Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/d3856f-029c-446a-ae7d-d7c5da7c1676/1/6clpqeiHnqv16wGxZ56jRVwg8YA.roa
File: 6clpqeiHnqv16wGxZ56jRVwg8YA.roa (raw, json)
Hash identifier: vTbyh6y44QbvkGrkAUypX+IuNCC/uhGzAnmYU3iMkm0=
Subject key identifier: E9:C9:69:A9:E8:87:9E:AB:F5:EB:01:B1:67:9E:A3:45:5C:20:F1:80
Certificate issuer: /CN=1c39d57936dd2d1521443e68dadd9d0949cde33f
Certificate serial: 018CC8707DD148345F0B9B387777A0EF8892
Authority key identifier: 1C:39:D5:79:36:DD:2D:15:21:44:3E:68:DA:DD:9D:09:49:CD:E3:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HDnVeTbdLRUhRD5o2t2dCUnN4z8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/d3856f-029c-446a-ae7d-d7c5da7c1676/1/6clpqeiHnqv16wGxZ56jRVwg8YA.roa
Signing time: Tue 02 Jan 2024 04:31:04 +0000
ROA not before: Tue 02 Jan 2024 04:31:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48284
IP address blocks: 94.125.72.0/21 maxlen: 21
130.255.104.0/21 maxlen: 21
109.70.192.0/21 maxlen: 21
185.35.208.0/22 maxlen: 22
88.133.240.0/21 maxlen: 30
109.235.224.0/21 maxlen: 21
5.199.176.0/21 maxlen: 21
212.237.168.0/21 maxlen: 21
2a02:778::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/d3856f-029c-446a-ae7d-d7c5da7c1676/1/HDnVeTbdLRUhRD5o2t2dCUnN4z8.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/d3856f-029c-446a-ae7d-d7c5da7c1676/1/HDnVeTbdLRUhRD5o2t2dCUnN4z8.mft
rsync://rpki.ripe.net/repository/DEFAULT/HDnVeTbdLRUhRD5o2t2dCUnN4z8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 14:49:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:7d:d1:48:34:5f:0b:9b:38:77:77:a0:ef:88:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c39d57936dd2d1521443e68dadd9d0949cde33f
Validity
Not Before: Jan 2 04:31:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e9c969a9e8879eabf5eb01b1679ea3455c20f180
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:72:48:7a:f0:22:8e:43:b5:e6:44:61:68:5b:
fd:ba:b9:84:19:b5:57:42:91:74:aa:cd:cc:29:c6:
30:92:af:9c:0e:76:8b:f6:73:22:b3:a3:f5:34:fa:
3f:d0:3b:4d:b3:af:fa:b0:49:53:a1:fe:d4:fe:f0:
c0:79:d6:4d:e1:06:12:db:6b:0b:56:80:28:89:f0:
5e:3c:dc:cd:87:dd:05:d4:73:6b:66:5a:04:e1:79:
e2:c3:4b:f3:f3:0d:75:8c:19:36:03:db:3f:aa:70:
4d:87:92:2e:6c:d8:c1:4c:b6:6b:48:7e:47:2d:59:
f2:90:0e:9c:36:b5:8c:38:92:9b:16:81:59:29:e1:
f4:3e:ed:5f:6c:ee:29:aa:14:7d:49:dc:9c:0d:20:
85:47:db:d0:b3:7f:97:28:84:6d:50:70:dc:52:19:
62:b3:cd:aa:54:ec:46:bd:45:75:3f:90:49:fb:c1:
8a:64:d5:82:26:ff:01:d5:2a:c1:b1:48:f1:83:35:
1b:a4:b5:25:86:82:ca:9b:15:ae:97:9d:75:58:87:
61:76:aa:db:d5:a8:a0:93:2b:d9:32:be:7e:c3:29:
b0:fe:de:72:c1:2e:27:56:a6:42:bd:89:30:01:ad:
fd:f6:f4:25:8a:e9:98:c0:fc:5d:ed:ae:03:86:11:
08:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:C9:69:A9:E8:87:9E:AB:F5:EB:01:B1:67:9E:A3:45:5C:20:F1:80
X509v3 Authority Key Identifier:
keyid:1C:39:D5:79:36:DD:2D:15:21:44:3E:68:DA:DD:9D:09:49:CD:E3:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HDnVeTbdLRUhRD5o2t2dCUnN4z8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/d3856f-029c-446a-ae7d-d7c5da7c1676/1/6clpqeiHnqv16wGxZ56jRVwg8YA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/d3856f-029c-446a-ae7d-d7c5da7c1676/1/HDnVeTbdLRUhRD5o2t2dCUnN4z8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.199.176.0/21
88.133.240.0/21
94.125.72.0/21
109.70.192.0/21
109.235.224.0/21
130.255.104.0/21
185.35.208.0/22
212.237.168.0/21
IPv6:
2a02:778::/32
Signature Algorithm: sha256WithRSAEncryption
98:39:5f:f8:1b:ee:70:3d:43:17:47:f4:80:62:3b:b8:ba:d0:
28:68:0e:3d:20:b0:f1:72:5a:76:c5:d3:68:56:09:4f:08:67:
83:d9:d7:a9:fa:e1:1d:2f:ee:56:c6:41:1f:c8:d8:e1:2f:cb:
f8:98:b4:ed:7a:e1:1c:a8:6c:90:13:66:a6:58:db:27:7f:7e:
e3:01:88:90:c8:af:2d:2e:c5:2b:d2:3f:e1:72:91:fa:50:b0:
6e:2f:25:b5:ac:7c:60:42:52:1d:ff:b5:c8:aa:c8:aa:e2:f3:
19:6f:64:dd:8a:ec:12:a0:6f:e4:85:50:e6:90:6a:86:3a:bb:
75:9b:53:33:63:cf:e2:ec:6b:a7:e8:f0:7f:7c:1f:77:76:2b:
fd:de:24:ac:9f:c8:73:76:37:41:e8:28:d9:af:fa:0e:10:44:
65:df:fa:62:09:01:b1:b0:97:f3:1b:9e:93:c0:c9:70:51:43:
02:e6:51:21:ff:28:31:cf:02:63:60:cb:30:24:ce:5c:ec:f9:
b0:85:6a:d5:35:97:a3:61:92:c0:31:d5:bd:85:11:19:fa:76:
43:c0:a4:5a:e8:5f:44:84:f9:3f:b3:a7:79:2a:21:17:d6:2a:
ed:97:56:15:36:3f:65:92:6e:ab:06:11:5a:31:57:a4:80:2b:
76:0f:dc:6e
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzIcH3RSDRfC5s4d3eg74iSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMzlkNTc5MzZkZDJkMTUyMTQ0M2U2OGRhZGQ5ZDA5NDlj
ZGUzM2YwHhcNMjQwMTAyMDQzMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWM5NjlhOWU4ODc5ZWFiZjVlYjAxYjE2NzllYTM0NTVjMjBmMTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3JIevAijkO15kRhaFv9urmEGbVX
QpF0qs3MKcYwkq+cDnaL9nMis6P1NPo/0DtNs6/6sElTof7U/vDAedZN4QYS22sL
VoAoifBePNzNh90F1HNrZloE4Xniw0vz8w11jBk2A9s/qnBNh5IubNjBTLZrSH5H
LVnykA6cNrWMOJKbFoFZKeH0Pu1fbO4pqhR9SdycDSCFR9vQs3+XKIRtUHDcUhli
s82qVOxGvUV1P5BJ+8GKZNWCJv8B1SrBsUjxgzUbpLUlhoLKmxWul511WIdhdqrb
1aigkyvZMr5+wymw/t5ywS4nVqZCvYkwAa399vQliumYwPxd7a4DhhEIwQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFOnJaanoh56r9esBsWeeo0VcIPGAMB8GA1UdIwQY
MBaAFBw51Xk23S0VIUQ+aNrdnQlJzeM/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSERuVmVUYmRMUlVoUkQ1bzJ0MmRDVW5ONHo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9kMzg1NmYtMDI5Yy00NDZhLWFlN2Qt
ZDdjNWRhN2MxNjc2LzEvNmNscHFlaUhucXYxNndHeFo1NmpSVndnOFlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9kMzg1NmYtMDI5Yy00NDZhLWFlN2QtZDdjNWRhN2MxNjc2
LzEvSERuVmVUYmRMUlVoUkQ1bzJ0MmRDVW5ONHo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDBcewAwQD
WIXwAwQDXn1IAwQDbUbAAwQDbevgAwQDgv9oAwQCuSPQAwQD1O2oMA0EAgACMAcD
BQAqAgd4MA0GCSqGSIb3DQEBCwUAA4IBAQCYOV/4G+5wPUMXR/SAYju4utAoaA49
ILDxclp2xdNoVglPCGeD2dep+uEdL+5WxkEfyNjhL8v4mLTteuEcqGyQE2amWNsn
f37jAYiQyK8tLsUr0j/hcpH6ULBuLyW1rHxgQlId/7XIqsiq4vMZb2TdiuwSoG/k
hVDmkGqGOrt1m1MzY8/i7Gun6PB/fB93div93iSsn8hzdjdB6CjZr/oOEERl3/pi
CQGxsJfzG56TwMlwUUMC5lEh/ygxzwJjYMswJM5c7PmwhWrVNZejYZLAMdW9hREZ
+nZDwKRa6F9EhPk/s6d5KiEX1irtl1YVNj9lkm6rBhFaMVekgCt2D9xu
-----END CERTIFICATE-----
Generated at Thu May 16 22:41:25 2024 by rpki-client on console-ams.rpki-client.org