Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/6zpmtJuJrYBDQpdmaXfAVO_HuUI.roa
File: 6zpmtJuJrYBDQpdmaXfAVO_HuUI.roa (raw, json)
Hash identifier: KvjkVvecYxvcegTmUoOXrMhne1yw2EkDNhk3nZFglKQ=
Subject key identifier: EB:3A:66:B4:9B:89:AD:80:43:42:97:66:69:77:C0:54:EF:C7:B9:42
Certificate issuer: /CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
Certificate serial: 018CC56ED9AA437354E757FC91834C6D2888
Authority key identifier: 4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/6zpmtJuJrYBDQpdmaXfAVO_HuUI.roa
Signing time: Mon 01 Jan 2024 14:30:25 +0000
ROA not before: Mon 01 Jan 2024 14:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56995
IP address blocks: 188.161.104.0/24 maxlen: 24
188.161.104.0/21 maxlen: 21
188.161.105.0/24 maxlen: 24
188.161.110.0/24 maxlen: 24
188.161.106.0/24 maxlen: 24
188.161.108.0/24 maxlen: 24
188.161.111.0/24 maxlen: 24
188.161.107.0/24 maxlen: 24
188.161.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/TDfyfrSZezvvnygmajlpQFD-dPk.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/TDfyfrSZezvvnygmajlpQFD-dPk.mft
rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:d9:aa:43:73:54:e7:57:fc:91:83:4c:6d:28:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
Validity
Not Before: Jan 1 14:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eb3a66b49b89ad80434297666977c054efc7b942
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e2:40:fd:8b:ef:f6:99:73:69:aa:7c:78:1e:
44:0e:dc:03:b7:ea:fe:a7:aa:ba:dc:cc:e9:6b:21:
c8:dc:e8:4c:2c:b1:bf:bc:79:0b:92:ec:a5:62:e4:
a7:30:34:8b:b9:89:c6:06:a8:0e:11:f8:a3:1b:cc:
4f:3f:b5:1a:73:bc:b9:23:cf:47:c3:f5:3b:b7:47:
c3:6c:2f:64:96:24:b0:71:43:73:98:ab:fe:dc:85:
21:c5:30:d3:30:a8:6f:c7:ca:9b:85:aa:7b:c4:fd:
24:93:18:62:9d:4f:86:ac:8b:d7:27:e0:be:42:8a:
0f:36:6d:60:c9:38:29:78:2c:2c:fa:ee:3d:fe:f2:
2b:50:87:97:8e:6a:97:c7:f1:0a:c8:75:d2:aa:62:
4f:ab:e5:21:93:55:88:32:e3:25:44:71:63:b4:7b:
4e:dc:98:0e:b2:ef:51:f5:c7:8f:c5:4f:41:1b:38:
b6:72:67:f1:49:c1:1c:0e:86:8e:8b:3e:7f:45:6a:
49:5d:27:a8:4b:54:0c:0f:1b:ff:47:7b:4c:c9:df:
41:21:63:2d:73:26:6f:4f:e5:d9:c7:65:de:5b:10:
33:3c:d9:6f:1b:7b:98:ae:0f:41:df:cc:45:9c:83:
d4:22:94:7e:7c:4b:64:ca:53:57:1a:9e:2c:aa:26:
6f:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:3A:66:B4:9B:89:AD:80:43:42:97:66:69:77:C0:54:EF:C7:B9:42
X509v3 Authority Key Identifier:
keyid:4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/6zpmtJuJrYBDQpdmaXfAVO_HuUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/TDfyfrSZezvvnygmajlpQFD-dPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.161.104.0/21
Signature Algorithm: sha256WithRSAEncryption
42:41:e4:d6:1c:d7:34:4e:db:ef:11:e5:c9:55:52:1f:82:a3:
29:a8:27:c5:c9:8c:84:10:7b:3f:66:88:bc:18:57:52:db:f5:
be:0d:a1:a8:ed:3b:d5:1e:be:0a:38:d1:15:f1:33:82:ce:90:
22:88:43:2e:26:8e:d8:9e:30:43:b8:10:ee:9b:d8:b4:c6:ec:
79:62:e8:d9:94:a9:ef:14:b4:19:7c:d3:99:25:af:74:a7:0d:
b0:57:09:fd:7e:bc:4b:d6:f3:dc:6f:73:66:cf:c1:2d:69:f6:
0b:ca:97:a2:b5:b5:fd:15:63:e8:9a:3b:2f:c9:be:db:7b:54:
69:ac:c6:e8:56:9a:d1:02:da:e2:0a:0e:68:42:36:3d:48:1c:
17:08:62:63:a8:34:7b:1e:41:e2:64:58:ac:b5:55:21:06:8d:
ca:93:6a:34:2e:20:e8:07:4d:06:3d:77:50:31:17:cb:bc:df:
62:88:29:96:fe:5a:dd:d8:0e:34:b0:86:3f:a4:ce:54:44:86:
e9:67:48:1b:74:ef:fb:77:3f:75:3f:f0:c8:f8:f6:29:4f:57:
b4:0d:e0:9c:32:04:6c:f5:aa:87:6b:68:b8:e1:8b:d2:dd:77:
7c:6b:97:a9:af:a3:d3:3f:94:1c:bf:d5:84:3d:95:6f:f9:54:
0d:ff:d3:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbtmqQ3NU51f8kYNMbSiIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzdmMjdlYjQ5OTdiM2JlZjlmMjgyNjZhMzk2OTQwNTBm
ZTc0ZjkwHhcNMjQwMTAxMTQzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjNhNjZiNDliODlhZDgwNDM0Mjk3NjY2OTc3YzA1NGVmYzdiOTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxuJA/Yvv9plzaap8eB5EDtwDt+r+
p6q63MzpayHI3OhMLLG/vHkLkuylYuSnMDSLuYnGBqgOEfijG8xPP7Uac7y5I89H
w/U7t0fDbC9kliSwcUNzmKv+3IUhxTDTMKhvx8qbhap7xP0kkxhinU+GrIvXJ+C+
QooPNm1gyTgpeCws+u49/vIrUIeXjmqXx/EKyHXSqmJPq+Uhk1WIMuMlRHFjtHtO
3JgOsu9R9cePxU9BGzi2cmfxScEcDoaOiz5/RWpJXSeoS1QMDxv/R3tMyd9BIWMt
cyZvT+XZx2XeWxAzPNlvG3uYrg9B38xFnIPUIpR+fEtkylNXGp4sqiZvFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOs6ZrSbia2AQ0KXZml3wFTvx7lCMB8GA1UdIwQY
MBaAFEw38n60mXs7758oJmo5aUBQ/nT5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERmeWZyU1plenZ2bnlnbWFqbHBRRkQtZFBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8wOWNlYTAtZWYyYi00ZjIwLWExOWEt
ZWI1YTYyN2U3NmEzLzEvNnpwbXRKdUpyWUJEUXBkbWFYZkFWT19IdVVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8wOWNlYTAtZWYyYi00ZjIwLWExOWEtZWI1YTYyN2U3NmEz
LzEvVERmeWZyU1plenZ2bnlnbWFqbHBRRkQtZFBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDvKFoMA0G
CSqGSIb3DQEBCwUAA4IBAQBCQeTWHNc0TtvvEeXJVVIfgqMpqCfFyYyEEHs/Zoi8
GFdS2/W+DaGo7TvVHr4KONEV8TOCzpAiiEMuJo7YnjBDuBDum9i0xux5YujZlKnv
FLQZfNOZJa90pw2wVwn9frxL1vPcb3Nmz8EtafYLypeitbX9FWPomjsvyb7be1Rp
rMboVprRAtriCg5oQjY9SBwXCGJjqDR7HkHiZFistVUhBo3Kk2o0LiDoB00GPXdQ
MRfLvN9iiCmW/lrd2A40sIY/pM5URIbpZ0gbdO/7dz91P/DI+PYpT1e0DeCcMgRs
9aqHa2i44YvS3Xd8a5epr6PTP5Qcv9WEPZVv+VQN/9Mn
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:46:41 2024 by rpki-client on console-fra.rpki-client.org