Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/6KY2tKOtbOO3bzYPKAsae60uSJ8.roa
File: 6KY2tKOtbOO3bzYPKAsae60uSJ8.roa (raw, json)
Hash identifier: Cjxm2tB/HTkk/55VKMzqqVjLp4M3aecg7ytR7JamQqY=
Subject key identifier: E8:A6:36:B4:A3:AD:6C:E3:B7:6F:36:0F:28:0B:1A:7B:AD:2E:48:9F
Certificate issuer: /CN=e14ac611614dd165d94557296ed7ed46c8fc025f
Certificate serial: 018D6A1A2B79E40E152CCE88F98EC1B4DB29
Authority key identifier: E1:4A:C6:11:61:4D:D1:65:D9:45:57:29:6E:D7:ED:46:C8:FC:02:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4UrGEWFN0WXZRVcpbtftRsj8Al8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/6KY2tKOtbOO3bzYPKAsae60uSJ8.roa
Signing time: Fri 02 Feb 2024 13:55:16 +0000
ROA not before: Fri 02 Feb 2024 13:55:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39083
IP address blocks: 5.252.232.0/22 maxlen: 24
80.78.132.0/22 maxlen: 24
194.120.126.0/24 maxlen: 24
2a07:6f40::/29 maxlen: 48
2a0d:2140::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/4UrGEWFN0WXZRVcpbtftRsj8Al8.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/4UrGEWFN0WXZRVcpbtftRsj8Al8.mft
rsync://rpki.ripe.net/repository/DEFAULT/4UrGEWFN0WXZRVcpbtftRsj8Al8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6a:1a:2b:79:e4:0e:15:2c:ce:88:f9:8e:c1:b4:db:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e14ac611614dd165d94557296ed7ed46c8fc025f
Validity
Not Before: Feb 2 13:55:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e8a636b4a3ad6ce3b76f360f280b1a7bad2e489f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:28:69:23:28:a5:28:e3:f2:a2:8f:a5:b0:b8:
de:99:95:15:09:1d:d7:fd:a5:c4:23:a8:d7:2d:fd:
4b:22:49:10:6c:60:da:49:c5:04:07:77:0e:7f:8f:
7b:42:5e:2d:3b:a5:0f:aa:ac:02:5c:5f:c7:bc:90:
d7:22:42:0d:79:66:54:49:ef:ad:76:81:33:0f:61:
06:f1:b6:7f:4a:d4:6b:df:9e:18:d5:33:e2:a5:65:
a8:b9:65:8d:d7:29:c7:91:39:f8:8d:56:e4:ec:0f:
15:43:c4:2d:c0:e1:7f:64:7f:ad:e9:f2:1b:df:d3:
c4:a6:2a:f9:fa:65:9a:4c:97:0f:0b:1b:62:29:f1:
cd:0d:cb:a5:d9:f2:65:28:65:72:5e:88:cb:d5:55:
55:61:e2:82:6f:d6:6b:d9:2c:01:65:ba:fe:de:23:
89:30:45:57:e8:e4:eb:01:92:a6:20:c1:29:69:b7:
5f:cd:35:76:8e:b4:dc:e5:22:b7:63:91:6b:13:74:
03:fc:b4:79:d2:96:c0:ea:af:1b:4f:1b:1f:a7:f3:
cb:75:6e:67:97:aa:c7:a7:cd:11:0f:c3:7c:80:39:
97:5b:c6:f1:17:90:04:88:09:6b:76:51:6b:f8:8f:
79:d1:dc:c5:f7:35:8f:a6:3d:4c:1e:71:f9:bd:aa:
5a:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:A6:36:B4:A3:AD:6C:E3:B7:6F:36:0F:28:0B:1A:7B:AD:2E:48:9F
X509v3 Authority Key Identifier:
keyid:E1:4A:C6:11:61:4D:D1:65:D9:45:57:29:6E:D7:ED:46:C8:FC:02:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4UrGEWFN0WXZRVcpbtftRsj8Al8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/6KY2tKOtbOO3bzYPKAsae60uSJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/4UrGEWFN0WXZRVcpbtftRsj8Al8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.232.0/22
80.78.132.0/22
194.120.126.0/24
IPv6:
2a07:6f40::/29
2a0d:2140::/29
Signature Algorithm: sha256WithRSAEncryption
70:d2:4c:4b:c3:f9:4e:94:71:0f:32:f7:3d:ab:54:d0:35:a8:
21:19:b3:e7:53:70:6f:17:e1:1b:1e:cb:46:ad:92:70:55:fa:
6f:b2:9d:18:47:1a:7b:1b:a0:46:1f:40:f4:8b:0b:6c:5f:f5:
c3:ae:e9:54:08:b1:ce:a1:f5:45:a1:de:cd:d0:a1:68:a1:5e:
81:6d:b1:8b:6f:98:38:dd:21:a8:11:ac:b2:65:03:d9:ff:5f:
ff:f0:a3:37:84:55:34:9f:ed:ca:c2:25:f9:a4:4b:30:d1:38:
21:ad:bc:b8:b8:cb:eb:9f:5a:2c:71:67:0f:62:de:39:08:14:
37:8e:90:9b:6a:da:a6:29:8b:ad:c7:bd:26:6a:d9:8c:23:68:
b1:6c:a1:f0:07:4f:d2:e3:ba:db:04:99:ff:3c:fc:3a:10:08:
dc:68:a9:c8:37:fb:eb:ce:45:59:dc:57:3b:9e:fc:c2:d8:70:
00:40:ca:71:1f:67:3c:9b:32:f7:c3:6a:bb:67:09:7b:86:b9:
57:3f:1c:a0:18:18:a3:48:f7:53:88:c9:38:45:00:ec:d0:83:
10:96:78:fd:93:5e:61:16:14:01:95:e0:5a:ef:61:b3:2a:2a:
4b:e0:0d:1b:5d:4a:52:28:44:e6:cc:42:f6:41:81:a8:d2:e0:
18:7a:14:b9
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAY1qGit55A4VLM6I+Y7BtNspMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNGFjNjExNjE0ZGQxNjVkOTQ1NTcyOTZlZDdlZDQ2Yzhm
YzAyNWYwHhcNMjQwMjAyMTM1NTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGE2MzZiNGEzYWQ2Y2UzYjc2ZjM2MGYyODBiMWE3YmFkMmU0ODlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtChpIyilKOPyoo+lsLjemZUVCR3X
/aXEI6jXLf1LIkkQbGDaScUEB3cOf497Ql4tO6UPqqwCXF/HvJDXIkINeWZUSe+t
doEzD2EG8bZ/StRr354Y1TPipWWouWWN1ynHkTn4jVbk7A8VQ8QtwOF/ZH+t6fIb
39PEpir5+mWaTJcPCxtiKfHNDcul2fJlKGVyXojL1VVVYeKCb9Zr2SwBZbr+3iOJ
MEVX6OTrAZKmIMEpabdfzTV2jrTc5SK3Y5FrE3QD/LR50pbA6q8bTxsfp/PLdW5n
l6rHp80RD8N8gDmXW8bxF5AEiAlrdlFr+I950dzF9zWPpj1MHnH5vapasQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFOimNrSjrWzjt282DygLGnutLkifMB8GA1UdIwQY
MBaAFOFKxhFhTdFl2UVXKW7X7UbI/AJfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFVyR0VXRk4wV1haUlZjcGJ0ZnRSc2o4QWw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS82ZTc5YjgtMmI4Zi00ZWNjLTlhNmUt
NzBlODk4YmIzOGRkLzEvNktZMnRLT3RiT08zYnpZUEtBc2FlNjB1U0o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS82ZTc5YjgtMmI4Zi00ZWNjLTlhNmUtNzBlODk4YmIzOGRk
LzEvNFVyR0VXRk4wV1haUlZjcGJ0ZnRSc2o4QWw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCBfzoAwQC
UE6EAwQAwnh+MBQEAgACMA4DBQMqB29AAwUDKg0hQDANBgkqhkiG9w0BAQsFAAOC
AQEAcNJMS8P5TpRxDzL3PatU0DWoIRmz51NwbxfhGx7LRq2ScFX6b7KdGEcaexug
Rh9A9IsLbF/1w67pVAixzqH1RaHezdChaKFegW2xi2+YON0hqBGssmUD2f9f//Cj
N4RVNJ/tysIl+aRLMNE4Ia28uLjL659aLHFnD2LeOQgUN46Qm2rapimLrce9JmrZ
jCNosWyh8AdP0uO62wSZ/zz8OhAI3GipyDf7685FWdxXO578wthwAEDKcR9nPJsy
98Nqu2cJe4a5Vz8coBgYo0j3U4jJOEUA7NCDEJZ4/ZNeYRYUAZXgWu9hsyoqS+AN
G11KUihE5sxC9kGBqNLgGHoUuQ==
-----END CERTIFICATE-----
Generated at Wed May 29 07:37:27 2024 by rpki-client on console-fra.rpki-client.org