Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/6pM18plyUt9BDV5L-srMOekZIQY.roa
File: 6pM18plyUt9BDV5L-srMOekZIQY.roa (raw, json)
Hash identifier: v02pKGOPcPfOgUU13ykKoGyDLljBvBlGzqNBiQXF+vA=
Subject key identifier: EA:93:35:F2:99:72:52:DF:41:0D:5E:4B:FA:CA:CC:39:E9:19:21:06
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 018ED310F1953576AEFAE479A733E69DFB46
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/6pM18plyUt9BDV5L-srMOekZIQY.roa
Signing time: Fri 12 Apr 2024 16:08:06 +0000
ROA not before: Fri 12 Apr 2024 16:08:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 399989
IP address blocks: 85.8.156.0/22 maxlen: 22
176.53.168.0/22 maxlen: 22
185.231.224.0/22 maxlen: 22
193.187.108.0/22 maxlen: 22
213.139.224.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.mft
rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 01:01:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d3:10:f1:95:35:76:ae:fa:e4:79:a7:33:e6:9d:fb:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Apr 12 16:08:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea9335f2997252df410d5e4bfacacc39e9192106
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:bf:01:55:f6:23:58:5e:e9:24:b9:e0:6d:d0:
cb:d5:8f:f8:2d:f3:01:6e:65:b9:83:d6:61:79:55:
cd:5d:85:7f:80:5a:05:67:ef:b8:9f:50:3c:e9:c7:
36:d4:31:a0:bb:25:ea:4c:d4:cd:84:bb:f0:de:7f:
02:0b:e4:bc:15:83:b4:12:7a:5e:f7:79:3e:be:cd:
65:d7:87:a7:a9:5a:70:c4:2c:e3:bd:8e:5d:7c:62:
87:14:e5:ba:59:68:54:9f:80:7c:85:8d:9d:9f:d0:
f7:86:14:85:eb:d4:63:f5:51:8c:52:eb:2e:1f:31:
5d:23:29:50:89:25:82:f5:0f:a6:47:67:90:c0:f9:
ff:bd:ee:49:6f:45:83:4b:d1:ab:01:fb:20:29:fb:
e2:8e:f5:fd:1c:3e:40:23:e0:fe:e7:67:29:11:2e:
65:c1:ed:21:20:9f:0b:4a:1e:b9:7d:dc:18:08:4d:
b4:cc:9c:54:5d:f3:ef:8d:f2:41:30:42:f2:c5:ca:
eb:d0:b4:3c:df:ea:19:ef:28:a0:3c:31:3b:4b:ca:
df:6d:19:97:20:2f:4b:99:73:4f:97:ec:12:08:ee:
ce:08:3a:c8:50:01:e3:c9:42:e1:97:ee:b5:d2:66:
8b:0b:80:10:66:68:ef:ba:c4:53:d1:83:3c:d5:bd:
0f:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:93:35:F2:99:72:52:DF:41:0D:5E:4B:FA:CA:CC:39:E9:19:21:06
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/6pM18plyUt9BDV5L-srMOekZIQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.156.0/22
176.53.168.0/22
185.231.224.0/22
193.187.108.0/22
213.139.224.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:03:54:54:7b:26:b7:47:bb:89:cf:84:ca:01:21:9d:74:ec:
ae:09:44:7e:97:0e:4a:b1:bb:df:cd:7e:cf:15:82:9b:b7:46:
a1:b0:94:9d:ca:6f:df:14:6b:cc:94:3f:59:c4:73:7d:08:c5:
0e:6d:9f:9f:dd:2f:42:3e:55:eb:ff:96:d2:a6:b9:94:45:cb:
48:71:c1:c5:fc:5e:91:26:8d:5e:e7:a2:9f:ab:7c:f1:0b:0a:
d5:14:61:13:dd:c0:be:95:26:77:c8:dc:3d:50:12:42:ff:6f:
ed:d6:ac:ee:50:1c:a4:a5:a9:58:6d:0d:f5:e8:e8:6b:19:af:
40:98:88:38:91:08:a4:93:13:e1:fd:67:cd:98:95:70:74:f7:
59:27:2f:ca:9c:aa:f4:df:ff:e4:5a:81:7f:7d:ea:1e:3c:b8:
c0:9d:50:68:df:39:12:68:f1:a6:0e:11:02:8e:38:f3:8c:42:
51:e9:21:31:1f:a3:06:fc:1e:39:ea:42:64:a6:bd:05:dd:3c:
c8:ea:8f:d8:94:99:21:1d:fa:6c:75:a7:1a:af:6c:e4:cf:e9:
4f:a4:90:c3:46:7d:c6:3e:4c:27:17:2a:aa:9c:1c:33:4d:12:
47:5b:62:44:1b:f3:90:94:79:93:c0:2c:de:2b:0f:db:4b:c2:
2c:83:53:c6
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY7TEPGVNXau+uR5pzPmnftGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjQwNDEyMTYwODA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTkzMzVmMjk5NzI1MmRmNDEwZDVlNGJmYWNhY2MzOWU5MTkyMTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgr8BVfYjWF7pJLngbdDL1Y/4LfMB
bmW5g9ZheVXNXYV/gFoFZ++4n1A86cc21DGguyXqTNTNhLvw3n8CC+S8FYO0Enpe
93k+vs1l14enqVpwxCzjvY5dfGKHFOW6WWhUn4B8hY2dn9D3hhSF69Rj9VGMUusu
HzFdIylQiSWC9Q+mR2eQwPn/ve5Jb0WDS9GrAfsgKfvijvX9HD5AI+D+52cpES5l
we0hIJ8LSh65fdwYCE20zJxUXfPvjfJBMELyxcrr0LQ83+oZ7yigPDE7S8rfbRmX
IC9LmXNPl+wSCO7OCDrIUAHjyULhl+610maLC4AQZmjvusRT0YM81b0PxwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOqTNfKZclLfQQ1eS/rKzDnpGSEGMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvNnBNMThwbHlVdDlCRFY1TC1zck1PZWtaSVFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCVQicAwQC
sDWoAwQCuefgAwQCwbtsAwQC1YvgMA0GCSqGSIb3DQEBCwUAA4IBAQBrA1RUeya3
R7uJz4TKASGddOyuCUR+lw5KsbvfzX7PFYKbt0ahsJSdym/fFGvMlD9ZxHN9CMUO
bZ+f3S9CPlXr/5bSprmURctIccHF/F6RJo1e56Kfq3zxCwrVFGET3cC+lSZ3yNw9
UBJC/2/t1qzuUBykpalYbQ316OhrGa9AmIg4kQikkxPh/WfNmJVwdPdZJy/KnKr0
3//kWoF/feoePLjAnVBo3zkSaPGmDhECjjjzjEJR6SExH6MG/B456kJkpr0F3TzI
6o/YlJkhHfpsdacar2zkz+lPpJDDRn3GPkwnFyqqnBwzTRJHW2JEG/OQlHmTwCze
Kw/bS8Isg1PG
-----END CERTIFICATE-----
Generated at Fri May 3 08:32:43 2024 by rpki-client on console-ams.rpki-client.org