Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/c25dc2-f54d-414d-8769-8d65f4ee91df/1/a6X3JHuxHKIxTVhmsJPuUx-LI78.roa
File: a6X3JHuxHKIxTVhmsJPuUx-LI78.roa (raw, json)
Hash identifier: 9ilOKG2yKGg5tgA9SgjgZNEx/xrIrTffjNWPltxT9Ag=
Subject key identifier: 6B:A5:F7:24:7B:B1:1C:A2:31:4D:58:66:B0:93:EE:53:1F:8B:23:BF
Certificate issuer: /CN=6cbbb81d823069dd824d8d8d82c8dbfb305db98f
Certificate serial: 018CC9BCE6334A349D401AA457D70BA71843
Authority key identifier: 6C:BB:B8:1D:82:30:69:DD:82:4D:8D:8D:82:C8:DB:FB:30:5D:B9:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bLu4HYIwad2CTY2Ngsjb-zBduY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/c25dc2-f54d-414d-8769-8d65f4ee91df/1/a6X3JHuxHKIxTVhmsJPuUx-LI78.roa
Signing time: Tue 02 Jan 2024 10:34:09 +0000
ROA not before: Tue 02 Jan 2024 10:34:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39452
IP address blocks: 45.13.40.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/c25dc2-f54d-414d-8769-8d65f4ee91df/1/bLu4HYIwad2CTY2Ngsjb-zBduY8.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/c25dc2-f54d-414d-8769-8d65f4ee91df/1/bLu4HYIwad2CTY2Ngsjb-zBduY8.mft
rsync://rpki.ripe.net/repository/DEFAULT/bLu4HYIwad2CTY2Ngsjb-zBduY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 19 Jun 2024 07:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:e6:33:4a:34:9d:40:1a:a4:57:d7:0b:a7:18:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cbbb81d823069dd824d8d8d82c8dbfb305db98f
Validity
Not Before: Jan 2 10:34:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ba5f7247bb11ca2314d5866b093ee531f8b23bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f8:9f:8a:4f:48:96:d3:87:b5:dc:16:aa:b7:
35:4f:7f:a3:90:ae:4b:d5:e2:2a:5d:55:e0:07:3c:
73:af:ff:f7:6b:0a:e3:4a:e5:44:c3:28:15:12:d4:
34:4d:0e:7e:d1:d3:6e:0e:8e:b8:bc:49:9c:cb:bd:
e8:b3:dc:ab:cc:fd:48:d7:bf:c9:14:d1:73:bd:4c:
ac:e9:34:e3:50:ac:52:a4:cb:e6:22:d2:ec:1f:f7:
1f:e2:58:a2:5d:35:08:47:f4:18:9e:e5:2e:25:46:
80:46:ca:4c:99:1c:a3:66:10:be:4f:65:60:5b:0f:
f8:7b:22:d6:a7:20:1d:0e:ea:a5:e4:93:f8:ed:a9:
cd:a2:56:77:bb:66:73:0d:e9:87:c1:46:e9:77:49:
de:6d:d1:f7:5d:56:ee:c5:bc:a3:75:b3:2c:4d:c7:
ef:a9:e4:40:72:57:55:74:11:89:ff:ba:fc:9a:83:
b0:3f:b7:64:a7:9e:8b:df:56:1d:8f:1d:52:a0:8a:
e0:e6:62:f4:dd:2c:0a:97:d5:8e:7c:04:18:34:e0:
8c:64:cf:30:d8:28:a2:a0:f0:00:ce:7a:f1:01:46:
80:e8:7c:0f:bd:d2:d0:75:fe:b1:94:b7:5a:af:2e:
90:30:4e:42:09:46:3c:6c:8c:cf:2a:6d:d9:3f:aa:
ce:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:A5:F7:24:7B:B1:1C:A2:31:4D:58:66:B0:93:EE:53:1F:8B:23:BF
X509v3 Authority Key Identifier:
keyid:6C:BB:B8:1D:82:30:69:DD:82:4D:8D:8D:82:C8:DB:FB:30:5D:B9:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLu4HYIwad2CTY2Ngsjb-zBduY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/c25dc2-f54d-414d-8769-8d65f4ee91df/1/a6X3JHuxHKIxTVhmsJPuUx-LI78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/c25dc2-f54d-414d-8769-8d65f4ee91df/1/bLu4HYIwad2CTY2Ngsjb-zBduY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.40.0/22
Signature Algorithm: sha256WithRSAEncryption
87:74:f7:ca:65:f0:f9:49:17:65:b3:4e:09:30:60:10:3b:b2:
c9:0d:d3:fc:74:9c:12:17:e7:99:ad:5d:d9:9f:b3:d4:ea:0e:
ee:2a:86:91:68:9a:2c:0c:d5:45:48:3f:ef:e9:c3:54:43:34:
c6:f9:24:82:56:3c:4e:7d:97:b5:7b:07:a6:3f:02:af:c5:0d:
95:c0:a8:32:85:56:a5:dc:ab:58:ef:49:87:83:dc:ea:0b:07:
9d:1c:a8:d6:2f:c9:ad:c1:b6:72:a3:79:dd:b8:06:e3:7f:36:
c5:6b:76:80:d3:ce:67:d9:f0:fd:39:a3:3c:cf:37:fb:37:e0:
53:7c:97:c8:06:fe:76:fb:44:e7:f0:fe:e8:db:b6:13:64:be:
cd:97:b2:75:53:b1:19:e9:f0:01:a7:5c:8d:17:30:e0:77:c5:
d7:62:34:ea:39:0d:72:93:dd:43:d3:54:dd:ef:17:c3:e5:2c:
83:ea:92:fb:f5:ab:07:35:59:54:84:0d:42:64:74:5f:62:bd:
09:52:fc:3c:f2:2f:18:6c:45:05:a5:4b:17:08:9e:db:f2:64:
98:42:a2:07:71:b1:2a:dd:f5:c8:ed:bf:2b:56:d1:ea:8f:a9:
26:3c:61:ba:a1:c2:9e:51:dc:b9:38:34:c6:ef:65:bc:ea:7b:
0d:ba:0b:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvOYzSjSdQBqkV9cLpxhDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYmJiODFkODIzMDY5ZGQ4MjRkOGQ4ZDgyYzhkYmZiMzA1
ZGI5OGYwHhcNMjQwMTAyMTAzNDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmE1ZjcyNDdiYjExY2EyMzE0ZDU4NjZiMDkzZWU1MzFmOGIyM2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfifik9IltOHtdwWqrc1T3+jkK5L
1eIqXVXgBzxzr//3awrjSuVEwygVEtQ0TQ5+0dNuDo64vEmcy73os9yrzP1I17/J
FNFzvUys6TTjUKxSpMvmItLsH/cf4liiXTUIR/QYnuUuJUaARspMmRyjZhC+T2Vg
Ww/4eyLWpyAdDuql5JP47anNolZ3u2ZzDemHwUbpd0nebdH3XVbuxbyjdbMsTcfv
qeRAcldVdBGJ/7r8moOwP7dkp56L31Ydjx1SoIrg5mL03SwKl9WOfAQYNOCMZM8w
2CiioPAAznrxAUaA6HwPvdLQdf6xlLdary6QME5CCUY8bIzPKm3ZP6rOBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGul9yR7sRyiMU1YZrCT7lMfiyO/MB8GA1UdIwQY
MBaAFGy7uB2CMGndgk2NjYLI2/swXbmPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkx1NEhZSXdhZDJDVFkyTmdzamItekJkdVk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9jMjVkYzItZjU0ZC00MTRkLTg3Njkt
OGQ2NWY0ZWU5MWRmLzEvYTZYM0pIdXhIS0l4VFZobXNKUHVVeC1MSTc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9jMjVkYzItZjU0ZC00MTRkLTg3NjktOGQ2NWY0ZWU5MWRm
LzEvYkx1NEhZSXdhZDJDVFkyTmdzamItekJkdVk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQ0oMA0G
CSqGSIb3DQEBCwUAA4IBAQCHdPfKZfD5SRdls04JMGAQO7LJDdP8dJwSF+eZrV3Z
n7PU6g7uKoaRaJosDNVFSD/v6cNUQzTG+SSCVjxOfZe1ewemPwKvxQ2VwKgyhVal
3KtY70mHg9zqCwedHKjWL8mtwbZyo3nduAbjfzbFa3aA085n2fD9OaM8zzf7N+BT
fJfIBv52+0Tn8P7o27YTZL7Nl7J1U7EZ6fABp1yNFzDgd8XXYjTqOQ1yk91D01Td
7xfD5SyD6pL79asHNVlUhA1CZHRfYr0JUvw88i8YbEUFpUsXCJ7b8mSYQqIHcbEq
3fXI7b8rVtHqj6kmPGG6ocKeUdy5ODTG72W86nsNugsY
-----END CERTIFICATE-----
Generated at Tue Jun 18 14:14:27 2024 by rpki-client on console-fra.rpki-client.org