Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/17addf-d325-4aa7-97a7-4b43a47382b6/1/9TNc6EZ9Ik1IKNgMxfwhB9D6gQ8.roa
File: 9TNc6EZ9Ik1IKNgMxfwhB9D6gQ8.roa (raw, json)
Hash identifier: m6F+hUDff7gVaLOz+3uB2Mlp25pG6iV3J6jR23dmSfw=
Subject key identifier: F5:33:5C:E8:46:7D:22:4D:48:28:D8:0C:C5:FC:21:07:D0:FA:81:0F
Certificate issuer: /CN=bc6c8c06d2d3c2801f05458fc83413db0a5ddfad
Certificate serial: 018CC8715547B449146C9FE4FE0AA4282C8E
Authority key identifier: BC:6C:8C:06:D2:D3:C2:80:1F:05:45:8F:C8:34:13:DB:0A:5D:DF:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vGyMBtLTwoAfBUWPyDQT2wpd360.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/17addf-d325-4aa7-97a7-4b43a47382b6/1/9TNc6EZ9Ik1IKNgMxfwhB9D6gQ8.roa
Signing time: Tue 02 Jan 2024 04:31:59 +0000
ROA not before: Tue 02 Jan 2024 04:31:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25251
IP address blocks: 81.94.37.0/24 maxlen: 24
81.94.32.0/22 maxlen: 22
81.94.36.0/24 maxlen: 24
81.94.44.0/24 maxlen: 24
81.94.42.0/24 maxlen: 24
81.94.39.0/24 maxlen: 24
81.94.45.0/24 maxlen: 24
81.94.46.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/17addf-d325-4aa7-97a7-4b43a47382b6/1/vGyMBtLTwoAfBUWPyDQT2wpd360.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/17addf-d325-4aa7-97a7-4b43a47382b6/1/vGyMBtLTwoAfBUWPyDQT2wpd360.mft
rsync://rpki.ripe.net/repository/DEFAULT/vGyMBtLTwoAfBUWPyDQT2wpd360.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 07:03:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:55:47:b4:49:14:6c:9f:e4:fe:0a:a4:28:2c:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc6c8c06d2d3c2801f05458fc83413db0a5ddfad
Validity
Not Before: Jan 2 04:31:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5335ce8467d224d4828d80cc5fc2107d0fa810f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:2c:e0:48:a3:2c:e6:a7:2f:dc:90:c8:27:31:
91:c4:1c:ff:eb:98:5a:c0:09:60:59:a5:a2:54:c2:
95:09:d7:19:22:cc:7d:5d:70:04:b7:5b:13:38:23:
4e:ac:3c:55:5b:d2:76:4f:0b:00:91:e2:8e:6a:1a:
13:2c:0d:98:85:96:f9:36:3b:58:6a:21:0e:58:8a:
84:9e:12:99:dd:1a:c2:8f:2c:b2:58:8f:89:63:80:
57:7b:2b:94:e8:2f:e3:46:43:a9:aa:43:ee:7f:f7:
6f:9f:85:51:b3:78:1c:87:43:1d:46:90:6b:7b:5a:
17:3e:2c:3f:c3:42:cc:36:b1:38:b4:66:b3:b7:66:
ac:24:a0:4e:3b:9b:e7:3f:43:e4:4b:5b:c5:59:06:
31:46:4f:d0:ce:1a:d8:bb:c9:75:af:db:84:f1:60:
17:7a:46:60:ca:95:15:c9:39:50:8f:a1:a9:20:6a:
48:24:20:ea:92:84:56:16:f7:86:a3:d2:54:a7:b4:
f8:f4:bb:11:13:ba:aa:62:19:57:05:61:32:8a:d5:
35:0f:bb:80:20:26:f0:85:e2:59:35:e3:22:0d:26:
fd:d2:6b:c0:41:c7:88:06:b8:cc:53:5b:db:ac:1f:
ba:c9:f7:79:9a:52:aa:f1:d9:a7:58:c8:47:38:b9:
29:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:33:5C:E8:46:7D:22:4D:48:28:D8:0C:C5:FC:21:07:D0:FA:81:0F
X509v3 Authority Key Identifier:
keyid:BC:6C:8C:06:D2:D3:C2:80:1F:05:45:8F:C8:34:13:DB:0A:5D:DF:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vGyMBtLTwoAfBUWPyDQT2wpd360.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/17addf-d325-4aa7-97a7-4b43a47382b6/1/9TNc6EZ9Ik1IKNgMxfwhB9D6gQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/17addf-d325-4aa7-97a7-4b43a47382b6/1/vGyMBtLTwoAfBUWPyDQT2wpd360.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.94.32.0-81.94.37.255
81.94.39.0/24
81.94.42.0/24
81.94.44.0/22
Signature Algorithm: sha256WithRSAEncryption
91:ff:0b:a2:f9:18:2f:bb:7e:6e:6e:fc:ee:d5:9b:41:76:59:
93:c9:1b:c7:a8:26:1e:f2:31:f3:5d:c3:f2:cc:01:c2:0f:ca:
5c:d0:c0:e7:51:75:ce:ab:27:cb:76:ab:be:39:5a:06:93:f9:
25:f7:81:c9:46:51:36:ed:fc:9c:42:66:81:af:11:f5:03:d8:
62:e9:be:b8:47:18:bc:b9:17:26:df:dc:b9:9f:ca:d9:81:e2:
2d:9e:a0:18:d0:09:47:ca:a4:4b:2c:03:ba:01:b2:91:14:27:
ef:18:ae:ab:f9:1d:0c:44:22:df:36:69:37:ec:55:34:3f:2c:
f9:f5:2a:de:2e:6e:c6:73:83:c8:7d:6b:61:ff:b8:27:88:ca:
f3:4b:6d:bb:fd:10:6a:29:21:17:65:15:0c:0e:08:39:33:81:
de:5e:a9:90:a0:a8:28:2d:13:5a:4f:8e:39:33:01:e7:af:a4:
59:cf:43:f1:8b:18:80:17:76:f9:6f:ef:59:e5:d4:d5:a0:32:
43:4e:53:3d:a4:b6:a9:33:aa:4f:cb:c9:fa:d9:a2:6a:43:22:
ed:da:6d:b0:f4:d2:47:e5:94:94:9d:8b:fd:ca:d0:32:fb:64:
35:18:c9:62:3e:76:1f:ac:5e:e3:eb:e3:71:50:12:58:fd:26:
93:df:2e:0d
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzIcVVHtEkUbJ/k/gqkKCyOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNmM4YzA2ZDJkM2MyODAxZjA1NDU4ZmM4MzQxM2RiMGE1
ZGRmYWQwHhcNMjQwMTAyMDQzMTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTMzNWNlODQ2N2QyMjRkNDgyOGQ4MGNjNWZjMjEwN2QwZmE4MTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxizgSKMs5qcv3JDIJzGRxBz/65ha
wAlgWaWiVMKVCdcZIsx9XXAEt1sTOCNOrDxVW9J2TwsAkeKOahoTLA2YhZb5NjtY
aiEOWIqEnhKZ3RrCjyyyWI+JY4BXeyuU6C/jRkOpqkPuf/dvn4VRs3gch0MdRpBr
e1oXPiw/w0LMNrE4tGazt2asJKBOO5vnP0PkS1vFWQYxRk/QzhrYu8l1r9uE8WAX
ekZgypUVyTlQj6GpIGpIJCDqkoRWFveGo9JUp7T49LsRE7qqYhlXBWEyitU1D7uA
ICbwheJZNeMiDSb90mvAQceIBrjMU1vbrB+6yfd5mlKq8dmnWMhHOLkp9wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFPUzXOhGfSJNSCjYDMX8IQfQ+oEPMB8GA1UdIwQY
MBaAFLxsjAbS08KAHwVFj8g0E9sKXd+tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkd5TUJ0TFR3b0FmQlVXUHlEUVQyd3BkMzYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8xN2FkZGYtZDMyNS00YWE3LTk3YTct
NGI0M2E0NzM4MmI2LzEvOVROYzZFWjlJazFJS05nTXhmd2hCOUQ2Z1E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8xN2FkZGYtZDMyNS00YWE3LTk3YTctNGI0M2E0NzM4MmI2
LzEvdkd5TUJ0TFR3b0FmQlVXUHlEUVQyd3BkMzYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAVRXiAD
BAFRXiQDBABRXicDBABRXioDBAJRXiwwDQYJKoZIhvcNAQELBQADggEBAJH/C6L5
GC+7fm5u/O7Vm0F2WZPJG8eoJh7yMfNdw/LMAcIPylzQwOdRdc6rJ8t2q745WgaT
+SX3gclGUTbt/JxCZoGvEfUD2GLpvrhHGLy5Fybf3LmfytmB4i2eoBjQCUfKpEss
A7oBspEUJ+8Yrqv5HQxEIt82aTfsVTQ/LPn1Kt4ubsZzg8h9a2H/uCeIyvNLbbv9
EGopIRdlFQwOCDkzgd5eqZCgqCgtE1pPjjkzAeevpFnPQ/GLGIAXdvlv71nl1NWg
MkNOUz2ktqkzqk/LyfrZompDIu3abbD00kfllJSdi/3K0DL7ZDUYyWI+dh+sXuPr
43FQElj9JpPfLg0=
-----END CERTIFICATE-----
Generated at Fri Jun 7 15:54:57 2024 by rpki-client on console-fra.rpki-client.org