Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/ab3caa-313e-4683-84db-9ee5a78ec57b/1/6rEstb-qApzigvsFg3UbJOJcFlY.roa
File: 6rEstb-qApzigvsFg3UbJOJcFlY.roa (raw, json)
Hash identifier: GX7UssVR/Tg/KdsWzWnKsERUbKToyzgNF2BsWoKeqKA=
Subject key identifier: EA:B1:2C:B5:BF:AA:02:9C:E2:82:FB:05:83:75:1B:24:E2:5C:16:56
Certificate issuer: /CN=406f014a2bc76ae04e6d304d06aacbfc8e85d514
Certificate serial: 018CC492CBABAD375D62C56A298CCEF79782
Authority key identifier: 40:6F:01:4A:2B:C7:6A:E0:4E:6D:30:4D:06:AA:CB:FC:8E:85:D5:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QG8BSivHauBObTBNBqrL_I6F1RQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3caa-313e-4683-84db-9ee5a78ec57b/1/6rEstb-qApzigvsFg3UbJOJcFlY.roa
Signing time: Mon 01 Jan 2024 10:30:03 +0000
ROA not before: Mon 01 Jan 2024 10:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41540
IP address blocks: 194.246.120.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3caa-313e-4683-84db-9ee5a78ec57b/1/QG8BSivHauBObTBNBqrL_I6F1RQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3caa-313e-4683-84db-9ee5a78ec57b/1/QG8BSivHauBObTBNBqrL_I6F1RQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/QG8BSivHauBObTBNBqrL_I6F1RQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 16:02:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:cb:ab:ad:37:5d:62:c5:6a:29:8c:ce:f7:97:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=406f014a2bc76ae04e6d304d06aacbfc8e85d514
Validity
Not Before: Jan 1 10:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eab12cb5bfaa029ce282fb0583751b24e25c1656
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:aa:49:4b:dd:0e:e4:f3:2c:42:c6:8d:b6:59:
ee:9b:12:86:be:97:06:6f:85:7e:ab:c0:86:bf:a7:
3e:be:1c:dd:eb:9e:b6:bb:c5:51:8a:b7:8f:99:26:
e3:2a:4e:f3:ca:b9:18:a8:5f:4c:6a:a5:67:42:b0:
a3:aa:fb:fc:37:df:e3:a8:53:65:0b:ff:07:20:64:
23:6c:62:db:d0:62:20:b3:7b:b0:37:e8:e4:bc:59:
c8:69:d6:00:a0:e3:36:ea:7c:24:bb:b5:0f:df:bc:
ed:82:10:0f:df:b2:5f:7d:7f:60:2d:98:8b:a1:b3:
e1:3f:56:50:fa:3e:a1:23:a1:9f:21:8a:a2:41:9c:
b4:59:41:9b:54:ae:84:5b:fa:4d:d0:85:72:27:2b:
d8:a7:79:77:b2:88:89:40:59:cf:63:73:92:55:b8:
36:60:da:e7:f7:09:17:ba:51:e7:18:8e:eb:eb:90:
68:ac:1e:3f:06:78:24:e2:82:73:c6:2f:f9:27:48:
a8:ee:2e:2d:1d:0c:a2:5a:8e:79:47:0c:92:33:80:
af:0c:a0:4b:8b:76:06:2b:fa:8c:c6:70:54:ef:a6:
8f:ea:3b:88:fa:6e:da:5d:29:17:2d:65:48:9d:d7:
0e:8b:67:42:5a:8b:ba:ec:26:fa:83:a7:21:29:e0:
dc:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:B1:2C:B5:BF:AA:02:9C:E2:82:FB:05:83:75:1B:24:E2:5C:16:56
X509v3 Authority Key Identifier:
keyid:40:6F:01:4A:2B:C7:6A:E0:4E:6D:30:4D:06:AA:CB:FC:8E:85:D5:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QG8BSivHauBObTBNBqrL_I6F1RQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3caa-313e-4683-84db-9ee5a78ec57b/1/6rEstb-qApzigvsFg3UbJOJcFlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3caa-313e-4683-84db-9ee5a78ec57b/1/QG8BSivHauBObTBNBqrL_I6F1RQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.246.120.0/24
Signature Algorithm: sha256WithRSAEncryption
48:10:2f:44:aa:63:e8:ca:ab:c6:ad:d9:06:ed:7f:9d:98:93:
e6:dc:0c:79:02:56:ba:a5:61:ed:0e:8a:87:fc:5a:6d:47:76:
3d:0d:12:e8:d3:e0:c1:1c:32:be:29:ca:52:9f:8d:23:e5:d1:
76:7e:f7:74:25:5e:db:b5:56:65:39:99:20:46:70:55:fa:86:
8d:03:39:b1:fd:62:b1:ee:6e:54:38:06:76:69:72:b9:40:0b:
49:00:f7:39:7f:c9:15:12:ee:83:a8:15:3e:3f:94:92:06:c1:
f1:42:e6:53:e0:3d:cf:dc:0d:6c:a2:3d:3b:e5:ef:1c:43:8c:
ee:6b:f9:49:8a:de:21:c7:d2:9d:97:d0:31:9d:c0:80:b0:66:
5c:7f:e5:40:c0:6c:a8:52:8d:60:ef:50:52:35:57:a1:e7:66:
e2:75:bb:52:31:cc:1c:5b:00:41:7f:7a:c7:b3:e4:a0:06:8f:
f6:9c:07:6b:07:22:e3:ef:9b:8b:23:4c:91:bd:34:58:a8:aa:
e5:af:96:61:b1:2d:a5:3c:7e:0b:71:79:66:0f:28:57:f7:7f:
9a:99:32:77:13:5b:94:fb:26:91:3b:56:23:89:ea:0a:9b:58:
98:5b:cc:08:09:62:49:ed:55:eb:a5:2e:cd:30:2c:6b:b3:99:
1a:26:fa:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEksurrTddYsVqKYzO95eCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNmYwMTRhMmJjNzZhZTA0ZTZkMzA0ZDA2YWFjYmZjOGU4
NWQ1MTQwHhcNMjQwMTAxMTAzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWIxMmNiNWJmYWEwMjljZTI4MmZiMDU4Mzc1MWIyNGUyNWMxNjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKpJS90O5PMsQsaNtlnumxKGvpcG
b4V+q8CGv6c+vhzd6562u8VRirePmSbjKk7zyrkYqF9MaqVnQrCjqvv8N9/jqFNl
C/8HIGQjbGLb0GIgs3uwN+jkvFnIadYAoOM26nwku7UP37ztghAP37JffX9gLZiL
obPhP1ZQ+j6hI6GfIYqiQZy0WUGbVK6EW/pN0IVyJyvYp3l3soiJQFnPY3OSVbg2
YNrn9wkXulHnGI7r65BorB4/Bngk4oJzxi/5J0io7i4tHQyiWo55RwySM4CvDKBL
i3YGK/qMxnBU76aP6juI+m7aXSkXLWVIndcOi2dCWou67Cb6g6chKeDcFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOqxLLW/qgKc4oL7BYN1GyTiXBZWMB8GA1UdIwQY
MBaAFEBvAUorx2rgTm0wTQaqy/yOhdUUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUc4QlNpdkhhdUJPYlRCTkJxckxfSTZGMVJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9hYjNjYWEtMzEzZS00NjgzLTg0ZGIt
OWVlNWE3OGVjNTdiLzEvNnJFc3RiLXFBcHppZ3ZzRmczVWJKT0pjRmxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9hYjNjYWEtMzEzZS00NjgzLTg0ZGItOWVlNWE3OGVjNTdi
LzEvUUc4QlNpdkhhdUJPYlRCTkJxckxfSTZGMVJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwvZ4MA0G
CSqGSIb3DQEBCwUAA4IBAQBIEC9EqmPoyqvGrdkG7X+dmJPm3Ax5Ala6pWHtDoqH
/FptR3Y9DRLo0+DBHDK+KcpSn40j5dF2fvd0JV7btVZlOZkgRnBV+oaNAzmx/WKx
7m5UOAZ2aXK5QAtJAPc5f8kVEu6DqBU+P5SSBsHxQuZT4D3P3A1soj075e8cQ4zu
a/lJit4hx9Kdl9AxncCAsGZcf+VAwGyoUo1g71BSNVeh52bidbtSMcwcWwBBf3rH
s+SgBo/2nAdrByLj75uLI0yRvTRYqKrlr5ZhsS2lPH4LcXlmDyhX93+amTJ3E1uU
+yaRO1YjieoKm1iYW8wICWJJ7VXrpS7NMCxrs5kaJvpj
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:42:33 2024 by rpki-client on console-ams.rpki-client.org