Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/6ahYT7Rvj8I3aCv26zy6xHJuOA8.roa
File: 6ahYT7Rvj8I3aCv26zy6xHJuOA8.roa (raw, json)
Hash identifier: PkkDZyUfMHHRrufN79KWJSIjebsjt2gOF3fKjaKsvMc=
Subject key identifier: E9:A8:58:4F:B4:6F:8F:C2:37:68:2B:F6:EB:3C:BA:C4:72:6E:38:0F
Certificate issuer: /CN=f8203a0c04b81fe1766fa41bd31b73b588188ac7
Certificate serial: 019344D176F75D34163E80D49FB4B9F0C872
Authority key identifier: F8:20:3A:0C:04:B8:1F:E1:76:6F:A4:1B:D3:1B:73:B5:88:18:8A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-CA6DAS4H-F2b6Qb0xtztYgYisc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/6ahYT7Rvj8I3aCv26zy6xHJuOA8.roa
Signing time: Tue 19 Nov 2024 14:26:38 +0000
ROA not before: Tue 19 Nov 2024 14:26:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60721
IP address blocks: 45.136.104.0/24 maxlen: 24
45.136.105.0/24 maxlen: 24
45.136.106.0/24 maxlen: 24
45.136.107.0/24 maxlen: 24
185.26.144.0/24 maxlen: 24
185.26.145.0/24 maxlen: 24
185.26.146.0/24 maxlen: 24
185.26.147.0/24 maxlen: 24
185.126.176.0/24 maxlen: 24
185.126.177.0/24 maxlen: 24
185.126.178.0/24 maxlen: 24
185.126.179.0/24 maxlen: 24
185.153.228.0/24 maxlen: 24
185.153.229.0/24 maxlen: 24
185.153.230.0/24 maxlen: 24
185.153.231.0/24 maxlen: 24
185.162.144.0/24 maxlen: 24
185.162.147.0/24 maxlen: 24
185.171.24.0/24 maxlen: 24
185.171.25.0/24 maxlen: 24
185.171.26.0/24 maxlen: 24
185.171.27.0/24 maxlen: 24
185.247.136.0/24 maxlen: 24
185.247.137.0/24 maxlen: 24
185.247.138.0/24 maxlen: 24
185.247.139.0/24 maxlen: 24
2a04:3880::/30 maxlen: 30
2a06:c380::/29 maxlen: 29
2a0b:6000::/29 maxlen: 29
2a0d:a2c0::/29 maxlen: 29
2a0d:c480::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/1-CA6DAS4H-F2b6Qb0xtztYgYisc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/1-CA6DAS4H-F2b6Qb0xtztYgYisc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-CA6DAS4H-F2b6Qb0xtztYgYisc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:44:d1:76:f7:5d:34:16:3e:80:d4:9f:b4:b9:f0:c8:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8203a0c04b81fe1766fa41bd31b73b588188ac7
Validity
Not Before: Nov 19 14:26:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e9a8584fb46f8fc237682bf6eb3cbac4726e380f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:e5:ba:26:b6:f7:98:58:93:1b:6a:32:ea:36:
27:9c:51:12:6e:9d:86:03:2f:59:63:69:0a:7d:39:
9a:2f:03:1c:74:43:48:01:72:dd:d2:97:9c:87:85:
46:58:ec:c8:1e:01:16:21:3b:f6:b3:a1:7d:3c:e3:
05:dc:d8:1a:79:f4:75:cf:46:4a:bc:49:59:2c:f7:
cb:d1:31:52:08:e5:f4:b6:cb:e5:4b:1f:d3:93:40:
35:38:2e:13:93:cc:12:0f:25:d5:51:bd:d8:0e:9c:
9c:1e:e3:62:ee:ef:0e:f3:01:a6:5f:99:c2:b8:39:
bc:67:b4:e7:a7:75:bd:51:ff:4a:2b:d7:75:f7:b2:
01:b6:90:6a:68:ae:1e:cb:f7:a7:ce:0a:17:53:30:
a9:82:a4:56:18:fc:05:10:da:d1:4b:3b:b6:8b:9d:
72:13:c5:68:cd:7b:f1:47:5f:3c:1b:47:b7:b3:01:
70:80:79:e5:71:ec:6a:f3:ff:99:3c:af:48:bf:29:
c9:fd:c4:4f:87:b6:d8:3c:84:f0:81:2f:3d:91:14:
f3:0d:c4:ca:e4:75:c8:a1:b4:17:95:a4:6d:dd:39:
43:be:fc:4e:02:86:4c:ae:dc:7a:4a:9f:b9:a9:0a:
8e:7a:f1:47:50:d5:eb:44:f0:cc:9c:3e:a0:33:bc:
c7:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:A8:58:4F:B4:6F:8F:C2:37:68:2B:F6:EB:3C:BA:C4:72:6E:38:0F
X509v3 Authority Key Identifier:
keyid:F8:20:3A:0C:04:B8:1F:E1:76:6F:A4:1B:D3:1B:73:B5:88:18:8A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-CA6DAS4H-F2b6Qb0xtztYgYisc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/6ahYT7Rvj8I3aCv26zy6xHJuOA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/1-CA6DAS4H-F2b6Qb0xtztYgYisc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.104.0/22
185.26.144.0/22
185.126.176.0/22
185.153.228.0/22
185.162.144.0/24
185.162.147.0/24
185.171.24.0/22
185.247.136.0/22
IPv6:
2a04:3880::/30
2a06:c380::/29
2a0b:6000::/29
2a0d:a2c0::/29
2a0d:c480::/29
Signature Algorithm: sha256WithRSAEncryption
41:5b:66:5b:8b:32:02:5f:66:8f:77:ca:ae:a2:62:c2:89:89:
ea:84:a6:1b:75:f0:fb:6f:53:3e:9a:2f:12:c1:10:2d:f1:19:
b9:fb:6e:52:4e:3b:15:da:fd:04:46:a1:01:3d:50:e7:b9:aa:
e9:00:03:34:6f:c9:52:06:81:21:1f:b4:f0:76:25:2a:ff:ba:
28:4e:63:06:db:6e:1a:be:2e:c2:98:2a:9e:6b:d7:25:0c:e3:
ac:ae:1b:93:eb:3c:a3:1e:63:89:a9:b4:dd:02:4b:22:98:e4:
b1:aa:56:50:6a:64:84:a9:64:ff:9e:50:51:5f:d5:aa:c4:53:
4c:4e:bf:db:7d:c9:a5:ab:3f:09:dc:8f:45:b8:1a:46:ed:e1:
95:a0:e4:12:b6:30:5b:5d:44:ab:dd:b5:f3:e8:39:ed:58:0b:
64:a8:2d:d8:ba:f5:ae:cf:47:71:a1:81:53:58:d4:10:98:18:
7c:ef:3f:bd:b3:4e:ae:61:0c:82:b0:a2:72:fb:01:5a:e9:43:
55:df:e2:6f:d4:81:64:92:c7:65:98:00:9a:88:e2:e3:3e:c7:
d1:e3:31:8a:79:ba:a6:7e:3c:0c:e6:c6:98:85:ea:2b:4b:c3:
7d:5d:d3:69:69:2b:17:31:38:40:64:b2:22:29:77:76:44:2e:
99:77:b3:ab
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAZNE0Xb3XTQWPoDUn7S58MhyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MjAzYTBjMDRiODFmZTE3NjZmYTQxYmQzMWI3M2I1ODgx
ODhhYzcwHhcNMjQxMTE5MTQyNjM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWE4NTg0ZmI0NmY4ZmMyMzc2ODJiZjZlYjNjYmFjNDcyNmUzODBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+W6Jrb3mFiTG2oy6jYnnFESbp2G
Ay9ZY2kKfTmaLwMcdENIAXLd0pech4VGWOzIHgEWITv2s6F9POMF3NgaefR1z0ZK
vElZLPfL0TFSCOX0tsvlSx/Tk0A1OC4Tk8wSDyXVUb3YDpycHuNi7u8O8wGmX5nC
uDm8Z7Tnp3W9Uf9KK9d197IBtpBqaK4ey/enzgoXUzCpgqRWGPwFENrRSzu2i51y
E8VozXvxR188G0e3swFwgHnlcexq8/+ZPK9IvynJ/cRPh7bYPITwgS89kRTzDcTK
5HXIobQXlaRt3TlDvvxOAoZMrtx6Sp+5qQqOevFHUNXrRPDMnD6gM7zHAwIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFOmoWE+0b4/CN2gr9us8usRybjgPMB8GA1UdIwQY
MBaAFPggOgwEuB/hdm+kG9Mbc7WIGIrHMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1DQTZEQVM0SC1GMmI2UWIweHR6dFlnWWlzYy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIvZTE0Y2EzLWRhOGUtNGI1OC04NjNh
LTMzODk2MjBjMWJkNy8xLzZhaFlUN1J2ajhJM2FDdjI2enk2eEhKdU9BOC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWIvZTE0Y2EzLWRhOGUtNGI1OC04NjNhLTMzODk2MjBjMWJk
Ny8xLzEtQ0E2REFTNEgtRjJiNlFiMHh0enRZZ1lpc2MuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwdAYIKwYBBQUHAQcBAf8EZTBjMDYEAgABMDADBAItiGgD
BAK5GpADBAK5frADBAK5meQDBAC5opADBAC5opMDBAK5qxgDBAK594gwKQQCAAIw
IwMFAioEOIADBQMqBsOAAwUDKgtgAAMFAyoNosADBQMqDcSAMA0GCSqGSIb3DQEB
CwUAA4IBAQBBW2ZbizICX2aPd8quomLCiYnqhKYbdfD7b1M+mi8SwRAt8Rm5+25S
TjsV2v0ERqEBPVDnuarpAAM0b8lSBoEhH7TwdiUq/7ooTmMG224avi7CmCqea9cl
DOOsrhuT6zyjHmOJqbTdAksimOSxqlZQamSEqWT/nlBRX9WqxFNMTr/bfcmlqz8J
3I9FuBpG7eGVoOQStjBbXUSr3bXz6DntWAtkqC3YuvWuz0dxoYFTWNQQmBh87z+9
s06uYQyCsKJy+wFa6UNV3+Jv1IFkksdlmACaiOLjPsfR4zGKebqmfjwM5saYheor
S8N9XdNpaSsXMThAZLIiKXd2RC6Zd7Or
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:33:42 2024 by rpki-client on console-fra.rpki-client.org