Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/76e07c-8a32-489d-91d1-b184e3f4b50e/1/6rPBlspAliQsyBwRK5xlIM1S83g.roa
File: 6rPBlspAliQsyBwRK5xlIM1S83g.roa (raw, json)
Hash identifier: bUEQSQ1Nz0K20Ik0s9H7aTpKRuRypjg8WE1O+QHoENc=
Subject key identifier: EA:B3:C1:96:CA:40:96:24:2C:C8:1C:11:2B:9C:65:20:CD:52:F3:78
Certificate issuer: /CN=3c4d3fb044eb1c0a11be0602aceef88e5f5d2ddf
Certificate serial: 018CC8017E399BBD62F066C620958B804F90
Authority key identifier: 3C:4D:3F:B0:44:EB:1C:0A:11:BE:06:02:AC:EE:F8:8E:5F:5D:2D:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE0_sETrHAoRvgYCrO74jl9dLd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/76e07c-8a32-489d-91d1-b184e3f4b50e/1/6rPBlspAliQsyBwRK5xlIM1S83g.roa
Signing time: Tue 02 Jan 2024 02:29:50 +0000
ROA not before: Tue 02 Jan 2024 02:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29384
IP address blocks: 86.36.49.0/24 maxlen: 24
86.36.48.0/24 maxlen: 24
86.36.104.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/76e07c-8a32-489d-91d1-b184e3f4b50e/1/PE0_sETrHAoRvgYCrO74jl9dLd8.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/76e07c-8a32-489d-91d1-b184e3f4b50e/1/PE0_sETrHAoRvgYCrO74jl9dLd8.mft
rsync://rpki.ripe.net/repository/DEFAULT/PE0_sETrHAoRvgYCrO74jl9dLd8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:7e:39:9b:bd:62:f0:66:c6:20:95:8b:80:4f:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4d3fb044eb1c0a11be0602aceef88e5f5d2ddf
Validity
Not Before: Jan 2 02:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eab3c196ca4096242cc81c112b9c6520cd52f378
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:fa:e9:a4:01:ac:92:51:3a:66:bd:5b:21:32:
19:79:c9:ec:97:c4:77:c4:d1:10:3a:53:0a:fb:ff:
e9:02:c5:f4:26:d1:6c:82:ca:08:5a:da:68:95:e4:
e4:e3:3c:5e:80:38:c1:c6:73:e3:dd:2b:d4:8e:d1:
50:5f:05:d9:de:63:62:3b:04:82:26:98:1f:fb:f1:
b7:89:a4:27:7c:23:c0:6b:3e:42:ea:fb:d5:b7:d6:
a4:7c:a4:09:df:2e:7c:ff:17:b5:db:c3:04:46:fb:
27:cd:77:d8:77:10:47:6e:5d:dd:91:89:5c:c3:63:
c9:13:2c:5d:98:92:e7:11:9f:e3:12:46:8b:6f:92:
08:77:48:37:bb:cf:97:23:07:6e:3d:d9:c2:17:ff:
6f:9f:4b:60:b3:70:0f:07:10:fa:01:04:d0:24:f2:
ba:c0:49:96:cc:a4:93:b3:5a:b0:58:e5:e7:ec:4c:
85:05:c2:27:98:02:44:bd:b3:e2:1c:11:b2:85:0a:
91:bd:de:1f:9c:88:7f:74:6c:db:c2:32:27:00:23:
9a:63:37:80:75:11:bf:8c:c7:73:09:e3:41:29:ae:
d2:6a:8a:c6:2a:bc:68:6d:d5:b6:bf:f4:de:45:33:
fa:ff:6c:84:aa:33:f7:df:d7:79:53:cf:36:52:8b:
cc:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:B3:C1:96:CA:40:96:24:2C:C8:1C:11:2B:9C:65:20:CD:52:F3:78
X509v3 Authority Key Identifier:
keyid:3C:4D:3F:B0:44:EB:1C:0A:11:BE:06:02:AC:EE:F8:8E:5F:5D:2D:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE0_sETrHAoRvgYCrO74jl9dLd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/76e07c-8a32-489d-91d1-b184e3f4b50e/1/6rPBlspAliQsyBwRK5xlIM1S83g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/76e07c-8a32-489d-91d1-b184e3f4b50e/1/PE0_sETrHAoRvgYCrO74jl9dLd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.36.48.0/23
86.36.104.0/24
Signature Algorithm: sha256WithRSAEncryption
31:97:d8:3d:dc:a6:b4:97:bf:dc:a7:8a:83:b0:e4:85:67:56:
e8:90:84:32:78:ec:be:4e:63:3e:ed:6c:f2:c3:ea:f7:94:86:
b4:03:85:6d:52:86:7f:a0:5c:1e:e2:26:c7:24:01:72:c1:a7:
ae:c1:4b:92:46:42:8a:21:06:15:22:dc:11:61:26:bc:6c:a9:
b7:4f:51:29:5a:8e:c7:aa:4f:d7:ff:60:71:e8:70:e8:9d:32:
1f:e0:53:af:f7:70:34:52:40:95:c5:62:17:0f:b0:53:41:56:
a8:05:33:b0:68:e6:1e:da:0a:34:d3:22:c4:9a:a2:c7:61:d0:
74:fa:02:14:79:7e:bf:d5:76:bb:1a:27:19:44:94:62:48:fb:
11:3a:c7:22:7b:f5:87:95:27:5f:88:d4:4a:a7:63:fd:68:20:
99:1d:06:c3:67:ba:f0:88:54:26:f5:e7:5f:c5:b1:f6:17:0b:
3d:19:e1:62:b2:a2:24:50:19:48:54:ef:18:65:b2:36:8f:d3:
7c:4f:ea:f4:22:07:e9:2d:0d:63:02:0c:ed:6a:0b:30:72:57:
ee:a4:7c:51:c7:32:d0:d7:76:e8:ef:34:2a:b2:f9:72:17:d2:
93:de:5f:15:0d:1d:ab:fa:c6:81:ce:71:44:56:3a:89:fa:c1:
b6:00:0f:7f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIAX45m71i8GbGIJWLgE+QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGQzZmIwNDRlYjFjMGExMWJlMDYwMmFjZWVmODhlNWY1
ZDJkZGYwHhcNMjQwMTAyMDIyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWIzYzE5NmNhNDA5NjI0MmNjODFjMTEyYjljNjUyMGNkNTJmMzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvrppAGsklE6Zr1bITIZecnsl8R3
xNEQOlMK+//pAsX0JtFsgsoIWtpoleTk4zxegDjBxnPj3SvUjtFQXwXZ3mNiOwSC
Jpgf+/G3iaQnfCPAaz5C6vvVt9akfKQJ3y58/xe128MERvsnzXfYdxBHbl3dkYlc
w2PJEyxdmJLnEZ/jEkaLb5IId0g3u8+XIwduPdnCF/9vn0tgs3APBxD6AQTQJPK6
wEmWzKSTs1qwWOXn7EyFBcInmAJEvbPiHBGyhQqRvd4fnIh/dGzbwjInACOaYzeA
dRG/jMdzCeNBKa7SaorGKrxobdW2v/TeRTP6/2yEqjP339d5U882UovM1QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOqzwZbKQJYkLMgcESucZSDNUvN4MB8GA1UdIwQY
MBaAFDxNP7BE6xwKEb4GAqzu+I5fXS3fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEUwX3NFVHJIQW9SdmdZQ3JPNzRqbDlkTGQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS83NmUwN2MtOGEzMi00ODlkLTkxZDEt
YjE4NGUzZjRiNTBlLzEvNnJQQmxzcEFsaVFzeUJ3Uks1eGxJTTFTODNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS83NmUwN2MtOGEzMi00ODlkLTkxZDEtYjE4NGUzZjRiNTBl
LzEvUEUwX3NFVHJIQW9SdmdZQ3JPNzRqbDlkTGQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBViQwAwQA
ViRoMA0GCSqGSIb3DQEBCwUAA4IBAQAxl9g93Ka0l7/cp4qDsOSFZ1bokIQyeOy+
TmM+7Wzyw+r3lIa0A4VtUoZ/oFwe4ibHJAFywaeuwUuSRkKKIQYVItwRYSa8bKm3
T1EpWo7Hqk/X/2Bx6HDonTIf4FOv93A0UkCVxWIXD7BTQVaoBTOwaOYe2go00yLE
mqLHYdB0+gIUeX6/1Xa7GicZRJRiSPsROscie/WHlSdfiNRKp2P9aCCZHQbDZ7rw
iFQm9edfxbH2Fws9GeFisqIkUBlIVO8YZbI2j9N8T+r0IgfpLQ1jAgztagswclfu
pHxRxzLQ13bo7zQqsvlyF9KT3l8VDR2r+saBznFEVjqJ+sG2AA9/
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:41:49 2024 by rpki-client on console-fra.rpki-client.org