Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/952cd7-3297-4eaf-854f-b0afd45dcd78/1/w6A9qbdpweO7sAiBYTJB75jOoI8.roa
File: w6A9qbdpweO7sAiBYTJB75jOoI8.roa (raw, json)
Hash identifier: MjDuiO0D+Q0m7v5F2XpSzPlpNM5Ul1ravkxb9/62TLI=
Subject key identifier: C3:A0:3D:A9:B7:69:C1:E3:BB:B0:08:81:61:32:41:EF:98:CE:A0:8F
Certificate issuer: /CN=06c746cd7d4df95a6d03ca9554a754760d5e4e06
Certificate serial: 018CD3B7D049A9E1E6CB8B784902C5F80694
Authority key identifier: 06:C7:46:CD:7D:4D:F9:5A:6D:03:CA:95:54:A7:54:76:0D:5E:4E:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BsdGzX1N-VptA8qVVKdUdg1eTgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/952cd7-3297-4eaf-854f-b0afd45dcd78/1/w6A9qbdpweO7sAiBYTJB75jOoI8.roa
Signing time: Thu 04 Jan 2024 09:04:48 +0000
ROA not before: Thu 04 Jan 2024 09:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199544
IP address blocks: 185.14.243.0/24 maxlen: 24
185.14.241.0/24 maxlen: 24
91.239.255.0/24 maxlen: 24
185.14.240.0/24 maxlen: 24
2a03:7ec0:3131::/48 maxlen: 48
2a03:7ec0:2424::/48 maxlen: 48
2001:67c:3c::/48 maxlen: 48
2a03:7ec0:31ff::/48 maxlen: 48
2a03:7ec0:57f::/48 maxlen: 48
2a03:7ec0:3000::/40 maxlen: 48
2a03:7ec0:3100::/40 maxlen: 48
2a03:7ec0:3100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/952cd7-3297-4eaf-854f-b0afd45dcd78/1/BsdGzX1N-VptA8qVVKdUdg1eTgY.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/952cd7-3297-4eaf-854f-b0afd45dcd78/1/BsdGzX1N-VptA8qVVKdUdg1eTgY.mft
rsync://rpki.ripe.net/repository/DEFAULT/BsdGzX1N-VptA8qVVKdUdg1eTgY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d3:b7:d0:49:a9:e1:e6:cb:8b:78:49:02:c5:f8:06:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06c746cd7d4df95a6d03ca9554a754760d5e4e06
Validity
Not Before: Jan 4 09:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c3a03da9b769c1e3bbb00881613241ef98cea08f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:59:0b:f8:7d:1a:75:f2:3b:1e:83:07:8b:35:
40:e6:6e:1c:57:e2:1a:b2:bd:84:e5:20:42:c8:ab:
26:2b:08:89:0f:b3:8d:47:a2:ac:da:3d:04:02:e0:
fd:ce:b5:c9:21:89:7b:76:c7:f2:12:c7:0d:6a:f4:
0d:a8:01:a2:e1:f8:3b:22:1d:3a:0a:07:bb:e2:c6:
ca:00:5e:c5:75:dc:27:e8:45:81:d4:73:31:24:36:
5f:f5:6a:f6:8a:8d:c1:24:36:9a:8e:38:7b:b0:d9:
02:07:1e:25:68:5e:97:24:1e:e0:d2:f5:77:2d:5d:
39:c5:8e:ab:d6:ad:89:46:0b:16:06:63:e8:7d:1e:
cd:8f:fa:ce:df:f4:de:e0:c1:77:6d:c2:2c:15:f6:
bd:90:a1:cd:2b:17:13:21:f9:0a:bc:5d:6b:10:85:
90:5a:82:61:91:9c:4b:7a:dc:73:16:4d:cf:06:cc:
dc:6b:41:a6:c3:c2:4e:4e:1c:2f:40:06:6f:87:d1:
9a:c3:73:cd:49:b8:31:7b:34:7c:6a:c6:c3:b9:f1:
65:c2:26:af:cf:90:11:35:29:a2:77:30:ff:28:25:
b3:0c:6c:1a:e1:4e:a8:ed:08:ea:dd:cb:f1:01:4e:
9c:e9:31:48:5c:9f:23:95:92:79:b0:75:51:74:cb:
e3:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:A0:3D:A9:B7:69:C1:E3:BB:B0:08:81:61:32:41:EF:98:CE:A0:8F
X509v3 Authority Key Identifier:
keyid:06:C7:46:CD:7D:4D:F9:5A:6D:03:CA:95:54:A7:54:76:0D:5E:4E:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BsdGzX1N-VptA8qVVKdUdg1eTgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/952cd7-3297-4eaf-854f-b0afd45dcd78/1/w6A9qbdpweO7sAiBYTJB75jOoI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/952cd7-3297-4eaf-854f-b0afd45dcd78/1/BsdGzX1N-VptA8qVVKdUdg1eTgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.255.0/24
185.14.240.0/23
185.14.243.0/24
IPv6:
2001:67c:3c::/48
2a03:7ec0:57f::/48
2a03:7ec0:2424::/48
2a03:7ec0:3000::/39
Signature Algorithm: sha256WithRSAEncryption
0c:1d:e5:24:44:ac:f1:5d:a3:85:cc:83:d9:57:af:3c:7a:f6:
ce:96:d5:24:aa:5d:52:ec:3f:b5:6a:81:7d:48:3d:48:f8:a8:
32:a0:6a:b6:6a:0a:aa:e1:f8:4e:b9:ae:91:30:f9:1f:88:80:
e5:4f:93:80:5e:3e:e0:d8:bf:54:4a:2c:8b:12:c2:6c:f2:79:
59:26:a4:e4:69:b5:51:a9:42:b0:40:69:39:4d:59:ab:35:bd:
59:26:62:70:9e:06:e9:86:89:55:fc:57:1b:a9:63:d8:97:c2:
89:42:68:ce:be:fc:3f:6c:f0:64:00:b5:17:04:dd:f5:8c:3b:
26:3d:43:70:b2:be:b7:6e:04:06:29:ed:58:98:cf:71:54:fe:
72:7d:cd:18:76:45:38:a6:cc:59:70:2f:61:ab:2d:71:b3:d6:
97:6d:3f:86:45:53:db:f2:3c:da:37:84:06:f0:50:a5:ff:f3:
6b:6e:87:c9:5e:3c:9b:41:02:4c:be:f4:04:bb:24:63:07:f9:
4d:82:e8:43:9c:33:8f:00:a5:0a:73:0c:ff:82:31:2a:c4:ee:
41:f9:66:1e:d4:94:da:ec:2d:32:80:5f:25:ac:64:72:74:14:
a5:e2:c0:eb:8e:2c:07:2c:d5:fe:a2:ef:4c:4a:45:dc:04:73:
38:4b:20:88
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAYzTt9BJqeHmy4t4SQLF+AaUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2Yzc0NmNkN2Q0ZGY5NWE2ZDAzY2E5NTU0YTc1NDc2MGQ1
ZTRlMDYwHhcNMjQwMTA0MDkwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2EwM2RhOWI3NjljMWUzYmJiMDA4ODE2MTMyNDFlZjk4Y2VhMDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlkL+H0adfI7HoMHizVA5m4cV+Ia
sr2E5SBCyKsmKwiJD7ONR6Ks2j0EAuD9zrXJIYl7dsfyEscNavQNqAGi4fg7Ih06
Cge74sbKAF7Fddwn6EWB1HMxJDZf9Wr2io3BJDaajjh7sNkCBx4laF6XJB7g0vV3
LV05xY6r1q2JRgsWBmPofR7Nj/rO3/Te4MF3bcIsFfa9kKHNKxcTIfkKvF1rEIWQ
WoJhkZxLetxzFk3PBszca0Gmw8JOThwvQAZvh9Gaw3PNSbgxezR8asbDufFlwiav
z5ARNSmidzD/KCWzDGwa4U6o7Qjq3cvxAU6c6TFIXJ8jlZJ5sHVRdMvj2QIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFMOgPam3acHju7AIgWEyQe+YzqCPMB8GA1UdIwQY
MBaAFAbHRs19TflabQPKlVSnVHYNXk4GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnNkR3pYMU4tVnB0QThxVlZLZFVkZzFlVGdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi85NTJjZDctMzI5Ny00ZWFmLTg1NGYt
YjBhZmQ0NWRjZDc4LzEvdzZBOXFiZHB3ZU83c0FpQllUSkI3NWpPb0k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi85NTJjZDctMzI5Ny00ZWFmLTg1NGYtYjBhZmQ0NWRjZDc4
LzEvQnNkR3pYMU4tVnB0QThxVlZLZFVkZzFlVGdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTAYBAIAATASAwQAW+//AwQB
uQ7wAwQAuQ7zMCkEAgACMCMDBwAgAQZ8ADwDBwAqA37ABX8DBwAqA37AJCQDBgEq
A37AMDANBgkqhkiG9w0BAQsFAAOCAQEADB3lJESs8V2jhcyD2VevPHr2zpbVJKpd
Uuw/tWqBfUg9SPioMqBqtmoKquH4TrmukTD5H4iA5U+TgF4+4Ni/VEosixLCbPJ5
WSak5Gm1UalCsEBpOU1ZqzW9WSZicJ4G6YaJVfxXG6lj2JfCiUJozr78P2zwZAC1
FwTd9Yw7Jj1DcLK+t24EBintWJjPcVT+cn3NGHZFOKbMWXAvYastcbPWl20/hkVT
2/I82jeEBvBQpf/za26HyV48m0ECTL70BLskYwf5TYLoQ5wzjwClCnMM/4IxKsTu
QflmHtSU2uwtMoBfJaxkcnQUpeLA644sByzV/qLvTEpF3ARzOEsgiA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:58:27 2024 by rpki-client on console-fra.rpki-client.org