Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/202900-3d72-405b-9ef6-6cd4c980a523/1/D6RWdNbrfMoXuC1scefKPZcI8oM.roa
File: D6RWdNbrfMoXuC1scefKPZcI8oM.roa (raw, json)
Hash identifier: 9Zb6U3so6lNo+AfpQOERFw/AEWTxFVJr9DSauOr827U=
Subject key identifier: 0F:A4:56:74:D6:EB:7C:CA:17:B8:2D:6C:71:E7:CA:3D:97:08:F2:83
Certificate issuer: /CN=31a3da6d0fafd27d01b74703bb39d8c115e86412
Certificate serial: 018CC56EF01FDE42BD9E2A3C99EA95AD02C7
Authority key identifier: 31:A3:DA:6D:0F:AF:D2:7D:01:B7:47:03:BB:39:D8:C1:15:E8:64:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MaPabQ-v0n0Bt0cDuznYwRXoZBI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/202900-3d72-405b-9ef6-6cd4c980a523/1/D6RWdNbrfMoXuC1scefKPZcI8oM.roa
Signing time: Mon 01 Jan 2024 14:30:31 +0000
ROA not before: Mon 01 Jan 2024 14:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207758
IP address blocks: 46.16.200.0/22 maxlen: 22
46.16.204.0/24 maxlen: 24
185.148.76.0/22 maxlen: 24
2a07:5c80::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/202900-3d72-405b-9ef6-6cd4c980a523/1/MaPabQ-v0n0Bt0cDuznYwRXoZBI.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/202900-3d72-405b-9ef6-6cd4c980a523/1/MaPabQ-v0n0Bt0cDuznYwRXoZBI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MaPabQ-v0n0Bt0cDuznYwRXoZBI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 08:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:f0:1f:de:42:bd:9e:2a:3c:99:ea:95:ad:02:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31a3da6d0fafd27d01b74703bb39d8c115e86412
Validity
Not Before: Jan 1 14:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fa45674d6eb7cca17b82d6c71e7ca3d9708f283
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:c8:ad:ef:91:92:4d:08:ed:e5:fc:2d:38:46:
8a:58:de:98:84:a2:f7:72:bd:95:74:96:64:35:59:
2d:11:c3:af:d8:e8:e5:15:6e:33:4b:1b:18:b5:81:
9c:41:85:2d:c2:04:7a:df:8e:ac:65:80:5e:d1:45:
d9:2d:31:e3:36:ae:3f:c8:db:c3:f5:ad:f7:f0:16:
00:e6:ff:dc:6c:a2:dd:68:cb:d5:6d:da:c3:c0:6c:
34:8f:1b:c1:37:be:3c:d0:bd:c2:0a:4e:ee:cb:32:
5c:82:ab:17:5c:5a:71:8c:0f:5f:78:38:be:1d:e4:
28:07:53:68:b4:db:bf:c1:32:b0:b8:d7:e7:22:a5:
2d:97:ea:64:05:18:6b:07:b1:f2:df:7f:61:ba:c9:
fa:0e:bf:cd:bf:ec:0d:ee:cf:9a:51:7a:da:63:e7:
b8:9b:45:b6:5b:0d:df:67:4c:82:78:73:8a:8f:d8:
7c:e0:11:3d:86:2e:fd:21:35:20:9e:e0:00:0d:23:
f3:38:bf:67:48:d8:ad:b4:97:81:23:94:fd:0c:e9:
91:e3:25:1c:3f:6d:5f:a9:b3:6e:0e:cf:ce:18:71:
d5:51:23:6c:d9:4e:18:fe:c8:0e:ca:6f:1f:25:f5:
53:89:08:7d:f8:1e:8b:b7:1d:34:97:82:0b:a8:df:
45:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:A4:56:74:D6:EB:7C:CA:17:B8:2D:6C:71:E7:CA:3D:97:08:F2:83
X509v3 Authority Key Identifier:
keyid:31:A3:DA:6D:0F:AF:D2:7D:01:B7:47:03:BB:39:D8:C1:15:E8:64:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaPabQ-v0n0Bt0cDuznYwRXoZBI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/202900-3d72-405b-9ef6-6cd4c980a523/1/D6RWdNbrfMoXuC1scefKPZcI8oM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/202900-3d72-405b-9ef6-6cd4c980a523/1/MaPabQ-v0n0Bt0cDuznYwRXoZBI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.200.0-46.16.204.255
185.148.76.0/22
IPv6:
2a07:5c80::/29
Signature Algorithm: sha256WithRSAEncryption
cf:ee:44:92:ef:85:c6:51:26:ce:52:3f:87:43:33:63:4a:43:
ff:0b:48:74:03:a1:eb:3f:ca:af:41:47:31:e2:ff:80:3c:6f:
55:39:42:c7:92:21:30:4a:a9:c3:6b:89:fe:2e:39:43:c8:42:
5c:b4:12:e6:ca:74:93:8e:6b:b3:a4:f9:d4:a5:6a:99:b7:72:
a8:a6:6a:2f:6b:8e:93:e8:4d:6b:30:ad:e8:cc:e4:b7:0b:2e:
93:c5:2f:5f:a4:4a:85:a8:72:ea:57:61:a9:98:70:fb:f9:db:
64:42:a9:81:0e:86:0c:57:c7:c2:7c:0e:5f:81:04:c3:e1:5a:
3d:31:de:88:e3:bc:05:60:bf:e9:f9:de:97:f7:9c:0f:b8:59:
31:82:91:ab:a1:95:38:7f:f4:48:e1:8c:e5:83:f2:8d:23:ed:
f7:a5:9e:cf:24:cf:db:ae:1f:c8:3c:c8:4a:de:47:da:39:3e:
21:b0:21:be:da:48:fd:d7:6c:46:86:0e:14:4c:69:84:ec:74:
5a:b5:16:0f:26:b2:aa:9c:c7:af:13:c5:00:e6:d7:4f:ee:a8:
38:14:62:c0:1c:e6:af:3e:af:75:61:52:c8:73:7c:ff:92:ba:
15:f0:3d:26:fb:d0:cb:0e:9e:1e:12:60:1f:01:27:bf:a6:a6:
ad:93:85:45
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzFbvAf3kK9nio8meqVrQLHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYTNkYTZkMGZhZmQyN2QwMWI3NDcwM2JiMzlkOGMxMTVl
ODY0MTIwHhcNMjQwMTAxMTQzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmE0NTY3NGQ2ZWI3Y2NhMTdiODJkNmM3MWU3Y2EzZDk3MDhmMjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0sit75GSTQjt5fwtOEaKWN6YhKL3
cr2VdJZkNVktEcOv2OjlFW4zSxsYtYGcQYUtwgR6346sZYBe0UXZLTHjNq4/yNvD
9a338BYA5v/cbKLdaMvVbdrDwGw0jxvBN7480L3CCk7uyzJcgqsXXFpxjA9feDi+
HeQoB1NotNu/wTKwuNfnIqUtl+pkBRhrB7Hy339husn6Dr/Nv+wN7s+aUXraY+e4
m0W2Ww3fZ0yCeHOKj9h84BE9hi79ITUgnuAADSPzOL9nSNittJeBI5T9DOmR4yUc
P21fqbNuDs/OGHHVUSNs2U4Y/sgOym8fJfVTiQh9+B6Ltx00l4ILqN9F8wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFA+kVnTW63zKF7gtbHHnyj2XCPKDMB8GA1UdIwQY
MBaAFDGj2m0Pr9J9AbdHA7s52MEV6GQSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFQYWJRLXYwbjBCdDBjRHV6bll3UlhvWkJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8yMDI5MDAtM2Q3Mi00MDViLTllZjYt
NmNkNGM5ODBhNTIzLzEvRDZSV2ROYnJmTW9YdUMxc2NlZktQWmNJOG9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8yMDI5MDAtM2Q3Mi00MDViLTllZjYtNmNkNGM5ODBhNTIz
LzEvTWFQYWJRLXYwbjBCdDBjRHV6bll3UlhvWkJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAMuEMgD
BAAuEMwDBAK5lEwwDQQCAAIwBwMFAyoHXIAwDQYJKoZIhvcNAQELBQADggEBAM/u
RJLvhcZRJs5SP4dDM2NKQ/8LSHQDoes/yq9BRzHi/4A8b1U5QseSITBKqcNrif4u
OUPIQly0EubKdJOOa7Ok+dSlapm3cqimai9rjpPoTWswrejM5LcLLpPFL1+kSoWo
cupXYamYcPv522RCqYEOhgxXx8J8Dl+BBMPhWj0x3ojjvAVgv+n53pf3nA+4WTGC
kauhlTh/9EjhjOWD8o0j7felns8kz9uuH8g8yEreR9o5PiGwIb7aSP3XbEaGDhRM
aYTsdFq1Fg8msqqcx68TxQDm10/uqDgUYsAc5q8+r3VhUshzfP+SuhXwPSb70MsO
nh4SYB8BJ7+mpq2ThUU=
-----END CERTIFICATE-----
Generated at Mon Jun 24 11:58:09 2024 by rpki-client on console-fra.rpki-client.org