Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/6ce0c0-937c-4a43-9e84-18e5c537d51d/1/aybWEOdmOB1wGUYKpFWA_5Awmz0.roa
File: aybWEOdmOB1wGUYKpFWA_5Awmz0.roa (raw, json)
Hash identifier: uQthXtrpsje/BZjrn9hmBWJqR1b0yYGNdUX+PhJyksU=
Subject key identifier: 6B:26:D6:10:E7:66:38:1D:70:19:46:0A:A4:55:80:FF:90:30:9B:3D
Certificate issuer: /CN=70de707d6c01006b2aca687eaab29cb4736b7668
Certificate serial: 018CC801C7DD0F265F3A679D5B2979995076
Authority key identifier: 70:DE:70:7D:6C:01:00:6B:2A:CA:68:7E:AA:B2:9C:B4:73:6B:76:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cN5wfWwBAGsqymh-qrKctHNrdmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/6ce0c0-937c-4a43-9e84-18e5c537d51d/1/aybWEOdmOB1wGUYKpFWA_5Awmz0.roa
Signing time: Tue 02 Jan 2024 02:30:09 +0000
ROA not before: Tue 02 Jan 2024 02:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199906
IP address blocks: 185.54.136.0/23 maxlen: 23
2a01:6160:1996::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/93/6ce0c0-937c-4a43-9e84-18e5c537d51d/1/cN5wfWwBAGsqymh-qrKctHNrdmg.crl
rsync://rpki.ripe.net/repository/DEFAULT/93/6ce0c0-937c-4a43-9e84-18e5c537d51d/1/cN5wfWwBAGsqymh-qrKctHNrdmg.mft
rsync://rpki.ripe.net/repository/DEFAULT/cN5wfWwBAGsqymh-qrKctHNrdmg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 10:01:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:c7:dd:0f:26:5f:3a:67:9d:5b:29:79:99:50:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70de707d6c01006b2aca687eaab29cb4736b7668
Validity
Not Before: Jan 2 02:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b26d610e766381d7019460aa45580ff90309b3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:09:ee:f9:10:58:bc:56:03:d6:dd:85:03:fe:
40:13:6f:d7:38:11:eb:4d:1f:50:e8:ec:2a:55:42:
4c:8b:5a:c4:4c:6b:60:a9:32:36:12:cf:cf:68:37:
cf:ce:65:7b:4e:53:be:e1:f2:3a:62:68:80:b8:a2:
a3:d8:ee:a9:15:16:f8:37:a4:7c:23:1d:10:3f:84:
9b:d0:5b:02:be:02:c8:db:7a:aa:64:df:05:ca:48:
5f:c5:26:4f:8d:19:d6:74:93:7c:b8:e4:12:a8:5b:
5f:2d:53:34:d6:ad:8a:ec:1e:a5:17:04:3a:fe:9e:
18:5a:ca:3d:8e:25:8f:c2:df:21:2a:76:7b:a7:67:
a0:79:c1:6c:58:6f:d7:af:c4:e9:f7:98:4e:ee:f4:
27:2a:03:ce:a8:b3:72:a9:9e:18:ca:63:39:07:3b:
e4:c5:23:ce:c6:7e:06:0e:4b:69:84:26:27:27:57:
80:00:3e:4a:fa:6e:e5:45:e0:46:b5:fe:9b:16:c5:
1a:0b:8e:c1:3c:20:f6:33:f2:6f:69:ad:2f:de:22:
b9:a4:04:3b:db:e6:0c:d9:8c:3c:12:62:08:28:4b:
1d:62:6d:be:aa:b3:09:db:85:13:78:9f:55:9f:e4:
56:3a:90:81:a1:c6:33:8e:91:13:09:38:46:59:58:
fd:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:26:D6:10:E7:66:38:1D:70:19:46:0A:A4:55:80:FF:90:30:9B:3D
X509v3 Authority Key Identifier:
keyid:70:DE:70:7D:6C:01:00:6B:2A:CA:68:7E:AA:B2:9C:B4:73:6B:76:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cN5wfWwBAGsqymh-qrKctHNrdmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/6ce0c0-937c-4a43-9e84-18e5c537d51d/1/aybWEOdmOB1wGUYKpFWA_5Awmz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/6ce0c0-937c-4a43-9e84-18e5c537d51d/1/cN5wfWwBAGsqymh-qrKctHNrdmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.54.136.0/23
IPv6:
2a01:6160:1996::/48
Signature Algorithm: sha256WithRSAEncryption
0d:5d:50:09:ae:7f:48:d8:5b:07:c2:5d:de:0c:e3:e9:61:a9:
aa:b0:6a:0b:1d:6a:e4:45:99:bd:4e:7c:fd:8e:28:40:1d:6c:
4c:a4:47:67:a9:55:23:0b:95:12:6d:c2:e3:38:04:77:6a:3b:
0c:47:4a:9e:00:d5:46:fb:55:6e:f7:4e:d8:c0:3d:0d:ce:d8:
74:8c:58:50:28:b3:b8:43:a0:85:2f:65:92:99:9d:64:96:1f:
68:e4:a4:96:91:b6:85:02:ac:d8:4f:f0:18:01:27:a0:99:e7:
f6:2b:12:a9:a0:55:fc:1b:97:67:2e:94:33:35:b7:11:90:cb:
1d:0c:02:66:07:89:56:1f:8e:3b:44:c2:26:4a:b3:13:80:78:
4d:db:a2:1a:a8:8b:5f:34:66:25:e7:20:eb:a1:20:c1:88:1a:
30:22:b1:0d:5f:ea:e7:3d:bb:c8:4e:66:bc:de:2b:46:a7:bb:
db:68:e1:f6:88:a2:01:5b:82:e4:9f:ed:9d:cb:64:4e:fe:34:
8e:a6:c1:77:bb:c5:1b:05:0e:95:5c:4c:95:92:e1:19:ce:af:
cc:d4:46:2f:4d:d9:e6:4c:06:23:c9:39:5c:e7:e3:ac:b9:f5:
2b:6e:51:fa:96:c7:0d:d1:1c:1a:ea:b3:01:c8:7c:75:06:2d:
d7:b3:70:ff
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzIAcfdDyZfOmedWyl5mVB2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZGU3MDdkNmMwMTAwNmIyYWNhNjg3ZWFhYjI5Y2I0NzM2
Yjc2NjgwHhcNMjQwMTAyMDIzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjI2ZDYxMGU3NjYzODFkNzAxOTQ2MGFhNDU1ODBmZjkwMzA5YjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQnu+RBYvFYD1t2FA/5AE2/XOBHr
TR9Q6OwqVUJMi1rETGtgqTI2Es/PaDfPzmV7TlO+4fI6YmiAuKKj2O6pFRb4N6R8
Ix0QP4Sb0FsCvgLI23qqZN8FykhfxSZPjRnWdJN8uOQSqFtfLVM01q2K7B6lFwQ6
/p4YWso9jiWPwt8hKnZ7p2egecFsWG/Xr8Tp95hO7vQnKgPOqLNyqZ4YymM5Bzvk
xSPOxn4GDktphCYnJ1eAAD5K+m7lReBGtf6bFsUaC47BPCD2M/Jvaa0v3iK5pAQ7
2+YM2Yw8EmIIKEsdYm2+qrMJ24UTeJ9Vn+RWOpCBocYzjpETCThGWVj9TwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGsm1hDnZjgdcBlGCqRVgP+QMJs9MB8GA1UdIwQY
MBaAFHDecH1sAQBrKspofqqynLRza3ZoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY041d2ZXd0JBR3NxeW1oLXFyS2N0SE5yZG1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My82Y2UwYzAtOTM3Yy00YTQzLTllODQt
MThlNWM1MzdkNTFkLzEvYXliV0VPZG1PQjF3R1VZS3BGV0FfNUF3bXowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My82Y2UwYzAtOTM3Yy00YTQzLTllODQtMThlNWM1MzdkNTFk
LzEvY041d2ZXd0JBR3NxeW1oLXFyS2N0SE5yZG1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBuTaIMA8E
AgACMAkDBwAqAWFgGZYwDQYJKoZIhvcNAQELBQADggEBAA1dUAmuf0jYWwfCXd4M
4+lhqaqwagsdauRFmb1OfP2OKEAdbEykR2epVSMLlRJtwuM4BHdqOwxHSp4A1Ub7
VW73TtjAPQ3O2HSMWFAos7hDoIUvZZKZnWSWH2jkpJaRtoUCrNhP8BgBJ6CZ5/Yr
EqmgVfwbl2culDM1txGQyx0MAmYHiVYfjjtEwiZKsxOAeE3bohqoi180ZiXnIOuh
IMGIGjAisQ1f6uc9u8hOZrzeK0anu9to4faIogFbguSf7Z3LZE7+NI6mwXe7xRsF
DpVcTJWS4RnOr8zURi9N2eZMBiPJOVzn46y59StuUfqWxw3RHBrqswHIfHUGLdez
cP8=
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:31:55 2024 by rpki-client on console-fra.rpki-client.org