Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/6kJ96XMY799y6vtmrn9rx3kYmhs.roa
File: 6kJ96XMY799y6vtmrn9rx3kYmhs.roa (raw, json)
Hash identifier: PNSRje8fwUirW2TXsczyQ2jOuSaEbsxbw87OdQ35Jrs=
Subject key identifier: EA:42:7D:E9:73:18:EF:DF:72:EA:FB:66:AE:7F:6B:C7:79:18:9A:1B
Certificate issuer: /CN=7d04c25c2f8b47e5daf52d1c4c5a50999dd0a0a9
Certificate serial: 018CC795574A2B1DE46E152904B404378924
Authority key identifier: 7D:04:C2:5C:2F:8B:47:E5:DA:F5:2D:1C:4C:5A:50:99:9D:D0:A0:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/6kJ96XMY799y6vtmrn9rx3kYmhs.roa
Signing time: Tue 02 Jan 2024 00:31:42 +0000
ROA not before: Tue 02 Jan 2024 00:31:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202297
IP address blocks: 45.139.224.0/22 maxlen: 24
2001:678:aa8::/48 maxlen: 48
2001:678:aa4::/48 maxlen: 48
2a04:ff07::/32 maxlen: 48
2a04:ff00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:57:4a:2b:1d:e4:6e:15:29:04:b4:04:37:89:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d04c25c2f8b47e5daf52d1c4c5a50999dd0a0a9
Validity
Not Before: Jan 2 00:31:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea427de97318efdf72eafb66ae7f6bc779189a1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5f:0e:2e:16:75:b2:d3:a1:a2:66:ed:ac:1e:
94:30:81:bd:de:17:da:fa:c7:9d:9b:4b:e6:d0:9f:
3e:ab:88:91:0c:0d:4c:0a:93:da:ae:a5:a3:69:dd:
5a:b3:a4:79:68:39:2a:79:5c:72:a7:e3:d9:5e:dc:
6e:b0:7a:54:16:e2:db:a4:d9:f1:17:40:00:e8:c2:
34:58:e9:11:98:03:14:ff:fc:16:bd:78:36:52:e0:
61:e8:b7:d3:64:93:f1:af:49:84:b4:4a:77:d1:e1:
e3:9c:49:07:58:50:7e:b4:4a:56:88:2d:e1:3d:27:
32:8c:1b:4b:c0:b8:47:74:76:57:c7:01:6b:3e:74:
20:50:66:c6:3c:83:54:7d:17:e1:3d:f9:47:7e:52:
a0:b6:a5:25:32:74:25:d3:ea:c1:71:ce:58:ed:36:
29:fd:20:84:19:01:97:26:39:c7:83:a9:e7:e6:78:
4b:f6:01:c1:2e:fd:96:27:3c:65:4e:00:b0:a0:0d:
62:79:ab:f7:2d:5f:96:d0:f8:c7:a7:e2:fc:52:e6:
cf:ce:cb:b2:5c:56:44:0e:c0:85:e3:e7:3b:bd:9a:
f3:89:93:61:f4:5c:40:01:cb:cf:ce:b7:73:17:44:
e8:e4:8f:77:a0:de:70:c7:7a:e1:c4:b6:51:cc:eb:
3a:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:42:7D:E9:73:18:EF:DF:72:EA:FB:66:AE:7F:6B:C7:79:18:9A:1B
X509v3 Authority Key Identifier:
keyid:7D:04:C2:5C:2F:8B:47:E5:DA:F5:2D:1C:4C:5A:50:99:9D:D0:A0:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/6kJ96XMY799y6vtmrn9rx3kYmhs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.224.0/22
IPv6:
2001:678:aa4::/48
2001:678:aa8::/48
2a04:ff00::/29
Signature Algorithm: sha256WithRSAEncryption
0f:eb:f6:8d:b5:86:8b:64:02:74:e8:e1:39:eb:28:11:dd:3b:
ab:eb:29:1b:f3:40:26:a8:73:25:ca:9e:b3:ba:50:cd:37:4c:
3c:17:68:dc:a2:5e:3f:ef:4d:4a:f7:b1:bf:57:99:e9:96:dd:
ca:6f:6d:28:f2:bb:4b:39:f5:df:e4:a5:e3:1b:92:62:e2:24:
28:57:b4:9d:48:35:52:7a:1b:23:19:5d:55:9d:dd:75:86:0f:
5c:e7:8f:ce:b7:fd:51:6b:c1:ff:15:06:fe:b9:e7:8d:3b:9d:
b9:46:ce:4a:17:1c:5c:14:bb:ac:f3:b4:fd:6a:55:d2:5a:3c:
f7:14:f4:70:fd:c4:91:75:98:3a:af:4a:80:d8:12:dc:00:8f:
de:24:b6:20:22:56:ea:98:0e:48:1c:66:6b:6b:ff:1a:db:35:
5c:16:b5:05:38:fa:66:6e:ac:cb:92:81:41:ec:ec:e0:be:8d:
8c:32:bd:cd:5f:9b:bb:83:b6:d6:71:66:63:90:ac:92:ab:7a:
0e:e3:9d:32:b5:c2:b7:43:8a:3b:f2:1c:1e:8e:c1:49:88:d3:
38:70:0f:c8:9b:32:6d:07:6d:32:2d:11:fa:1f:a9:c3:b6:84:
f1:b2:0a:c4:8c:60:10:3e:ae:e4:0f:e6:a1:d5:d6:e5:30:9b:
27:36:b4:6d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzHlVdKKx3kbhUpBLQEN4kkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDRjMjVjMmY4YjQ3ZTVkYWY1MmQxYzRjNWE1MDk5OWRk
MGEwYTkwHhcNMjQwMTAyMDAzMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTQyN2RlOTczMThlZmRmNzJlYWZiNjZhZTdmNmJjNzc5MTg5YTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuV8OLhZ1stOhombtrB6UMIG93hfa
+sedm0vm0J8+q4iRDA1MCpParqWjad1as6R5aDkqeVxyp+PZXtxusHpUFuLbpNnx
F0AA6MI0WOkRmAMU//wWvXg2UuBh6LfTZJPxr0mEtEp30eHjnEkHWFB+tEpWiC3h
PScyjBtLwLhHdHZXxwFrPnQgUGbGPINUfRfhPflHflKgtqUlMnQl0+rBcc5Y7TYp
/SCEGQGXJjnHg6nn5nhL9gHBLv2WJzxlTgCwoA1ieav3LV+W0PjHp+L8UubPzsuy
XFZEDsCF4+c7vZrziZNh9FxAAcvPzrdzF0To5I93oN5wx3rhxLZRzOs6LQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFOpCfelzGO/fcur7Zq5/a8d5GJobMB8GA1UdIwQY
MBaAFH0Ewlwvi0fl2vUtHExaUJmd0KCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFUQ1hDLUxSLVhhOVMwY1RGcFFtWjNRb0trLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85NzFjYzQtNTRkNS00YzI4LWExYzMt
ZTYzZTk0Y2JhMDlmLzEvNmtKOTZYTVk3OTl5NnZ0bXJuOXJ4M2tZbWhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85NzFjYzQtNTRkNS00YzI4LWExYzMtZTYzZTk0Y2JhMDlm
LzEvZlFUQ1hDLUxSLVhhOVMwY1RGcFFtWjNRb0trLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAMBAIAATAGAwQCLYvgMB8E
AgACMBkDBwAgAQZ4CqQDBwAgAQZ4CqgDBQMqBP8AMA0GCSqGSIb3DQEBCwUAA4IB
AQAP6/aNtYaLZAJ06OE56ygR3Tur6ykb80AmqHMlyp6zulDNN0w8F2jcol4/701K
97G/V5nplt3Kb20o8rtLOfXf5KXjG5Ji4iQoV7SdSDVSehsjGV1Vnd11hg9c54/O
t/1Ra8H/FQb+ueeNO525Rs5KFxxcFLus87T9alXSWjz3FPRw/cSRdZg6r0qA2BLc
AI/eJLYgIlbqmA5IHGZra/8a2zVcFrUFOPpmbqzLkoFB7Ozgvo2MMr3NX5u7g7bW
cWZjkKySq3oO450ytcK3Q4o78hwejsFJiNM4cA/ImzJtB20yLRH6H6nDtoTxsgrE
jGAQPq7kD+ah1dblMJsnNrRt
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:47:26 2024 by rpki-client on console-ams.rpki-client.org