Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/731f82-b18f-4d5c-b122-452badfd5a6d/1/6jx4N_XeXSKO7QvFcmgegzDfuYs.roa
File: 6jx4N_XeXSKO7QvFcmgegzDfuYs.roa (raw, json)
Hash identifier: t2VVI+Fwf24oJrEk4/dxKHk2UbAtdr01mMNUQf4qTIw=
Subject key identifier: EA:3C:78:37:F5:DE:5D:22:8E:ED:0B:C5:72:68:1E:83:30:DF:B9:8B
Certificate issuer: /CN=4f149b847d31293f701e1cf99dd8ca0ebbb0b5bd
Certificate serial: 01925E520E20FE52A9E3A0434366D3DAAFAA
Authority key identifier: 4F:14:9B:84:7D:31:29:3F:70:1E:1C:F9:9D:D8:CA:0E:BB:B0:B5:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxSbhH0xKT9wHhz5ndjKDruwtb0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/731f82-b18f-4d5c-b122-452badfd5a6d/1/6jx4N_XeXSKO7QvFcmgegzDfuYs.roa
Signing time: Sat 05 Oct 2024 20:14:48 +0000
ROA not before: Sat 05 Oct 2024 20:14:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202311
IP address blocks: 195.26.68.0/22 maxlen: 24
195.26.68.0/24 maxlen: 24
195.26.70.0/24 maxlen: 24
195.26.71.0/24 maxlen: 24
2a07:f680::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/731f82-b18f-4d5c-b122-452badfd5a6d/1/TxSbhH0xKT9wHhz5ndjKDruwtb0.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/731f82-b18f-4d5c-b122-452badfd5a6d/1/TxSbhH0xKT9wHhz5ndjKDruwtb0.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxSbhH0xKT9wHhz5ndjKDruwtb0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:5e:52:0e:20:fe:52:a9:e3:a0:43:43:66:d3:da:af:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f149b847d31293f701e1cf99dd8ca0ebbb0b5bd
Validity
Not Before: Oct 5 20:14:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea3c7837f5de5d228eed0bc572681e8330dfb98b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ff:3a:17:f6:c3:fb:05:e3:74:18:72:60:76:
36:52:b0:c7:0c:75:89:03:d8:13:e8:ac:57:b5:30:
6f:46:12:5f:45:cf:35:78:c8:dd:50:70:f3:ac:9a:
24:9a:51:7e:7c:78:df:ab:81:68:d1:bb:62:1c:98:
ec:07:8e:90:e2:ce:4e:14:5f:9b:d0:5c:10:a5:b4:
c6:b7:20:c9:42:01:1d:52:4b:e5:68:a9:50:fb:4b:
8e:07:44:fa:5e:07:fb:2f:6e:0b:c6:b0:bb:2f:b0:
0c:68:54:a4:72:24:2d:8e:64:90:60:7d:6c:71:17:
50:06:a6:1a:ed:61:c7:fe:66:d5:d4:15:f9:96:9d:
aa:6f:51:32:f5:4b:55:3e:d5:cc:eb:b1:32:6e:e8:
87:c0:f3:87:d0:4a:4a:64:72:71:77:d6:f8:5d:e8:
96:e8:95:e2:07:2f:86:6e:5e:09:72:ac:7c:5c:de:
3a:b4:bd:f9:33:34:14:5c:80:06:b5:a6:eb:07:2d:
c4:e9:b3:3c:dc:5d:b9:0d:54:8a:b3:87:e1:d2:fe:
8c:98:97:f0:0f:48:04:62:08:ec:aa:16:b3:1c:c8:
9e:a0:4d:82:68:23:a3:26:17:87:fc:cf:91:ea:90:
4a:8b:78:a5:d1:1d:82:cc:65:99:5f:ab:36:50:59:
6b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:3C:78:37:F5:DE:5D:22:8E:ED:0B:C5:72:68:1E:83:30:DF:B9:8B
X509v3 Authority Key Identifier:
keyid:4F:14:9B:84:7D:31:29:3F:70:1E:1C:F9:9D:D8:CA:0E:BB:B0:B5:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxSbhH0xKT9wHhz5ndjKDruwtb0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/731f82-b18f-4d5c-b122-452badfd5a6d/1/6jx4N_XeXSKO7QvFcmgegzDfuYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/731f82-b18f-4d5c-b122-452badfd5a6d/1/TxSbhH0xKT9wHhz5ndjKDruwtb0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.26.68.0/22
IPv6:
2a07:f680::/29
Signature Algorithm: sha256WithRSAEncryption
aa:9b:eb:1c:b6:57:0f:d1:13:17:5d:3d:83:cd:42:8e:c9:9a:
14:8b:3c:98:0c:ab:0e:bc:e9:35:73:49:cb:cf:f5:71:02:70:
88:f3:c5:48:b7:c7:3d:ec:6b:27:f9:96:cf:18:0a:77:49:26:
20:8a:37:24:46:37:00:0f:27:c9:e8:76:4b:08:f5:6c:41:a6:
73:ed:47:a2:80:51:a6:e1:a1:63:ef:c1:76:e6:79:ec:9e:38:
9c:20:80:83:c1:57:da:50:bd:e4:74:cd:32:2a:9b:47:5f:ed:
6a:9f:8e:4d:c3:b5:44:fd:cd:96:27:9b:33:9b:8b:f8:29:50:
09:91:e2:e5:19:a4:20:f2:39:11:83:3f:e2:0c:af:ba:b5:bf:
8f:71:73:9e:3c:1c:6f:a6:59:45:18:01:8f:41:df:d2:e8:4b:
5c:b2:74:0a:0b:3a:29:ae:71:29:d1:5a:70:90:d1:ce:63:39:
78:db:a7:90:39:9f:ba:63:77:16:31:bd:fb:17:bd:38:1f:af:
d3:f4:12:e0:f2:aa:6c:df:0d:97:b3:bf:22:6f:d2:8a:74:9c:
d3:7a:c0:46:01:e2:bf:81:62:f0:60:11:f0:1f:fa:53:ab:82:
13:3e:ff:56:2e:f5:01:7b:43:0e:3b:4c:05:e7:3c:d3:f1:ed:
1e:2a:03:97
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZJeUg4g/lKp46BDQ2bT2q+qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQ5Yjg0N2QzMTI5M2Y3MDFlMWNmOTlkZDhjYTBlYmJi
MGI1YmQwHhcNMjQxMDA1MjAxNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTNjNzgzN2Y1ZGU1ZDIyOGVlZDBiYzU3MjY4MWU4MzMwZGZiOThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/86F/bD+wXjdBhyYHY2UrDHDHWJ
A9gT6KxXtTBvRhJfRc81eMjdUHDzrJokmlF+fHjfq4Fo0btiHJjsB46Q4s5OFF+b
0FwQpbTGtyDJQgEdUkvlaKlQ+0uOB0T6Xgf7L24LxrC7L7AMaFSkciQtjmSQYH1s
cRdQBqYa7WHH/mbV1BX5lp2qb1Ey9UtVPtXM67EybuiHwPOH0EpKZHJxd9b4XeiW
6JXiBy+Gbl4Jcqx8XN46tL35MzQUXIAGtabrBy3E6bM83F25DVSKs4fh0v6MmJfw
D0gEYgjsqhazHMieoE2CaCOjJheH/M+R6pBKi3il0R2CzGWZX6s2UFlrawIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOo8eDf13l0iju0LxXJoHoMw37mLMB8GA1UdIwQY
MBaAFE8Um4R9MSk/cB4c+Z3Yyg67sLW9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhTYmhIMHhLVDl3SGh6NW5kaktEcnV3dGIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy83MzFmODItYjE4Zi00ZDVjLWIxMjIt
NDUyYmFkZmQ1YTZkLzEvNmp4NE5fWGVYU0tPN1F2RmNtZ2VnekRmdVlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy83MzFmODItYjE4Zi00ZDVjLWIxMjItNDUyYmFkZmQ1YTZk
LzEvVHhTYmhIMHhLVDl3SGh6NW5kaktEcnV3dGIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwxpEMA0E
AgACMAcDBQMqB/aAMA0GCSqGSIb3DQEBCwUAA4IBAQCqm+sctlcP0RMXXT2DzUKO
yZoUizyYDKsOvOk1c0nLz/VxAnCI88VIt8c97Gsn+ZbPGAp3SSYgijckRjcADyfJ
6HZLCPVsQaZz7UeigFGm4aFj78F25nnsnjicIICDwVfaUL3kdM0yKptHX+1qn45N
w7VE/c2WJ5szm4v4KVAJkeLlGaQg8jkRgz/iDK+6tb+PcXOePBxvpllFGAGPQd/S
6EtcsnQKCzoprnEp0VpwkNHOYzl426eQOZ+6Y3cWMb37F704H6/T9BLg8qps3w2X
s78ib9KKdJzTesBGAeK/gWLwYBHwH/pTq4ITPv9WLvUBe0MOO0wF5zzT8e0eKgOX
-----END CERTIFICATE-----
Generated at Sat Nov 23 17:10:26 2024 by rpki-client on console-ams.rpki-client.org