Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/a1dcfb-8010-414e-9e3a-44001700b8ca/1/6gHr81-vG49_XNY4jNxPMANevHU.roa
File: 6gHr81-vG49_XNY4jNxPMANevHU.roa (raw, json)
Hash identifier: BAArSRYGW4YFJ87LFcmWFYprQ1wZSo+Iw9BbFhVUFzM=
Subject key identifier: EA:01:EB:F3:5F:AF:1B:8F:7F:5C:D6:38:8C:DC:4F:30:03:5E:BC:75
Certificate issuer: /CN=5baa35401e5297b3b527e84f93ea8aa110d97b95
Certificate serial: 018CC5DC1773508352FA7802019D3999366D
Authority key identifier: 5B:AA:35:40:1E:52:97:B3:B5:27:E8:4F:93:EA:8A:A1:10:D9:7B:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W6o1QB5Sl7O1J-hPk-qKoRDZe5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/a1dcfb-8010-414e-9e3a-44001700b8ca/1/6gHr81-vG49_XNY4jNxPMANevHU.roa
Signing time: Mon 01 Jan 2024 16:29:44 +0000
ROA not before: Mon 01 Jan 2024 16:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51984
IP address blocks: 185.182.152.0/24 maxlen: 24
185.182.155.0/24 maxlen: 24
185.182.154.0/24 maxlen: 24
185.182.153.0/24 maxlen: 24
46.253.43.0/24 maxlen: 24
46.253.42.0/24 maxlen: 24
46.253.41.0/24 maxlen: 24
46.253.40.0/24 maxlen: 24
46.253.44.0/24 maxlen: 24
46.253.47.0/24 maxlen: 24
46.253.46.0/24 maxlen: 24
46.253.45.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/a1dcfb-8010-414e-9e3a-44001700b8ca/1/W6o1QB5Sl7O1J-hPk-qKoRDZe5U.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/a1dcfb-8010-414e-9e3a-44001700b8ca/1/W6o1QB5Sl7O1J-hPk-qKoRDZe5U.mft
rsync://rpki.ripe.net/repository/DEFAULT/W6o1QB5Sl7O1J-hPk-qKoRDZe5U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 14:49:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:17:73:50:83:52:fa:78:02:01:9d:39:99:36:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5baa35401e5297b3b527e84f93ea8aa110d97b95
Validity
Not Before: Jan 1 16:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea01ebf35faf1b8f7f5cd6388cdc4f30035ebc75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ab:f2:34:6c:ef:a8:83:9c:c3:6c:e3:61:f6:
53:aa:03:83:2e:8c:d4:ef:e3:b1:90:ff:40:10:47:
e5:e7:f5:13:16:d7:da:4b:be:fa:95:06:e0:90:09:
4e:8e:75:4e:3f:ed:a9:5e:0b:59:69:a9:7f:7e:70:
b7:26:c1:a4:67:27:0c:c7:7b:37:ed:23:f3:2f:c8:
38:db:30:84:de:99:61:1b:0f:a0:af:d2:36:c5:44:
87:2e:48:93:e2:e2:15:59:ab:89:25:74:3e:a1:6e:
49:8f:d9:56:16:11:e5:a5:f3:f8:d1:be:1c:2a:79:
8b:54:5e:e5:d1:5a:1a:43:4b:84:54:81:aa:b6:a2:
3e:13:1f:f7:55:9e:8e:8e:13:d1:f9:03:89:02:6a:
b3:8e:c3:86:2a:ec:e4:44:f1:fb:75:ab:4e:39:50:
3b:4c:7e:60:6f:27:a8:4e:a6:33:7f:d4:56:1a:0f:
5b:1b:19:12:58:b8:dd:c8:98:06:21:cc:d0:69:bd:
dc:07:08:c0:aa:ea:b4:3c:e5:c1:25:36:6d:94:f8:
2c:ef:01:b4:c2:80:85:92:2b:3b:ff:a8:0a:4f:03:
b7:ef:7b:56:74:b7:de:72:b6:6c:02:49:8c:fb:ef:
1d:fd:f8:0f:52:90:46:32:09:28:6b:8b:ba:fa:39:
ec:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:01:EB:F3:5F:AF:1B:8F:7F:5C:D6:38:8C:DC:4F:30:03:5E:BC:75
X509v3 Authority Key Identifier:
keyid:5B:AA:35:40:1E:52:97:B3:B5:27:E8:4F:93:EA:8A:A1:10:D9:7B:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W6o1QB5Sl7O1J-hPk-qKoRDZe5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/a1dcfb-8010-414e-9e3a-44001700b8ca/1/6gHr81-vG49_XNY4jNxPMANevHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/a1dcfb-8010-414e-9e3a-44001700b8ca/1/W6o1QB5Sl7O1J-hPk-qKoRDZe5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.40.0/21
185.182.152.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:8e:7d:29:44:ec:6f:40:d4:c3:9d:b2:79:9b:cb:9a:99:d8:
4b:22:13:e2:aa:7b:0d:f3:90:c1:76:3d:cf:c8:8c:f4:42:e6:
cf:89:f0:df:66:29:4c:4f:b2:99:f2:36:19:a9:df:78:52:bf:
ef:f7:44:d3:46:0f:43:e4:78:82:99:8b:54:9d:66:93:94:82:
ef:5d:54:32:d2:10:f5:e4:97:f0:81:f0:ad:b5:5a:6d:a2:39:
12:a1:df:cc:d6:3b:f1:08:2b:8e:81:cb:8c:1f:e3:fa:e9:05:
34:fb:e4:d6:9e:aa:11:1f:c5:93:bb:77:79:f0:46:2c:c6:78:
41:fe:94:0e:84:a0:c5:f9:08:42:13:ef:27:89:3e:b4:d8:0e:
bc:1a:bc:74:89:db:59:e8:4e:fb:96:aa:d8:2a:2b:be:90:4a:
a9:09:39:cb:f2:29:31:16:a8:39:6b:81:29:af:c1:df:65:b9:
e7:b4:58:36:46:fd:a5:bd:d4:f8:40:b1:ad:d1:6f:5c:78:4f:
6c:09:34:b2:b3:d3:14:52:31:b9:cf:0c:ef:1f:c5:bf:49:da:
cb:06:32:73:d4:b8:2e:ad:5b:76:18:78:2f:db:e2:40:aa:1b:
b8:3e:7e:eb:62:25:52:91:fa:c1:b5:74:9e:c4:2d:a3:a4:79:
d8:ac:22:22
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3BdzUINS+ngCAZ05mTZtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViYWEzNTQwMWU1Mjk3YjNiNTI3ZTg0ZjkzZWE4YWExMTBk
OTdiOTUwHhcNMjQwMTAxMTYyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTAxZWJmMzVmYWYxYjhmN2Y1Y2Q2Mzg4Y2RjNGYzMDAzNWViYzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKvyNGzvqIOcw2zjYfZTqgODLozU
7+OxkP9AEEfl5/UTFtfaS776lQbgkAlOjnVOP+2pXgtZaal/fnC3JsGkZycMx3s3
7SPzL8g42zCE3plhGw+gr9I2xUSHLkiT4uIVWauJJXQ+oW5Jj9lWFhHlpfP40b4c
KnmLVF7l0VoaQ0uEVIGqtqI+Ex/3VZ6OjhPR+QOJAmqzjsOGKuzkRPH7datOOVA7
TH5gbyeoTqYzf9RWGg9bGxkSWLjdyJgGIczQab3cBwjAquq0POXBJTZtlPgs7wG0
woCFkis7/6gKTwO373tWdLfecrZsAkmM++8d/fgPUpBGMgkoa4u6+jnsaQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOoB6/NfrxuPf1zWOIzcTzADXrx1MB8GA1UdIwQY
MBaAFFuqNUAeUpeztSfoT5PqiqEQ2XuVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzZvMVFCNVNsN08xSi1oUGstcUtvUkRaZTVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9hMWRjZmItODAxMC00MTRlLTllM2Et
NDQwMDE3MDBiOGNhLzEvNmdIcjgxLXZHNDlfWE5ZNGpOeFBNQU5ldkhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9hMWRjZmItODAxMC00MTRlLTllM2EtNDQwMDE3MDBiOGNh
LzEvVzZvMVFCNVNsN08xSi1oUGstcUtvUkRaZTVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLv0oAwQC
ubaYMA0GCSqGSIb3DQEBCwUAA4IBAQB7jn0pROxvQNTDnbJ5m8uamdhLIhPiqnsN
85DBdj3PyIz0QubPifDfZilMT7KZ8jYZqd94Ur/v90TTRg9D5HiCmYtUnWaTlILv
XVQy0hD15JfwgfCttVptojkSod/M1jvxCCuOgcuMH+P66QU0++TWnqoRH8WTu3d5
8EYsxnhB/pQOhKDF+QhCE+8niT602A68Grx0idtZ6E77lqrYKiu+kEqpCTnL8ikx
Fqg5a4Epr8HfZbnntFg2Rv2lvdT4QLGt0W9ceE9sCTSys9MUUjG5zwzvH8W/SdrL
BjJz1LgurVt2GHgv2+JAqhu4Pn7rYiVSkfrBtXSexC2jpHnYrCIi
-----END CERTIFICATE-----
Generated at Sun Jun 23 17:58:07 2024 by rpki-client on console-ams.rpki-client.org