Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/6UAqd82_EUYcUk49mmqgsG3LyCM.roa
File: 6UAqd82_EUYcUk49mmqgsG3LyCM.roa (raw, json)
Hash identifier: /94nPUHI01KkLLH2lIg9bFrcbxeLymxMJuhjx75p0YU=
Subject key identifier: E9:40:2A:77:CD:BF:11:46:1C:52:4E:3D:9A:6A:A0:B0:6D:CB:C8:23
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018E38AF5580AD0CFD687F12004F1C491827
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/6UAqd82_EUYcUk49mmqgsG3LyCM.roa
Signing time: Wed 13 Mar 2024 16:39:58 +0000
ROA not before: Wed 13 Mar 2024 16:39:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62281
IP address blocks: 91.242.86.0/23 maxlen: 24
91.242.88.0/22 maxlen: 24
91.242.92.0/23 maxlen: 24
91.242.96.0/24 maxlen: 24
91.242.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:38:af:55:80:ad:0c:fd:68:7f:12:00:4f:1c:49:18:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Mar 13 16:39:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e9402a77cdbf11461c524e3d9a6aa0b06dcbc823
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:85:bf:cb:5a:7b:d3:97:82:e6:c2:f9:0e:ee:
90:e5:c5:97:a3:5c:b7:dd:2d:d9:df:7b:48:15:8b:
d6:a1:b0:d9:37:51:43:5e:0c:af:37:a5:6c:ba:c0:
6a:35:99:01:de:49:c6:4f:5d:2d:21:39:51:9d:72:
e7:0a:4d:e8:c9:74:1f:0b:9a:05:c1:66:c1:b3:17:
4c:aa:e5:e6:69:4f:62:bd:ac:a2:b4:d4:b1:51:7b:
16:cf:eb:31:22:0b:ac:14:fd:5b:f4:61:5a:81:bf:
6a:f9:63:96:fd:74:e1:f3:1d:02:94:04:a5:7e:4d:
d9:bb:92:48:2a:ec:38:8a:af:fe:a1:b8:c9:4c:d6:
9c:5c:2f:44:c6:50:d2:a0:30:e7:66:f9:9d:90:1d:
d1:be:e9:8b:90:c6:7a:ce:a5:33:8d:75:2e:74:66:
ea:6a:f9:aa:bf:3a:9d:99:d3:b2:91:2f:d3:ce:24:
ba:c4:07:76:a4:8d:9e:2f:f5:34:12:f7:c8:83:95:
27:45:63:78:75:03:dd:80:e1:59:c0:90:cd:83:42:
a9:69:57:da:f6:9a:a2:5e:2b:b5:2e:da:88:53:8d:
f8:4e:91:f4:2c:d8:0b:5c:2f:ab:9f:fe:6d:c0:0d:
1b:88:b3:ac:aa:22:0f:f7:3b:cf:4a:86:7a:6b:7a:
d3:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:40:2A:77:CD:BF:11:46:1C:52:4E:3D:9A:6A:A0:B0:6D:CB:C8:23
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/6UAqd82_EUYcUk49mmqgsG3LyCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.86.0-91.242.93.255
91.242.96.0/24
91.242.106.0/24
Signature Algorithm: sha256WithRSAEncryption
88:74:86:4d:6f:b1:7f:89:00:76:eb:e4:5a:33:ed:84:4e:ae:
7c:16:c8:d8:28:04:57:03:a2:7e:10:3f:05:4f:3b:f1:51:4d:
9a:b6:01:38:fe:ad:da:a9:8a:f8:4f:3e:88:1d:05:f2:26:8a:
ee:4f:1a:bc:49:44:3f:e5:d4:9b:02:e9:ee:32:d9:39:e6:19:
4a:6a:1d:98:e1:4e:7f:f2:a4:7a:f8:e3:cd:69:49:85:b5:ca:
f8:ef:76:ae:d9:84:e3:02:19:88:92:cd:75:4d:d6:e2:14:c3:
14:2e:3b:26:5e:24:1c:e4:c9:a2:2a:a2:ce:85:32:04:2c:9e:
96:60:e9:7b:4f:64:aa:ef:c4:61:a5:38:2c:2a:1f:f8:69:fd:
3c:3c:23:60:46:35:36:b9:3a:0b:5b:12:8b:90:c7:3d:3f:eb:
f0:10:50:16:0d:72:d4:cf:a4:d8:e1:d9:02:fe:25:ca:47:b8:
3e:0a:a5:a7:9d:91:13:90:a5:77:80:77:87:75:bb:db:fb:2c:
0c:8a:a9:a5:92:26:bd:0d:ec:52:8d:74:f0:1e:4a:22:3c:0d:
3c:0d:01:21:94:01:07:05:82:3d:7d:73:e2:b9:45:cb:ba:7d:
29:37:35:a2:96:fd:32:c5:9a:46:31:1a:fd:13:20:4b:84:05:
f1:d6:80:af
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY44r1WArQz9aH8SAE8cSRgnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwMzEzMTYzOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTQwMmE3N2NkYmYxMTQ2MWM1MjRlM2Q5YTZhYTBiMDZkY2JjODIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04W/y1p705eC5sL5Du6Q5cWXo1y3
3S3Z33tIFYvWobDZN1FDXgyvN6VsusBqNZkB3knGT10tITlRnXLnCk3oyXQfC5oF
wWbBsxdMquXmaU9ivayitNSxUXsWz+sxIgusFP1b9GFagb9q+WOW/XTh8x0ClASl
fk3Zu5JIKuw4iq/+objJTNacXC9ExlDSoDDnZvmdkB3RvumLkMZ6zqUzjXUudGbq
avmqvzqdmdOykS/TziS6xAd2pI2eL/U0EvfIg5UnRWN4dQPdgOFZwJDNg0KpaVfa
9pqiXiu1LtqIU434TpH0LNgLXC+rn/5twA0biLOsqiIP9zvPSoZ6a3rTzQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOlAKnfNvxFGHFJOPZpqoLBty8gjMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvNlVBcWQ4Ml9FVVljVWs0OW1tcWdzRzNMeUNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAFb8lYD
BAFb8lwDBABb8mADBABb8mowDQYJKoZIhvcNAQELBQADggEBAIh0hk1vsX+JAHbr
5Foz7YROrnwWyNgoBFcDon4QPwVPO/FRTZq2ATj+rdqpivhPPogdBfImiu5PGrxJ
RD/l1JsC6e4y2TnmGUpqHZjhTn/ypHr4481pSYW1yvjvdq7ZhOMCGYiSzXVN1uIU
wxQuOyZeJBzkyaIqos6FMgQsnpZg6XtPZKrvxGGlOCwqH/hp/Tw8I2BGNTa5Ogtb
EouQxz0/6/AQUBYNctTPpNjh2QL+JcpHuD4KpaedkROQpXeAd4d1u9v7LAyKqaWS
Jr0N7FKNdPAeSiI8DTwNASGUAQcFgj19c+K5Rcu6fSk3NaKW/TLFmkYxGv0TIEuE
BfHWgK8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:46:31 2024 by rpki-client on console-ams.rpki-client.org