Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/6s7x6Y7HVjKYN49P_yz0KEkIohg.roa
File: 6s7x6Y7HVjKYN49P_yz0KEkIohg.roa (raw, json)
Hash identifier: ik6TZ0M3u80MTObme0RayUh0PYg7viTIbdZLhnI9+OE=
Subject key identifier: EA:CE:F1:E9:8E:C7:56:32:98:37:8F:4F:FF:2C:F4:28:49:08:A2:18
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018CC86F4B5885CF37F252CD294DDFB4BD06
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/6s7x6Y7HVjKYN49P_yz0KEkIohg.roa
Signing time: Tue 02 Jan 2024 04:29:46 +0000
ROA not before: Tue 02 Jan 2024 04:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212027
IP address blocks: 45.138.182.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:4b:58:85:cf:37:f2:52:cd:29:4d:df:b4:bd:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 2 04:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eacef1e98ec7563298378f4fff2cf4284908a218
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:78:da:a7:70:58:27:53:42:b1:7b:0f:51:17:
a4:b9:59:e3:9c:cc:03:e6:17:0f:86:c8:b0:87:f2:
a5:df:4e:ac:e4:93:8e:6f:d0:52:65:67:c7:39:f6:
2a:39:07:1c:e2:89:96:15:ba:be:fa:a7:04:5b:b7:
80:6b:0f:50:22:4c:23:23:16:8d:e5:21:94:a8:1f:
59:37:6c:11:6a:66:ea:08:8d:30:ac:fe:ec:61:b1:
9d:81:b5:6b:7a:0c:92:fc:40:06:37:6a:f9:db:1f:
e7:3b:57:c1:85:34:58:98:91:00:8d:94:c5:10:b2:
22:3e:d1:d8:06:0c:b5:35:9e:c9:68:66:72:82:53:
1d:02:74:1d:9d:bb:74:b2:b2:91:61:75:d8:0d:eb:
4b:8c:07:aa:30:1c:1e:68:2c:59:80:7d:74:ff:09:
3c:01:7b:a8:5b:cc:f8:4d:62:95:af:7f:6e:7a:74:
4b:7c:a4:2c:a7:ef:da:fc:b3:22:84:de:10:e3:a7:
cf:01:3a:aa:1f:0f:bd:a5:93:09:eb:0f:97:29:bd:
48:23:cc:00:60:63:70:68:10:8b:ae:0b:b7:47:ae:
bb:6f:52:d7:ba:d4:4d:57:c5:60:40:3f:26:59:2a:
8e:d9:3e:0b:28:9d:2f:7c:4b:91:98:bf:c9:1b:8e:
e4:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:CE:F1:E9:8E:C7:56:32:98:37:8F:4F:FF:2C:F4:28:49:08:A2:18
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/6s7x6Y7HVjKYN49P_yz0KEkIohg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.182.0/24
Signature Algorithm: sha256WithRSAEncryption
01:f3:1d:0e:b0:07:a6:07:c3:01:a7:e8:e5:94:51:56:af:ad:
d4:80:73:34:11:4e:71:af:40:07:ec:59:ec:f3:3a:09:66:da:
d6:b2:1f:20:c8:89:35:f5:6c:2d:69:da:d0:54:b5:46:93:57:
30:20:09:6d:d0:0d:d8:71:c8:00:a7:e6:88:f1:d1:3b:87:c8:
97:fe:f0:c5:15:3c:60:17:59:a7:98:90:e9:ed:fc:01:48:4c:
02:ce:dc:4b:76:b7:2a:d8:54:88:1b:95:bd:ef:05:18:f8:f0:
52:ef:80:75:82:2a:2b:c7:6d:b4:c6:b2:0b:dc:c6:77:a0:8b:
77:4d:2d:11:cb:9d:c7:fa:2b:af:64:43:80:ee:3f:6d:40:a3:
c2:37:83:10:b2:63:9b:bc:37:bf:17:34:82:72:df:c1:3d:3e:
0c:37:73:32:0e:a8:20:e7:2a:92:6e:e7:d7:0f:6c:78:62:2b:
c3:00:8d:0c:2b:9e:33:0a:ec:0f:64:70:88:01:ba:97:03:8c:
a8:45:56:ab:9f:67:75:9c:e2:e3:be:93:d6:da:5a:57:87:58:
50:c7:9e:8f:b6:86:18:de:1a:80:91:58:b7:8f:37:64:e8:89:
33:77:98:a0:54:45:f6:86:ae:50:86:6a:8c:80:b7:f9:0c:05:
62:c9:e3:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb0tYhc838lLNKU3ftL0GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMTAyMDQyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWNlZjFlOThlYzc1NjMyOTgzNzhmNGZmZjJjZjQyODQ5MDhhMjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjnjap3BYJ1NCsXsPURekuVnjnMwD
5hcPhsiwh/Kl306s5JOOb9BSZWfHOfYqOQcc4omWFbq++qcEW7eAaw9QIkwjIxaN
5SGUqB9ZN2wRambqCI0wrP7sYbGdgbVregyS/EAGN2r52x/nO1fBhTRYmJEAjZTF
ELIiPtHYBgy1NZ7JaGZyglMdAnQdnbt0srKRYXXYDetLjAeqMBweaCxZgH10/wk8
AXuoW8z4TWKVr39uenRLfKQsp+/a/LMihN4Q46fPATqqHw+9pZMJ6w+XKb1II8wA
YGNwaBCLrgu3R667b1LXutRNV8VgQD8mWSqO2T4LKJ0vfEuRmL/JG47k2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOrO8emOx1YymDePT/8s9ChJCKIYMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvNnM3eDZZN0hWaktZTjQ5UF95ejBLRWtJb2hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYq2MA0G
CSqGSIb3DQEBCwUAA4IBAQAB8x0OsAemB8MBp+jllFFWr63UgHM0EU5xr0AH7Fns
8zoJZtrWsh8gyIk19WwtadrQVLVGk1cwIAlt0A3YccgAp+aI8dE7h8iX/vDFFTxg
F1mnmJDp7fwBSEwCztxLdrcq2FSIG5W97wUY+PBS74B1giorx220xrIL3MZ3oIt3
TS0Ry53H+iuvZEOA7j9tQKPCN4MQsmObvDe/FzSCct/BPT4MN3MyDqgg5yqSbufX
D2x4YivDAI0MK54zCuwPZHCIAbqXA4yoRVarn2d1nOLjvpPW2lpXh1hQx56PtoYY
3hqAkVi3jzdk6Ikzd5igVEX2hq5QhmqMgLf5DAViyePr
-----END CERTIFICATE-----
Generated at Tue Jun 25 03:22:44 2024 by rpki-client on console-fra.rpki-client.org