Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/btdqouSuvTnu5DtsYBtviNCSRGI.roa
File: btdqouSuvTnu5DtsYBtviNCSRGI.roa (raw, json)
Hash identifier: 9yhn+ydyEWccKgPvwrADcup6LmhJvAZUr2NpWIGBFR8=
Subject key identifier: 6E:D7:6A:A2:E4:AE:BD:39:EE:E4:3B:6C:60:1B:6F:88:D0:92:44:62
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 01967B482FC5B17C8EE479A0508EDF2C7A71
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/btdqouSuvTnu5DtsYBtviNCSRGI.roa
Signing time: Mon 28 Apr 2025 07:24:10 +0000
ROA not before: Mon 28 Apr 2025 07:24:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21859
IP address blocks: 213.145.66.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.mft
rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 18:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7b:48:2f:c5:b1:7c:8e:e4:79:a0:50:8e:df:2c:7a:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Apr 28 07:24:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ed76aa2e4aebd39eee43b6c601b6f88d0924462
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:95:f6:21:99:96:2f:a5:2b:9c:25:ad:85:ef:
dc:f8:31:6d:59:57:6d:e8:49:63:e7:30:b2:da:f5:
9c:f3:fe:e1:16:7a:91:0e:fb:6c:aa:63:3e:bd:ae:
f1:34:07:97:48:5e:84:a7:7a:a4:db:4e:14:78:b5:
72:fc:ea:b3:03:b6:6a:16:06:ff:52:47:ef:ed:78:
11:54:b4:b4:7c:b3:53:73:1a:03:11:46:12:6c:c1:
3c:15:77:b4:aa:0a:8e:3a:23:30:77:32:ea:0f:7e:
a3:6c:1f:51:73:31:b7:4e:87:2f:5f:ea:87:19:df:
86:74:7b:19:e4:ca:b6:07:b5:65:3f:86:87:95:4b:
a0:e3:df:a8:32:44:c9:d7:0b:58:06:a6:3b:0f:c6:
c2:e1:c4:32:7b:54:2e:4b:41:f9:f2:23:e1:41:92:
cb:38:fd:01:57:ca:6a:64:4a:3c:5b:80:f5:ec:ce:
0d:d0:59:0d:df:b9:b1:a8:f0:b8:ee:7e:68:e1:b6:
59:79:40:f8:6a:2f:d0:5f:64:89:72:85:ad:2f:6c:
1b:4f:19:db:04:f1:85:32:50:82:0b:d5:c7:4c:57:
1f:09:68:1b:ed:a8:85:59:93:4a:4b:63:76:de:38:
00:46:43:bc:21:23:51:06:27:d6:6f:2d:e0:f4:ac:
3e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:D7:6A:A2:E4:AE:BD:39:EE:E4:3B:6C:60:1B:6F:88:D0:92:44:62
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/btdqouSuvTnu5DtsYBtviNCSRGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.145.66.0/24
Signature Algorithm: sha256WithRSAEncryption
e6:ef:f1:fe:ef:8a:df:85:08:d8:6c:c0:02:55:d8:c5:70:7c:
1b:91:1c:ed:c9:3d:20:03:76:0a:26:26:ae:a9:fe:05:06:9f:
21:46:c5:15:2e:30:2b:1e:7a:28:ff:ab:41:54:ff:78:8f:4f:
a8:bc:37:27:0b:6d:c5:cf:aa:b0:86:fb:4d:68:bd:08:9b:cf:
89:6b:67:61:a5:d3:4e:5e:0f:1b:c0:25:5d:3d:4a:f1:c0:2a:
34:53:c2:21:e5:19:c6:24:ad:27:a1:81:f6:08:68:d1:47:e7:
1b:bb:ea:66:29:f1:e1:1d:43:1a:1c:13:2b:3f:0d:7f:7c:52:
fe:a2:a4:0c:e0:45:2c:0f:f2:5a:0b:f8:b2:c1:dd:1b:ca:46:
ee:fa:cc:ab:7e:3d:ed:e6:db:02:f1:67:5e:eb:87:64:bc:37:
0e:ff:b6:9a:28:74:7e:ac:c9:a9:ce:4b:00:bb:a8:32:e8:e7:
47:4d:e8:a1:57:12:75:8d:9b:2b:57:90:4d:e0:61:0d:b2:d7:
d8:bf:09:14:52:97:69:a2:6a:a5:ae:06:c9:e1:1f:ba:d9:66:
15:9f:48:c7:c4:fb:ad:f6:9f:88:36:df:56:10:ff:e2:fe:7b:
31:b4:85:ba:88:44:aa:6f:d9:4d:39:40:00:7a:dd:10:22:5f:
70:9c:f3:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZZ7SC/FsXyO5HmgUI7fLHpxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjUwNDI4MDcyNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWQ3NmFhMmU0YWViZDM5ZWVlNDNiNmM2MDFiNmY4OGQwOTI0NDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJX2IZmWL6UrnCWthe/c+DFtWVdt
6Elj5zCy2vWc8/7hFnqRDvtsqmM+va7xNAeXSF6Ep3qk204UeLVy/OqzA7ZqFgb/
Ukfv7XgRVLS0fLNTcxoDEUYSbME8FXe0qgqOOiMwdzLqD36jbB9RczG3TocvX+qH
Gd+GdHsZ5Mq2B7VlP4aHlUug49+oMkTJ1wtYBqY7D8bC4cQye1QuS0H58iPhQZLL
OP0BV8pqZEo8W4D17M4N0FkN37mxqPC47n5o4bZZeUD4ai/QX2SJcoWtL2wbTxnb
BPGFMlCCC9XHTFcfCWgb7aiFWZNKS2N23jgARkO8ISNRBifWby3g9Kw+FwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG7XaqLkrr057uQ7bGAbb4jQkkRiMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvYnRkcW91U3V2VG51NUR0c1lCdHZpTkNTUkdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1ZFCMA0G
CSqGSIb3DQEBCwUAA4IBAQDm7/H+74rfhQjYbMACVdjFcHwbkRztyT0gA3YKJiau
qf4FBp8hRsUVLjArHnoo/6tBVP94j0+ovDcnC23Fz6qwhvtNaL0Im8+Ja2dhpdNO
Xg8bwCVdPUrxwCo0U8Ih5RnGJK0noYH2CGjRR+cbu+pmKfHhHUMaHBMrPw1/fFL+
oqQM4EUsD/JaC/iywd0bykbu+syrfj3t5tsC8Wde64dkvDcO/7aaKHR+rMmpzksA
u6gy6OdHTeihVxJ1jZsrV5BN4GENstfYvwkUUpdpomqlrgbJ4R+62WYVn0jHxPut
9p+INt9WEP/i/nsxtIW6iESqb9lNOUAAet0QIl9wnPP4
-----END CERTIFICATE-----
Generated at Mon May 5 20:56:38 2025 by rpki-client