Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/W6_DQlsQaxAQb_csshCOZ2B3qKQ.roa
File: W6_DQlsQaxAQb_csshCOZ2B3qKQ.roa (raw, json)
Hash identifier: rAXfvjE6cqpnb+hknfkDMn7vMOn19LbD2joxkcAFI/Y=
Subject key identifier: 5B:AF:C3:42:5B:10:6B:10:10:6F:F7:2C:B2:10:8E:67:60:77:A8:A4
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 018CC3B72C2776DA5D20A234DD4329CF3D33
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/W6_DQlsQaxAQb_csshCOZ2B3qKQ.roa
Signing time: Mon 01 Jan 2024 06:30:10 +0000
ROA not before: Mon 01 Jan 2024 06:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8567
IP address blocks: 217.167.116.0/24 maxlen: 24
217.167.117.0/24 maxlen: 24
212.234.160.0/24 maxlen: 24
212.234.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.mft
rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:2c:27:76:da:5d:20:a2:34:dd:43:29:cf:3d:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 06:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5bafc3425b106b10106ff72cb2108e676077a8a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a4:24:7a:d7:df:7f:08:5d:b9:a4:60:22:64:
20:3a:ca:fc:c2:89:5a:c9:81:09:15:50:2a:b7:e7:
01:b8:b7:d7:24:de:eb:55:22:50:53:bb:67:49:d7:
15:b6:d1:6e:9d:18:15:49:7d:a4:a2:b8:70:d5:93:
0f:78:c0:15:fe:86:d1:c5:5c:54:46:72:ce:92:e3:
56:61:5c:00:33:05:ae:50:f9:17:a8:5d:2e:88:19:
a4:90:6f:95:d8:53:ab:b6:8a:a9:db:93:b5:67:c2:
0e:f0:b1:c2:cf:87:7a:e5:c5:54:60:c8:90:64:2a:
d0:c3:f8:06:42:bb:f0:ea:34:9d:ac:d3:17:49:4c:
19:0e:73:ae:aa:82:70:1e:f5:9d:52:ab:7d:e9:38:
13:20:fe:c5:cc:3a:2d:b7:5a:a8:1d:49:1c:4b:45:
7f:0e:56:08:31:55:79:3d:9a:c9:28:a1:f1:36:4f:
48:91:bc:a8:5c:f5:f1:d9:47:31:d6:52:c8:12:b9:
a7:57:62:6e:75:7a:b9:51:97:e7:e7:a9:1a:96:c6:
c6:d8:a2:7c:fc:83:0a:d8:d7:e5:51:75:80:c7:af:
83:b8:3c:4e:c0:b0:e7:eb:40:e8:78:03:a9:95:c4:
25:17:66:86:80:1b:7d:92:cb:8e:e6:de:ab:9e:7c:
1e:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:AF:C3:42:5B:10:6B:10:10:6F:F7:2C:B2:10:8E:67:60:77:A8:A4
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/W6_DQlsQaxAQb_csshCOZ2B3qKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.234.160.0/23
217.167.116.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:76:a8:6b:0e:ba:fe:67:e5:4b:79:01:a4:b7:9c:8d:f4:ea:
e6:11:0d:4f:c6:a6:d9:aa:46:44:1d:7e:92:c3:e3:5c:69:8a:
e5:2f:51:79:1a:ff:11:4f:2f:5c:55:ab:d7:b1:ae:b1:8b:fa:
98:76:40:de:4c:b0:88:62:99:3f:0a:60:98:b0:a1:b2:ab:ef:
55:86:34:11:0e:52:a4:4f:74:c2:31:1f:a1:cf:36:13:a3:e2:
c4:85:3a:d5:2f:0e:6a:9c:0f:c2:85:23:67:b5:85:e0:da:b5:
1e:f0:e0:6a:09:e0:7a:03:48:19:f4:79:57:c5:87:fb:e9:c3:
a0:67:86:3d:db:eb:48:26:fc:74:75:28:40:cb:5d:62:0d:55:
62:e8:9e:c2:8d:04:96:75:7c:df:f4:81:9b:79:ef:c1:c6:0f:
ce:0b:c2:ca:be:4b:2f:08:12:03:98:cf:27:61:22:24:d9:8f:
d9:65:67:db:18:6f:cc:41:31:4d:d9:dc:a7:ca:9f:02:6a:b8:
34:bd:1e:94:5e:51:51:39:fa:43:a4:6b:49:8a:ea:b2:9b:98:
3d:c4:6b:3d:1a:a1:70:dd:f8:fa:56:94:45:c0:49:67:79:d4:
04:25:44:bf:0b:32:d1:5e:76:21:e7:dd:e0:0b:96:21:15:4d:
81:56:24:73
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDtywndtpdIKI03UMpzz0zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjQwMTAxMDYzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmFmYzM0MjViMTA2YjEwMTA2ZmY3MmNiMjEwOGU2NzYwNzdhOGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmaQketfffwhduaRgImQgOsr8wola
yYEJFVAqt+cBuLfXJN7rVSJQU7tnSdcVttFunRgVSX2korhw1ZMPeMAV/obRxVxU
RnLOkuNWYVwAMwWuUPkXqF0uiBmkkG+V2FOrtoqp25O1Z8IO8LHCz4d65cVUYMiQ
ZCrQw/gGQrvw6jSdrNMXSUwZDnOuqoJwHvWdUqt96TgTIP7FzDott1qoHUkcS0V/
DlYIMVV5PZrJKKHxNk9IkbyoXPXx2Ucx1lLIErmnV2JudXq5UZfn56kalsbG2KJ8
/IMK2NflUXWAx6+DuDxOwLDn60DoeAOplcQlF2aGgBt9ksuO5t6rnnweEQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFuvw0JbEGsQEG/3LLIQjmdgd6ikMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvVzZfRFFsc1FheEFRYl9jc3NoQ09aMkIzcUtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQB1OqgAwQB
2ad0MA0GCSqGSIb3DQEBCwUAA4IBAQCKdqhrDrr+Z+VLeQGkt5yN9OrmEQ1PxqbZ
qkZEHX6Sw+NcaYrlL1F5Gv8RTy9cVavXsa6xi/qYdkDeTLCIYpk/CmCYsKGyq+9V
hjQRDlKkT3TCMR+hzzYTo+LEhTrVLw5qnA/ChSNntYXg2rUe8OBqCeB6A0gZ9HlX
xYf76cOgZ4Y92+tIJvx0dShAy11iDVVi6J7CjQSWdXzf9IGbee/Bxg/OC8LKvksv
CBIDmM8nYSIk2Y/ZZWfbGG/MQTFN2dynyp8Carg0vR6UXlFROfpDpGtJiuqym5g9
xGs9GqFw3fj6VpRFwElnedQEJUS/CzLRXnYh593gC5YhFU2BViRz
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:27:40 2024 by rpki-client on console-ams.rpki-client.org