Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/a8fe5b-6ace-4236-8a90-e0f5d86e37a3/1/6jQ3xTr0DIH9j5gjCwFzp6Mvd2I.roa
File: 6jQ3xTr0DIH9j5gjCwFzp6Mvd2I.roa (raw, json)
Hash identifier: ncr2QxgHYD4NU6BEHv1sH7MKgOyN/gtD0TuynRqqXm0=
Subject key identifier: EA:34:37:C5:3A:F4:0C:81:FD:8F:98:23:0B:01:73:A7:A3:2F:77:62
Certificate issuer: /CN=938ee951cdabc3ce805ec8df0bf3403bdfa9c657
Certificate serial: 018CC2DAB997C74004231FEDF22BCE242C46
Authority key identifier: 93:8E:E9:51:CD:AB:C3:CE:80:5E:C8:DF:0B:F3:40:3B:DF:A9:C6:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k47pUc2rw86AXsjfC_NAO9-pxlc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/a8fe5b-6ace-4236-8a90-e0f5d86e37a3/1/6jQ3xTr0DIH9j5gjCwFzp6Mvd2I.roa
Signing time: Mon 01 Jan 2024 02:29:23 +0000
ROA not before: Mon 01 Jan 2024 02:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208206
IP address blocks: 45.154.20.0/22 maxlen: 24
185.181.12.0/22 maxlen: 24
2a0f:9f00::/29 maxlen: 48
2a0a:bb80::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/a8fe5b-6ace-4236-8a90-e0f5d86e37a3/1/k47pUc2rw86AXsjfC_NAO9-pxlc.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/a8fe5b-6ace-4236-8a90-e0f5d86e37a3/1/k47pUc2rw86AXsjfC_NAO9-pxlc.mft
rsync://rpki.ripe.net/repository/DEFAULT/k47pUc2rw86AXsjfC_NAO9-pxlc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 00:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:b9:97:c7:40:04:23:1f:ed:f2:2b:ce:24:2c:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=938ee951cdabc3ce805ec8df0bf3403bdfa9c657
Validity
Not Before: Jan 1 02:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea3437c53af40c81fd8f98230b0173a7a32f7762
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d9:a9:bb:5a:eb:8f:6e:6e:e5:20:68:d5:b7:
08:41:29:d1:b8:cf:ee:64:2f:6d:70:85:0a:bf:c6:
4d:5f:55:0b:c7:4e:2c:1b:f9:95:49:98:c5:71:46:
c5:64:c7:36:8d:4a:82:b3:03:05:c7:54:dd:2c:6a:
78:4e:18:47:ad:6b:bc:d4:0c:3e:94:49:3f:1b:f0:
54:50:d2:3d:e0:d7:95:c7:f9:75:a6:b3:9b:94:e2:
d7:56:19:8c:0e:55:39:fd:46:50:c3:09:76:38:5e:
2d:55:52:26:17:84:18:0c:39:e2:e9:5a:c1:74:53:
d7:fd:b9:67:9a:fe:6f:9f:9b:a0:99:bb:1e:65:7d:
e3:f6:1a:72:c4:c5:8c:5c:b3:2b:3d:ad:f9:f3:ac:
0a:3c:9a:91:3e:57:0d:b4:e1:2d:58:6d:e3:9f:3e:
35:06:b7:2c:02:34:fe:42:0c:cb:7c:ac:18:39:40:
3a:fb:09:65:80:d1:c8:11:31:21:31:0a:09:c7:95:
87:5f:5f:75:0e:b2:78:e6:c0:a9:1b:ab:c4:e3:89:
d1:65:5e:22:0e:22:e0:53:c1:79:3f:d7:98:d0:9d:
81:11:82:b5:f6:0f:73:c9:ab:7e:69:73:5a:4f:c3:
14:bc:6c:d0:5c:76:56:6e:d9:0d:43:6a:c0:0c:b0:
9d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:34:37:C5:3A:F4:0C:81:FD:8F:98:23:0B:01:73:A7:A3:2F:77:62
X509v3 Authority Key Identifier:
keyid:93:8E:E9:51:CD:AB:C3:CE:80:5E:C8:DF:0B:F3:40:3B:DF:A9:C6:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k47pUc2rw86AXsjfC_NAO9-pxlc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/a8fe5b-6ace-4236-8a90-e0f5d86e37a3/1/6jQ3xTr0DIH9j5gjCwFzp6Mvd2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/a8fe5b-6ace-4236-8a90-e0f5d86e37a3/1/k47pUc2rw86AXsjfC_NAO9-pxlc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.20.0/22
185.181.12.0/22
IPv6:
2a0a:bb80::/29
2a0f:9f00::/29
Signature Algorithm: sha256WithRSAEncryption
04:56:fc:83:cd:4f:4b:1b:53:cd:fe:2c:93:26:a0:cc:9f:6a:
08:16:f2:ea:dc:1e:45:d5:d4:d2:80:3c:f3:8a:2c:69:89:86:
28:58:a7:5d:fa:e9:d4:af:85:38:45:5a:aa:f9:66:f2:76:b0:
26:4b:82:7a:b4:4d:81:43:84:3d:9b:33:56:1c:28:b5:eb:b1:
b9:b6:e2:a4:69:db:4b:a9:ca:e4:80:18:ec:8b:91:32:6b:ac:
8d:59:77:50:e8:27:e7:7a:d2:e2:c2:b1:6d:6b:c9:9d:4a:33:
4a:36:d2:3d:54:9e:5a:42:b5:bd:5f:28:43:5f:48:01:03:ed:
af:40:03:26:1b:a7:a9:18:fa:52:1d:f3:8d:c9:2d:32:5d:2e:
d0:02:02:9b:32:78:8f:f7:ac:71:d6:fb:7b:0c:a6:8c:ad:29:
19:7b:9c:56:50:32:07:e0:1e:f7:c0:f9:23:08:5b:64:22:c3:
7e:34:2a:53:d9:13:63:d6:2d:a4:30:54:d9:8e:89:12:e4:be:
50:32:e0:6e:93:b8:4b:1b:ac:8e:63:99:5a:48:1e:66:7d:bf:
0d:f6:9d:a1:2f:19:0d:d4:0e:7b:5e:94:df:77:69:e4:2b:a7:
17:16:7e:47:c6:d9:85:9c:9d:71:7d:bf:79:3e:08:64:ab:d5:
ce:d3:a0:73
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzC2rmXx0AEIx/t8ivOJCxGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzOGVlOTUxY2RhYmMzY2U4MDVlYzhkZjBiZjM0MDNiZGZh
OWM2NTcwHhcNMjQwMTAxMDIyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTM0MzdjNTNhZjQwYzgxZmQ4Zjk4MjMwYjAxNzNhN2EzMmY3NzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9mpu1rrj25u5SBo1bcIQSnRuM/u
ZC9tcIUKv8ZNX1ULx04sG/mVSZjFcUbFZMc2jUqCswMFx1TdLGp4ThhHrWu81Aw+
lEk/G/BUUNI94NeVx/l1prOblOLXVhmMDlU5/UZQwwl2OF4tVVImF4QYDDni6VrB
dFPX/blnmv5vn5ugmbseZX3j9hpyxMWMXLMrPa3586wKPJqRPlcNtOEtWG3jnz41
BrcsAjT+QgzLfKwYOUA6+wllgNHIETEhMQoJx5WHX191DrJ45sCpG6vE44nRZV4i
DiLgU8F5P9eY0J2BEYK19g9zyat+aXNaT8MUvGzQXHZWbtkNQ2rADLCdIQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFOo0N8U69AyB/Y+YIwsBc6ejL3diMB8GA1UdIwQY
MBaAFJOO6VHNq8POgF7I3wvzQDvfqcZXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazQ3cFVjMnJ3ODZBWHNqZkNfTkFPOS1weGxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9hOGZlNWItNmFjZS00MjM2LThhOTAt
ZTBmNWQ4NmUzN2EzLzEvNmpRM3hUcjBESUg5ajVnakN3RnpwNk12ZDJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9hOGZlNWItNmFjZS00MjM2LThhOTAtZTBmNWQ4NmUzN2Ez
LzEvazQ3cFVjMnJ3ODZBWHNqZkNfTkFPOS1weGxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCLZoUAwQC
ubUMMBQEAgACMA4DBQMqCruAAwUDKg+fADANBgkqhkiG9w0BAQsFAAOCAQEABFb8
g81PSxtTzf4skyagzJ9qCBby6tweRdXU0oA884osaYmGKFinXfrp1K+FOEVaqvlm
8nawJkuCerRNgUOEPZszVhwoteuxubbipGnbS6nK5IAY7IuRMmusjVl3UOgn53rS
4sKxbWvJnUozSjbSPVSeWkK1vV8oQ19IAQPtr0ADJhunqRj6Uh3zjcktMl0u0AIC
mzJ4j/escdb7ewymjK0pGXucVlAyB+Ae98D5IwhbZCLDfjQqU9kTY9YtpDBU2Y6J
EuS+UDLgbpO4SxusjmOZWkgeZn2/DfadoS8ZDdQOe16U33dp5CunFxZ+R8bZhZyd
cX2/eT4IZKvVztOgcw==
-----END CERTIFICATE-----
Generated at Mon Jun 24 10:25:36 2024 by rpki-client on console-fra.rpki-client.org