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7d:e3:9b:49:e7:55:e2:a1:c1:74:3f:f5:77:b9:e6:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Validity
Not Before: Apr 28 19:33:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2ba1a289927bd4bd25620a2f16720274093ed4ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:54:55:a0:ae:72:90:9c:91:2a:1f:3c:fd:8c:
70:4a:14:21:d5:c9:6a:76:62:6c:4c:fa:c7:a6:44:
ec:d3:15:71:84:9b:b7:7f:18:67:ad:93:d7:f5:8e:
66:bf:67:87:f6:93:6d:c3:e3:3a:ec:f4:15:bb:52:
30:b6:17:9e:a8:ad:a4:2a:15:6d:ae:04:cb:30:4f:
5b:fa:2e:d7:70:19:42:72:fe:c7:83:6c:90:a6:29:
d5:a4:39:2a:de:41:2a:4d:58:41:72:b7:ca:5b:a2:
0d:37:de:c4:95:ac:b6:f6:01:1d:6b:b6:76:f2:c3:
99:49:1e:e9:93:05:0d:57:67:64:ac:80:ce:52:e3:
9e:64:9c:18:13:72:24:67:df:42:c2:21:1f:2c:ff:
6e:b3:49:2a:9f:56:54:2e:27:4a:80:71:66:da:5b:
56:e8:94:b6:c5:06:c4:02:e7:30:ea:d8:4b:91:12:
8f:dc:12:d4:00:17:09:1e:b8:27:58:57:26:fb:8f:
a0:08:57:06:63:35:54:7b:bd:30:42:a4:89:b4:c3:
d6:a1:7d:b4:99:6a:50:01:98:75:50:41:f7:a2:34:
08:03:62:28:f6:38:7b:ef:1a:36:e3:54:bb:78:1e:
eb:dd:82:0b:50:2c:7f:cb:0c:ea:2b:5b:70:51:b4:
c4:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:A1:A2:89:92:7B:D4:BD:25:62:0A:2F:16:72:02:74:09:3E:D4:AB
X509v3 Authority Key Identifier:
keyid:1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/K6GiiZJ71L0lYgovFnICdAk-1Ks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.243.74.0/23
109.120.153.0/24
176.98.190.0/24
Signature Algorithm: sha256WithRSAEncryption
88:dc:9b:ad:25:f5:85:33:ff:41:93:fc:ef:4a:7f:f9:18:36:
c6:10:47:20:54:56:d7:c5:3c:cf:31:89:20:3a:2b:c4:8d:83:
c5:7d:ad:a7:c1:77:4d:00:d0:1f:d6:9c:db:ab:ba:00:76:46:
24:f9:da:a5:f8:73:f6:d2:11:c3:64:18:aa:58:d1:b6:67:f6:
7e:7a:ec:5a:89:4f:a3:e0:1e:7f:ae:86:fb:92:60:04:b7:29:
6d:c8:be:42:20:8a:b0:2d:54:6a:76:c6:57:ec:e1:0b:f0:42:
2f:af:63:d1:92:cb:2a:e3:62:45:be:c6:61:3a:d3:b5:e6:0a:
48:a8:dc:b3:32:83:c9:14:e0:e4:22:b7:83:39:dc:66:80:1d:
ba:f6:6d:e7:f1:b6:d9:ab:99:61:33:33:02:ec:21:f8:6a:f9:
d1:05:7a:1b:c0:c6:73:62:93:46:5f:6f:15:68:35:62:48:77:
0d:8a:7c:0f:5e:66:35:26:d9:ed:4a:ec:39:92:c4:9b:74:19:
d1:61:52:4e:f6:2e:27:5b:97:75:1d:e8:40:8f:cb:f0:1a:54:
ff:65:18:a0:fc:16:6f:58:8e:40:63:c3:2f:8a:6e:e2:9f:8d:
50:fb:8a:44:31:9f:d8:e8:8c:18:b1:79:10:d6:2a:7c:3e:4c:
8a:38:65:4d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZZ945tJ51XiocF0P/V3ueZSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMmMyMTlmM2MyOTdiNzc1ODgwYzNiNjUxYTIwMDNmOWJl
NmRlNWUwHhcNMjUwNDI4MTkzMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmExYTI4OTkyN2JkNGJkMjU2MjBhMmYxNjcyMDI3NDA5M2VkNGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFRVoK5ykJyRKh88/YxwShQh1clq
dmJsTPrHpkTs0xVxhJu3fxhnrZPX9Y5mv2eH9pNtw+M67PQVu1IwtheeqK2kKhVt
rgTLME9b+i7XcBlCcv7Hg2yQpinVpDkq3kEqTVhBcrfKW6INN97Elay29gEda7Z2
8sOZSR7pkwUNV2dkrIDOUuOeZJwYE3IkZ99CwiEfLP9us0kqn1ZULidKgHFm2ltW
6JS2xQbEAucw6thLkRKP3BLUABcJHrgnWFcm+4+gCFcGYzVUe70wQqSJtMPWoX20
mWpQAZh1UEH3ojQIA2Io9jh77xo241S7eB7r3YILUCx/ywzqK1twUbTEDQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCuhoomSe9S9JWIKLxZyAnQJPtSrMB8GA1UdIwQY
MBaAFBssIZ88KXt3WIDDtlGiAD+b5t5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEt
OTJjODFmMjJlNzEyLzEvSzZHaWlaSjcxTDBsWWdvdkZuSUNkQWstMUtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEtOTJjODFmMjJlNzEy
LzEvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBXPNKAwQA
bXiZAwQAsGK+MA0GCSqGSIb3DQEBCwUAA4IBAQCI3JutJfWFM/9Bk/zvSn/5GDbG
EEcgVFbXxTzPMYkgOivEjYPFfa2nwXdNANAf1pzbq7oAdkYk+dql+HP20hHDZBiq
WNG2Z/Z+euxaiU+j4B5/rob7kmAEtyltyL5CIIqwLVRqdsZX7OEL8EIvr2PRkssq
42JFvsZhOtO15gpIqNyzMoPJFODkIreDOdxmgB269m3n8bbZq5lhMzMC7CH4avnR
BXobwMZzYpNGX28VaDViSHcNinwPXmY1JtntSuw5ksSbdBnRYVJO9i4nW5d1HehA
j8vwGlT/ZRig/BZvWI5AY8Mvim7in41Q+4pEMZ/Y6IwYsXkQ1ip8PkyKOGVN
-----END CERTIFICATE-----
Generated at Wed May 7 10:16:22 2025 by rpki-client