Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/Y641kU1UAAIOncMlIqm_qR_0X7Q.roa
File: Y641kU1UAAIOncMlIqm_qR_0X7Q.roa (raw, json)
Hash identifier: Hdd7SNEgyJP0EyiH7vKVaX0kpyvHJFvGHkRuArF8V+Q=
Subject key identifier: 63:AE:35:91:4D:54:00:02:0E:9D:C3:25:22:A9:BF:A9:1F:F4:5F:B4
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 018DCC19EF71377ABDA0E12BEE730F6A8751
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/Y641kU1UAAIOncMlIqm_qR_0X7Q.roa
Signing time: Wed 21 Feb 2024 14:37:48 +0000
ROA not before: Wed 21 Feb 2024 14:37:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21245
IP address blocks: 144.208.204.0/24 maxlen: 24
144.208.206.0/24 maxlen: 24
185.2.176.0/24 maxlen: 24
217.146.6.0/24 maxlen: 24
217.146.7.0/24 maxlen: 24
2a05:8900:36::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.mft
rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Sep 2024 22:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cc:19:ef:71:37:7a:bd:a0:e1:2b:ee:73:0f:6a:87:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Feb 21 14:37:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63ae35914d5400020e9dc32522a9bfa91ff45fb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:41:c3:7c:89:c9:ce:7b:27:f9:21:c2:5d:37:
39:8d:22:ae:58:35:22:61:2f:ec:ea:df:b0:e2:9c:
d4:42:f5:5b:f1:a2:5d:c1:73:22:49:cb:d2:ea:db:
71:45:33:97:c5:92:19:b6:8b:61:25:fd:95:95:67:
d1:0d:a7:bb:59:cd:a7:30:49:d4:f1:85:49:5e:56:
cb:20:04:b7:b9:03:22:da:91:ef:eb:b7:e2:ff:98:
37:30:4c:78:3f:2e:37:d2:8f:39:d2:ff:1f:b3:a5:
44:49:39:c9:44:be:cf:a2:bb:41:18:6c:ab:c2:90:
a6:0e:99:d4:57:09:59:2b:9c:06:3b:05:da:35:a9:
fd:f8:22:bd:74:da:8c:d7:15:64:a8:11:3f:bc:64:
7e:8d:f4:b7:3a:1b:e3:80:d3:23:f0:a9:5c:e1:8e:
71:65:5f:87:8d:c5:1c:47:fb:66:88:52:89:60:18:
8a:d9:ea:f5:0e:bc:a9:a6:9d:22:c3:fe:6a:65:12:
74:ad:e2:4a:a9:e5:83:30:15:33:a7:c0:2a:8a:90:
ee:bb:6c:32:f0:1f:e5:7b:7e:3d:ac:bf:08:9d:c5:
e2:7c:d9:9a:18:51:75:2a:09:4e:78:39:58:32:1e:
a1:96:90:d8:de:7d:4c:aa:63:4c:82:84:7b:1f:bf:
59:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:AE:35:91:4D:54:00:02:0E:9D:C3:25:22:A9:BF:A9:1F:F4:5F:B4
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/Y641kU1UAAIOncMlIqm_qR_0X7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.208.204.0/24
144.208.206.0/24
185.2.176.0/24
217.146.6.0/23
IPv6:
2a05:8900:36::/48
Signature Algorithm: sha256WithRSAEncryption
0b:f2:3c:d3:cd:54:fe:c6:48:c9:6f:8b:65:39:93:7b:5a:0d:
b9:7d:30:b4:c9:2d:1b:59:31:29:30:ea:65:9e:33:0c:0f:60:
d8:33:fb:59:c3:29:a1:c0:6a:51:dd:3e:be:2a:cf:45:e1:0c:
a0:1d:b7:62:a8:88:89:07:29:38:ae:93:9c:1b:40:05:92:5e:
f4:8e:4b:b8:e6:95:32:1b:ce:fd:41:9a:f6:b6:a7:53:d5:67:
b2:57:66:f1:e4:55:68:84:cd:88:d0:e5:08:af:e9:c6:64:9e:
10:d0:6d:b9:3b:35:31:00:7b:8c:cf:2b:2a:17:65:8b:2e:05:
83:42:b5:02:82:1d:b7:ab:4f:75:f4:b4:e2:7d:96:53:a6:a2:
b3:ff:48:c5:00:d5:00:ea:00:c5:83:38:3e:8b:24:0a:7c:07:
94:3e:96:e5:a7:5f:39:74:94:30:a1:a6:6b:3d:78:f1:52:9e:
20:fd:50:11:2c:b1:ea:85:b9:3d:0f:91:a9:d4:d6:e1:ff:29:
53:3e:26:2c:7a:1f:59:9d:b5:6b:3c:2e:bf:ed:7d:05:6c:8e:
fe:b7:72:68:3b:02:34:de:06:1d:6e:58:41:03:33:46:72:df:
f3:c5:9d:90:e2:7b:ce:63:6c:c6:1a:60:7c:3c:4a:7f:67:d5:
39:55:c3:fb
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAY3MGe9xN3q9oOEr7nMPaodRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjQwMjIxMTQzNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2FlMzU5MTRkNTQwMDAyMGU5ZGMzMjUyMmE5YmZhOTFmZjQ1ZmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkHDfInJznsn+SHCXTc5jSKuWDUi
YS/s6t+w4pzUQvVb8aJdwXMiScvS6ttxRTOXxZIZtothJf2VlWfRDae7Wc2nMEnU
8YVJXlbLIAS3uQMi2pHv67fi/5g3MEx4Py430o850v8fs6VESTnJRL7PortBGGyr
wpCmDpnUVwlZK5wGOwXaNan9+CK9dNqM1xVkqBE/vGR+jfS3OhvjgNMj8Klc4Y5x
ZV+HjcUcR/tmiFKJYBiK2er1Dryppp0iw/5qZRJ0reJKqeWDMBUzp8AqipDuu2wy
8B/le349rL8IncXifNmaGFF1KglOeDlYMh6hlpDY3n1MqmNMgoR7H79Z9wIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFGOuNZFNVAACDp3DJSKpv6kf9F+0MB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvWTY0MWtVMVVBQUlPbmNNbElxbV9xUl8wWDdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQAkNDMAwQA
kNDOAwQAuQKwAwQB2ZIGMA8EAgACMAkDBwAqBYkAADYwDQYJKoZIhvcNAQELBQAD
ggEBAAvyPNPNVP7GSMlvi2U5k3taDbl9MLTJLRtZMSkw6mWeMwwPYNgz+1nDKaHA
alHdPr4qz0XhDKAdt2KoiIkHKTiuk5wbQAWSXvSOS7jmlTIbzv1Bmva2p1PVZ7JX
ZvHkVWiEzYjQ5Qiv6cZknhDQbbk7NTEAe4zPKyoXZYsuBYNCtQKCHberT3X0tOJ9
llOmorP/SMUA1QDqAMWDOD6LJAp8B5Q+luWnXzl0lDChpms9ePFSniD9UBEsseqF
uT0PkanU1uH/KVM+Jix6H1mdtWs8Lr/tfQVsjv63cmg7AjTeBh1uWEEDM0Zy3/PF
nZDie85jbMYaYHw8Sn9n1TlVw/s=
-----END CERTIFICATE-----
Generated at Sat Sep 28 05:48:01 2024 by rpki-client on console-fra.rpki-client.org