Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/bb2647-0950-46a4-b56d-34eb67b475f6/1/6sz2bi8PAyhYFona3-QARxONEPo.roa
File: 6sz2bi8PAyhYFona3-QARxONEPo.roa (raw, json)
Hash identifier: cqXy4LXikhDBSR4QmTQj/ozndBmht3NPX9t0HygjSqM=
Subject key identifier: EA:CC:F6:6E:2F:0F:03:28:58:16:89:DA:DF:E4:00:47:13:8D:10:FA
Certificate issuer: /CN=7a6735b7a553a1680c11add3e48c3635b53979ca
Certificate serial: 018D54A471C2BFAD868C7905300D91B4A54D
Authority key identifier: 7A:67:35:B7:A5:53:A1:68:0C:11:AD:D3:E4:8C:36:35:B5:39:79:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/emc1t6VToWgMEa3T5Iw2NbU5eco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/bb2647-0950-46a4-b56d-34eb67b475f6/1/6sz2bi8PAyhYFona3-QARxONEPo.roa
Signing time: Mon 29 Jan 2024 09:54:39 +0000
ROA not before: Mon 29 Jan 2024 09:54:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49604
IP address blocks: 45.151.4.0/23 maxlen: 23
45.151.6.0/23 maxlen: 23
85.222.232.0/22 maxlen: 24
85.234.242.0/23 maxlen: 23
85.234.244.0/23 maxlen: 23
85.234.246.0/23 maxlen: 24
185.31.240.0/22 maxlen: 24
217.146.64.0/20 maxlen: 24
2a02:29e8::/32 maxlen: 32
2a02:29ea:a::/48 maxlen: 48
2a02:29ea:14::/48 maxlen: 48
2a02:29ea:1e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/bb2647-0950-46a4-b56d-34eb67b475f6/1/emc1t6VToWgMEa3T5Iw2NbU5eco.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/bb2647-0950-46a4-b56d-34eb67b475f6/1/emc1t6VToWgMEa3T5Iw2NbU5eco.mft
rsync://rpki.ripe.net/repository/DEFAULT/emc1t6VToWgMEa3T5Iw2NbU5eco.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:54:a4:71:c2:bf:ad:86:8c:79:05:30:0d:91:b4:a5:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a6735b7a553a1680c11add3e48c3635b53979ca
Validity
Not Before: Jan 29 09:54:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eaccf66e2f0f0328581689dadfe40047138d10fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d4:b8:ab:19:68:58:23:75:9f:60:e1:8e:9e:
ac:2b:6a:6d:ae:60:85:e6:b8:d3:b4:96:2f:73:8d:
2c:7f:0a:e5:49:75:e1:fd:e6:25:31:ff:32:45:41:
43:7f:6b:48:7c:b2:6c:b1:c3:c6:6c:bc:7c:e5:79:
aa:f7:ef:75:e1:89:82:35:3b:a3:7f:82:91:ce:cf:
eb:c2:5e:b5:ac:7f:fa:e7:a6:8e:1f:4d:67:b6:81:
0f:f7:bb:79:3a:ba:bb:8c:3b:fe:41:c0:ff:40:83:
c3:eb:c7:2a:6b:4f:d4:0f:ad:b6:09:da:1e:75:16:
e0:5b:3c:00:70:5a:ba:f0:1a:2f:8d:59:c7:ee:b7:
24:fb:fe:1b:0c:8e:c6:36:06:14:e9:f1:41:10:b1:
59:8f:00:7a:2e:3a:d5:94:d8:c2:fd:91:1e:28:10:
88:56:fc:9d:50:66:ca:06:7a:8a:11:e0:a2:37:bb:
c4:c1:29:9b:43:4b:30:fd:9e:05:6f:c1:f1:89:fb:
f6:62:7b:b2:84:33:61:d4:45:8d:30:28:02:20:f1:
34:7f:d4:0d:09:2a:22:0a:35:e5:31:3f:8b:a9:45:
67:be:c1:1b:83:93:77:b8:4c:83:12:73:ba:cc:3d:
0f:12:cc:ca:e0:26:9d:51:e4:0e:38:72:a6:90:f8:
0f:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:CC:F6:6E:2F:0F:03:28:58:16:89:DA:DF:E4:00:47:13:8D:10:FA
X509v3 Authority Key Identifier:
keyid:7A:67:35:B7:A5:53:A1:68:0C:11:AD:D3:E4:8C:36:35:B5:39:79:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/emc1t6VToWgMEa3T5Iw2NbU5eco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/bb2647-0950-46a4-b56d-34eb67b475f6/1/6sz2bi8PAyhYFona3-QARxONEPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/bb2647-0950-46a4-b56d-34eb67b475f6/1/emc1t6VToWgMEa3T5Iw2NbU5eco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.4.0/22
85.222.232.0/22
85.234.242.0-85.234.247.255
185.31.240.0/22
217.146.64.0/20
IPv6:
2a02:29e8::/32
2a02:29ea:a::/48
2a02:29ea:14::/48
2a02:29ea:1e::/48
Signature Algorithm: sha256WithRSAEncryption
44:76:fc:34:1b:8d:d6:9f:6a:11:ff:a4:e0:17:8f:2c:98:57:
1b:20:e1:bd:7d:6f:a5:3d:19:72:ce:fd:96:e7:34:8d:3c:89:
61:de:1c:1f:7b:52:3c:a4:c5:fb:a6:43:3e:6b:a4:8c:fc:7b:
f7:8b:6c:2c:1e:4e:fd:ad:80:4e:18:ee:1e:1d:91:cf:1f:e1:
21:16:e5:d6:c2:fe:91:c0:16:fe:2e:42:c7:8a:6b:59:79:06:
a3:e4:85:62:c4:7d:75:39:fc:b7:d1:e4:5d:7d:5a:13:d3:60:
ed:5f:77:dc:1b:17:13:4f:bd:a8:a5:a9:8d:f8:58:bf:66:cf:
22:50:ff:5a:1b:74:6c:3e:71:37:3c:59:e8:93:a1:1d:57:f0:
d7:02:05:9b:44:f5:96:86:b9:0f:28:a3:11:21:c2:04:d5:e6:
25:fc:2d:5f:b6:6c:e2:53:a6:9a:e9:22:1b:6f:76:e9:e4:b0:
20:3b:ea:be:37:ea:b7:f9:22:81:36:28:95:1e:c4:33:c0:05:
1a:13:a0:aa:18:5f:c3:ac:aa:10:7b:31:c7:e0:fe:e9:3d:d8:
60:73:13:ed:8b:b8:45:3a:be:92:e5:53:61:eb:cb:1f:fd:7f:
54:59:01:b6:fe:cf:dd:79:b2:88:26:6d:f0:b6:ed:23:62:00:
7d:28:e1:5b
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAY1UpHHCv62GjHkFMA2RtKVNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhNjczNWI3YTU1M2ExNjgwYzExYWRkM2U0OGMzNjM1YjUz
OTc5Y2EwHhcNMjQwMTI5MDk1NDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWNjZjY2ZTJmMGYwMzI4NTgxNjg5ZGFkZmU0MDA0NzEzOGQxMGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodS4qxloWCN1n2Dhjp6sK2ptrmCF
5rjTtJYvc40sfwrlSXXh/eYlMf8yRUFDf2tIfLJsscPGbLx85Xmq9+914YmCNTuj
f4KRzs/rwl61rH/656aOH01ntoEP97t5Orq7jDv+QcD/QIPD68cqa0/UD622Cdoe
dRbgWzwAcFq68BovjVnH7rck+/4bDI7GNgYU6fFBELFZjwB6LjrVlNjC/ZEeKBCI
VvydUGbKBnqKEeCiN7vEwSmbQ0sw/Z4Fb8Hxifv2YnuyhDNh1EWNMCgCIPE0f9QN
CSoiCjXlMT+LqUVnvsEbg5N3uEyDEnO6zD0PEszK4CadUeQOOHKmkPgPrQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFOrM9m4vDwMoWBaJ2t/kAEcTjRD6MB8GA1UdIwQY
MBaAFHpnNbelU6FoDBGt0+SMNjW1OXnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZW1jMXQ2VlRvV2dNRWEzVDVJdzJOYlU1ZWNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9iYjI2NDctMDk1MC00NmE0LWI1NmQt
MzRlYjY3YjQ3NWY2LzEvNnN6MmJpOFBBeWhZRm9uYTMtUUFSeE9ORVBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9iYjI2NDctMDk1MC00NmE0LWI1NmQtMzRlYjY3YjQ3NWY2
LzEvZW1jMXQ2VlRvV2dNRWEzVDVJdzJOYlU1ZWNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDAsBAIAATAmAwQCLZcEAwQC
Vd7oMAwDBAFV6vIDBANV6vADBAK5H/ADBATZkkAwKAQCAAIwIgMFACoCKegDBwAq
AinqAAoDBwAqAinqABQDBwAqAinqAB4wDQYJKoZIhvcNAQELBQADggEBAER2/DQb
jdafahH/pOAXjyyYVxsg4b19b6U9GXLO/ZbnNI08iWHeHB97UjykxfumQz5rpIz8
e/eLbCweTv2tgE4Y7h4dkc8f4SEW5dbC/pHAFv4uQseKa1l5BqPkhWLEfXU5/LfR
5F19WhPTYO1fd9wbFxNPvailqY34WL9mzyJQ/1obdGw+cTc8WeiToR1X8NcCBZtE
9ZaGuQ8ooxEhwgTV5iX8LV+2bOJTpprpIhtvdunksCA76r436rf5IoE2KJUexDPA
BRoToKoYX8OsqhB7Mcfg/uk92GBzE+2LuEU6vpLlU2Hryx/9f1RZAbb+z915sogm
bfC27SNiAH0o4Vs=
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:06:16 2024 by rpki-client on console-fra.rpki-client.org