Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/s6hNwRqpL9Uhlh--ZaOV4ytu5Yo.roa
File: s6hNwRqpL9Uhlh--ZaOV4ytu5Yo.roa (raw, json)
Hash identifier: TbVl78hZ1Mfi2HamNZgZNDJAnJ6vJd54tXBvYDxtXD4=
Subject key identifier: B3:A8:4D:C1:1A:A9:2F:D5:21:96:1F:BE:65:A3:95:E3:2B:6E:E5:8A
Certificate issuer: /CN=0b1e72f3d0957f5a6e3bd1b844a12a6147449027
Certificate serial: 018CC56DF04EAF70BB9D2817D1C9BB053385
Authority key identifier: 0B:1E:72:F3:D0:95:7F:5A:6E:3B:D1:B8:44:A1:2A:61:47:44:90:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cx5y89CVf1puO9G4RKEqYUdEkCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/s6hNwRqpL9Uhlh--ZaOV4ytu5Yo.roa
Signing time: Mon 01 Jan 2024 14:29:25 +0000
ROA not before: Mon 01 Jan 2024 14:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204004
IP address blocks: 92.246.80.0/24 maxlen: 24
92.246.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/Cx5y89CVf1puO9G4RKEqYUdEkCc.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/Cx5y89CVf1puO9G4RKEqYUdEkCc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Cx5y89CVf1puO9G4RKEqYUdEkCc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:f0:4e:af:70:bb:9d:28:17:d1:c9:bb:05:33:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b1e72f3d0957f5a6e3bd1b844a12a6147449027
Validity
Not Before: Jan 1 14:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3a84dc11aa92fd521961fbe65a395e32b6ee58a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:01:0b:37:b3:47:4c:5a:14:4a:d3:14:71:cc:
94:7a:4e:74:69:f0:33:dd:a8:7e:c6:7e:84:48:e1:
32:47:95:62:3e:84:48:a9:86:44:43:a0:2b:eb:c9:
3c:8a:d3:47:f8:ff:7c:ff:2c:59:6d:1b:e3:56:aa:
b0:92:13:91:d3:c9:76:e5:2a:cc:54:5e:10:f2:df:
11:dc:66:78:5c:d1:94:ff:5c:14:8e:a3:83:67:45:
ac:17:c5:e5:8e:97:c5:4b:bc:9d:77:7e:54:65:09:
4a:52:4a:29:46:64:be:c3:38:8b:66:d0:7c:b0:96:
b9:37:ba:b6:d2:65:af:a3:83:4a:5c:e5:2d:52:9b:
70:eb:b6:ed:90:80:ec:0f:f9:47:79:15:71:36:a7:
a3:39:7c:3c:bc:15:3b:03:f7:ee:a7:6c:06:cf:61:
20:ca:6a:eb:fa:01:e0:9c:25:5c:d7:fd:f0:be:ed:
80:32:33:37:d2:a9:78:d5:37:ed:29:65:ae:52:3a:
88:40:4c:f3:03:7a:fb:1c:f4:29:d9:b5:85:f3:3e:
99:27:f1:fc:36:a5:a1:dc:88:9e:af:89:2c:3b:60:
d1:a3:3c:ea:6a:73:b5:65:43:85:44:2b:81:30:40:
77:f3:9c:2d:3a:26:84:d9:bf:8a:46:77:e6:24:73:
e6:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:A8:4D:C1:1A:A9:2F:D5:21:96:1F:BE:65:A3:95:E3:2B:6E:E5:8A
X509v3 Authority Key Identifier:
keyid:0B:1E:72:F3:D0:95:7F:5A:6E:3B:D1:B8:44:A1:2A:61:47:44:90:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cx5y89CVf1puO9G4RKEqYUdEkCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/s6hNwRqpL9Uhlh--ZaOV4ytu5Yo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/1a5a96-d36e-4f3a-9b34-0548d3895a55/1/Cx5y89CVf1puO9G4RKEqYUdEkCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.246.80.0/23
Signature Algorithm: sha256WithRSAEncryption
9f:a4:d8:ec:7d:b4:66:47:87:be:7a:cb:f2:81:5f:56:6c:6e:
ae:5f:0a:f2:a9:cc:46:c1:e5:f0:98:9d:ed:cb:12:a7:7f:75:
1b:dd:38:30:f3:52:7d:25:c9:e7:a4:b4:11:a5:c0:ef:b3:4d:
37:a0:09:46:0a:53:a0:e3:3c:cf:87:55:5f:e9:d1:a0:d0:a5:
28:17:9e:95:ea:9c:41:f8:ba:84:1b:c2:15:f8:a5:40:4c:15:
fd:67:30:a8:d1:b2:f6:b4:32:75:8a:0d:48:31:4f:12:2c:ba:
13:8b:7e:18:42:c0:25:c4:a9:91:2f:89:03:8d:43:10:48:a9:
84:07:ba:40:4c:b8:d5:e5:9f:d0:59:d4:1a:55:11:d0:37:2e:
d7:46:0f:7e:c0:91:e5:dc:e5:e6:7d:e9:9a:ac:d2:9f:78:7e:
79:6c:78:2a:14:20:5e:2c:d7:00:75:24:13:f3:56:f1:f5:e6:
1a:37:2b:9e:80:4b:d2:4b:ea:aa:b6:ab:b4:0c:38:99:95:56:
af:f8:ee:ad:79:5f:9b:c2:d7:08:03:80:26:df:cc:b3:8e:4b:
ba:38:db:03:49:97:78:11:53:3c:3e:6b:d8:8d:ad:6a:57:15:
d5:e6:77:b3:cd:67:46:2a:21:e4:c4:8a:29:cf:4a:63:bf:d5:
68:e5:26:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbfBOr3C7nSgX0cm7BTOFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMWU3MmYzZDA5NTdmNWE2ZTNiZDFiODQ0YTEyYTYxNDc0
NDkwMjcwHhcNMjQwMTAxMTQyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2E4NGRjMTFhYTkyZmQ1MjE5NjFmYmU2NWEzOTVlMzJiNmVlNThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgELN7NHTFoUStMUccyUek50afAz
3ah+xn6ESOEyR5ViPoRIqYZEQ6Ar68k8itNH+P98/yxZbRvjVqqwkhOR08l25SrM
VF4Q8t8R3GZ4XNGU/1wUjqODZ0WsF8XljpfFS7ydd35UZQlKUkopRmS+wziLZtB8
sJa5N7q20mWvo4NKXOUtUptw67btkIDsD/lHeRVxNqejOXw8vBU7A/fup2wGz2Eg
ymrr+gHgnCVc1/3wvu2AMjM30ql41TftKWWuUjqIQEzzA3r7HPQp2bWF8z6ZJ/H8
NqWh3Iier4ksO2DRozzqanO1ZUOFRCuBMEB385wtOiaE2b+KRnfmJHPm4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLOoTcEaqS/VIZYfvmWjleMrbuWKMB8GA1UdIwQY
MBaAFAsecvPQlX9abjvRuEShKmFHRJAnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3g1eTg5Q1ZmMXB1TzlHNFJLRXFZVWRFa0NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8xYTVhOTYtZDM2ZS00ZjNhLTliMzQt
MDU0OGQzODk1YTU1LzEvczZoTndScXBMOVVobGgtLVphT1Y0eXR1NVlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8xYTVhOTYtZDM2ZS00ZjNhLTliMzQtMDU0OGQzODk1YTU1
LzEvQ3g1eTg5Q1ZmMXB1TzlHNFJLRXFZVWRFa0NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXPZQMA0G
CSqGSIb3DQEBCwUAA4IBAQCfpNjsfbRmR4e+esvygV9WbG6uXwryqcxGweXwmJ3t
yxKnf3Ub3Tgw81J9JcnnpLQRpcDvs003oAlGClOg4zzPh1Vf6dGg0KUoF56V6pxB
+LqEG8IV+KVATBX9ZzCo0bL2tDJ1ig1IMU8SLLoTi34YQsAlxKmRL4kDjUMQSKmE
B7pATLjV5Z/QWdQaVRHQNy7XRg9+wJHl3OXmfemarNKfeH55bHgqFCBeLNcAdSQT
81bx9eYaNyuegEvSS+qqtqu0DDiZlVav+O6teV+bwtcIA4Am38yzjku6ONsDSZd4
EVM8PmvYja1qVxXV5nezzWdGKiHkxIopz0pjv9Vo5Sag
-----END CERTIFICATE-----
Generated at Tue Nov 26 22:53:42 2024 by rpki-client on console-fra.rpki-client.org