Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/fc8037-2b7c-41fc-9dbf-93d1fb72d383/1/6cRX37mnm-s0Fp769DOhOHSRAlM.roa
File: 6cRX37mnm-s0Fp769DOhOHSRAlM.roa (raw, json)
Hash identifier: LTuQ8o2gxEdz7uV79RfnryAT+C9wx80s/zKDpZlR93k=
Subject key identifier: E9:C4:57:DF:B9:A7:9B:EB:34:16:9E:FA:F4:33:A1:38:74:91:02:53
Certificate issuer: /CN=ea22f4fb955d79f093d7e87b182c3440ac4be06c
Certificate serial: 018CC4938D87BE32DB63579CDA22F1A04D63
Authority key identifier: EA:22:F4:FB:95:5D:79:F0:93:D7:E8:7B:18:2C:34:40:AC:4B:E0:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6iL0-5VdefCT1-h7GCw0QKxL4Gw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/fc8037-2b7c-41fc-9dbf-93d1fb72d383/1/6cRX37mnm-s0Fp769DOhOHSRAlM.roa
Signing time: Mon 01 Jan 2024 10:30:53 +0000
ROA not before: Mon 01 Jan 2024 10:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48526
IP address blocks: 94.252.0.0/17 maxlen: 24
185.3.44.0/22 maxlen: 24
185.40.60.0/22 maxlen: 24
212.66.64.0/19 maxlen: 24
31.204.88.0/21 maxlen: 24
2a04:81c0::/29 maxlen: 48
2a00:4180::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/fc8037-2b7c-41fc-9dbf-93d1fb72d383/1/6iL0-5VdefCT1-h7GCw0QKxL4Gw.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/fc8037-2b7c-41fc-9dbf-93d1fb72d383/1/6iL0-5VdefCT1-h7GCw0QKxL4Gw.mft
rsync://rpki.ripe.net/repository/DEFAULT/6iL0-5VdefCT1-h7GCw0QKxL4Gw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:8d:87:be:32:db:63:57:9c:da:22:f1:a0:4d:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea22f4fb955d79f093d7e87b182c3440ac4be06c
Validity
Not Before: Jan 1 10:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e9c457dfb9a79beb34169efaf433a13874910253
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:49:0c:77:74:bd:aa:81:01:38:81:af:41:a2:
44:9a:21:b7:df:40:3b:62:2f:15:27:9d:97:ae:45:
73:34:a3:be:28:f9:28:61:41:11:97:8b:5f:9c:17:
11:df:e6:ba:d1:78:c8:19:b5:89:46:e7:10:a9:f7:
0e:4c:c4:a2:ab:a3:fe:cd:47:07:0f:89:30:ec:a7:
70:eb:5f:05:69:68:b6:d0:88:d5:f8:a5:f8:e4:6b:
f3:2e:d3:b5:1d:6b:21:bd:74:e7:92:aa:d2:67:b5:
f6:18:c5:71:00:1b:ab:c3:9c:1e:81:d1:96:ed:0a:
4e:9f:1f:d5:82:7f:4b:15:83:c6:f7:38:96:cf:56:
2d:9e:15:f5:f5:10:b0:0b:18:a8:a0:07:d8:48:f9:
08:4f:33:c5:72:4d:e4:03:69:30:6d:ba:13:45:07:
1e:06:f1:b3:eb:63:d1:74:41:87:d0:a2:86:df:4f:
9e:a9:f3:a4:c5:83:e9:23:af:60:40:29:ca:7d:e3:
df:13:dc:d4:32:36:b4:3d:c5:b6:0e:54:b0:8f:06:
3e:4b:e5:21:0c:50:62:7e:2c:49:79:a9:f9:f9:55:
3e:77:ef:e8:d1:a5:a5:35:9c:e4:91:26:f4:d2:ba:
5f:11:e7:13:cb:07:4a:ee:11:51:df:c8:8a:92:bc:
96:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:C4:57:DF:B9:A7:9B:EB:34:16:9E:FA:F4:33:A1:38:74:91:02:53
X509v3 Authority Key Identifier:
keyid:EA:22:F4:FB:95:5D:79:F0:93:D7:E8:7B:18:2C:34:40:AC:4B:E0:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6iL0-5VdefCT1-h7GCw0QKxL4Gw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/fc8037-2b7c-41fc-9dbf-93d1fb72d383/1/6cRX37mnm-s0Fp769DOhOHSRAlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/fc8037-2b7c-41fc-9dbf-93d1fb72d383/1/6iL0-5VdefCT1-h7GCw0QKxL4Gw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.204.88.0/21
94.252.0.0/17
185.3.44.0/22
185.40.60.0/22
212.66.64.0/19
IPv6:
2a00:4180::/32
2a04:81c0::/29
Signature Algorithm: sha256WithRSAEncryption
99:9b:a2:4e:62:87:bd:bc:ca:63:fd:6c:44:f1:a3:76:a3:3a:
3f:1c:e6:92:82:bc:e7:6f:0c:12:6d:4f:99:b7:08:32:b6:95:
0c:43:ef:e5:dd:1b:1a:a6:ef:d0:69:49:da:a4:ca:22:48:48:
54:85:d0:5f:6a:31:4d:50:9c:1f:80:ab:f0:68:3a:ce:de:e9:
f5:a8:a4:77:76:b6:48:ab:4c:5a:c2:80:44:47:bb:70:58:22:
20:78:33:2e:b0:6b:e9:c0:66:2a:1e:61:b6:a0:22:c3:c9:d6:
ba:aa:de:9a:ee:bb:1d:2f:f2:8d:77:92:fd:67:26:81:ab:ba:
32:c2:98:6f:b1:06:cc:ee:ee:64:a5:26:ec:fc:50:94:66:3f:
86:c5:a0:8f:0a:f8:8a:2e:5c:86:76:e9:8a:93:48:7e:73:c6:
df:ca:9c:7c:92:7f:d0:43:fd:f4:5e:07:f8:64:d8:df:60:9a:
6e:c3:ab:91:17:2a:9b:be:b3:fa:e5:b5:aa:b0:3d:cc:cf:ae:
ca:17:22:66:8d:91:ee:56:da:28:66:de:ef:bf:60:ac:aa:fe:
62:0b:64:3e:1d:1f:55:30:23:ee:38:ef:8f:bc:c3:3a:06:8b:
df:3c:d5:65:fa:45:2a:bb:91:8b:9e:ae:46:19:a7:54:0b:8c:
8d:46:17:61
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYzEk42HvjLbY1ec2iLxoE1jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhMjJmNGZiOTU1ZDc5ZjA5M2Q3ZTg3YjE4MmMzNDQwYWM0
YmUwNmMwHhcNMjQwMTAxMTAzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWM0NTdkZmI5YTc5YmViMzQxNjllZmFmNDMzYTEzODc0OTEwMjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukkMd3S9qoEBOIGvQaJEmiG330A7
Yi8VJ52XrkVzNKO+KPkoYUERl4tfnBcR3+a60XjIGbWJRucQqfcOTMSiq6P+zUcH
D4kw7Kdw618FaWi20IjV+KX45GvzLtO1HWshvXTnkqrSZ7X2GMVxABurw5wegdGW
7QpOnx/Vgn9LFYPG9ziWz1YtnhX19RCwCxiooAfYSPkITzPFck3kA2kwbboTRQce
BvGz62PRdEGH0KKG30+eqfOkxYPpI69gQCnKfePfE9zUMja0PcW2DlSwjwY+S+Uh
DFBifixJean5+VU+d+/o0aWlNZzkkSb00rpfEecTywdK7hFR38iKkryWiwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFOnEV9+5p5vrNBae+vQzoTh0kQJTMB8GA1UdIwQY
MBaAFOoi9PuVXXnwk9foexgsNECsS+BsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmlMMC01VmRlZkNUMS1oN0dDdzBRS3hMNEd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9mYzgwMzctMmI3Yy00MWZjLTlkYmYt
OTNkMWZiNzJkMzgzLzEvNmNSWDM3bW5tLXMwRnA3NjlET2hPSFNSQWxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9mYzgwMzctMmI3Yy00MWZjLTlkYmYtOTNkMWZiNzJkMzgz
LzEvNmlMMC01VmRlZkNUMS1oN0dDdzBRS3hMNEd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQDH8xYAwQH
XvwAAwQCuQMsAwQCuSg8AwQF1EJAMBQEAgACMA4DBQAqAEGAAwUDKgSBwDANBgkq
hkiG9w0BAQsFAAOCAQEAmZuiTmKHvbzKY/1sRPGjdqM6PxzmkoK8528MEm1PmbcI
MraVDEPv5d0bGqbv0GlJ2qTKIkhIVIXQX2oxTVCcH4Cr8Gg6zt7p9aikd3a2SKtM
WsKAREe7cFgiIHgzLrBr6cBmKh5htqAiw8nWuqremu67HS/yjXeS/Wcmgau6MsKY
b7EGzO7uZKUm7PxQlGY/hsWgjwr4ii5chnbpipNIfnPG38qcfJJ/0EP99F4H+GTY
32CabsOrkRcqm76z+uW1qrA9zM+uyhciZo2R7lbaKGbe779grKr+YgtkPh0fVTAj
7jjvj7zDOgaL3zzVZfpFKruRi56uRhmnVAuMjUYXYQ==
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:12:39 2024 by rpki-client on console-ams.rpki-client.org