Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/6aPj84O_XRT7QLm_N4SKBBU3fVE.roa
File: 6aPj84O_XRT7QLm_N4SKBBU3fVE.roa (raw, json)
Hash identifier: uFL/n4F4/ANq4fCQ401D7erQJKxUXmBJK802Bs9mmRQ=
Subject key identifier: E9:A3:E3:F3:83:BF:5D:14:FB:40:B9:BF:37:84:8A:04:15:37:7D:51
Certificate issuer: /CN=9d210f2259093aaf45285922a588e9a661aba9fa
Certificate serial: 018CC2DB233520F1EBE5F1CB6214B042CA02
Authority key identifier: 9D:21:0F:22:59:09:3A:AF:45:28:59:22:A5:88:E9:A6:61:AB:A9:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSEPIlkJOq9FKFkipYjppmGrqfo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/6aPj84O_XRT7QLm_N4SKBBU3fVE.roa
Signing time: Mon 01 Jan 2024 02:29:50 +0000
ROA not before: Mon 01 Jan 2024 02:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41798
IP address blocks: 217.196.16.0/20 maxlen: 20
77.245.96.0/20 maxlen: 20
93.185.64.0/20 maxlen: 20
95.141.128.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/nSEPIlkJOq9FKFkipYjppmGrqfo.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/nSEPIlkJOq9FKFkipYjppmGrqfo.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSEPIlkJOq9FKFkipYjppmGrqfo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 11:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:23:35:20:f1:eb:e5:f1:cb:62:14:b0:42:ca:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d210f2259093aaf45285922a588e9a661aba9fa
Validity
Not Before: Jan 1 02:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e9a3e3f383bf5d14fb40b9bf37848a0415377d51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:c9:92:53:80:d6:23:54:4d:c9:41:f3:f3:f3:
ed:a3:f6:bc:1f:bc:b7:07:93:ed:14:22:ab:78:32:
84:b6:ac:5f:63:ed:dd:69:63:e0:a6:5b:29:31:47:
c8:ed:22:db:23:5a:b9:80:10:67:57:e8:04:2e:22:
18:79:d9:68:05:5f:bf:f0:dd:72:fb:cc:1a:98:a6:
d8:06:b0:1f:7c:b7:8b:df:d4:49:6f:95:06:cd:b1:
3a:54:74:3f:f8:0f:c1:a1:b8:1e:85:0b:16:a1:57:
51:e4:6b:f4:bf:eb:87:70:ea:b8:da:e9:77:ab:f2:
69:d0:22:a6:d4:1d:1f:2e:8a:4e:99:3f:c3:be:71:
48:4d:eb:23:d5:6f:78:87:3f:6d:5f:61:d2:e9:89:
5a:c9:69:df:2f:b0:71:09:ea:ac:aa:ee:d4:ff:df:
58:0f:ef:8e:2d:80:08:ca:15:7d:91:af:c1:92:6f:
24:d2:53:e7:70:11:1b:5a:48:4f:38:04:f8:86:85:
41:f2:fd:8d:6b:5a:a9:98:4d:d1:5a:bc:61:af:f5:
4a:29:ae:ee:70:3e:4a:17:d5:9a:7f:24:00:30:4c:
78:ac:78:7b:6c:f7:d8:1a:4e:f1:b1:86:76:e6:e2:
7d:29:6a:e9:7b:67:2e:a8:1d:4c:6a:8a:9f:d4:f5:
25:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:A3:E3:F3:83:BF:5D:14:FB:40:B9:BF:37:84:8A:04:15:37:7D:51
X509v3 Authority Key Identifier:
keyid:9D:21:0F:22:59:09:3A:AF:45:28:59:22:A5:88:E9:A6:61:AB:A9:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSEPIlkJOq9FKFkipYjppmGrqfo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/6aPj84O_XRT7QLm_N4SKBBU3fVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/nSEPIlkJOq9FKFkipYjppmGrqfo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.245.96.0/20
93.185.64.0/20
95.141.128.0/20
217.196.16.0/20
Signature Algorithm: sha256WithRSAEncryption
05:36:99:4d:71:3f:7d:b2:14:3e:38:f5:8e:b8:62:7d:e8:f6:
93:e0:15:da:48:e2:54:2a:01:d8:d7:81:84:64:a1:36:20:de:
56:c3:ee:d3:d8:f7:9a:3e:a3:9c:50:aa:a8:a0:0f:76:33:96:
0f:e0:45:7c:ae:13:f5:de:f4:a9:93:5e:ee:bc:14:5b:bb:ff:
df:f8:40:28:0c:9d:d9:ec:60:d0:a8:33:49:e8:d5:c8:48:2f:
58:4e:91:35:c4:52:c4:b2:c2:be:de:b8:e1:0b:03:f7:34:c3:
ac:84:d1:3c:19:cf:2d:33:15:17:66:56:6f:20:cc:05:eb:2d:
2a:e9:a9:9a:43:00:9f:78:96:ff:0a:aa:b1:8d:4c:44:e2:d1:
ef:90:25:ad:cc:65:3c:a0:4d:a7:94:bc:d9:13:f7:14:68:d4:
fa:31:2d:95:4e:85:c3:51:fa:bf:7a:1e:31:b1:6a:64:76:b6:
5a:af:e0:2d:3f:51:81:34:51:5b:6f:c7:f6:48:71:e8:3e:5f:
5f:40:a9:0e:00:53:90:e8:b3:6d:57:b4:4b:e7:bb:a0:7d:e7:
14:ae:ec:d5:9d:7f:fd:77:b7:8a:80:7a:d2:da:68:5d:af:54:
ae:2e:60:fc:5d:6e:1d:ea:30:7d:8f:4e:bf:d6:d1:e7:3f:ff:
6b:8a:d3:98
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzC2yM1IPHr5fHLYhSwQsoCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjEwZjIyNTkwOTNhYWY0NTI4NTkyMmE1ODhlOWE2NjFh
YmE5ZmEwHhcNMjQwMTAxMDIyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWEzZTNmMzgzYmY1ZDE0ZmI0MGI5YmYzNzg0OGEwNDE1Mzc3ZDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5smSU4DWI1RNyUHz8/Pto/a8H7y3
B5PtFCKreDKEtqxfY+3daWPgplspMUfI7SLbI1q5gBBnV+gELiIYedloBV+/8N1y
+8wamKbYBrAffLeL39RJb5UGzbE6VHQ/+A/BobgehQsWoVdR5Gv0v+uHcOq42ul3
q/Jp0CKm1B0fLopOmT/DvnFITesj1W94hz9tX2HS6YlayWnfL7BxCeqsqu7U/99Y
D++OLYAIyhV9ka/Bkm8k0lPncBEbWkhPOAT4hoVB8v2Na1qpmE3RWrxhr/VKKa7u
cD5KF9WafyQAMEx4rHh7bPfYGk7xsYZ25uJ9KWrpe2cuqB1Maoqf1PUlhwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOmj4/ODv10U+0C5vzeEigQVN31RMB8GA1UdIwQY
MBaAFJ0hDyJZCTqvRShZIqWI6aZhq6n6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNFUElsa0pPcTlGS0ZraXBZanBwbUdycWZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS85MzY4NmQtMTFmNS00ZTNlLWI1YzQt
NDM4NDNjMmU5NDNiLzEvNmFQajg0T19YUlQ3UUxtX040U0tCQlUzZlZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS85MzY4NmQtMTFmNS00ZTNlLWI1YzQtNDM4NDNjMmU5NDNi
LzEvblNFUElsa0pPcTlGS0ZraXBZanBwbUdycWZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQETfVgAwQE
XblAAwQEX42AAwQE2cQQMA0GCSqGSIb3DQEBCwUAA4IBAQAFNplNcT99shQ+OPWO
uGJ96PaT4BXaSOJUKgHY14GEZKE2IN5Ww+7T2PeaPqOcUKqooA92M5YP4EV8rhP1
3vSpk17uvBRbu//f+EAoDJ3Z7GDQqDNJ6NXISC9YTpE1xFLEssK+3rjhCwP3NMOs
hNE8Gc8tMxUXZlZvIMwF6y0q6amaQwCfeJb/CqqxjUxE4tHvkCWtzGU8oE2nlLzZ
E/cUaNT6MS2VToXDUfq/eh4xsWpkdrZar+AtP1GBNFFbb8f2SHHoPl9fQKkOAFOQ
6LNtV7RL57ugfecUruzVnX/9d7eKgHrS2mhdr1SuLmD8XW4d6jB9j06/1tHnP/9r
itOY
-----END CERTIFICATE-----
Generated at Fri Jun 7 19:25:01 2024 by rpki-client on console-ams.rpki-client.org