Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/5e06fa-37f9-4a1c-811a-d6a305cbf46c/1/bdjqD6vAFVxAN_UKN9gJKAh-iw8.roa
File: bdjqD6vAFVxAN_UKN9gJKAh-iw8.roa (raw, json)
Hash identifier: dDtMof7EfH5y5QmTJqjCObg0UO8Q1JH6y5AlO0G6lWM=
Subject key identifier: 6D:D8:EA:0F:AB:C0:15:5C:40:37:F5:0A:37:D8:09:28:08:7E:8B:0F
Certificate issuer: /CN=aa7b6137f5af3c22c85a1908d40b2941ee2c06f4
Certificate serial: 018CC9BCD13ECF0ED011F4946D2C7BDD36F2
Authority key identifier: AA:7B:61:37:F5:AF:3C:22:C8:5A:19:08:D4:0B:29:41:EE:2C:06:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qnthN_WvPCLIWhkI1AspQe4sBvQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/5e06fa-37f9-4a1c-811a-d6a305cbf46c/1/bdjqD6vAFVxAN_UKN9gJKAh-iw8.roa
Signing time: Tue 02 Jan 2024 10:34:03 +0000
ROA not before: Tue 02 Jan 2024 10:34:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198508
IP address blocks: 185.168.4.0/22 maxlen: 22
185.168.4.0/24 maxlen: 24
185.168.7.0/24 maxlen: 24
185.168.5.0/24 maxlen: 24
185.168.6.0/24 maxlen: 24
37.75.224.0/21 maxlen: 21
2a00:8440::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/5e06fa-37f9-4a1c-811a-d6a305cbf46c/1/qnthN_WvPCLIWhkI1AspQe4sBvQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/5e06fa-37f9-4a1c-811a-d6a305cbf46c/1/qnthN_WvPCLIWhkI1AspQe4sBvQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/qnthN_WvPCLIWhkI1AspQe4sBvQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 04:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:d1:3e:cf:0e:d0:11:f4:94:6d:2c:7b:dd:36:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa7b6137f5af3c22c85a1908d40b2941ee2c06f4
Validity
Not Before: Jan 2 10:34:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6dd8ea0fabc0155c4037f50a37d80928087e8b0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:d8:f1:48:0f:06:23:d5:f3:19:1d:01:bf:3a:
b0:a8:84:40:eb:19:a5:f9:cd:57:48:a1:38:cc:0d:
3f:2a:77:d3:ee:18:d5:26:71:82:10:8a:d5:ac:be:
47:86:cb:d4:01:99:6f:5f:ed:6e:06:d8:e0:21:8d:
c1:df:8b:be:21:26:f5:03:5f:7d:90:0e:1b:30:47:
c1:e9:07:d5:bd:10:87:fc:53:8b:85:d9:30:c4:7b:
59:02:cb:5b:20:96:fd:ab:85:ea:e2:aa:4b:aa:f5:
9a:f2:63:8e:98:7e:87:c6:28:4e:67:b7:84:0b:a6:
2d:48:af:16:c5:0e:c2:0f:4f:41:7a:fa:55:b7:06:
ee:d0:da:78:4f:d1:4e:d1:e4:76:eb:71:17:56:eb:
3f:27:a9:43:1c:ca:12:bc:65:0a:01:ea:26:d0:3f:
24:10:3c:65:44:25:60:9a:aa:85:ee:88:25:9d:75:
aa:06:9d:c1:c1:98:94:f0:e7:fd:2b:17:94:e3:90:
94:5b:0a:e4:66:9c:20:15:70:80:f0:68:18:49:07:
aa:57:09:fe:1d:33:95:62:1a:59:86:c9:5f:92:86:
9a:0a:c0:40:5a:48:e1:63:cc:75:5d:dc:02:0a:fe:
4b:6f:a7:75:83:d2:2e:de:3a:d8:00:3c:6f:42:f8:
21:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:D8:EA:0F:AB:C0:15:5C:40:37:F5:0A:37:D8:09:28:08:7E:8B:0F
X509v3 Authority Key Identifier:
keyid:AA:7B:61:37:F5:AF:3C:22:C8:5A:19:08:D4:0B:29:41:EE:2C:06:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qnthN_WvPCLIWhkI1AspQe4sBvQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/5e06fa-37f9-4a1c-811a-d6a305cbf46c/1/bdjqD6vAFVxAN_UKN9gJKAh-iw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/5e06fa-37f9-4a1c-811a-d6a305cbf46c/1/qnthN_WvPCLIWhkI1AspQe4sBvQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.75.224.0/21
185.168.4.0/22
IPv6:
2a00:8440::/32
Signature Algorithm: sha256WithRSAEncryption
55:3e:41:e4:68:5b:30:cb:e3:f9:2b:14:3d:64:f5:8d:ce:bc:
90:f4:6c:37:85:58:a6:0c:68:ba:5d:8d:d5:80:95:d1:dc:18:
e3:aa:50:d8:96:84:e8:9a:99:9e:f4:dc:60:61:30:e3:59:eb:
02:43:ee:6a:d2:a3:c5:99:b9:f4:70:11:a3:cd:f0:59:74:8f:
66:0a:4a:56:cf:4a:88:6e:6d:af:0a:8e:1b:69:86:1e:7f:a3:
d5:01:17:c6:d5:f2:24:23:58:ce:fa:78:33:53:39:0c:5f:9d:
6f:93:72:83:70:66:e5:ae:63:78:87:78:30:d9:0c:17:a2:dc:
5b:f9:c6:a4:53:bf:60:7b:67:b8:8f:59:97:51:44:48:0a:4f:
a6:32:60:60:1f:cf:89:a4:9d:e7:dc:73:e8:90:f8:b7:03:49:
f7:f8:7f:20:d4:88:64:a5:70:de:d2:56:22:af:cf:70:81:09:
8a:6d:d2:81:5a:c3:d1:ac:44:f2:e4:ab:7f:95:c3:25:97:68:
96:bb:75:03:55:e6:78:31:3f:05:b1:14:b5:6a:42:ca:60:5c:
4d:b6:68:05:f8:24:f3:7f:e2:17:da:bc:e2:1b:cb:83:76:e5:
4d:0d:a7:a9:ff:93:f9:69:cb:53:db:3f:b2:54:03:5c:60:45:
ba:b6:09:8f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJvNE+zw7QEfSUbSx73TbyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhN2I2MTM3ZjVhZjNjMjJjODVhMTkwOGQ0MGIyOTQxZWUy
YzA2ZjQwHhcNMjQwMTAyMTAzNDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGQ4ZWEwZmFiYzAxNTVjNDAzN2Y1MGEzN2Q4MDkyODA4N2U4YjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9jxSA8GI9XzGR0BvzqwqIRA6xml
+c1XSKE4zA0/KnfT7hjVJnGCEIrVrL5HhsvUAZlvX+1uBtjgIY3B34u+ISb1A199
kA4bMEfB6QfVvRCH/FOLhdkwxHtZAstbIJb9q4Xq4qpLqvWa8mOOmH6HxihOZ7eE
C6YtSK8WxQ7CD09BevpVtwbu0Np4T9FO0eR263EXVus/J6lDHMoSvGUKAeom0D8k
EDxlRCVgmqqF7oglnXWqBp3BwZiU8Of9KxeU45CUWwrkZpwgFXCA8GgYSQeqVwn+
HTOVYhpZhslfkoaaCsBAWkjhY8x1XdwCCv5Lb6d1g9Iu3jrYADxvQvghlQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFG3Y6g+rwBVcQDf1CjfYCSgIfosPMB8GA1UdIwQY
MBaAFKp7YTf1rzwiyFoZCNQLKUHuLAb0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW50aE5fV3ZQQ0xJV2hrSTFBc3BRZTRzQnZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My81ZTA2ZmEtMzdmOS00YTFjLTgxMWEt
ZDZhMzA1Y2JmNDZjLzEvYmRqcUQ2dkFGVnhBTl9VS045Z0pLQWgtaXc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My81ZTA2ZmEtMzdmOS00YTFjLTgxMWEtZDZhMzA1Y2JmNDZj
LzEvcW50aE5fV3ZQQ0xJV2hrSTFBc3BRZTRzQnZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJUvgAwQC
uagEMA0EAgACMAcDBQAqAIRAMA0GCSqGSIb3DQEBCwUAA4IBAQBVPkHkaFswy+P5
KxQ9ZPWNzryQ9Gw3hVimDGi6XY3VgJXR3BjjqlDYloTompme9NxgYTDjWesCQ+5q
0qPFmbn0cBGjzfBZdI9mCkpWz0qIbm2vCo4baYYef6PVARfG1fIkI1jO+ngzUzkM
X51vk3KDcGblrmN4h3gw2QwXotxb+cakU79ge2e4j1mXUURICk+mMmBgH8+JpJ3n
3HPokPi3A0n3+H8g1IhkpXDe0lYir89wgQmKbdKBWsPRrETy5Kt/lcMll2iWu3UD
VeZ4MT8FsRS1akLKYFxNtmgF+CTzf+IX2rziG8uDduVNDaep/5P5actT2z+yVANc
YEW6tgmP
-----END CERTIFICATE-----
Generated at Fri Jun 7 13:37:32 2024 by rpki-client on console-fra.rpki-client.org