Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/5bf797-bc55-48c1-9e92-992825cd3214/1/6C5NluXbCGGIZvz90v7p5F-ZkuY.roa
File: 6C5NluXbCGGIZvz90v7p5F-ZkuY.roa (raw, json)
Hash identifier: bZ8iWCsffXWoB7Tbp6+x9Q4F0M7xUxole7teHahCMMk=
Subject key identifier: E8:2E:4D:96:E5:DB:08:61:88:66:FC:FD:D2:FE:E9:E4:5F:99:92:E6
Certificate issuer: /CN=3204c03c36c806d687e83ea8d2720ceebbbdc343
Certificate serial: 018CEF152A763045CC919C7A281034388B8F
Authority key identifier: 32:04:C0:3C:36:C8:06:D6:87:E8:3E:A8:D2:72:0C:EE:BB:BD:C3:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MgTAPDbIBtaH6D6o0nIM7ru9w0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/5bf797-bc55-48c1-9e92-992825cd3214/1/6C5NluXbCGGIZvz90v7p5F-ZkuY.roa
Signing time: Tue 09 Jan 2024 16:36:30 +0000
ROA not before: Tue 09 Jan 2024 16:36:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51152
IP address blocks: 185.151.38.0/24 maxlen: 24
185.151.37.0/24 maxlen: 24
185.151.36.0/24 maxlen: 24
185.151.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/5bf797-bc55-48c1-9e92-992825cd3214/1/MgTAPDbIBtaH6D6o0nIM7ru9w0M.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/5bf797-bc55-48c1-9e92-992825cd3214/1/MgTAPDbIBtaH6D6o0nIM7ru9w0M.mft
rsync://rpki.ripe.net/repository/DEFAULT/MgTAPDbIBtaH6D6o0nIM7ru9w0M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ef:15:2a:76:30:45:cc:91:9c:7a:28:10:34:38:8b:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3204c03c36c806d687e83ea8d2720ceebbbdc343
Validity
Not Before: Jan 9 16:36:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e82e4d96e5db08618866fcfdd2fee9e45f9992e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:83:9f:b7:9a:a3:74:cd:4c:2b:d3:8c:3f:76:
08:d8:c3:c4:d0:7e:83:62:91:84:7f:8d:b0:06:ea:
b1:ac:b9:3c:58:30:d1:f6:53:d5:3c:82:84:e9:91:
fe:e5:d4:91:71:18:25:34:e0:3b:26:14:cf:8b:82:
44:5a:a5:bf:52:7a:ba:a8:ba:a0:fb:94:6c:4e:46:
37:b1:00:23:c3:e4:89:95:39:dd:5f:57:7a:28:8f:
a7:5c:5f:d6:bd:63:25:54:41:a8:a4:5a:bb:30:7e:
18:61:fd:df:b6:de:0a:8d:dd:01:7c:ec:7f:4b:fd:
ea:6f:31:21:9a:78:2e:1d:53:52:db:95:59:39:ae:
df:23:25:b9:86:9b:f5:65:6f:11:c4:4a:a9:5d:04:
30:97:86:b1:99:89:39:c8:a2:24:ae:4d:ca:83:5b:
98:d4:ae:46:24:23:20:b7:a3:1b:89:f9:2f:27:35:
54:b7:3c:7b:6c:5e:88:a3:8f:2f:6f:b8:3a:e4:a4:
98:c2:53:7d:71:d4:11:33:51:7b:a9:50:14:ff:a0:
3a:ea:91:28:b2:3d:70:22:42:e2:75:23:7e:19:ea:
0b:a1:37:ce:6b:d3:3b:d8:01:58:b3:9d:7c:7b:61:
e0:20:e9:bf:4d:f7:0b:c8:61:77:cc:5c:2c:2b:75:
54:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:2E:4D:96:E5:DB:08:61:88:66:FC:FD:D2:FE:E9:E4:5F:99:92:E6
X509v3 Authority Key Identifier:
keyid:32:04:C0:3C:36:C8:06:D6:87:E8:3E:A8:D2:72:0C:EE:BB:BD:C3:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MgTAPDbIBtaH6D6o0nIM7ru9w0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/5bf797-bc55-48c1-9e92-992825cd3214/1/6C5NluXbCGGIZvz90v7p5F-ZkuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/5bf797-bc55-48c1-9e92-992825cd3214/1/MgTAPDbIBtaH6D6o0nIM7ru9w0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.151.36.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:b0:17:56:5e:41:3d:35:3b:51:74:ca:f4:96:4d:63:62:b7:
ec:9c:8e:b2:f0:67:13:68:bb:8d:18:b9:14:9f:33:f0:80:5c:
26:52:1b:d2:27:84:a9:95:4b:1a:76:e2:aa:ae:70:32:f9:d1:
98:ad:1c:fc:3d:05:83:3f:f5:40:d4:c2:47:8c:11:64:dc:43:
21:2a:5e:f1:67:b9:a2:f4:7c:f2:97:37:85:ff:da:36:8f:dd:
14:ae:5b:04:b7:1d:91:d3:7b:b5:be:c1:7f:5d:e8:79:10:6c:
fb:e1:22:45:6e:e9:2b:a9:2b:ec:6a:2d:3e:21:2a:46:e4:b8:
9b:68:78:4e:56:cc:2d:6d:30:7f:c3:61:de:fe:06:cd:c0:87:
e7:e0:04:fd:ca:f4:e6:ef:1d:cc:fb:ca:c0:b5:04:2b:e3:df:
3d:cc:32:6d:42:52:5f:e4:7b:59:d2:39:99:70:53:81:d6:1f:
cd:a8:2c:f3:c9:53:7a:ea:78:14:72:b8:22:92:38:34:9c:ff:
b9:97:60:f0:84:16:e3:1a:7f:4a:db:b9:6f:d8:16:0f:55:09:
48:ea:42:67:95:ab:86:4b:81:58:7c:0a:5f:15:f2:22:3c:32:
57:b8:0a:8b:6f:3f:2e:09:ed:ca:e1:d1:e6:c2:c5:73:eb:9e:
19:9d:81:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzvFSp2MEXMkZx6KBA0OIuPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMDRjMDNjMzZjODA2ZDY4N2U4M2VhOGQyNzIwY2VlYmJi
ZGMzNDMwHhcNMjQwMTA5MTYzNjMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODJlNGQ5NmU1ZGIwODYxODg2NmZjZmRkMmZlZTllNDVmOTk5MmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYOft5qjdM1MK9OMP3YI2MPE0H6D
YpGEf42wBuqxrLk8WDDR9lPVPIKE6ZH+5dSRcRglNOA7JhTPi4JEWqW/Unq6qLqg
+5RsTkY3sQAjw+SJlTndX1d6KI+nXF/WvWMlVEGopFq7MH4YYf3ftt4Kjd0BfOx/
S/3qbzEhmnguHVNS25VZOa7fIyW5hpv1ZW8RxEqpXQQwl4axmYk5yKIkrk3Kg1uY
1K5GJCMgt6MbifkvJzVUtzx7bF6Io48vb7g65KSYwlN9cdQRM1F7qVAU/6A66pEo
sj1wIkLidSN+GeoLoTfOa9M72AFYs518e2HgIOm/TfcLyGF3zFwsK3VUpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOguTZbl2whhiGb8/dL+6eRfmZLmMB8GA1UdIwQY
MBaAFDIEwDw2yAbWh+g+qNJyDO67vcNDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWdUQVBEYklCdGFINkQ2bzBuSU03cnU5dzBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny81YmY3OTctYmM1NS00OGMxLTllOTIt
OTkyODI1Y2QzMjE0LzEvNkM1Tmx1WGJDR0dJWnZ6OTB2N3A1Ri1aa3VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny81YmY3OTctYmM1NS00OGMxLTllOTItOTkyODI1Y2QzMjE0
LzEvTWdUQVBEYklCdGFINkQ2bzBuSU03cnU5dzBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZckMA0G
CSqGSIb3DQEBCwUAA4IBAQCbsBdWXkE9NTtRdMr0lk1jYrfsnI6y8GcTaLuNGLkU
nzPwgFwmUhvSJ4SplUsaduKqrnAy+dGYrRz8PQWDP/VA1MJHjBFk3EMhKl7xZ7mi
9HzylzeF/9o2j90UrlsEtx2R03u1vsF/Xeh5EGz74SJFbukrqSvsai0+ISpG5Lib
aHhOVswtbTB/w2He/gbNwIfn4AT9yvTm7x3M+8rAtQQr4989zDJtQlJf5HtZ0jmZ
cFOB1h/NqCzzyVN66ngUcrgikjg0nP+5l2DwhBbjGn9K27lv2BYPVQlI6kJnlauG
S4FYfApfFfIiPDJXuAqLbz8uCe3K4dHmwsVz654ZnYHR
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:41:02 2024 by rpki-client on console-fra.rpki-client.org