Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/bb298b-3c39-49b2-abb1-11d636b56dab/1/6LA2BcDlwm5RqpYztK2K5Ox4SRM.roa
File: 6LA2BcDlwm5RqpYztK2K5Ox4SRM.roa (raw, json)
Hash identifier: BGzeVn8+xkAaAjte9METmx2/8BTkDDFsBQIMSP9amc0=
Subject key identifier: E8:B0:36:05:C0:E5:C2:6E:51:AA:96:33:B4:AD:8A:E4:EC:78:49:13
Certificate issuer: /CN=68da206c83d505e254b3ef3c7650f9fb93453435
Certificate serial: 018CC64AEF600A9298CC1EC807D15C4826DE
Authority key identifier: 68:DA:20:6C:83:D5:05:E2:54:B3:EF:3C:76:50:F9:FB:93:45:34:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNogbIPVBeJUs-88dlD5-5NFNDU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/bb298b-3c39-49b2-abb1-11d636b56dab/1/6LA2BcDlwm5RqpYztK2K5Ox4SRM.roa
Signing time: Mon 01 Jan 2024 18:30:48 +0000
ROA not before: Mon 01 Jan 2024 18:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60781
IP address blocks: 185.73.34.0/24 maxlen: 24
185.73.33.0/24 maxlen: 24
185.73.32.0/23 maxlen: 23
2a05:3f40::/30 maxlen: 30
2a05:3f44::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/bb298b-3c39-49b2-abb1-11d636b56dab/1/aNogbIPVBeJUs-88dlD5-5NFNDU.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/bb298b-3c39-49b2-abb1-11d636b56dab/1/aNogbIPVBeJUs-88dlD5-5NFNDU.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNogbIPVBeJUs-88dlD5-5NFNDU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:02:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:ef:60:0a:92:98:cc:1e:c8:07:d1:5c:48:26:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68da206c83d505e254b3ef3c7650f9fb93453435
Validity
Not Before: Jan 1 18:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e8b03605c0e5c26e51aa9633b4ad8ae4ec784913
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:4f:91:c0:02:51:47:29:21:a1:33:47:f0:ef:
a1:1b:8f:3d:d6:cc:a8:ca:1a:f6:5e:ea:77:fa:c4:
86:81:d0:c9:67:28:07:18:3c:a4:03:b0:e0:a9:9f:
1d:7f:77:91:45:e3:b1:e0:23:f9:44:54:b8:bd:fb:
fd:94:14:6f:e5:3c:01:26:86:cc:14:5d:cf:22:0c:
58:05:b6:84:33:71:b1:d0:28:30:70:a3:6b:3f:78:
a7:d9:48:23:9f:e6:5b:be:42:27:83:83:61:b6:7b:
fc:dd:6f:ef:8e:ce:ce:23:46:7a:54:f4:c0:b3:04:
de:d7:ff:93:0b:50:01:86:46:83:2e:bb:a1:a7:9e:
7a:c9:c7:4b:1c:40:72:69:9b:e2:be:ee:8c:94:e3:
40:91:4c:f2:38:d2:fc:14:6b:0c:24:59:6c:4d:d3:
e8:4f:ed:91:a0:11:78:2f:fc:35:8d:c5:e7:2b:13:
e3:20:e4:6e:22:eb:06:17:78:c6:fe:fb:f4:32:c3:
86:7f:fe:fd:43:68:96:d6:ca:6f:e7:18:b0:96:b2:
a1:5c:81:17:c1:73:05:82:f2:e8:c5:03:39:8a:dc:
c0:4f:2c:ea:c4:bf:5a:7b:c9:1e:34:dd:c9:cb:67:
96:42:45:81:ae:02:ad:ed:12:0f:3b:35:72:9c:9b:
7b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:B0:36:05:C0:E5:C2:6E:51:AA:96:33:B4:AD:8A:E4:EC:78:49:13
X509v3 Authority Key Identifier:
keyid:68:DA:20:6C:83:D5:05:E2:54:B3:EF:3C:76:50:F9:FB:93:45:34:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNogbIPVBeJUs-88dlD5-5NFNDU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/bb298b-3c39-49b2-abb1-11d636b56dab/1/6LA2BcDlwm5RqpYztK2K5Ox4SRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/bb298b-3c39-49b2-abb1-11d636b56dab/1/aNogbIPVBeJUs-88dlD5-5NFNDU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.73.32.0-185.73.34.255
IPv6:
2a05:3f40::/29
Signature Algorithm: sha256WithRSAEncryption
46:a2:b9:f9:44:b4:04:a0:35:e4:c1:88:7b:61:8d:12:04:8c:
f1:57:68:a3:43:b8:a0:83:17:52:6c:a0:07:ee:28:89:86:9d:
a2:db:f1:0e:f9:63:80:39:90:85:d7:82:21:1f:68:e0:30:a4:
77:de:1b:aa:51:80:e4:5a:cc:91:8a:31:cd:9e:11:b9:9f:2c:
2f:74:8e:33:25:9b:dc:19:39:3b:2b:d7:ae:35:db:9a:b5:2f:
09:5e:c1:8e:91:98:91:b6:30:53:cb:98:47:25:65:24:44:77:
77:f1:41:e7:e2:a9:6c:4c:65:d5:0c:45:2f:97:4f:27:ee:c9:
b8:e1:8a:26:66:59:28:42:37:6d:b7:cc:3a:2f:cc:51:1f:17:
b5:ae:ba:e2:d7:d0:3f:ef:0f:29:f5:6a:2b:fe:6f:c3:5f:16:
dc:48:10:91:e8:d6:c9:1d:35:2f:9d:ec:4b:f6:60:1f:b7:b6:
94:81:1a:e5:cf:74:47:34:b3:2f:b4:68:16:fb:ec:6a:6a:6d:
06:76:91:5d:28:21:27:e9:e7:aa:9d:e0:98:0f:03:e1:ce:21:
db:4a:b3:5e:38:bd:29:30:61:49:22:ba:5e:fa:e1:7d:ab:12:
b6:f2:92:ed:9e:14:81:19:cb:20:a0:0c:05:47:20:d2:d2:cb:
4d:e0:d2:09
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzGSu9gCpKYzB7IB9FcSCbeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZGEyMDZjODNkNTA1ZTI1NGIzZWYzYzc2NTBmOWZiOTM0
NTM0MzUwHhcNMjQwMTAxMTgzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGIwMzYwNWMwZTVjMjZlNTFhYTk2MzNiNGFkOGFlNGVjNzg0OTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApE+RwAJRRykhoTNH8O+hG4891syo
yhr2Xup3+sSGgdDJZygHGDykA7DgqZ8df3eRReOx4CP5RFS4vfv9lBRv5TwBJobM
FF3PIgxYBbaEM3Gx0CgwcKNrP3in2Ugjn+ZbvkIng4Nhtnv83W/vjs7OI0Z6VPTA
swTe1/+TC1ABhkaDLruhp556ycdLHEByaZvivu6MlONAkUzyONL8FGsMJFlsTdPo
T+2RoBF4L/w1jcXnKxPjIORuIusGF3jG/vv0MsOGf/79Q2iW1spv5xiwlrKhXIEX
wXMFgvLoxQM5itzATyzqxL9ae8keNN3Jy2eWQkWBrgKt7RIPOzVynJt7lQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFOiwNgXA5cJuUaqWM7StiuTseEkTMB8GA1UdIwQY
MBaAFGjaIGyD1QXiVLPvPHZQ+fuTRTQ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU5vZ2JJUFZCZUpVcy04OGRsRDUtNU5GTkRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9iYjI5OGItM2MzOS00OWIyLWFiYjEt
MTFkNjM2YjU2ZGFiLzEvNkxBMkJjRGx3bTVScXBZenRLMks1T3g0U1JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9iYjI5OGItM2MzOS00OWIyLWFiYjEtMTFkNjM2YjU2ZGFi
LzEvYU5vZ2JJUFZCZUpVcy04OGRsRDUtNU5GTkRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAW5SSAD
BAC5SSIwDQQCAAIwBwMFAyoFP0AwDQYJKoZIhvcNAQELBQADggEBAEaiuflEtASg
NeTBiHthjRIEjPFXaKNDuKCDF1JsoAfuKImGnaLb8Q75Y4A5kIXXgiEfaOAwpHfe
G6pRgORazJGKMc2eEbmfLC90jjMlm9wZOTsr164125q1LwlewY6RmJG2MFPLmEcl
ZSREd3fxQefiqWxMZdUMRS+XTyfuybjhiiZmWShCN223zDovzFEfF7WuuuLX0D/v
Dyn1aiv+b8NfFtxIEJHo1skdNS+d7Ev2YB+3tpSBGuXPdEc0sy+0aBb77GpqbQZ2
kV0oISfp56qd4JgPA+HOIdtKs144vSkwYUkiul764X2rErbyku2eFIEZyyCgDAVH
INLSy03g0gk=
-----END CERTIFICATE-----
Generated at Wed May 8 21:06:20 2024 by rpki-client on console-ams.rpki-client.org