Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/6AK_go_VrHGwYj-cT5JRILnE49A.roa
File: 6AK_go_VrHGwYj-cT5JRILnE49A.roa (raw, json)
Hash identifier: FXBkLaKCMpsu/aobbBLB+YeLADTWF8jmMZ+zKdYjk9k=
Subject key identifier: E8:02:BF:82:8F:D5:AC:71:B0:62:3F:9C:4F:92:51:20:B9:C4:E3:D0
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 018DEF302DDB650D121E5E321F47EAD32106
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/6AK_go_VrHGwYj-cT5JRILnE49A.roa
Signing time: Wed 28 Feb 2024 10:08:48 +0000
ROA not before: Wed 28 Feb 2024 10:08:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207713
IP address blocks: 62.133.60.0/22 maxlen: 24
62.133.61.0/24 maxlen: 24
141.98.171.0/24 maxlen: 24
194.156.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ef:30:2d:db:65:0d:12:1e:5e:32:1f:47:ea:d3:21:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Feb 28 10:08:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e802bf828fd5ac71b0623f9c4f925120b9c4e3d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:2d:d1:94:b7:dd:0d:25:1d:2e:78:8c:3f:b2:
9b:c2:5e:aa:d5:d6:9e:3c:7e:b5:f7:5e:bc:37:6d:
bd:33:98:be:b8:e4:8c:8c:95:de:79:3b:68:12:c6:
01:01:08:99:58:be:5f:9a:fe:b8:32:74:8d:81:92:
ad:dc:58:63:40:6a:dd:27:3b:5e:d7:8a:b4:f7:2a:
e0:99:f9:88:05:9c:74:ee:db:dd:f9:ea:ec:9c:e8:
e6:ea:10:c2:c9:77:f8:1d:04:65:7d:c7:ab:e5:77:
17:6f:be:0a:c3:64:73:bf:80:bf:ba:b1:fe:b3:db:
4f:f4:a9:84:ae:14:7e:b7:55:28:8e:76:7e:02:7c:
97:e4:9d:37:24:5c:42:d9:a4:55:88:19:fe:70:76:
5a:fa:8f:4c:5f:8b:99:96:a8:49:12:4d:3e:34:d2:
24:45:9e:00:13:5d:54:d8:cc:ca:5b:ce:d6:20:97:
f0:13:41:f2:5f:1a:e8:82:ec:74:3c:51:13:cb:26:
5c:c9:8d:02:57:08:a4:6d:15:d9:e2:3d:99:b0:50:
31:bc:9d:af:ac:ff:99:7e:e6:23:f8:6e:15:1a:d0:
c4:43:84:b4:83:b8:8c:fc:d2:84:11:b6:9e:29:d7:
b9:da:98:f8:d6:55:b7:f3:c8:53:7d:21:2a:07:99:
02:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:02:BF:82:8F:D5:AC:71:B0:62:3F:9C:4F:92:51:20:B9:C4:E3:D0
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/6AK_go_VrHGwYj-cT5JRILnE49A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.133.60.0/22
141.98.171.0/24
194.156.102.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:b4:2f:0f:26:f5:e0:74:40:e0:98:f6:aa:d9:94:c6:25:8d:
ab:50:51:4e:2e:46:bb:6a:2a:be:9f:d3:ba:b0:7e:bd:a6:fc:
11:91:4f:66:f6:45:95:c4:5e:73:0d:28:44:21:f0:81:af:dd:
c6:01:81:18:f5:bc:b4:ca:1a:61:36:91:71:9b:af:2a:72:37:
11:7d:fe:c9:38:76:4e:24:28:93:b9:01:5e:df:26:64:f3:aa:
50:a5:57:41:81:61:2e:5d:bc:3d:55:31:61:2f:0e:89:9c:86:
9f:29:75:44:61:38:25:4a:80:cb:d5:be:ab:56:17:7e:61:d7:
5e:06:26:0f:e1:f2:ed:da:09:a7:ab:25:97:97:b7:1f:fb:0c:
2b:cf:f5:f1:e2:d3:1d:fa:63:90:6a:a6:cd:d8:c7:93:0c:88:
2b:45:85:07:ad:ac:ad:8e:bc:de:89:fa:6c:83:38:71:f0:b7:
68:31:73:a3:37:1e:7f:a1:2b:5a:89:03:cf:34:35:8b:bc:9b:
00:f2:62:15:d1:cf:72:56:59:e6:95:71:03:51:02:a3:1d:83:
ac:03:e1:c0:67:bf:c0:b6:f1:a2:8d:29:58:82:96:03:22:1e:
ee:52:de:74:18:fa:c3:61:fc:01:dd:3d:11:fb:83:70:e2:b2:
26:47:dd:94
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY3vMC3bZQ0SHl4yH0fq0yEGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjQwMjI4MTAwODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODAyYmY4MjhmZDVhYzcxYjA2MjNmOWM0ZjkyNTEyMGI5YzRlM2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmi3RlLfdDSUdLniMP7Kbwl6q1dae
PH619168N229M5i+uOSMjJXeeTtoEsYBAQiZWL5fmv64MnSNgZKt3FhjQGrdJzte
14q09yrgmfmIBZx07tvd+ersnOjm6hDCyXf4HQRlfcer5XcXb74Kw2Rzv4C/urH+
s9tP9KmErhR+t1UojnZ+AnyX5J03JFxC2aRViBn+cHZa+o9MX4uZlqhJEk0+NNIk
RZ4AE11U2MzKW87WIJfwE0HyXxrogux0PFETyyZcyY0CVwikbRXZ4j2ZsFAxvJ2v
rP+ZfuYj+G4VGtDEQ4S0g7iM/NKEEbaeKde52pj41lW388hTfSEqB5kCSQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOgCv4KP1axxsGI/nE+SUSC5xOPQMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvNkFLX2dvX1ZySEd3WWotY1Q1SlJJTG5FNDlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCPoU8AwQA
jWKrAwQAwpxmMA0GCSqGSIb3DQEBCwUAA4IBAQCytC8PJvXgdEDgmPaq2ZTGJY2r
UFFOLka7aiq+n9O6sH69pvwRkU9m9kWVxF5zDShEIfCBr93GAYEY9by0yhphNpFx
m68qcjcRff7JOHZOJCiTuQFe3yZk86pQpVdBgWEuXbw9VTFhLw6JnIafKXVEYTgl
SoDL1b6rVhd+YddeBiYP4fLt2gmnqyWXl7cf+wwrz/Xx4tMd+mOQaqbN2MeTDIgr
RYUHraytjrzeifpsgzhx8LdoMXOjNx5/oStaiQPPNDWLvJsA8mIV0c9yVlnmlXED
UQKjHYOsA+HAZ7/AtvGijSlYgpYDIh7uUt50GPrDYfwB3T0R+4Nw4rImR92U
-----END CERTIFICATE-----
Generated at Thu Apr 25 23:01:57 2024 by rpki-client on console-fra.rpki-client.org