Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/6cT90RRewO5Nsng-s3LHFBzuUj8.roa
File: 6cT90RRewO5Nsng-s3LHFBzuUj8.roa (raw, json)
Hash identifier: N9yJ8gQrTySyM2P10mzP4tQRD69fevNZrfWIr5jedFk=
Subject key identifier: E9:C4:FD:D1:14:5E:C0:EE:4D:B2:78:3E:B3:72:C7:14:1C:EE:52:3F
Certificate issuer: /CN=8a5a3417fbe25c2e467c18485c181a7776f96ff4
Certificate serial: 018CC8DEDAC9459740620625633E14BA3D6B
Authority key identifier: 8A:5A:34:17:FB:E2:5C:2E:46:7C:18:48:5C:18:1A:77:76:F9:6F:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ilo0F_viXC5GfBhIXBgad3b5b_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/6cT90RRewO5Nsng-s3LHFBzuUj8.roa
Signing time: Tue 02 Jan 2024 06:31:37 +0000
ROA not before: Tue 02 Jan 2024 06:31:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39179
IP address blocks: 89.28.232.0/21 maxlen: 21
95.130.96.0/22 maxlen: 22
95.130.96.0/21 maxlen: 21
158.255.8.0/21 maxlen: 21
95.130.102.0/24 maxlen: 24
95.130.100.0/23 maxlen: 23
193.27.212.0/23 maxlen: 23
77.93.128.0/19 maxlen: 19
185.101.44.0/22 maxlen: 22
79.99.144.0/22 maxlen: 22
2a00:1c40::/32 maxlen: 32
2a02:6f80::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/ilo0F_viXC5GfBhIXBgad3b5b_Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/ilo0F_viXC5GfBhIXBgad3b5b_Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/ilo0F_viXC5GfBhIXBgad3b5b_Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:da:c9:45:97:40:62:06:25:63:3e:14:ba:3d:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a5a3417fbe25c2e467c18485c181a7776f96ff4
Validity
Not Before: Jan 2 06:31:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e9c4fdd1145ec0ee4db2783eb372c7141cee523f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:8a:9c:44:7a:1f:05:8d:85:7d:10:ec:f2:2e:
0f:36:dd:c5:f0:e8:01:47:12:8a:dd:b0:0d:42:0e:
76:7b:b7:71:55:ef:61:a8:25:bb:67:3f:92:38:e7:
06:87:ce:60:5c:8f:04:42:de:ed:25:9d:e6:3f:85:
31:e0:59:ce:86:d4:32:5d:bf:2f:1d:e4:9d:38:d8:
a3:32:b4:22:d1:ca:74:b4:25:af:ad:3c:96:5d:aa:
82:a9:5d:71:2d:c8:f1:8b:ab:55:a3:61:3c:b4:35:
0a:6a:f4:c9:9c:9a:b5:29:c1:80:4f:01:af:ca:4f:
14:c3:72:bd:a9:12:8f:aa:ce:b1:3c:18:c8:58:66:
e0:fb:0d:ef:d2:53:5a:5b:2e:e8:cb:8c:ee:84:20:
e9:97:9a:62:65:d4:99:b6:43:4e:8c:40:ea:fe:07:
30:e6:f9:37:e3:d2:44:23:16:9a:3a:44:b9:5f:a0:
4b:f9:42:9e:20:30:e3:13:7c:5c:75:3d:64:3d:f6:
6a:ff:30:e8:ad:8a:fa:b2:65:50:32:00:58:6a:7f:
7d:60:c9:cc:27:b9:b7:ae:e2:e2:53:5b:88:2a:9c:
df:8b:02:25:6d:f8:32:17:23:80:d9:48:fa:a4:ad:
88:2a:6e:d0:2f:77:68:9a:81:a0:5d:46:83:7d:80:
44:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:C4:FD:D1:14:5E:C0:EE:4D:B2:78:3E:B3:72:C7:14:1C:EE:52:3F
X509v3 Authority Key Identifier:
keyid:8A:5A:34:17:FB:E2:5C:2E:46:7C:18:48:5C:18:1A:77:76:F9:6F:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ilo0F_viXC5GfBhIXBgad3b5b_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/6cT90RRewO5Nsng-s3LHFBzuUj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/ilo0F_viXC5GfBhIXBgad3b5b_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.93.128.0/19
79.99.144.0/22
89.28.232.0/21
95.130.96.0/21
158.255.8.0/21
185.101.44.0/22
193.27.212.0/23
IPv6:
2a00:1c40::/32
2a02:6f80::/29
Signature Algorithm: sha256WithRSAEncryption
72:7f:f5:7d:17:27:24:0d:54:b2:64:42:c8:f2:e6:fe:bc:0f:
d6:c6:47:e8:cd:b1:74:a8:51:19:1d:b0:bd:86:fd:b9:0a:03:
a9:46:b8:f3:7e:84:1b:37:3c:19:f8:88:06:18:da:c1:df:86:
cc:29:aa:23:a7:45:96:0e:de:f4:37:62:74:69:bd:4f:89:9a:
61:8a:22:0f:16:45:39:a8:4a:3c:68:d0:29:d4:e6:84:d4:21:
f0:1f:bb:1e:4a:15:c8:49:df:e7:16:ce:bd:65:47:a0:33:59:
75:c9:8a:b0:6e:b2:51:27:41:36:6a:f9:a4:c2:21:42:18:02:
47:ac:1e:de:ae:39:1b:64:5f:60:bb:ae:96:32:1c:91:c5:d1:
37:d1:46:21:d8:9c:21:82:e6:17:d0:0e:65:28:48:07:1e:10:
5b:61:05:0b:e2:4a:54:c6:1a:63:dc:62:d2:67:06:bd:d3:21:
15:fe:1b:3d:97:16:b1:8b:3d:1b:6c:0f:b3:3b:b2:40:2c:b7:
10:b9:e9:af:cd:9a:1a:9e:1e:1e:65:44:86:a8:d7:cf:05:b7:
88:36:65:40:07:31:b6:60:b6:b5:c8:5a:da:4b:57:c2:1d:bf:
06:73:f4:eb:69:90:43:ad:12:8c:27:92:78:ba:77:de:2a:88:
36:38:03:7f
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYzI3trJRZdAYgYlYz4Uuj1rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNWEzNDE3ZmJlMjVjMmU0NjdjMTg0ODVjMTgxYTc3NzZm
OTZmZjQwHhcNMjQwMTAyMDYzMTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWM0ZmRkMTE0NWVjMGVlNGRiMjc4M2ViMzcyYzcxNDFjZWU1MjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIqcRHofBY2FfRDs8i4PNt3F8OgB
RxKK3bANQg52e7dxVe9hqCW7Zz+SOOcGh85gXI8EQt7tJZ3mP4Ux4FnOhtQyXb8v
HeSdONijMrQi0cp0tCWvrTyWXaqCqV1xLcjxi6tVo2E8tDUKavTJnJq1KcGATwGv
yk8Uw3K9qRKPqs6xPBjIWGbg+w3v0lNaWy7oy4zuhCDpl5piZdSZtkNOjEDq/gcw
5vk349JEIxaaOkS5X6BL+UKeIDDjE3xcdT1kPfZq/zDorYr6smVQMgBYan99YMnM
J7m3ruLiU1uIKpzfiwIlbfgyFyOA2Uj6pK2IKm7QL3domoGgXUaDfYBEwQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFOnE/dEUXsDuTbJ4PrNyxxQc7lI/MB8GA1UdIwQY
MBaAFIpaNBf74lwuRnwYSFwYGnd2+W/0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWxvMEZfdmlYQzVHZkJoSVhCZ2FkM2I1Yl9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC85YzZlMDctNjkzZi00NmNlLTg2NDYt
ZDdhYmNkMGVmNjRhLzEvNmNUOTBSUmV3TzVOc25nLXMzTEhGQnp1VWo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC85YzZlMDctNjkzZi00NmNlLTg2NDYtZDdhYmNkMGVmNjRh
LzEvaWxvMEZfdmlYQzVHZkJoSVhCZ2FkM2I1Yl9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQFTV2AAwQC
T2OQAwQDWRzoAwQDX4JgAwQDnv8IAwQCuWUsAwQBwRvUMBQEAgACMA4DBQAqABxA
AwUDKgJvgDANBgkqhkiG9w0BAQsFAAOCAQEAcn/1fRcnJA1UsmRCyPLm/rwP1sZH
6M2xdKhRGR2wvYb9uQoDqUa4836EGzc8GfiIBhjawd+GzCmqI6dFlg7e9DdidGm9
T4maYYoiDxZFOahKPGjQKdTmhNQh8B+7HkoVyEnf5xbOvWVHoDNZdcmKsG6yUSdB
Nmr5pMIhQhgCR6we3q45G2RfYLuuljIckcXRN9FGIdicIYLmF9AOZShIBx4QW2EF
C+JKVMYaY9xi0mcGvdMhFf4bPZcWsYs9G2wPszuyQCy3ELnpr82aGp4eHmVEhqjX
zwW3iDZlQAcxtmC2tcha2ktXwh2/BnP062mQQ60SjCeSeLp33iqINjgDfw==
-----END CERTIFICATE-----
Generated at Wed Jun 26 08:37:08 2024 by rpki-client on console-ams.rpki-client.org