Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/90e70f-85dc-44a9-bb23-27f2bc162a07/1/O6ZneyXcmBuSuDgqQSLcpApbdws.roa
File: O6ZneyXcmBuSuDgqQSLcpApbdws.roa (raw, json)
Hash identifier: Ru9PCjwBGm8J5hNGI/77sp6es8NuLMunNCAea2pDdsU=
Subject key identifier: 3B:A6:67:7B:25:DC:98:1B:92:B8:38:2A:41:22:DC:A4:0A:5B:77:0B
Certificate issuer: /CN=df8f961c6efbb7f9ce74217b1d5dbb54e981c6f2
Certificate serial: 018CC2DB46EBF98FA44637F3A5878478BB03
Authority key identifier: DF:8F:96:1C:6E:FB:B7:F9:CE:74:21:7B:1D:5D:BB:54:E9:81:C6:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/34-WHG77t_nOdCF7HV27VOmBxvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/90e70f-85dc-44a9-bb23-27f2bc162a07/1/O6ZneyXcmBuSuDgqQSLcpApbdws.roa
Signing time: Mon 01 Jan 2024 02:29:59 +0000
ROA not before: Mon 01 Jan 2024 02:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207990
IP address blocks: 45.9.48.0/22 maxlen: 32
185.246.172.0/22 maxlen: 32
46.232.208.0/23 maxlen: 32
45.67.132.0/22 maxlen: 32
2a09:77c0::/30 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/90e70f-85dc-44a9-bb23-27f2bc162a07/1/34-WHG77t_nOdCF7HV27VOmBxvI.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/90e70f-85dc-44a9-bb23-27f2bc162a07/1/34-WHG77t_nOdCF7HV27VOmBxvI.mft
rsync://rpki.ripe.net/repository/DEFAULT/34-WHG77t_nOdCF7HV27VOmBxvI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:46:eb:f9:8f:a4:46:37:f3:a5:87:84:78:bb:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df8f961c6efbb7f9ce74217b1d5dbb54e981c6f2
Validity
Not Before: Jan 1 02:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ba6677b25dc981b92b8382a4122dca40a5b770b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:33:d9:db:29:c5:c0:f8:b8:20:b3:5c:d8:c0:
2c:37:0b:96:ea:38:a3:a2:06:4b:0c:a9:83:c1:8b:
e7:29:3c:2a:67:ee:f7:93:c3:0e:72:6b:45:90:f4:
4e:ba:44:d2:b1:56:73:c7:d8:13:bc:de:22:11:5d:
c1:6b:b8:f7:56:95:7f:46:34:e8:b2:33:17:73:86:
51:61:62:2b:5c:14:b6:2a:a9:1a:86:0c:4d:bd:05:
a4:08:47:ad:ee:06:10:8e:aa:33:18:c2:05:02:83:
6f:6a:e8:a5:c8:8b:f8:40:51:f9:e7:62:bf:8f:ff:
f1:3f:a6:f9:8f:44:58:eb:99:ef:e2:06:b0:af:40:
f4:e7:f1:0c:47:93:ee:31:5f:58:be:21:e9:b0:30:
e1:7e:f0:ce:b1:42:6b:1b:ed:35:75:4a:ac:da:80:
4b:30:72:0e:0e:ab:7c:48:92:59:3c:82:48:58:6f:
24:33:0a:0e:8b:f6:b2:78:0f:5b:b7:8f:94:e5:1f:
e9:e7:2c:33:99:fb:98:88:12:71:37:e7:5e:e1:a5:
19:74:b0:d1:31:db:0e:a6:b4:58:2a:4e:9b:bd:38:
01:bc:d7:cd:e3:f6:77:21:28:d7:4d:74:c1:ef:65:
9b:ba:9f:b7:95:bd:82:fd:7b:72:16:1e:56:ad:24:
92:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:A6:67:7B:25:DC:98:1B:92:B8:38:2A:41:22:DC:A4:0A:5B:77:0B
X509v3 Authority Key Identifier:
keyid:DF:8F:96:1C:6E:FB:B7:F9:CE:74:21:7B:1D:5D:BB:54:E9:81:C6:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/34-WHG77t_nOdCF7HV27VOmBxvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/90e70f-85dc-44a9-bb23-27f2bc162a07/1/O6ZneyXcmBuSuDgqQSLcpApbdws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/90e70f-85dc-44a9-bb23-27f2bc162a07/1/34-WHG77t_nOdCF7HV27VOmBxvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.48.0/22
45.67.132.0/22
46.232.208.0/23
185.246.172.0/22
IPv6:
2a09:77c0::/30
Signature Algorithm: sha256WithRSAEncryption
cf:9c:dc:44:97:26:db:89:9e:1c:06:0b:60:8c:a2:c5:9c:0a:
6c:f1:fd:9e:69:65:f7:a8:f0:01:40:7f:01:cb:1e:b6:ef:88:
19:51:02:46:d6:63:70:d0:f4:74:f0:27:03:73:9e:da:eb:57:
9e:77:0f:46:0b:c9:ad:94:08:05:a8:29:6d:c1:a5:3e:5e:8c:
2a:d5:e1:8d:c8:4c:b3:05:c8:34:25:57:35:04:38:a0:03:9e:
ae:4f:07:39:d6:80:42:36:46:c4:f4:dc:cc:e9:55:f9:1f:56:
3f:43:be:65:05:ad:37:a9:1a:c6:87:6f:1c:bb:29:f7:33:21:
dc:9f:fe:b1:18:c3:0a:30:77:bf:0e:05:51:80:28:43:a8:22:
7c:2e:05:1e:45:ad:cc:7b:62:20:e9:de:bb:55:05:d3:ce:10:
bf:1a:3c:8c:2c:ed:97:03:3b:a3:24:12:a2:6d:d2:70:fe:14:
7d:0a:e2:c2:1a:7f:d6:0e:82:18:c0:b9:a2:16:5c:bd:bb:0f:
79:92:08:a6:44:dd:8f:61:f3:88:42:a7:88:c5:d3:9f:49:b8:
bc:0e:fa:b5:2e:2e:9c:6e:cf:b7:6a:8f:06:71:05:15:84:2b:
51:b2:2e:d7:b8:90:3c:fb:94:9f:81:92:d9:87:09:6d:23:ed:
f6:dc:1d:05
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzC20br+Y+kRjfzpYeEeLsDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmOGY5NjFjNmVmYmI3ZjljZTc0MjE3YjFkNWRiYjU0ZTk4
MWM2ZjIwHhcNMjQwMTAxMDIyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmE2Njc3YjI1ZGM5ODFiOTJiODM4MmE0MTIyZGNhNDBhNWI3NzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzPZ2ynFwPi4ILNc2MAsNwuW6jij
ogZLDKmDwYvnKTwqZ+73k8MOcmtFkPROukTSsVZzx9gTvN4iEV3Ba7j3VpV/RjTo
sjMXc4ZRYWIrXBS2KqkahgxNvQWkCEet7gYQjqozGMIFAoNvauilyIv4QFH552K/
j//xP6b5j0RY65nv4gawr0D05/EMR5PuMV9YviHpsDDhfvDOsUJrG+01dUqs2oBL
MHIODqt8SJJZPIJIWG8kMwoOi/ayeA9bt4+U5R/p5ywzmfuYiBJxN+de4aUZdLDR
MdsOprRYKk6bvTgBvNfN4/Z3ISjXTXTB72Wbup+3lb2C/XtyFh5WrSSSTwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDumZ3sl3Jgbkrg4KkEi3KQKW3cLMB8GA1UdIwQY
MBaAFN+Plhxu+7f5znQhex1du1TpgcbyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzQtV0hHNzd0X25PZENGN0hWMjdWT21CeHZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi85MGU3MGYtODVkYy00NGE5LWJiMjMt
MjdmMmJjMTYyYTA3LzEvTzZabmV5WGNtQnVTdURncVFTTGNwQXBiZHdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi85MGU3MGYtODVkYy00NGE5LWJiMjMtMjdmMmJjMTYyYTA3
LzEvMzQtV0hHNzd0X25PZENGN0hWMjdWT21CeHZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLQkwAwQC
LUOEAwQBLujQAwQCufasMA0EAgACMAcDBQIqCXfAMA0GCSqGSIb3DQEBCwUAA4IB
AQDPnNxElybbiZ4cBgtgjKLFnAps8f2eaWX3qPABQH8Byx6274gZUQJG1mNw0PR0
8CcDc57a61eedw9GC8mtlAgFqCltwaU+Xowq1eGNyEyzBcg0JVc1BDigA56uTwc5
1oBCNkbE9NzM6VX5H1Y/Q75lBa03qRrGh28cuyn3MyHcn/6xGMMKMHe/DgVRgChD
qCJ8LgUeRa3Me2Ig6d67VQXTzhC/GjyMLO2XAzujJBKibdJw/hR9CuLCGn/WDoIY
wLmiFly9uw95kgimRN2PYfOIQqeIxdOfSbi8Dvq1Li6cbs+3ao8GcQUVhCtRsi7X
uJA8+5SfgZLZhwltI+323B0F
-----END CERTIFICATE-----
Generated at Fri Jun 21 17:35:52 2024 by rpki-client on console-ams.rpki-client.org