Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/6N2LM-QfhzlgoLsV5-T7zGOZNPA.roa
File: 6N2LM-QfhzlgoLsV5-T7zGOZNPA.roa (raw, json)
Hash identifier: 2RcLzq5npdizVa6JFR6A+hkgnmlMkA5piSMKXJ350J0=
Subject key identifier: E8:DD:8B:33:E4:1F:87:39:60:A0:BB:15:E7:E4:FB:CC:63:99:34:F0
Certificate issuer: /CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Certificate serial: 018CC86EFC41A091A331485DFCDBD72A50E2
Authority key identifier: BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/6N2LM-QfhzlgoLsV5-T7zGOZNPA.roa
Signing time: Tue 02 Jan 2024 04:29:25 +0000
ROA not before: Tue 02 Jan 2024 04:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57665
IP address blocks: 185.226.44.0/22 maxlen: 22
185.241.104.0/24 maxlen: 24
185.241.105.0/24 maxlen: 24
185.241.104.0/22 maxlen: 22
185.241.104.0/23 maxlen: 23
31.222.16.0/21 maxlen: 21
185.241.106.0/24 maxlen: 24
185.241.107.0/24 maxlen: 24
185.241.106.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.mft
rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 Nov 2024 17:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6e:fc:41:a0:91:a3:31:48:5d:fc:db:d7:2a:50:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Validity
Not Before: Jan 2 04:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e8dd8b33e41f873960a0bb15e7e4fbcc639934f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a8:28:90:cb:e6:7b:85:f0:df:cf:f8:30:e7:
95:41:24:37:7c:b9:ec:12:9c:68:96:b2:62:d9:f9:
b0:30:96:e6:d4:d9:f1:1e:36:29:cc:c9:5c:92:8c:
4f:f4:7f:37:bc:fb:62:68:2b:cd:b9:af:3f:e6:fa:
a5:54:5a:62:66:4b:67:e9:ec:5b:bc:d5:78:3d:1e:
42:65:b3:80:d4:fb:9a:69:25:47:bc:56:4c:ac:dd:
3d:52:39:86:ab:2b:79:e2:43:f2:23:85:f5:b4:62:
55:78:90:b5:e3:a8:82:66:65:60:80:fc:b6:ad:7d:
ce:dc:71:f8:9f:85:47:ff:a2:34:68:30:8f:ac:e7:
aa:cf:8e:9c:3a:1d:2b:c4:1e:eb:bf:a1:d4:b3:99:
e0:40:66:f7:4e:60:cd:e2:c1:77:ec:f8:36:13:17:
de:a4:05:6d:4e:44:3d:5e:d9:b0:ed:2d:a8:dc:09:
93:cb:c5:46:33:6c:b6:e9:6f:c5:55:7d:33:48:57:
6c:ec:f6:e9:7e:74:e5:16:46:f1:41:b2:37:65:f6:
1f:ea:ae:34:f9:a8:2c:3a:56:28:5e:f2:77:43:6b:
8d:bb:bd:cd:96:6d:fa:f3:ae:86:97:e3:1a:27:3c:
77:1b:84:9c:c2:14:16:87:b5:f1:de:de:29:f7:49:
aa:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:DD:8B:33:E4:1F:87:39:60:A0:BB:15:E7:E4:FB:CC:63:99:34:F0
X509v3 Authority Key Identifier:
keyid:BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/6N2LM-QfhzlgoLsV5-T7zGOZNPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.16.0/21
185.226.44.0/22
185.241.104.0/22
Signature Algorithm: sha256WithRSAEncryption
ae:6f:8a:3f:a6:3e:d3:31:d8:fe:b5:e9:d1:38:c4:3d:3c:8a:
7e:7d:09:98:be:b4:d7:84:f0:f7:ad:04:b9:c6:85:90:39:51:
3c:ad:ed:34:6c:62:a1:d5:54:57:8b:28:f4:91:a7:c5:bd:99:
b2:3d:8d:b0:0b:23:da:a1:6f:87:da:02:72:a1:ad:53:66:29:
96:99:5a:6b:58:df:34:db:4c:e0:33:e0:6a:3f:73:5f:67:a5:
88:b8:d0:78:94:d0:04:cf:9f:81:fa:0a:e9:f7:cb:1f:d4:af:
c1:ea:ce:05:f5:67:46:30:0a:07:1d:88:1b:f4:07:a6:14:a1:
0c:03:17:f0:38:00:6a:5e:76:95:56:58:60:da:68:13:27:d1:
59:14:be:fc:70:75:8a:16:ce:57:e6:48:a1:ac:29:cf:5c:e2:
24:d0:88:35:54:39:86:b5:45:c5:d9:ad:25:b2:74:01:6e:94:
27:af:e8:89:54:ab:fe:2d:89:d2:a5:45:e7:ec:71:a7:e4:7c:
c0:29:17:bb:89:60:f6:be:f7:29:75:ee:a8:ac:1d:c3:94:ad:
b7:73:90:9f:f2:b2:b7:54:f7:cc:39:35:6f:75:c0:e9:40:47:
54:98:c1:d3:9c:80:84:01:c5:6b:7e:f5:4c:da:df:e1:f0:0e:
77:3e:e8:b0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIbvxBoJGjMUhd/NvXKlDiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNDcwM2UwOGNhMGQ2YTMxMGNiYzY0M2ZmY2IzMDdmZjZj
ZGM2NWMwHhcNMjQwMTAyMDQyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGRkOGIzM2U0MWY4NzM5NjBhMGJiMTVlN2U0ZmJjYzYzOTkzNGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqgokMvme4Xw38/4MOeVQSQ3fLns
EpxolrJi2fmwMJbm1NnxHjYpzMlckoxP9H83vPtiaCvNua8/5vqlVFpiZktn6exb
vNV4PR5CZbOA1PuaaSVHvFZMrN09UjmGqyt54kPyI4X1tGJVeJC146iCZmVggPy2
rX3O3HH4n4VH/6I0aDCPrOeqz46cOh0rxB7rv6HUs5ngQGb3TmDN4sF37Pg2Exfe
pAVtTkQ9Xtmw7S2o3AmTy8VGM2y26W/FVX0zSFds7PbpfnTlFkbxQbI3ZfYf6q40
+agsOlYoXvJ3Q2uNu73Nlm36866Gl+MaJzx3G4ScwhQWh7Xx3t4p90mqxwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOjdizPkH4c5YKC7Fefk+8xjmTTwMB8GA1UdIwQY
MBaAFLxHA+CMoNajEMvGQ//LMH/2zcZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTct
NjZlZGEyMjhmZWM3LzEvNk4yTE0tUWZoemxnb0xzVjUtVDd6R09aTlBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTctNjZlZGEyMjhmZWM3
LzEvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDH94QAwQC
ueIsAwQCufFoMA0GCSqGSIb3DQEBCwUAA4IBAQCub4o/pj7TMdj+tenROMQ9PIp+
fQmYvrTXhPD3rQS5xoWQOVE8re00bGKh1VRXiyj0kafFvZmyPY2wCyPaoW+H2gJy
oa1TZimWmVprWN8020zgM+BqP3NfZ6WIuNB4lNAEz5+B+grp98sf1K/B6s4F9WdG
MAoHHYgb9AemFKEMAxfwOABqXnaVVlhg2mgTJ9FZFL78cHWKFs5X5kihrCnPXOIk
0Ig1VDmGtUXF2a0lsnQBbpQnr+iJVKv+LYnSpUXn7HGn5HzAKRe7iWD2vvcpde6o
rB3DlK23c5Cf8rK3VPfMOTVvdcDpQEdUmMHTnICEAcVrfvVM2t/h8A53Puiw
-----END CERTIFICATE-----
Generated at Thu Nov 14 02:05:56 2024 by rpki-client on console-ams.rpki-client.org