Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/2f5269-d433-47ed-bf1b-ab6fc4e0f1e0/1/6kO7gNE3kBxHP4oIeMa3yug13hw.roa
File: 6kO7gNE3kBxHP4oIeMa3yug13hw.roa (raw, json)
Hash identifier: 7DTvEYnZ4THK3lHJuJVf7OYkpMGBejURrWb4wINYaj0=
Subject key identifier: EA:43:BB:80:D1:37:90:1C:47:3F:8A:08:78:C6:B7:CA:E8:35:DE:1C
Certificate issuer: /CN=686d6f569500c25070b6124f1b86f60952677a93
Certificate serial: 018CC5DBEC12ECFAEB8C7C0DA1359024D31A
Authority key identifier: 68:6D:6F:56:95:00:C2:50:70:B6:12:4F:1B:86:F6:09:52:67:7A:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aG1vVpUAwlBwthJPG4b2CVJnepM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/2f5269-d433-47ed-bf1b-ab6fc4e0f1e0/1/6kO7gNE3kBxHP4oIeMa3yug13hw.roa
Signing time: Mon 01 Jan 2024 16:29:33 +0000
ROA not before: Mon 01 Jan 2024 16:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207881
IP address blocks: 91.237.208.0/24 maxlen: 24
91.237.215.0/24 maxlen: 24
91.238.1.0/24 maxlen: 24
91.238.18.0/24 maxlen: 24
2a0f:6940::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/2f5269-d433-47ed-bf1b-ab6fc4e0f1e0/1/aG1vVpUAwlBwthJPG4b2CVJnepM.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/2f5269-d433-47ed-bf1b-ab6fc4e0f1e0/1/aG1vVpUAwlBwthJPG4b2CVJnepM.mft
rsync://rpki.ripe.net/repository/DEFAULT/aG1vVpUAwlBwthJPG4b2CVJnepM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:ec:12:ec:fa:eb:8c:7c:0d:a1:35:90:24:d3:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=686d6f569500c25070b6124f1b86f60952677a93
Validity
Not Before: Jan 1 16:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea43bb80d137901c473f8a0878c6b7cae835de1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:2a:29:7c:df:ed:e2:79:9b:1b:cb:b5:2a:d5:
7f:f8:33:9c:42:bc:56:1c:42:67:2b:52:16:da:a9:
f2:a0:5a:95:84:17:23:9d:6e:55:24:62:80:f9:30:
1b:6e:37:67:3a:d9:ea:37:33:07:b1:f1:ee:cc:86:
5d:3a:34:88:72:ba:75:7e:e8:6c:3d:7b:62:1e:a0:
77:6a:e7:dd:c2:93:bb:e6:5a:f2:36:53:85:80:a6:
1e:e5:bf:b0:25:3f:c6:aa:3c:6a:9d:97:57:fa:4e:
40:57:17:ac:c2:bb:46:29:20:db:55:37:16:98:ce:
28:e6:ee:c4:20:a5:d1:f5:7e:57:e3:d9:9e:b7:0b:
05:16:1e:84:6f:f5:64:49:37:cf:c4:e3:1f:81:0e:
2d:eb:c1:3e:80:25:b0:5d:7b:fd:20:ae:07:c4:28:
e9:49:30:ce:1b:d9:40:3b:74:ca:53:e0:c0:1c:0b:
ca:38:d2:81:e4:ee:2e:cf:81:2a:65:16:38:7c:88:
c8:6d:d8:d1:99:21:c7:30:37:21:88:ab:38:1b:c5:
3c:5a:7f:cc:8f:29:fa:e4:91:c1:e0:29:97:c1:29:
92:3c:04:17:24:f8:55:d2:96:63:68:5b:cb:1e:b7:
82:33:63:e3:39:43:79:6d:53:2c:6c:e9:ec:0e:db:
34:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:43:BB:80:D1:37:90:1C:47:3F:8A:08:78:C6:B7:CA:E8:35:DE:1C
X509v3 Authority Key Identifier:
keyid:68:6D:6F:56:95:00:C2:50:70:B6:12:4F:1B:86:F6:09:52:67:7A:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aG1vVpUAwlBwthJPG4b2CVJnepM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/2f5269-d433-47ed-bf1b-ab6fc4e0f1e0/1/6kO7gNE3kBxHP4oIeMa3yug13hw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/2f5269-d433-47ed-bf1b-ab6fc4e0f1e0/1/aG1vVpUAwlBwthJPG4b2CVJnepM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.208.0/24
91.237.215.0/24
91.238.1.0/24
91.238.18.0/24
IPv6:
2a0f:6940::/32
Signature Algorithm: sha256WithRSAEncryption
66:39:ff:20:0d:47:78:76:68:bf:5a:56:6f:79:29:42:25:0c:
0a:3e:1c:3a:19:21:89:bc:e5:db:8a:b0:00:26:8f:5a:19:84:
70:c2:71:0f:57:55:ca:67:22:b7:41:36:bf:ea:bc:78:5f:a3:
01:2b:1f:ae:cb:78:93:8f:5a:2c:2a:27:3e:3d:cb:f3:d6:fc:
e5:e5:84:95:da:5c:dc:03:e7:ef:8b:da:f9:b8:e3:08:83:66:
60:78:55:9f:f7:15:11:f9:92:d6:9c:b5:c3:6b:36:c1:13:44:
5d:41:42:71:ea:ba:c3:75:59:58:27:7b:08:9c:ff:1c:9d:b2:
56:55:7c:eb:89:b2:24:bd:ca:70:a7:43:21:4a:c3:e8:c4:63:
41:eb:5a:e5:0e:cc:de:39:34:78:52:51:09:e1:22:bb:50:e6:
7c:95:5e:63:57:40:51:83:2c:d5:5b:7f:26:0a:b4:58:cb:2c:
eb:5c:b0:5e:99:e7:9d:67:cc:30:0d:b2:e3:e4:e0:f2:ca:13:
b6:db:a6:88:bb:4f:c0:f5:b5:2d:2d:ac:0f:91:18:99:96:5b:
ea:e6:e7:b6:2e:17:15:ce:cd:af:f8:b6:97:59:49:d4:b4:c9:
ed:47:06:64:ab:f6:0c:bd:95:2c:a1:ea:7f:b2:f9:a4:4a:ca:
e2:75:0d:33
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzF2+wS7PrrjHwNoTWQJNMaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NmQ2ZjU2OTUwMGMyNTA3MGI2MTI0ZjFiODZmNjA5NTI2
NzdhOTMwHhcNMjQwMTAxMTYyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTQzYmI4MGQxMzc5MDFjNDczZjhhMDg3OGM2YjdjYWU4MzVkZTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmiopfN/t4nmbG8u1KtV/+DOcQrxW
HEJnK1IW2qnyoFqVhBcjnW5VJGKA+TAbbjdnOtnqNzMHsfHuzIZdOjSIcrp1fuhs
PXtiHqB3aufdwpO75lryNlOFgKYe5b+wJT/GqjxqnZdX+k5AVxeswrtGKSDbVTcW
mM4o5u7EIKXR9X5X49metwsFFh6Eb/VkSTfPxOMfgQ4t68E+gCWwXXv9IK4HxCjp
STDOG9lAO3TKU+DAHAvKONKB5O4uz4EqZRY4fIjIbdjRmSHHMDchiKs4G8U8Wn/M
jyn65JHB4CmXwSmSPAQXJPhV0pZjaFvLHreCM2PjOUN5bVMsbOnsDts0ZwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFOpDu4DRN5AcRz+KCHjGt8roNd4cMB8GA1UdIwQY
MBaAFGhtb1aVAMJQcLYSTxuG9glSZ3qTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUcxdlZwVUF3bEJ3dGhKUEc0YjJDVkpuZXBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8yZjUyNjktZDQzMy00N2VkLWJmMWIt
YWI2ZmM0ZTBmMWUwLzEvNmtPN2dORTNrQnhIUDRvSWVNYTN5dWcxM2h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8yZjUyNjktZDQzMy00N2VkLWJmMWItYWI2ZmM0ZTBmMWUw
LzEvYUcxdlZwVUF3bEJ3dGhKUEc0YjJDVkpuZXBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW+3QAwQA
W+3XAwQAW+4BAwQAW+4SMA0EAgACMAcDBQAqD2lAMA0GCSqGSIb3DQEBCwUAA4IB
AQBmOf8gDUd4dmi/WlZveSlCJQwKPhw6GSGJvOXbirAAJo9aGYRwwnEPV1XKZyK3
QTa/6rx4X6MBKx+uy3iTj1osKic+Pcvz1vzl5YSV2lzcA+fvi9r5uOMIg2ZgeFWf
9xUR+ZLWnLXDazbBE0RdQUJx6rrDdVlYJ3sInP8cnbJWVXzribIkvcpwp0MhSsPo
xGNB61rlDszeOTR4UlEJ4SK7UOZ8lV5jV0BRgyzVW38mCrRYyyzrXLBemeedZ8ww
DbLj5ODyyhO226aIu0/A9bUtLawPkRiZllvq5ue2LhcVzs2v+LaXWUnUtMntRwZk
q/YMvZUsoep/svmkSsridQ0z
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:44:50 2024 by rpki-client on console-fra.rpki-client.org