Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/6H60Ac8hDNGLpGNYctYmI3V8sQg.roa
File: 6H60Ac8hDNGLpGNYctYmI3V8sQg.roa (raw, json)
Hash identifier: JowiaJ7ktcuHTx4uxLJWvGmK+5UTRNmZDnA1aye/SBY=
Subject key identifier: E8:7E:B4:01:CF:21:0C:D1:8B:A4:63:58:72:D6:26:23:75:7C:B1:08
Certificate issuer: /CN=4b405caab34bbfde6b8ee66c600860c6ce96f32b
Certificate serial: 018CC7952325708831BAA30C6CEA41306386
Authority key identifier: 4B:40:5C:AA:B3:4B:BF:DE:6B:8E:E6:6C:60:08:60:C6:CE:96:F3:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S0BcqrNLv95rjuZsYAhgxs6W8ys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/6H60Ac8hDNGLpGNYctYmI3V8sQg.roa
Signing time: Tue 02 Jan 2024 00:31:29 +0000
ROA not before: Tue 02 Jan 2024 00:31:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8508
IP address blocks: 83.230.64.0/21 maxlen: 21
83.230.64.0/20 maxlen: 20
213.227.96.0/19 maxlen: 19
213.227.80.0/20 maxlen: 20
213.227.88.0/21 maxlen: 21
185.126.188.0/22 maxlen: 22
83.230.96.0/19 maxlen: 19
83.230.110.0/24 maxlen: 24
83.230.118.0/23 maxlen: 23
157.158.0.0/16 maxlen: 16
212.106.177.0/24 maxlen: 24
212.106.176.0/24 maxlen: 24
212.106.176.0/20 maxlen: 20
83.230.123.0/24 maxlen: 24
212.106.184.0/22 maxlen: 22
212.106.183.0/24 maxlen: 24
2a01:1d8::/30 maxlen: 30
2a01:1de::/32 maxlen: 32
2a01:1dd::/32 maxlen: 32
2a01:1dc::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/S0BcqrNLv95rjuZsYAhgxs6W8ys.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/S0BcqrNLv95rjuZsYAhgxs6W8ys.mft
rsync://rpki.ripe.net/repository/DEFAULT/S0BcqrNLv95rjuZsYAhgxs6W8ys.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 03:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:23:25:70:88:31:ba:a3:0c:6c:ea:41:30:63:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b405caab34bbfde6b8ee66c600860c6ce96f32b
Validity
Not Before: Jan 2 00:31:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e87eb401cf210cd18ba4635872d62623757cb108
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e5:8a:fa:5c:49:fd:39:f3:28:6c:1b:91:5a:
ec:c4:68:fb:35:9d:6c:b2:d2:d8:40:14:26:4d:0b:
fd:28:e1:da:5a:ad:d7:98:1d:d2:95:82:ca:d6:61:
3d:b3:26:b3:be:33:74:75:09:4b:61:9e:0a:cd:8b:
30:75:71:35:8a:98:0f:db:ac:4c:ea:f6:6c:1e:49:
45:84:86:0b:f1:02:38:53:01:57:ec:40:a5:fb:19:
02:52:19:fb:ff:1e:76:70:7f:4b:99:35:57:cb:8c:
02:e5:97:7e:a2:78:e5:59:74:d4:e1:c9:72:e5:c2:
78:06:23:8f:e1:06:ea:69:82:83:ee:9a:76:a0:67:
3d:f5:d1:7e:77:d7:8a:12:d9:2c:fa:74:b7:c9:e8:
da:6b:23:b2:5f:52:62:18:56:9c:c3:ca:d8:16:6e:
20:15:05:13:51:ee:28:c2:86:f8:0e:eb:09:70:6f:
8f:fe:8a:b1:8f:1d:e9:00:62:f2:7e:7b:9e:81:59:
29:f0:bb:09:d5:41:43:3b:49:a0:cc:99:e7:19:2c:
ff:ba:84:44:43:99:4a:93:21:f6:22:ab:22:1b:20:
92:6b:fe:77:9f:60:df:f7:5b:1b:c7:2e:2b:9b:ed:
87:2c:56:1f:58:bb:e7:15:d4:23:03:46:2c:d1:23:
20:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:7E:B4:01:CF:21:0C:D1:8B:A4:63:58:72:D6:26:23:75:7C:B1:08
X509v3 Authority Key Identifier:
keyid:4B:40:5C:AA:B3:4B:BF:DE:6B:8E:E6:6C:60:08:60:C6:CE:96:F3:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S0BcqrNLv95rjuZsYAhgxs6W8ys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/6H60Ac8hDNGLpGNYctYmI3V8sQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/S0BcqrNLv95rjuZsYAhgxs6W8ys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.230.64.0/20
83.230.96.0/19
157.158.0.0/16
185.126.188.0/22
212.106.176.0/20
213.227.80.0-213.227.127.255
IPv6:
2a01:1d8::-2a01:1de:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
04:4c:54:fa:82:0e:7a:34:8e:4f:f5:a5:fa:44:e5:31:52:1a:
e7:49:95:ea:62:3f:95:f3:a0:9a:49:06:07:07:03:48:29:20:
21:9d:64:71:b7:62:87:71:51:2e:e3:be:87:0f:4a:0b:ac:e9:
37:93:d2:35:10:22:9d:db:b1:54:d4:76:0a:f2:14:23:08:a1:
b7:54:6d:40:0b:fb:d0:15:03:94:ac:a6:22:2b:ef:69:c4:17:
d4:53:af:f0:db:9e:38:53:24:34:15:58:97:b0:eb:d0:bd:b5:
63:4d:d9:54:b5:8c:ed:5d:d6:83:9d:7f:96:cf:ff:7a:d3:f7:
a1:0d:33:a0:4a:f8:9b:4a:87:44:ca:91:6a:6f:91:14:98:59:
f7:88:1e:44:ab:06:4d:d0:d5:da:44:d9:74:5f:be:7e:a8:fc:
f9:54:46:39:91:da:af:11:ae:d1:d4:cb:83:82:88:01:73:7d:
29:b6:ad:a6:5b:ad:0d:74:ae:f6:df:9d:ba:a5:06:35:e1:df:
1d:b2:95:f6:1e:69:55:24:e6:d6:7f:24:3f:28:15:1e:7a:57:
47:29:4f:49:7c:fd:32:0b:9f:02:42:11:6c:61:f7:73:80:3a:
24:ac:ef:0c:d8:cf:b9:53:23:13:e4:dc:4a:43:5b:dc:e3:ae:
c0:9e:ca:97
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAYzHlSMlcIgxuqMMbOpBMGOGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNDA1Y2FhYjM0YmJmZGU2YjhlZTY2YzYwMDg2MGM2Y2U5
NmYzMmIwHhcNMjQwMTAyMDAzMTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODdlYjQwMWNmMjEwY2QxOGJhNDYzNTg3MmQ2MjYyMzc1N2NiMTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+WK+lxJ/TnzKGwbkVrsxGj7NZ1s
stLYQBQmTQv9KOHaWq3XmB3SlYLK1mE9syazvjN0dQlLYZ4KzYswdXE1ipgP26xM
6vZsHklFhIYL8QI4UwFX7ECl+xkCUhn7/x52cH9LmTVXy4wC5Zd+onjlWXTU4cly
5cJ4BiOP4QbqaYKD7pp2oGc99dF+d9eKEtks+nS3yejaayOyX1JiGFacw8rYFm4g
FQUTUe4owob4DusJcG+P/oqxjx3pAGLyfnuegVkp8LsJ1UFDO0mgzJnnGSz/uoRE
Q5lKkyH2IqsiGyCSa/53n2Df91sbxy4rm+2HLFYfWLvnFdQjA0Ys0SMg3QIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFOh+tAHPIQzRi6RjWHLWJiN1fLEIMB8GA1UdIwQY
MBaAFEtAXKqzS7/ea47mbGAIYMbOlvMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzBCY3FyTkx2OTVyanVac1lBaGd4czZXOHlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS85MTRkMzktMzAyMC00Yjc5LWFkMjYt
ZDg3YWZmYjhiYzYxLzEvNkg2MEFjOGhETkdMcEdOWWN0WW1JM1Y4c1FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS85MTRkMzktMzAyMC00Yjc5LWFkMjYtZDg3YWZmYjhiYzYx
LzEvUzBCY3FyTkx2OTVyanVac1lBaGd4czZXOHlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzAxBAIAATArAwQEU+ZAAwQF
U+ZgAwMAnZ4DBAK5frwDBATUarAwDAMEBNXjUAMEB9XjADAWBAIAAjAQMA4DBQMq
AQHYAwUAKgEB3jANBgkqhkiG9w0BAQsFAAOCAQEABExU+oIOejSOT/Wl+kTlMVIa
50mV6mI/lfOgmkkGBwcDSCkgIZ1kcbdih3FRLuO+hw9KC6zpN5PSNRAinduxVNR2
CvIUIwiht1RtQAv70BUDlKymIivvacQX1FOv8NueOFMkNBVYl7Dr0L21Y03ZVLWM
7V3Wg51/ls//etP3oQ0zoEr4m0qHRMqRam+RFJhZ94geRKsGTdDV2kTZdF++fqj8
+VRGOZHarxGu0dTLg4KIAXN9KbatplutDXSu9t+duqUGNeHfHbKV9h5pVSTm1n8k
PygVHnpXRylPSXz9MgufAkIRbGH3c4A6JKzvDNjPuVMjE+TcSkNb3OOuwJ7Klw==
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:00:26 2024 by rpki-client on console-ams.rpki-client.org