Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/956e7d-6b93-42fb-993f-6b0038875a14/1/6fHnoC5fLobRKJZM0QUMfPDpJvQ.roa
File: 6fHnoC5fLobRKJZM0QUMfPDpJvQ.roa (raw, json)
Hash identifier: K0BP/bubvzFw3rjQ6sweFTZkS6klXj8ajrgJBRsj4Tg=
Subject key identifier: E9:F1:E7:A0:2E:5F:2E:86:D1:28:96:4C:D1:05:0C:7C:F0:E9:26:F4
Certificate issuer: /CN=7b75d372039b1ab2d416ad83bf6914058411c2a2
Certificate serial: 018FAFEF8B55FFBB2F730BBC8515E8C354D4
Authority key identifier: 7B:75:D3:72:03:9B:1A:B2:D4:16:AD:83:BF:69:14:05:84:11:C2:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e3XTcgObGrLUFq2Dv2kUBYQRwqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/956e7d-6b93-42fb-993f-6b0038875a14/1/6fHnoC5fLobRKJZM0QUMfPDpJvQ.roa
Signing time: Sat 25 May 2024 13:27:42 +0000
ROA not before: Sat 25 May 2024 13:27:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49099
IP address blocks: 45.156.200.0/22 maxlen: 22
109.94.166.0/23 maxlen: 23
109.94.166.0/24 maxlen: 24
109.94.167.0/24 maxlen: 24
193.34.244.0/23 maxlen: 23
193.34.244.0/24 maxlen: 24
193.34.245.0/24 maxlen: 24
193.34.246.0/24 maxlen: 24
193.34.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/956e7d-6b93-42fb-993f-6b0038875a14/1/e3XTcgObGrLUFq2Dv2kUBYQRwqI.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/956e7d-6b93-42fb-993f-6b0038875a14/1/e3XTcgObGrLUFq2Dv2kUBYQRwqI.mft
rsync://rpki.ripe.net/repository/DEFAULT/e3XTcgObGrLUFq2Dv2kUBYQRwqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 04:03:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:af:ef:8b:55:ff:bb:2f:73:0b:bc:85:15:e8:c3:54:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b75d372039b1ab2d416ad83bf6914058411c2a2
Validity
Not Before: May 25 13:27:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e9f1e7a02e5f2e86d128964cd1050c7cf0e926f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:75:fb:13:48:0a:f8:09:2e:78:9d:66:b8:d5:
a3:58:e3:ee:89:71:3b:0f:69:12:a8:a0:06:3a:92:
31:2b:43:d6:a8:44:b7:ff:b0:5f:4c:10:92:f3:98:
e1:52:10:67:c0:7c:d2:f9:3e:b4:8c:7e:e9:53:cb:
c5:a8:0d:b3:cf:a3:78:28:0e:2c:29:9e:d8:74:2f:
4f:be:74:49:81:44:b5:ec:48:c0:50:65:e1:3d:d5:
a0:6a:57:77:36:ef:b3:27:fa:ff:94:5f:66:ed:1e:
89:33:eb:d5:7e:c2:fa:34:ef:eb:09:93:6f:a8:8a:
2e:34:2c:49:58:62:96:a7:0e:ef:a3:3a:e2:62:4d:
b6:e6:29:92:11:2a:39:5a:99:25:bd:7b:6f:32:9b:
96:db:54:18:d7:33:90:d0:7e:1d:bd:9f:1d:68:7f:
b8:ec:3b:2f:34:64:41:c6:56:73:36:41:92:e5:79:
19:be:24:d1:e4:27:59:b8:0f:0d:9f:15:89:18:75:
65:56:8d:ba:c4:04:6d:69:16:c7:b0:22:2b:74:2d:
b7:0d:ad:97:91:70:ed:e2:f0:28:5b:27:c8:df:73:
20:60:4a:3d:2e:11:95:41:57:a3:f1:68:ed:bd:36:
3f:eb:4c:d7:c0:84:ae:4d:86:72:21:09:5e:dd:76:
59:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:F1:E7:A0:2E:5F:2E:86:D1:28:96:4C:D1:05:0C:7C:F0:E9:26:F4
X509v3 Authority Key Identifier:
keyid:7B:75:D3:72:03:9B:1A:B2:D4:16:AD:83:BF:69:14:05:84:11:C2:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3XTcgObGrLUFq2Dv2kUBYQRwqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/956e7d-6b93-42fb-993f-6b0038875a14/1/6fHnoC5fLobRKJZM0QUMfPDpJvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/956e7d-6b93-42fb-993f-6b0038875a14/1/e3XTcgObGrLUFq2Dv2kUBYQRwqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.200.0/22
109.94.166.0/23
193.34.244.0/22
Signature Algorithm: sha256WithRSAEncryption
a7:65:b0:1a:32:76:d1:25:be:b9:cc:60:f1:03:9a:d4:d9:3e:
1a:7f:9f:3e:22:9f:de:6f:02:4a:7c:19:a7:71:e6:50:64:ed:
76:a2:bc:52:b7:74:58:e0:1e:92:ca:10:e4:c0:95:8c:46:b9:
12:c2:e8:d7:2c:41:94:8d:7c:f7:d0:fb:fa:08:ee:89:99:08:
e8:15:5d:79:99:4d:89:b2:2d:67:e2:f6:7c:49:3a:d0:c0:94:
59:d6:9a:3c:00:43:c1:0f:a1:27:73:dc:43:94:08:98:54:a6:
e9:7b:a6:bc:5b:50:23:01:15:ff:76:07:11:f2:d9:2b:a0:46:
4f:fb:42:fb:d0:a8:b6:0b:c7:e5:34:52:e1:ac:46:b7:9e:26:
73:1f:6f:dc:f4:76:b2:bc:9b:91:91:e8:8d:fa:23:17:ae:13:
ba:7f:34:23:5b:9d:12:9e:77:0a:2f:79:d9:8c:ac:2a:a2:5e:
14:41:20:f0:14:0b:34:23:33:76:6b:65:42:f6:d3:3f:f9:a2:
db:fb:fa:1e:a0:a0:f9:be:58:14:b5:3c:c9:cc:33:1b:f6:c4:
f0:0c:22:8e:b9:a9:bb:53:b4:20:c8:32:86:32:7a:aa:f5:f5:
c6:49:4b:22:e8:12:4a:03:0f:e6:14:88:20:40:8a:27:2e:18:
6f:66:0d:cb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY+v74tV/7svcwu8hRXow1TUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNzVkMzcyMDM5YjFhYjJkNDE2YWQ4M2JmNjkxNDA1ODQx
MWMyYTIwHhcNMjQwNTI1MTMyNzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWYxZTdhMDJlNWYyZTg2ZDEyODk2NGNkMTA1MGM3Y2YwZTkyNmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnX7E0gK+AkueJ1muNWjWOPuiXE7
D2kSqKAGOpIxK0PWqES3/7BfTBCS85jhUhBnwHzS+T60jH7pU8vFqA2zz6N4KA4s
KZ7YdC9PvnRJgUS17EjAUGXhPdWgald3Nu+zJ/r/lF9m7R6JM+vVfsL6NO/rCZNv
qIouNCxJWGKWpw7vozriYk225imSESo5WpklvXtvMpuW21QY1zOQ0H4dvZ8daH+4
7DsvNGRBxlZzNkGS5XkZviTR5CdZuA8NnxWJGHVlVo26xARtaRbHsCIrdC23Da2X
kXDt4vAoWyfI33MgYEo9LhGVQVej8WjtvTY/60zXwISuTYZyIQle3XZZSQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOnx56AuXy6G0SiWTNEFDHzw6Sb0MB8GA1UdIwQY
MBaAFHt103IDmxqy1Batg79pFAWEEcKiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTNYVGNnT2JHckxVRnEyRHYya1VCWVFSd3FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85NTZlN2QtNmI5My00MmZiLTk5M2Yt
NmIwMDM4ODc1YTE0LzEvNmZIbm9DNWZMb2JSS0paTTBRVU1mUERwSnZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni85NTZlN2QtNmI5My00MmZiLTk5M2YtNmIwMDM4ODc1YTE0
LzEvZTNYVGNnT2JHckxVRnEyRHYya1VCWVFSd3FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLZzIAwQB
bV6mAwQCwSL0MA0GCSqGSIb3DQEBCwUAA4IBAQCnZbAaMnbRJb65zGDxA5rU2T4a
f58+Ip/ebwJKfBmnceZQZO12orxSt3RY4B6SyhDkwJWMRrkSwujXLEGUjXz30Pv6
CO6JmQjoFV15mU2Jsi1n4vZ8STrQwJRZ1po8AEPBD6Enc9xDlAiYVKbpe6a8W1Aj
ARX/dgcR8tkroEZP+0L70Ki2C8flNFLhrEa3niZzH2/c9HayvJuRkeiN+iMXrhO6
fzQjW50SnncKL3nZjKwqol4UQSDwFAs0IzN2a2VC9tM/+aLb+/oeoKD5vlgUtTzJ
zDMb9sTwDCKOuam7U7QgyDKGMnqq9fXGSUsi6BJKAw/mFIggQIonLhhvZg3L
-----END CERTIFICATE-----
Generated at Mon Jun 24 11:58:27 2024 by rpki-client on console-fra.rpki-client.org