Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/317aa7-e2ad-4a85-b3d2-63b33808a6a8/1/Rr6-nEq3WBHeBceUx1dFltQ4OaI.roa
File: Rr6-nEq3WBHeBceUx1dFltQ4OaI.roa (raw, json)
Hash identifier: W1+qtoHVsaWBWMC3hdPsksJF0gg/+bNQtODYaYY1v8g=
Subject key identifier: 46:BE:BE:9C:4A:B7:58:11:DE:05:C7:94:C7:57:45:96:D4:38:39:A2
Certificate issuer: /CN=7d5695786f8450d1041dc88ad892cbb570d5972b
Certificate serial: 018CC56E070C945277AF2843C2BBACE171E1
Authority key identifier: 7D:56:95:78:6F:84:50:D1:04:1D:C8:8A:D8:92:CB:B5:70:D5:97:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVaVeG-EUNEEHciK2JLLtXDVlys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/317aa7-e2ad-4a85-b3d2-63b33808a6a8/1/Rr6-nEq3WBHeBceUx1dFltQ4OaI.roa
Signing time: Mon 01 Jan 2024 14:29:31 +0000
ROA not before: Mon 01 Jan 2024 14:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56598
IP address blocks: 193.168.206.0/23 maxlen: 32
193.168.204.0/23 maxlen: 32
2a09:6980::/29 maxlen: 48
2a0e:9900::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/317aa7-e2ad-4a85-b3d2-63b33808a6a8/1/fVaVeG-EUNEEHciK2JLLtXDVlys.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/317aa7-e2ad-4a85-b3d2-63b33808a6a8/1/fVaVeG-EUNEEHciK2JLLtXDVlys.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVaVeG-EUNEEHciK2JLLtXDVlys.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 08:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:07:0c:94:52:77:af:28:43:c2:bb:ac:e1:71:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d5695786f8450d1041dc88ad892cbb570d5972b
Validity
Not Before: Jan 1 14:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46bebe9c4ab75811de05c794c7574596d43839a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:8e:06:b5:25:7c:ed:1f:4a:a1:ad:b6:49:c8:
44:c2:39:a2:e3:9e:6b:3a:42:92:88:12:4c:86:0a:
53:2b:2c:88:63:1d:3e:30:0a:d7:da:3b:0d:98:83:
cf:ec:7a:a7:06:e0:2e:70:e8:57:a9:d1:ab:e8:00:
c8:2d:f7:37:d9:cf:5b:e2:8d:0b:46:52:22:32:a2:
2a:91:bb:fe:f7:e3:20:be:98:e7:36:e0:ac:b9:f9:
b8:c9:e2:89:2c:8b:6f:dd:ed:e0:ac:1e:5d:cd:e0:
2c:02:96:4d:f4:0b:57:1d:0a:5c:49:2d:e6:f7:da:
40:11:19:ac:26:5a:5c:ea:93:59:f2:6c:cd:a0:12:
50:51:5a:8d:04:8a:7e:13:b9:06:20:8f:77:e2:8d:
2d:79:9a:8a:dc:25:f3:a6:4a:76:6a:43:4a:18:dc:
ae:1e:5b:45:61:c3:bb:ae:a0:4a:e4:b7:cd:97:e2:
9b:c1:52:5d:4b:a2:79:dd:6d:cc:50:c8:ea:84:e0:
e5:b0:dc:d9:8e:1a:9e:7c:2d:45:88:9a:6b:85:55:
c5:3f:ca:0d:cb:9b:9b:c5:f7:f9:3b:92:e0:ed:b5:
4f:d0:2a:1c:57:e9:b7:cb:78:6a:3f:8c:b4:08:6c:
8c:16:7d:47:3c:0a:e2:d5:cd:97:cc:56:43:5c:7f:
12:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:BE:BE:9C:4A:B7:58:11:DE:05:C7:94:C7:57:45:96:D4:38:39:A2
X509v3 Authority Key Identifier:
keyid:7D:56:95:78:6F:84:50:D1:04:1D:C8:8A:D8:92:CB:B5:70:D5:97:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVaVeG-EUNEEHciK2JLLtXDVlys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/317aa7-e2ad-4a85-b3d2-63b33808a6a8/1/Rr6-nEq3WBHeBceUx1dFltQ4OaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/317aa7-e2ad-4a85-b3d2-63b33808a6a8/1/fVaVeG-EUNEEHciK2JLLtXDVlys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.204.0/22
IPv6:
2a09:6980::/29
2a0e:9900::/29
Signature Algorithm: sha256WithRSAEncryption
19:5e:61:e8:c4:b5:66:92:7d:ec:97:2b:8e:71:ba:c4:fd:37:
fe:a1:0a:66:df:e9:e0:68:8b:57:24:04:09:48:17:3c:88:fe:
ca:37:4d:1a:bc:54:86:7c:27:bf:2f:03:28:69:92:bb:10:be:
0c:58:f7:23:30:9f:2c:db:55:81:5e:c0:8f:26:fc:c3:b6:e5:
96:44:c6:d4:0a:89:04:0d:c2:3d:c3:77:49:cd:cb:40:3b:f8:
4b:be:77:83:18:6f:27:f9:9d:bd:21:69:a2:34:a0:d5:df:fe:
2b:e9:6b:8d:b9:2c:60:b4:86:c1:8f:5d:9b:5d:ed:66:60:77:
5a:6b:21:02:9f:3c:6b:02:07:f0:0f:01:68:9e:48:4b:16:34:
04:04:dd:5a:ed:c5:7e:c8:01:b3:7d:56:ec:83:83:25:e4:ab:
2e:08:e0:82:6b:8f:56:6c:65:7a:72:f4:b8:1a:ba:92:81:bc:
d3:1b:37:f4:81:28:3c:86:e3:12:f8:af:d4:49:d2:63:f3:53:
f5:60:8b:da:fe:65:bf:75:64:76:3a:fc:e0:53:c8:f2:56:21:
54:64:08:3f:31:2d:ea:b6:1d:06:7f:27:40:29:86:f9:d4:a4:
07:79:39:cc:7d:50:50:a0:6e:8e:36:e4:52:a8:46:5d:5f:a0:
b1:5a:72:18
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzFbgcMlFJ3ryhDwrus4XHhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTY5NTc4NmY4NDUwZDEwNDFkYzg4YWQ4OTJjYmI1NzBk
NTk3MmIwHhcNMjQwMTAxMTQyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmJlYmU5YzRhYjc1ODExZGUwNWM3OTRjNzU3NDU5NmQ0MzgzOWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn44GtSV87R9Koa22SchEwjmi455r
OkKSiBJMhgpTKyyIYx0+MArX2jsNmIPP7HqnBuAucOhXqdGr6ADILfc32c9b4o0L
RlIiMqIqkbv+9+MgvpjnNuCsufm4yeKJLItv3e3grB5dzeAsApZN9AtXHQpcSS3m
99pAERmsJlpc6pNZ8mzNoBJQUVqNBIp+E7kGII934o0teZqK3CXzpkp2akNKGNyu
HltFYcO7rqBK5LfNl+KbwVJdS6J53W3MUMjqhODlsNzZjhqefC1FiJprhVXFP8oN
y5ubxff5O5Lg7bVP0CocV+m3y3hqP4y0CGyMFn1HPAri1c2XzFZDXH8SvwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFEa+vpxKt1gR3gXHlMdXRZbUODmiMB8GA1UdIwQY
MBaAFH1WlXhvhFDRBB3IitiSy7Vw1ZcrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZhVmVHLUVVTkVFSGNpSzJKTEx0WERWbHlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8zMTdhYTctZTJhZC00YTg1LWIzZDIt
NjNiMzM4MDhhNmE4LzEvUnI2LW5FcTNXQkhlQmNlVXgxZEZsdFE0T2FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8zMTdhYTctZTJhZC00YTg1LWIzZDItNjNiMzM4MDhhNmE4
LzEvZlZhVmVHLUVVTkVFSGNpSzJKTEx0WERWbHlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCwajMMBQE
AgACMA4DBQMqCWmAAwUDKg6ZADANBgkqhkiG9w0BAQsFAAOCAQEAGV5h6MS1ZpJ9
7JcrjnG6xP03/qEKZt/p4GiLVyQECUgXPIj+yjdNGrxUhnwnvy8DKGmSuxC+DFj3
IzCfLNtVgV7Ajyb8w7bllkTG1AqJBA3CPcN3Sc3LQDv4S753gxhvJ/mdvSFpojSg
1d/+K+lrjbksYLSGwY9dm13tZmB3WmshAp88awIH8A8BaJ5ISxY0BATdWu3FfsgB
s31W7IODJeSrLgjggmuPVmxlenL0uBq6koG80xs39IEoPIbjEviv1EnSY/NT9WCL
2v5lv3Vkdjr84FPI8lYhVGQIPzEt6rYdBn8nQCmG+dSkB3k5zH1QUKBujjbkUqhG
XV+gsVpyGA==
-----END CERTIFICATE-----
Generated at Sun Jun 2 15:32:02 2024 by rpki-client on console-ams.rpki-client.org