Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/6cOAEYV0XFea6ckL0EjlNf2msZs.roa
File: 6cOAEYV0XFea6ckL0EjlNf2msZs.roa (raw, json)
Hash identifier: fWzJPwRWQZLPJ3wzBvcB+ZayqWkGy1bBS7qgJYm54C4=
Subject key identifier: E9:C3:80:11:85:74:5C:57:9A:E9:C9:0B:D0:48:E5:35:FD:A6:B1:9B
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 018D2D73ACF1523841B8989A9B30928C9F8B
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/6cOAEYV0XFea6ckL0EjlNf2msZs.roa
Signing time: Sun 21 Jan 2024 19:16:12 +0000
ROA not before: Sun 21 Jan 2024 19:16:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12722
IP address blocks: 45.8.156.0/24 maxlen: 24
45.85.64.0/24 maxlen: 24
45.85.67.0/24 maxlen: 24
45.144.38.0/24 maxlen: 24
45.145.3.0/24 maxlen: 24
85.8.187.0/24 maxlen: 24
185.21.140.0/24 maxlen: 24
194.32.250.0/24 maxlen: 24
194.61.234.0/24 maxlen: 24
194.61.235.0/24 maxlen: 24
213.139.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:2d:73:ac:f1:52:38:41:b8:98:9a:9b:30:92:8c:9f:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Jan 21 19:16:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e9c3801185745c579ae9c90bd048e535fda6b19b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:bd:0f:3d:8b:91:58:8b:3e:5e:23:41:6b:cf:
6c:19:fd:ed:96:fb:c6:b7:7e:7c:1f:2f:95:6e:00:
bf:cb:61:d4:22:d7:c1:37:f7:02:66:47:49:92:38:
4c:8a:ea:0b:22:f0:d0:d9:03:9a:b8:e3:7a:61:ed:
31:59:04:d4:d1:0a:b9:65:09:19:90:0a:40:88:d9:
42:0a:3e:b3:55:ff:6f:7a:85:58:d8:4e:9e:01:02:
89:fd:1d:be:aa:07:1c:74:9e:f4:9c:79:6d:98:d8:
8c:47:66:46:5d:a3:21:be:14:b7:78:b4:9b:ec:e6:
e9:58:d7:75:5e:3b:71:6b:50:5b:93:58:b7:15:fa:
88:8a:ce:ae:aa:47:a7:93:8b:70:ef:48:85:c1:02:
4a:14:08:45:0f:58:de:0b:c7:65:97:79:e1:97:40:
32:53:b1:7f:3f:8b:fc:41:21:fa:41:27:f6:47:e7:
2b:f0:38:46:3b:35:fb:33:9e:ef:4a:3c:d8:79:37:
81:cc:9e:56:b8:3e:43:f5:4b:a0:5a:ce:41:83:49:
28:ce:02:ca:bc:3f:eb:51:e1:a1:f3:05:e8:37:26:
aa:d7:94:4a:68:11:2b:3b:0e:ed:47:35:f0:97:6f:
da:33:1a:e7:f5:e1:ab:fe:d9:df:58:fc:6c:e8:8f:
9d:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:C3:80:11:85:74:5C:57:9A:E9:C9:0B:D0:48:E5:35:FD:A6:B1:9B
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/6cOAEYV0XFea6ckL0EjlNf2msZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.156.0/24
45.85.64.0/24
45.85.67.0/24
45.144.38.0/24
45.145.3.0/24
85.8.187.0/24
185.21.140.0/24
194.32.250.0/24
194.61.234.0/23
213.139.231.0/24
Signature Algorithm: sha256WithRSAEncryption
11:13:2f:d7:bc:d0:f2:a4:1e:bf:ed:0a:49:12:6c:c8:d3:9b:
93:d4:c8:b5:d2:60:bc:cf:4e:82:37:8a:f1:e5:6b:b6:f9:24:
e2:f1:30:fd:d3:63:25:49:c0:99:90:8c:72:88:6d:85:02:7e:
24:33:34:b5:59:09:26:06:fb:0c:49:7f:45:f7:40:58:d0:1d:
db:38:31:fc:e6:5c:04:82:ee:41:8c:88:4c:16:95:ec:74:d3:
8b:3a:ed:fe:29:5a:50:02:a0:07:c4:cd:a3:d7:d4:bb:20:de:
c5:a4:e4:fb:29:2c:42:0d:9d:fd:19:03:a1:6e:dc:17:b1:84:
f0:8a:7b:86:22:2f:b5:f3:44:85:28:83:10:7c:b1:ea:14:eb:
ca:f1:32:82:4d:63:a6:0a:e7:4d:bb:f6:4f:e4:96:d8:63:ca:
e1:42:e8:94:73:30:87:70:5c:03:ac:1a:8c:8b:12:45:57:2b:
10:05:8f:aa:85:ef:ce:e8:4e:65:0f:dd:0f:6b:3c:e6:21:0c:
09:7c:76:e8:35:13:18:f5:49:69:2c:e9:b3:0a:6d:c6:0f:83:
1f:25:c0:a9:01:be:b0:42:3b:59:88:f8:0a:a5:8b:0d:32:3b:
33:11:ba:40:f7:8e:30:a4:a5:9c:3a:6b:02:5b:1d:40:f4:10:
c7:22:d2:5c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY0tc6zxUjhBuJiamzCSjJ+LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwMTIxMTkxNjEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWMzODAxMTg1NzQ1YzU3OWFlOWM5MGJkMDQ4ZTUzNWZkYTZiMTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4L0PPYuRWIs+XiNBa89sGf3tlvvG
t358Hy+VbgC/y2HUItfBN/cCZkdJkjhMiuoLIvDQ2QOauON6Ye0xWQTU0Qq5ZQkZ
kApAiNlCCj6zVf9veoVY2E6eAQKJ/R2+qgccdJ70nHltmNiMR2ZGXaMhvhS3eLSb
7ObpWNd1Xjtxa1Bbk1i3FfqIis6uqkenk4tw70iFwQJKFAhFD1jeC8dll3nhl0Ay
U7F/P4v8QSH6QSf2R+cr8DhGOzX7M57vSjzYeTeBzJ5WuD5D9UugWs5Bg0kozgLK
vD/rUeGh8wXoNyaq15RKaBErOw7tRzXwl2/aMxrn9eGr/tnfWPxs6I+dSQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFOnDgBGFdFxXmunJC9BI5TX9prGbMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvNmNPQUVZVjBYRmVhNmNrTDBFamxOZjJtc1pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALQicAwQA
LVVAAwQALVVDAwQALZAmAwQALZEDAwQAVQi7AwQAuRWMAwQAwiD6AwQBwj3qAwQA
1YvnMA0GCSqGSIb3DQEBCwUAA4IBAQAREy/XvNDypB6/7QpJEmzI05uT1Mi10mC8
z06CN4rx5Wu2+STi8TD902MlScCZkIxyiG2FAn4kMzS1WQkmBvsMSX9F90BY0B3b
ODH85lwEgu5BjIhMFpXsdNOLOu3+KVpQAqAHxM2j19S7IN7FpOT7KSxCDZ39GQOh
btwXsYTwinuGIi+180SFKIMQfLHqFOvK8TKCTWOmCudNu/ZP5JbYY8rhQuiUczCH
cFwDrBqMixJFVysQBY+qhe/O6E5lD90PazzmIQwJfHboNRMY9UlpLOmzCm3GD4Mf
JcCpAb6wQjtZiPgKpYsNMjszEbpA944wpKWcOmsCWx1A9BDHItJc
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:47:27 2024 by rpki-client on console-fra.rpki-client.org