Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/9Vg_8xu94u1tov7QUAhMw3ufRMU.roa
File: 9Vg_8xu94u1tov7QUAhMw3ufRMU.roa (raw, json)
Hash identifier: 2jArj7Jj8OWy1fdjQtt5ABnV+wAcoYy0j5wZpDZ/nLs=
Subject key identifier: F5:58:3F:F3:1B:BD:E2:ED:6D:A2:FE:D0:50:08:4C:C3:7B:9F:44:C5
Certificate issuer: /CN=943e3f4856dac2a005c3a52347114dec453934b8
Certificate serial: 018CC348926138E4E6538B116ED75B692F5A
Authority key identifier: 94:3E:3F:48:56:DA:C2:A0:05:C3:A5:23:47:11:4D:EC:45:39:34:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lD4_SFbawqAFw6UjRxFN7EU5NLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/9Vg_8xu94u1tov7QUAhMw3ufRMU.roa
Signing time: Mon 01 Jan 2024 04:29:22 +0000
ROA not before: Mon 01 Jan 2024 04:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6837
IP address blocks: 85.0.0.0/13 maxlen: 32
178.192.0.0/13 maxlen: 32
176.127.0.0/16 maxlen: 32
188.60.0.0/14 maxlen: 32
83.76.0.0/14 maxlen: 32
62.202.0.0/15 maxlen: 32
92.104.0.0/14 maxlen: 32
2a02:1200::/27 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/lD4_SFbawqAFw6UjRxFN7EU5NLg.crl
rsync://rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/lD4_SFbawqAFw6UjRxFN7EU5NLg.mft
rsync://rpki.ripe.net/repository/DEFAULT/lD4_SFbawqAFw6UjRxFN7EU5NLg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:92:61:38:e4:e6:53:8b:11:6e:d7:5b:69:2f:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=943e3f4856dac2a005c3a52347114dec453934b8
Validity
Not Before: Jan 1 04:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5583ff31bbde2ed6da2fed050084cc37b9f44c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:0d:c6:44:5d:b4:35:34:bb:20:99:01:0f:78:
82:c3:f3:62:6e:77:d2:17:2f:ad:07:c9:3f:c8:22:
4e:72:3a:27:ee:d0:58:68:e1:9f:c3:ca:60:21:cb:
2f:68:ce:0b:38:94:07:95:63:3c:0f:42:b4:0c:c6:
43:62:f5:64:46:31:6a:44:e0:cf:3d:f7:72:e8:6f:
8c:f1:eb:be:80:91:1f:e6:f2:86:ce:a8:12:b0:80:
a7:ef:93:0f:fb:8c:54:26:31:a4:ce:7c:79:58:f7:
7a:18:cd:aa:f6:76:55:cb:5a:98:06:ce:10:23:10:
e7:37:cf:43:28:1c:4a:42:1f:67:54:de:e1:ce:00:
a7:da:21:2a:e3:68:d3:28:d5:60:4d:1e:88:c0:55:
61:1c:90:1d:a9:7d:42:17:91:9b:66:75:84:6a:85:
60:d8:06:3e:6a:a5:ed:45:17:05:20:dd:c4:cc:14:
3d:58:73:c5:a2:9b:3e:2f:a6:05:bb:25:f0:ea:a3:
86:be:c9:49:25:49:82:82:ec:cf:1b:53:36:28:4b:
a0:bd:3c:61:51:d5:1f:f8:8a:50:d1:84:6e:1b:b5:
ef:b5:9b:66:65:fe:7b:63:44:74:f8:e3:c4:4e:04:
0e:57:fe:99:6b:90:d6:c1:69:0d:99:70:5e:b9:04:
e0:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:58:3F:F3:1B:BD:E2:ED:6D:A2:FE:D0:50:08:4C:C3:7B:9F:44:C5
X509v3 Authority Key Identifier:
keyid:94:3E:3F:48:56:DA:C2:A0:05:C3:A5:23:47:11:4D:EC:45:39:34:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lD4_SFbawqAFw6UjRxFN7EU5NLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/9Vg_8xu94u1tov7QUAhMw3ufRMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/lD4_SFbawqAFw6UjRxFN7EU5NLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.202.0.0/15
83.76.0.0/14
85.0.0.0/13
92.104.0.0/14
176.127.0.0/16
178.192.0.0/13
188.60.0.0/14
IPv6:
2a02:1200::/27
Signature Algorithm: sha256WithRSAEncryption
5e:99:44:27:1f:6b:aa:be:c0:35:60:0c:03:d3:68:3a:45:3a:
87:1f:b2:53:bc:61:e2:43:4f:76:79:4f:27:06:7a:ca:5a:79:
90:d3:5c:a7:7a:ac:d1:fb:a9:e5:51:df:3e:20:7f:15:08:f5:
f8:b6:61:cf:21:e8:dc:ae:30:57:de:4e:9d:67:24:54:ad:76:
a8:f6:b3:f0:7e:d6:0a:de:5f:84:46:3e:eb:d7:30:45:c1:9b:
c4:3e:c0:76:18:1a:7a:47:73:88:5b:3a:73:22:29:1b:7d:69:
3a:d5:8c:87:f6:5f:a6:55:6c:3d:74:d0:d6:4c:e0:1a:3e:40:
65:cf:7f:59:a8:34:e2:2d:c8:c4:c6:3c:87:fd:a5:39:87:1a:
1e:78:79:72:f2:b7:0d:ad:0b:bb:b0:62:c4:d7:2c:76:22:4c:
ca:5f:cc:74:ff:dd:95:11:81:87:ed:d7:f2:8e:d6:a0:50:d8:
d3:1e:10:75:28:ca:ee:ab:cc:4e:93:4b:a4:ed:4c:f6:73:54:
10:03:97:7f:2f:d0:1e:cd:ec:7a:25:d5:c3:a5:e0:9d:7f:59:
6e:7f:60:9f:c6:03:24:30:33:d8:5c:3d:ab:68:a7:8e:c8:f0:
f9:91:0e:7a:ae:19:7a:02:c6:c3:e5:48:88:1f:2d:e5:18:ba:
3c:fa:27:84
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYzDSJJhOOTmU4sRbtdbaS9aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0M2UzZjQ4NTZkYWMyYTAwNWMzYTUyMzQ3MTE0ZGVjNDUz
OTM0YjgwHhcNMjQwMTAxMDQyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTU4M2ZmMzFiYmRlMmVkNmRhMmZlZDA1MDA4NGNjMzdiOWY0NGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Q3GRF20NTS7IJkBD3iCw/NibnfS
Fy+tB8k/yCJOcjon7tBYaOGfw8pgIcsvaM4LOJQHlWM8D0K0DMZDYvVkRjFqRODP
Pfdy6G+M8eu+gJEf5vKGzqgSsICn75MP+4xUJjGkznx5WPd6GM2q9nZVy1qYBs4Q
IxDnN89DKBxKQh9nVN7hzgCn2iEq42jTKNVgTR6IwFVhHJAdqX1CF5GbZnWEaoVg
2AY+aqXtRRcFIN3EzBQ9WHPFops+L6YFuyXw6qOGvslJJUmCguzPG1M2KEugvTxh
UdUf+IpQ0YRuG7XvtZtmZf57Y0R0+OPETgQOV/6Za5DWwWkNmXBeuQTgdwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFPVYP/MbveLtbaL+0FAITMN7n0TFMB8GA1UdIwQY
MBaAFJQ+P0hW2sKgBcOlI0cRTexFOTS4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEQ0X1NGYmF3cUFGdzZValJ4Rk43RVU1TkxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy84YzE1NDQtN2NmMi00ODcxLWExZGYt
MDI1M2QwNGZiOGZmLzEvOVZnXzh4dTk0dTF0b3Y3UVVBaE13M3VmUk1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy84YzE1NDQtN2NmMi00ODcxLWExZGYtMDI1M2QwNGZiOGZm
LzEvbEQ0X1NGYmF3cUFGdzZValJ4Rk43RVU1TkxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjApBAIAATAjAwMBPsoDAwJT
TAMDA1UAAwMCXGgDAwCwfwMDA7LAAwMCvDwwDQQCAAIwBwMFBSoCEgAwDQYJKoZI
hvcNAQELBQADggEBAF6ZRCcfa6q+wDVgDAPTaDpFOocfslO8YeJDT3Z5TycGespa
eZDTXKd6rNH7qeVR3z4gfxUI9fi2Yc8h6NyuMFfeTp1nJFStdqj2s/B+1greX4RG
PuvXMEXBm8Q+wHYYGnpHc4hbOnMiKRt9aTrVjIf2X6ZVbD100NZM4Bo+QGXPf1mo
NOItyMTGPIf9pTmHGh54eXLytw2tC7uwYsTXLHYiTMpfzHT/3ZURgYft1/KO1qBQ
2NMeEHUoyu6rzE6TS6TtTPZzVBADl38v0B7N7Hol1cOl4J1/WW5/YJ/GAyQwM9hc
Patop47I8PmRDnquGXoCxsPlSIgfLeUYujz6J4Q=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:42:39 2024 by rpki-client on console-ams.rpki-client.org