Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/6hkC91mOvee4GSSWoK8_olC1UfE.roa
File: 6hkC91mOvee4GSSWoK8_olC1UfE.roa (raw, json)
Hash identifier: Sdl4emGw6mdZTpBE+0vAGbIL3N4R4cT1GpACXVdkjKw=
Subject key identifier: EA:19:02:F7:59:8E:BD:E7:B8:19:24:96:A0:AF:3F:A2:50:B5:51:F1
Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial: 018CC424549AE914C70D03118A323F892D43
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/6hkC91mOvee4GSSWoK8_olC1UfE.roa
Signing time: Mon 01 Jan 2024 08:29:24 +0000
ROA not before: Mon 01 Jan 2024 08:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42065
IP address blocks: 91.108.0.0/22 maxlen: 24
91.108.24.0/21 maxlen: 24
91.108.32.0/23 maxlen: 24
94.124.178.0/23 maxlen: 24
94.124.176.0/22 maxlen: 23
185.51.60.0/22 maxlen: 24
91.108.52.0/24 maxlen: 24
95.161.88.0/22 maxlen: 24
95.161.96.0/23 maxlen: 24
95.161.102.0/23 maxlen: 24
95.161.104.0/23 maxlen: 24
95.140.92.0/24 maxlen: 24
95.140.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:01:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:54:9a:e9:14:c7:0d:03:11:8a:32:3f:89:2d:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Validity
Not Before: Jan 1 08:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea1902f7598ebde7b8192496a0af3fa250b551f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ae:28:f0:db:df:9d:d3:29:5c:41:0d:36:21:
cc:76:c7:06:6c:cf:33:8a:2e:5b:cf:4e:3c:cd:94:
b2:96:60:5e:8f:c4:1c:e3:fd:63:b8:04:81:ae:51:
5b:d8:cf:81:62:72:a1:35:c8:fb:bb:fd:53:2b:14:
a8:64:79:1a:a4:bf:64:b3:5e:fa:d8:53:b3:ae:73:
a0:61:2b:ca:d3:55:ac:29:68:85:12:a8:6c:3d:a2:
49:f1:ed:d1:ff:21:29:fb:59:02:17:60:3b:4d:02:
22:27:15:9f:16:a8:c3:11:f3:b9:b4:b6:fb:24:fb:
c0:71:8e:f1:c8:4b:3d:d1:44:eb:a2:8e:53:7b:07:
bd:8c:e0:22:63:4e:de:f8:c2:e9:96:d7:71:94:65:
a8:f7:a1:e9:cd:2f:aa:18:c9:d4:f5:d1:62:77:99:
fc:0f:89:6c:97:f1:46:b6:78:03:69:80:f7:7b:b1:
2d:86:df:2e:87:7c:4f:61:25:b5:11:18:2c:38:88:
5e:71:f2:05:98:5f:8a:74:87:a5:50:13:3c:c5:eb:
f3:c8:06:72:7d:51:ff:7b:6a:9a:5a:11:7b:80:3b:
c3:46:79:69:6d:3b:98:1b:be:4b:fc:c3:10:08:da:
fa:45:af:ff:c7:eb:35:84:29:d7:e7:e9:75:d6:ef:
da:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:19:02:F7:59:8E:BD:E7:B8:19:24:96:A0:AF:3F:A2:50:B5:51:F1
X509v3 Authority Key Identifier:
keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/6hkC91mOvee4GSSWoK8_olC1UfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.0.0/22
91.108.24.0-91.108.33.255
91.108.52.0/24
94.124.176.0/22
95.140.92.0/24
95.140.94.0/24
95.161.88.0/22
95.161.96.0/23
95.161.102.0-95.161.105.255
185.51.60.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:df:36:b2:2d:b9:44:42:b2:c8:8b:b0:14:0d:17:b4:d6:6a:
d5:41:85:01:66:4e:3a:c4:ef:de:11:52:d9:23:87:c8:d2:6a:
dd:40:5f:89:ae:a3:c2:c9:ba:8d:f7:83:c4:59:d8:f2:09:46:
49:db:f4:bf:75:06:5a:6a:69:8e:33:ba:0d:15:57:d3:45:a8:
74:6c:0d:8f:d2:b1:85:e4:4c:9e:7d:34:a6:94:42:5a:b6:bb:
10:72:f8:9a:ba:6e:9c:7e:1f:67:bf:1d:59:e5:3b:94:e4:2c:
bc:62:47:0a:49:8a:a7:ff:00:cf:04:97:ab:5f:5c:6d:a5:59:
a0:53:dd:7d:0e:e9:09:d0:c7:ca:a0:0b:fb:f2:be:5e:fc:db:
b7:21:72:82:74:ee:bd:85:a7:88:9c:6c:39:63:83:52:08:55:
c7:bf:65:f9:51:c9:e8:d2:f0:bc:43:ab:7a:17:fd:e9:7d:c2:
9f:e9:22:42:36:31:a6:93:97:9b:03:90:11:36:af:ea:bd:67:
d5:03:c8:8b:6f:3d:9c:47:02:c7:3d:e4:d9:3a:91:35:29:69:
39:2e:c5:0b:a0:1e:82:1a:a0:55:69:68:5c:60:a5:58:66:4f:
8e:8b:62:a9:ab:33:81:42:71:da:b2:57:06:22:87:7a:6f:38:
59:bd:26:fc
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYzEJFSa6RTHDQMRijI/iS1DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx
YTUxYjgwHhcNMjQwMTAxMDgyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTE5MDJmNzU5OGViZGU3YjgxOTI0OTZhMGFmM2ZhMjUwYjU1MWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr64o8NvfndMpXEENNiHMdscGbM8z
ii5bz048zZSylmBej8Qc4/1juASBrlFb2M+BYnKhNcj7u/1TKxSoZHkapL9ks176
2FOzrnOgYSvK01WsKWiFEqhsPaJJ8e3R/yEp+1kCF2A7TQIiJxWfFqjDEfO5tLb7
JPvAcY7xyEs90UTroo5Tewe9jOAiY07e+MLpltdxlGWo96HpzS+qGMnU9dFid5n8
D4lsl/FGtngDaYD3e7Etht8uh3xPYSW1ERgsOIhecfIFmF+KdIelUBM8xevzyAZy
fVH/e2qaWhF7gDvDRnlpbTuYG75L/MMQCNr6Ra//x+s1hCnX5+l11u/aaQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFOoZAvdZjr3nuBkklqCvP6JQtVHxMB8GA1UdIwQY
MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt
NzY3NDE2NTI1MTBkLzEvNmhrQzkxbU92ZWU0R1NTV29LOF9vbEMxVWZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk
LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQCW2wAMAwD
BANbbBgDBAFbbCADBABbbDQDBAJefLADBABfjFwDBABfjF4DBAJfoVgDBAFfoWAw
DAMEAV+hZgMEAV+haAMEArkzPDANBgkqhkiG9w0BAQsFAAOCAQEADd82si25REKy
yIuwFA0XtNZq1UGFAWZOOsTv3hFS2SOHyNJq3UBfia6jwsm6jfeDxFnY8glGSdv0
v3UGWmppjjO6DRVX00WodGwNj9KxheRMnn00ppRCWra7EHL4mrpunH4fZ78dWeU7
lOQsvGJHCkmKp/8AzwSXq19cbaVZoFPdfQ7pCdDHyqAL+/K+XvzbtyFygnTuvYWn
iJxsOWODUghVx79l+VHJ6NLwvEOrehf96X3Cn+kiQjYxppOXmwOQETav6r1n1QPI
i289nEcCxz3k2TqRNSlpOS7FC6AeghqgVWloXGClWGZPjotiqaszgUJx2rJXBiKH
em84Wb0m/A==
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:02:54 2024 by rpki-client on console-ams.rpki-client.org