Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/7da3a9-34df-48f8-8a1b-079e111edbf9/1/K6GVOeh6cwymvbmMoEZGHUldvsY.roa
File: K6GVOeh6cwymvbmMoEZGHUldvsY.roa (raw, json)
Hash identifier: X8VvZaOITYD9w9+Dh/bMwB7ttrrdpJ8yduuP1jV0tg4=
Subject key identifier: 2B:A1:95:39:E8:7A:73:0C:A6:BD:B9:8C:A0:46:46:1D:49:5D:BE:C6
Certificate issuer: /CN=8838e856b2272df174ba5a40a8fc7d5d3031caca
Certificate serial: 018CCA2A8C20F92F80462B0D56BBB5A96200
Authority key identifier: 88:38:E8:56:B2:27:2D:F1:74:BA:5A:40:A8:FC:7D:5D:30:31:CA:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iDjoVrInLfF0ulpAqPx9XTAxyso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/7da3a9-34df-48f8-8a1b-079e111edbf9/1/K6GVOeh6cwymvbmMoEZGHUldvsY.roa
Signing time: Tue 02 Jan 2024 12:33:55 +0000
ROA not before: Tue 02 Jan 2024 12:33:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210745
IP address blocks: 188.93.114.0/24 maxlen: 24
2a11:10c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/7da3a9-34df-48f8-8a1b-079e111edbf9/1/iDjoVrInLfF0ulpAqPx9XTAxyso.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/7da3a9-34df-48f8-8a1b-079e111edbf9/1/iDjoVrInLfF0ulpAqPx9XTAxyso.mft
rsync://rpki.ripe.net/repository/DEFAULT/iDjoVrInLfF0ulpAqPx9XTAxyso.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 28 Jun 2024 11:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:8c:20:f9:2f:80:46:2b:0d:56:bb:b5:a9:62:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8838e856b2272df174ba5a40a8fc7d5d3031caca
Validity
Not Before: Jan 2 12:33:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ba19539e87a730ca6bdb98ca046461d495dbec6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c5:00:46:40:df:9a:ef:b0:55:03:e1:32:01:
40:fe:66:d6:42:06:30:c1:fc:59:61:a2:4f:0f:31:
1f:fc:33:2b:16:c5:1b:f3:a2:f3:d4:7b:be:14:73:
6e:35:90:aa:f6:ee:0a:8b:b1:38:b0:19:02:27:2b:
40:5b:ca:2a:ac:b3:40:b5:e6:ff:59:77:71:53:6e:
12:28:01:4f:6a:cf:56:a9:a0:d5:8d:33:08:00:11:
63:43:51:34:35:1c:e4:9c:94:c3:14:99:c8:de:a0:
f3:5d:63:9b:e4:c7:03:22:e3:b7:ed:6b:31:ed:df:
08:65:f4:54:63:ca:50:19:2c:b0:2f:bc:86:15:f4:
e9:77:cd:07:6b:63:9f:1d:e2:4e:e8:9e:a4:94:43:
c7:5a:a2:98:57:fc:05:a8:b9:12:d9:61:77:a5:e0:
5c:cd:75:0b:ef:c7:2a:15:83:b5:94:73:7b:1d:9e:
69:12:91:22:3d:cb:40:74:48:99:bf:0b:18:0d:2f:
b4:0b:bd:05:9e:1e:71:74:93:80:ea:73:c1:20:dd:
35:ae:66:88:db:46:a5:5f:27:b6:83:6e:7a:b2:ca:
14:83:d5:3b:f0:46:88:64:17:bb:be:84:1d:50:c6:
2a:bd:44:a9:08:b2:3e:2a:f6:c3:76:3f:02:0b:0c:
a8:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:A1:95:39:E8:7A:73:0C:A6:BD:B9:8C:A0:46:46:1D:49:5D:BE:C6
X509v3 Authority Key Identifier:
keyid:88:38:E8:56:B2:27:2D:F1:74:BA:5A:40:A8:FC:7D:5D:30:31:CA:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iDjoVrInLfF0ulpAqPx9XTAxyso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/7da3a9-34df-48f8-8a1b-079e111edbf9/1/K6GVOeh6cwymvbmMoEZGHUldvsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/7da3a9-34df-48f8-8a1b-079e111edbf9/1/iDjoVrInLfF0ulpAqPx9XTAxyso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.93.114.0/24
IPv6:
2a11:10c0::/29
Signature Algorithm: sha256WithRSAEncryption
0d:75:7d:f4:a5:8f:eb:fb:34:48:d6:76:e9:56:f7:81:16:60:
66:0d:4d:b5:cd:7c:8b:5a:8f:0a:01:11:66:60:ef:7a:5b:52:
c4:93:1f:cf:30:02:23:ee:cb:0f:90:40:62:a5:a0:cf:74:41:
6d:59:09:3c:b4:16:49:e3:cd:3a:2e:e6:f7:3f:86:61:a0:1f:
ce:ae:08:4e:db:ee:ca:a6:ae:f0:d1:85:f5:52:c5:b7:c8:6e:
99:85:bb:b2:bb:05:35:3b:4e:a5:4f:2e:aa:e9:16:84:91:e3:
e7:e3:18:af:cd:29:d1:97:d7:b3:b0:69:73:e2:29:5c:cd:3f:
fb:e2:39:e5:e5:04:38:5f:2c:d2:b7:e1:96:21:b4:d2:9e:f1:
2b:73:18:f7:aa:f8:c5:a7:27:27:76:86:99:8c:9a:ea:0b:3b:
08:11:95:c7:cb:fc:3e:65:8f:dd:b6:42:f3:5d:ba:d2:61:13:
86:8a:e9:ec:49:c9:57:b3:54:4d:51:ca:58:22:83:d9:da:82:
21:ff:be:f2:53:98:60:7b:5d:b0:3d:6a:4c:06:7a:a0:fd:6b:
d4:09:7e:19:3d:da:f4:32:31:c2:8f:fb:50:80:0c:bd:9a:5e:
b8:e9:f3:e8:11:c3:a6:14:b2:f2:84:9e:ea:4a:96:f5:38:9f:
03:ca:43:d1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKKowg+S+ARisNVru1qWIAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MzhlODU2YjIyNzJkZjE3NGJhNWE0MGE4ZmM3ZDVkMzAz
MWNhY2EwHhcNMjQwMTAyMTIzMzU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmExOTUzOWU4N2E3MzBjYTZiZGI5OGNhMDQ2NDYxZDQ5NWRiZWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsUARkDfmu+wVQPhMgFA/mbWQgYw
wfxZYaJPDzEf/DMrFsUb86Lz1Hu+FHNuNZCq9u4Ki7E4sBkCJytAW8oqrLNAteb/
WXdxU24SKAFPas9WqaDVjTMIABFjQ1E0NRzknJTDFJnI3qDzXWOb5McDIuO37Wsx
7d8IZfRUY8pQGSywL7yGFfTpd80Ha2OfHeJO6J6klEPHWqKYV/wFqLkS2WF3peBc
zXUL78cqFYO1lHN7HZ5pEpEiPctAdEiZvwsYDS+0C70Fnh5xdJOA6nPBIN01rmaI
20alXye2g256ssoUg9U78EaIZBe7voQdUMYqvUSpCLI+KvbDdj8CCwyokQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCuhlTnoenMMpr25jKBGRh1JXb7GMB8GA1UdIwQY
MBaAFIg46FayJy3xdLpaQKj8fV0wMcrKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaURqb1ZySW5MZkYwdWxwQXFQeDlYVEF4eXNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC83ZGEzYTktMzRkZi00OGY4LThhMWIt
MDc5ZTExMWVkYmY5LzEvSzZHVk9laDZjd3ltdmJtTW9FWkdIVWxkdnNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC83ZGEzYTktMzRkZi00OGY4LThhMWItMDc5ZTExMWVkYmY5
LzEvaURqb1ZySW5MZkYwdWxwQXFQeDlYVEF4eXNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAvF1yMA0E
AgACMAcDBQMqERDAMA0GCSqGSIb3DQEBCwUAA4IBAQANdX30pY/r+zRI1nbpVveB
FmBmDU21zXyLWo8KARFmYO96W1LEkx/PMAIj7ssPkEBipaDPdEFtWQk8tBZJ4806
Lub3P4ZhoB/OrghO2+7Kpq7w0YX1UsW3yG6ZhbuyuwU1O06lTy6q6RaEkePn4xiv
zSnRl9ezsGlz4ilczT/74jnl5QQ4XyzSt+GWIbTSnvErcxj3qvjFpycndoaZjJrq
CzsIEZXHy/w+ZY/dtkLzXbrSYROGiunsSclXs1RNUcpYIoPZ2oIh/77yU5hge12w
PWpMBnqg/WvUCX4ZPdr0MjHCj/tQgAy9ml646fPoEcOmFLLyhJ7qSpb1OJ8DykPR
-----END CERTIFICATE-----
Generated at Thu Jun 27 15:20:31 2024 by rpki-client on console-fra.rpki-client.org