Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/6So1IzRK1T8pR05awDPlZ9N1znc.roa
File: 6So1IzRK1T8pR05awDPlZ9N1znc.roa (raw, json)
Hash identifier: 74ZTMFoSJrDgu8SqwSIaPheGy94mV5SxO6sCgC3HlQI=
Subject key identifier: E9:2A:35:23:34:4A:D5:3F:29:47:4E:5A:C0:33:E5:67:D3:75:CE:77
Certificate issuer: /CN=408af485b4fd0f03717cd4a709ef11c61d3ef46e
Certificate serial: 018CC2DAE3AA5D9D85FED609F300E89521EA
Authority key identifier: 40:8A:F4:85:B4:FD:0F:03:71:7C:D4:A7:09:EF:11:C6:1D:3E:F4:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/6So1IzRK1T8pR05awDPlZ9N1znc.roa
Signing time: Mon 01 Jan 2024 02:29:34 +0000
ROA not before: Mon 01 Jan 2024 02:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44043
IP address blocks: 176.223.120.0/23 maxlen: 23
176.223.124.0/23 maxlen: 23
176.223.122.0/23 maxlen: 23
176.223.126.0/23 maxlen: 23
94.176.105.0/24 maxlen: 24
94.176.104.0/24 maxlen: 24
188.240.2.0/23 maxlen: 23
188.241.183.0/24 maxlen: 24
188.213.20.0/23 maxlen: 23
92.114.95.0/24 maxlen: 24
92.114.94.0/24 maxlen: 24
91.195.28.0/24 maxlen: 24
91.195.29.0/24 maxlen: 24
46.102.249.0/24 maxlen: 24
188.215.244.0/23 maxlen: 23
89.44.47.0/24 maxlen: 24
188.212.156.0/24 maxlen: 24
188.215.250.0/23 maxlen: 23
188.240.235.0/24 maxlen: 24
185.92.192.0/24 maxlen: 24
185.92.195.0/24 maxlen: 24
185.92.193.0/24 maxlen: 24
185.92.194.0/24 maxlen: 24
89.44.120.0/24 maxlen: 24
89.44.139.0/24 maxlen: 24
89.44.138.0/24 maxlen: 24
176.126.201.0/24 maxlen: 24
176.126.202.0/24 maxlen: 24
176.126.200.0/24 maxlen: 24
176.126.203.0/24 maxlen: 24
89.46.7.0/24 maxlen: 24
31.14.15.0/24 maxlen: 24
31.14.13.0/24 maxlen: 24
31.14.14.0/24 maxlen: 24
31.14.12.0/24 maxlen: 24
31.14.22.0/24 maxlen: 24
31.14.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.mft
rsync://rpki.ripe.net/repository/DEFAULT/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 05:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:e3:aa:5d:9d:85:fe:d6:09:f3:00:e8:95:21:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=408af485b4fd0f03717cd4a709ef11c61d3ef46e
Validity
Not Before: Jan 1 02:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e92a3523344ad53f29474e5ac033e567d375ce77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:cd:28:8f:b1:b5:50:54:06:ed:6c:40:15:06:
f0:0b:1d:68:ae:23:5f:e6:b2:4d:ea:f6:48:f1:e2:
f7:40:4b:ac:22:0e:b9:55:46:d6:f2:43:16:1b:9f:
6f:fc:aa:ed:51:e6:74:86:17:e7:c3:01:1f:4a:58:
2f:dc:e1:4b:c1:d1:4d:06:7e:ae:6b:82:66:e8:99:
b8:09:73:89:bd:dc:df:59:d3:d2:a7:82:94:7a:67:
b0:0b:a0:7b:81:13:f0:3e:4f:1c:d8:b1:31:e9:0e:
f6:1e:b0:39:66:b7:65:d7:2b:db:cb:f0:c7:c9:17:
29:db:59:c5:f8:3e:6e:6b:fd:a0:e3:17:ee:93:29:
32:63:8f:ba:ab:c0:61:d3:00:54:88:b3:9e:c3:d8:
9f:c1:50:ee:4f:c7:38:dc:26:72:a3:88:42:40:df:
d6:b8:fd:65:c0:6a:e6:95:6c:b2:a5:46:1f:05:ec:
59:70:56:0f:f3:6f:49:d3:7b:5d:bd:b6:0e:0e:8b:
60:bd:74:fa:c8:81:63:cb:9f:67:69:18:3b:a4:f6:
eb:f9:85:bd:4c:04:7e:23:70:13:6f:e5:71:b5:fc:
93:9d:2a:72:a6:bf:44:77:b5:9b:ca:8c:78:b0:fc:
41:e3:44:ec:24:52:59:1f:b5:58:da:ab:7b:52:43:
da:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:2A:35:23:34:4A:D5:3F:29:47:4E:5A:C0:33:E5:67:D3:75:CE:77
X509v3 Authority Key Identifier:
keyid:40:8A:F4:85:B4:FD:0F:03:71:7C:D4:A7:09:EF:11:C6:1D:3E:F4:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/6So1IzRK1T8pR05awDPlZ9N1znc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.12.0/22
31.14.22.0/23
46.102.249.0/24
89.44.47.0/24
89.44.120.0/24
89.44.138.0/23
89.46.7.0/24
91.195.28.0/23
92.114.94.0/23
94.176.104.0/23
176.126.200.0/22
176.223.120.0/21
185.92.192.0/22
188.212.156.0/24
188.213.20.0/23
188.215.244.0/23
188.215.250.0/23
188.240.2.0/23
188.240.235.0/24
188.241.183.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:a5:33:37:43:26:8b:c5:ab:75:d3:eb:01:8c:73:2c:eb:e2:
4d:12:3a:a0:e4:99:bc:88:3e:85:94:01:bd:68:3e:58:ba:45:
3b:41:39:e3:b8:20:fa:ea:0f:53:cb:56:70:6b:d8:2a:84:b8:
d1:ef:8e:28:ca:be:d5:72:c5:97:76:22:79:91:f5:05:67:ed:
cb:d3:5b:bc:f0:5e:1c:fa:fd:db:21:6d:9b:3b:00:8b:28:41:
2e:1f:0f:8d:c0:93:d7:6b:32:5b:81:73:c0:d4:a3:cf:30:59:
c0:5c:88:ea:74:27:c3:58:8c:a8:5f:7d:4b:1c:17:5a:3e:43:
31:e7:26:93:40:04:0e:32:8f:4c:33:cb:0a:9d:e0:ab:89:43:
23:41:be:4d:3e:04:65:63:30:42:10:4f:e6:96:4c:54:7b:9c:
81:31:a9:db:b4:9d:38:f7:5c:d0:91:0c:de:7f:5f:b1:72:b1:
57:75:9c:b2:f5:c8:f2:d0:9b:a0:78:9b:fc:c9:cf:ed:1a:2c:
26:6f:b7:f4:78:24:47:74:89:ba:39:0a:08:3b:63:22:ef:92:
6c:e9:4a:78:4e:f5:66:01:50:e4:fe:b2:90:de:08:96:6e:d1:
00:0d:4a:18:64:58:ef:63:51:40:04:bd:9b:a1:de:11:47:ea:
f5:37:90:0f
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYzC2uOqXZ2F/tYJ8wDolSHqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwOGFmNDg1YjRmZDBmMDM3MTdjZDRhNzA5ZWYxMWM2MWQz
ZWY0NmUwHhcNMjQwMTAxMDIyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTJhMzUyMzM0NGFkNTNmMjk0NzRlNWFjMDMzZTU2N2QzNzVjZTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiM0oj7G1UFQG7WxAFQbwCx1oriNf
5rJN6vZI8eL3QEusIg65VUbW8kMWG59v/KrtUeZ0hhfnwwEfSlgv3OFLwdFNBn6u
a4Jm6Jm4CXOJvdzfWdPSp4KUemewC6B7gRPwPk8c2LEx6Q72HrA5Zrdl1yvby/DH
yRcp21nF+D5ua/2g4xfukykyY4+6q8Bh0wBUiLOew9ifwVDuT8c43CZyo4hCQN/W
uP1lwGrmlWyypUYfBexZcFYP829J03tdvbYODotgvXT6yIFjy59naRg7pPbr+YW9
TAR+I3ATb+VxtfyTnSpypr9Ed7Wbyox4sPxB40TsJFJZH7VY2qt7UkPaXQIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFOkqNSM0StU/KUdOWsAz5WfTdc53MB8GA1UdIwQY
MBaAFECK9IW0/Q8DcXzUpwnvEcYdPvRuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlyMGhiVDlEd054Zk5TbkNlOFJ4aDAtOUc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lMTE3MWMtNTI3MC00OWNkLTkzNzkt
Yjk1YjA4YTIzYWUxLzEvNlNvMUl6UksxVDhwUjA1YXdEUGxaOU4xem5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9lMTE3MWMtNTI3MC00OWNkLTkzNzktYjk1YjA4YTIzYWUx
LzEvUUlyMGhiVDlEd054Zk5TbkNlOFJ4aDAtOUc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQCHw4M
AwQBHw4WAwQALmb5AwQAWSwvAwQAWSx4AwQBWSyKAwQAWS4HAwQBW8McAwQBXHJe
AwQBXrBoAwQCsH7IAwQDsN94AwQCuVzAAwQAvNScAwQBvNUUAwQBvNf0AwQBvNf6
AwQBvPACAwQAvPDrAwQAvPG3MA0GCSqGSIb3DQEBCwUAA4IBAQCMpTM3QyaLxat1
0+sBjHMs6+JNEjqg5Jm8iD6FlAG9aD5YukU7QTnjuCD66g9Ty1Zwa9gqhLjR744o
yr7VcsWXdiJ5kfUFZ+3L01u88F4c+v3bIW2bOwCLKEEuHw+NwJPXazJbgXPA1KPP
MFnAXIjqdCfDWIyoX31LHBdaPkMx5yaTQAQOMo9MM8sKneCriUMjQb5NPgRlYzBC
EE/mlkxUe5yBManbtJ0491zQkQzef1+xcrFXdZyy9cjy0JugeJv8yc/tGiwmb7f0
eCRHdIm6OQoIO2Mi75Js6Up4TvVmAVDk/rKQ3giWbtEADUoYZFjvY1FABL2bod4R
R+r1N5AP
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:48:31 2024 by rpki-client on console-fra.rpki-client.org