Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/6knSuGxoa84UpsSh1pq0ZMPAIlI.roa
File: 6knSuGxoa84UpsSh1pq0ZMPAIlI.roa (raw, json)
Hash identifier: CP5bI+fDjifx7Zm+6897ecq5vDTWAa2KiwiH4eTYUfM=
Subject key identifier: EA:49:D2:B8:6C:68:6B:CE:14:A6:C4:A1:D6:9A:B4:64:C3:C0:22:52
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 0192B530A51F0623D6D1418A53A242201F74
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/6knSuGxoa84UpsSh1pq0ZMPAIlI.roa
Signing time: Tue 22 Oct 2024 17:05:16 +0000
ROA not before: Tue 22 Oct 2024 17:05:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 262287
IP address blocks: 92.51.236.0/24 maxlen: 24
92.51.237.0/24 maxlen: 24
103.125.76.0/24 maxlen: 24
192.140.222.0/24 maxlen: 24
192.140.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 13:03:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b5:30:a5:1f:06:23:d6:d1:41:8a:53:a2:42:20:1f:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Oct 22 17:05:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea49d2b86c686bce14a6c4a1d69ab464c3c02252
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:a4:43:b0:a9:e6:7d:35:a4:55:8a:1b:5a:aa:
f0:33:44:bb:ff:3b:c9:c8:6b:3e:f3:b7:f9:16:ce:
f4:65:b7:73:22:fd:3d:46:24:2e:88:77:7a:e6:b1:
ba:79:fa:32:6c:40:d9:71:a5:19:27:b0:19:45:52:
50:c7:b5:27:be:e4:26:10:21:6d:b4:33:36:24:db:
75:dc:3c:12:5e:f3:51:1a:37:14:ca:a4:a9:50:e3:
29:94:c1:11:99:c1:9f:ea:d3:d1:ff:28:f9:60:26:
28:12:76:71:37:ba:6d:2b:cb:50:a7:c3:de:f3:ed:
58:3e:59:f8:64:7e:88:4f:3b:37:57:6e:dc:0e:91:
14:62:82:bd:c4:c1:1e:55:8f:14:3c:26:2d:89:e2:
7d:8b:86:ba:e0:2c:84:2d:8d:07:e2:63:0a:df:83:
b0:97:6c:1d:7f:77:b3:ed:d3:ed:07:e7:ff:2c:92:
33:66:a2:65:23:e7:21:d2:45:43:bf:36:8e:b7:97:
18:62:72:52:8c:8b:27:48:1f:30:9e:e5:11:85:a3:
1b:9b:16:06:b0:70:3e:45:f2:de:4d:b0:1c:8c:cb:
34:43:84:22:8c:86:22:05:fa:80:f7:9d:ad:6f:49:
ff:82:66:94:14:ab:a7:65:6e:97:19:ab:d1:16:76:
4b:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:49:D2:B8:6C:68:6B:CE:14:A6:C4:A1:D6:9A:B4:64:C3:C0:22:52
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/6knSuGxoa84UpsSh1pq0ZMPAIlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.51.236.0/23
103.125.76.0/24
192.140.222.0/23
Signature Algorithm: sha256WithRSAEncryption
45:81:4b:de:e7:28:1d:be:96:04:00:45:3b:3b:ab:cf:c7:6c:
bb:a9:7e:be:af:c2:e8:a1:b3:12:a4:02:56:27:57:9c:95:21:
70:f9:e4:da:e5:b3:2a:3c:37:50:ae:a8:c2:92:52:17:fe:2a:
66:d7:da:18:6d:88:27:8f:30:9a:f9:22:f3:5e:8c:fc:0f:3f:
26:a8:61:01:e9:68:c1:0e:6b:75:68:6c:9f:20:07:f5:65:79:
41:d7:d7:aa:cf:31:f8:e3:c2:e5:cb:34:81:91:d9:46:33:b5:
55:50:c9:e0:ac:cf:d9:c3:af:38:7c:53:61:63:fe:6e:0e:6c:
04:56:c9:5d:5c:7f:ca:7b:c6:6c:87:3c:b7:f0:7a:f5:4a:80:
27:1b:61:19:64:1c:4f:d6:98:3d:7c:96:b1:d9:41:d1:a5:1a:
5f:de:88:a5:c3:fc:83:99:b5:17:fa:3b:ab:1e:ee:ff:9b:6e:
4d:a8:2f:14:6d:65:09:c1:c4:e7:12:d4:e6:c8:6d:cb:97:a4:
f7:75:86:d3:6a:ae:6c:5a:00:f6:92:42:80:d7:1f:b1:6c:94:
98:45:83:c6:f9:d5:62:ca:bc:90:32:9a:77:71:07:3f:ea:ad:
d6:2a:c5:63:0a:cf:ca:f7:72:fa:4a:70:9f:5b:35:9d:36:c9:
0f:09:b2:d8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZK1MKUfBiPW0UGKU6JCIB90MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjQxMDIyMTcwNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTQ5ZDJiODZjNjg2YmNlMTRhNmM0YTFkNjlhYjQ2NGMzYzAyMjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA36RDsKnmfTWkVYobWqrwM0S7/zvJ
yGs+87f5Fs70ZbdzIv09RiQuiHd65rG6efoybEDZcaUZJ7AZRVJQx7UnvuQmECFt
tDM2JNt13DwSXvNRGjcUyqSpUOMplMERmcGf6tPR/yj5YCYoEnZxN7ptK8tQp8Pe
8+1YPln4ZH6ITzs3V27cDpEUYoK9xMEeVY8UPCYtieJ9i4a64CyELY0H4mMK34Ow
l2wdf3ez7dPtB+f/LJIzZqJlI+ch0kVDvzaOt5cYYnJSjIsnSB8wnuURhaMbmxYG
sHA+RfLeTbAcjMs0Q4QijIYiBfqA952tb0n/gmaUFKunZW6XGavRFnZL+QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOpJ0rhsaGvOFKbEodaatGTDwCJSMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvNmtuU3VHeG9hODRVcHNTaDFwcTBaTVBBSWxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBXDPsAwQA
Z31MAwQBwIzeMA0GCSqGSIb3DQEBCwUAA4IBAQBFgUve5ygdvpYEAEU7O6vPx2y7
qX6+r8LoobMSpAJWJ1eclSFw+eTa5bMqPDdQrqjCklIX/ipm19oYbYgnjzCa+SLz
Xoz8Dz8mqGEB6WjBDmt1aGyfIAf1ZXlB19eqzzH448LlyzSBkdlGM7VVUMngrM/Z
w684fFNhY/5uDmwEVsldXH/Ke8Zshzy38Hr1SoAnG2EZZBxP1pg9fJax2UHRpRpf
3oilw/yDmbUX+jurHu7/m25NqC8UbWUJwcTnEtTmyG3Ll6T3dYbTaq5sWgD2kkKA
1x+xbJSYRYPG+dViyryQMpp3cQc/6q3WKsVjCs/K93L6SnCfWzWdNskPCbLY
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:14:35 2024 by rpki-client on console-fra.rpki-client.org