Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/ebea60-d231-480b-84fd-a763df3aee6d/1/6DnGXUB_wT475SR2lm8K-heAolc.roa
File: 6DnGXUB_wT475SR2lm8K-heAolc.roa (raw, json)
Hash identifier: /6iUZT6Wx1vvrq4UjQvtfNDEUq53yodiByx+CWXBehY=
Subject key identifier: E8:39:C6:5D:40:7F:C1:3E:3B:E5:24:76:96:6F:0A:FA:17:80:A2:57
Certificate issuer: /CN=ef7f31bd6d985e45299c31d052ca4a8ebef5578b
Certificate serial: 018CCA99E6103E0D8F1A5A2B788466B7ADEC
Authority key identifier: EF:7F:31:BD:6D:98:5E:45:29:9C:31:D0:52:CA:4A:8E:BE:F5:57:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/738xvW2YXkUpnDHQUspKjr71V4s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/ebea60-d231-480b-84fd-a763df3aee6d/1/6DnGXUB_wT475SR2lm8K-heAolc.roa
Signing time: Tue 02 Jan 2024 14:35:32 +0000
ROA not before: Tue 02 Jan 2024 14:35:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208549
IP address blocks: 80.64.221.0/24 maxlen: 24
80.64.220.0/24 maxlen: 24
80.64.222.0/23 maxlen: 23
80.64.223.0/24 maxlen: 24
80.64.222.0/24 maxlen: 24
2a0d:1cc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/ebea60-d231-480b-84fd-a763df3aee6d/1/738xvW2YXkUpnDHQUspKjr71V4s.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/ebea60-d231-480b-84fd-a763df3aee6d/1/738xvW2YXkUpnDHQUspKjr71V4s.mft
rsync://rpki.ripe.net/repository/DEFAULT/738xvW2YXkUpnDHQUspKjr71V4s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 24 May 2024 17:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:e6:10:3e:0d:8f:1a:5a:2b:78:84:66:b7:ad:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef7f31bd6d985e45299c31d052ca4a8ebef5578b
Validity
Not Before: Jan 2 14:35:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e839c65d407fc13e3be52476966f0afa1780a257
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:30:2f:94:0a:9f:b2:e1:1a:9c:3c:2a:48:f3:
3f:61:78:ee:ad:0e:c2:78:73:9e:c0:63:85:a6:7c:
55:a5:e7:42:7b:c4:49:99:45:dc:61:6e:8a:de:63:
b5:eb:8d:3e:ca:6c:fa:5d:00:f6:3c:d1:c6:67:74:
8b:58:67:a2:2f:f2:e8:62:9c:e9:74:7d:93:d6:d8:
81:2e:0d:4d:c8:4d:6c:ed:99:e3:e0:23:3c:c5:cf:
d3:22:0b:7c:f0:27:24:73:c6:cc:bf:17:41:df:c6:
85:aa:6e:97:42:da:43:dc:4f:34:4c:98:bf:38:65:
79:f4:bb:65:2c:c6:75:60:fd:c7:10:91:85:bf:84:
ff:88:91:0a:1d:fa:aa:31:9a:94:42:70:6a:43:44:
30:40:d0:e8:de:02:e3:3c:fa:11:f6:3e:5d:bc:6c:
27:0f:1e:5b:f6:c8:4f:70:6c:e3:51:ed:de:5a:f6:
6d:f5:4c:19:f9:43:2c:1e:e0:88:66:c8:61:2e:fd:
96:09:cd:8e:a5:5a:10:10:e8:e2:40:df:30:c0:f5:
2b:7a:ff:e8:0c:ce:66:56:80:2c:dd:ea:6a:14:da:
9d:02:01:6f:0d:d3:88:38:7a:3f:e0:1f:08:ce:56:
70:d2:d7:45:47:61:f6:ce:67:f2:45:b1:02:54:71:
82:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:39:C6:5D:40:7F:C1:3E:3B:E5:24:76:96:6F:0A:FA:17:80:A2:57
X509v3 Authority Key Identifier:
keyid:EF:7F:31:BD:6D:98:5E:45:29:9C:31:D0:52:CA:4A:8E:BE:F5:57:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/738xvW2YXkUpnDHQUspKjr71V4s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ebea60-d231-480b-84fd-a763df3aee6d/1/6DnGXUB_wT475SR2lm8K-heAolc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ebea60-d231-480b-84fd-a763df3aee6d/1/738xvW2YXkUpnDHQUspKjr71V4s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.64.220.0/22
IPv6:
2a0d:1cc0::/29
Signature Algorithm: sha256WithRSAEncryption
4d:e5:c7:d1:bb:0b:92:d7:d7:17:25:19:d1:1e:cd:6e:f1:c0:
f8:28:d0:06:fd:7a:b6:5d:53:2c:ef:11:e5:88:d3:33:c3:b2:
0c:f2:62:4d:2d:67:51:5b:48:4b:4b:75:2c:7b:d2:be:d4:cf:
8b:b0:27:4c:43:60:6f:82:91:81:6e:fc:ba:95:c1:e3:aa:f5:
b5:d5:5e:55:a4:9b:b9:44:5b:d7:57:f9:5f:b2:ff:6d:36:c1:
83:bb:9a:b9:21:c2:18:ec:b0:54:b1:53:f7:68:c6:18:cb:df:
42:6b:b7:7c:66:a5:49:1e:b2:9e:66:d5:f6:5e:cf:81:0a:77:
af:cb:fa:27:0c:c6:d8:19:25:1f:2c:b0:b0:8f:44:f7:22:03:
c2:05:47:c9:59:35:5e:1c:02:64:5a:ca:74:be:c2:8c:22:93:
e7:47:da:e6:1e:e7:15:44:93:59:a7:a1:e8:c1:ce:0a:eb:bf:
ff:e5:40:f4:9a:d8:91:dc:d9:84:3f:ff:ff:ea:eb:e1:ac:0a:
0a:78:7e:69:55:70:5d:39:fb:0e:6b:aa:25:ed:59:0c:fd:20:
ca:05:46:40:65:ad:b5:b6:2d:bc:0d:75:50:ee:a3:18:3a:99:
cc:0a:25:8d:7e:94:d6:3b:05:8e:33:eb:12:bc:79:6e:9d:8a:
68:c4:a2:53
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKmeYQPg2PGloreIRmt63sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmN2YzMWJkNmQ5ODVlNDUyOTljMzFkMDUyY2E0YThlYmVm
NTU3OGIwHhcNMjQwMTAyMTQzNTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODM5YzY1ZDQwN2ZjMTNlM2JlNTI0NzY5NjZmMGFmYTE3ODBhMjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTAvlAqfsuEanDwqSPM/YXjurQ7C
eHOewGOFpnxVpedCe8RJmUXcYW6K3mO1640+ymz6XQD2PNHGZ3SLWGeiL/LoYpzp
dH2T1tiBLg1NyE1s7Znj4CM8xc/TIgt88Cckc8bMvxdB38aFqm6XQtpD3E80TJi/
OGV59LtlLMZ1YP3HEJGFv4T/iJEKHfqqMZqUQnBqQ0QwQNDo3gLjPPoR9j5dvGwn
Dx5b9shPcGzjUe3eWvZt9UwZ+UMsHuCIZshhLv2WCc2OpVoQEOjiQN8wwPUrev/o
DM5mVoAs3epqFNqdAgFvDdOIOHo/4B8IzlZw0tdFR2H2zmfyRbECVHGCpQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOg5xl1Af8E+O+UkdpZvCvoXgKJXMB8GA1UdIwQY
MBaAFO9/Mb1tmF5FKZwx0FLKSo6+9VeLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzM4eHZXMllYa1VwbkRIUVVzcEtqcjcxVjRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lYmVhNjAtZDIzMS00ODBiLTg0ZmQt
YTc2M2RmM2FlZTZkLzEvNkRuR1hVQl93VDQ3NVNSMmxtOEstaGVBb2xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lYmVhNjAtZDIzMS00ODBiLTg0ZmQtYTc2M2RmM2FlZTZk
LzEvNzM4eHZXMllYa1VwbkRIUVVzcEtqcjcxVjRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCUEDcMA0E
AgACMAcDBQMqDRzAMA0GCSqGSIb3DQEBCwUAA4IBAQBN5cfRuwuS19cXJRnRHs1u
8cD4KNAG/Xq2XVMs7xHliNMzw7IM8mJNLWdRW0hLS3Use9K+1M+LsCdMQ2BvgpGB
bvy6lcHjqvW11V5VpJu5RFvXV/lfsv9tNsGDu5q5IcIY7LBUsVP3aMYYy99Ca7d8
ZqVJHrKeZtX2Xs+BCnevy/onDMbYGSUfLLCwj0T3IgPCBUfJWTVeHAJkWsp0vsKM
IpPnR9rmHucVRJNZp6Howc4K67//5UD0mtiR3NmEP///6uvhrAoKeH5pVXBdOfsO
a6ol7VkM/SDKBUZAZa21ti28DXVQ7qMYOpnMCiWNfpTWOwWOM+sSvHlunYpoxKJT
-----END CERTIFICATE-----
Generated at Fri May 24 01:59:41 2024 by rpki-client on console-fra.rpki-client.org