Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/6r-XiJQpME6rDRQ1JHazMoZMQDQ.roa
File: 6r-XiJQpME6rDRQ1JHazMoZMQDQ.roa (raw, json)
Hash identifier: SFgi8tg1Q1VLVHW1DRghEX9XLxZttUYeXGt4/2A+zBc=
Subject key identifier: EA:BF:97:88:94:29:30:4E:AB:0D:14:35:24:76:B3:32:86:4C:40:34
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 018CC64A8B084B9D90742EC0A8AE2E08E242
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/6r-XiJQpME6rDRQ1JHazMoZMQDQ.roa
Signing time: Mon 01 Jan 2024 18:30:23 +0000
ROA not before: Mon 01 Jan 2024 18:30:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209026
IP address blocks: 188.72.121.0/24 maxlen: 24
188.72.122.0/24 maxlen: 24
188.72.123.0/24 maxlen: 24
188.72.120.0/24 maxlen: 24
188.72.120.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:8b:08:4b:9d:90:74:2e:c0:a8:ae:2e:08:e2:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 18:30:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eabf97889429304eab0d14352476b332864c4034
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ce:ea:1b:f2:66:0e:3a:fd:d7:1c:4f:94:80:
b7:42:90:23:cb:f3:93:b2:c1:d4:7c:6c:63:0c:3e:
0e:05:f2:89:a2:19:4e:fc:f8:a3:78:df:af:38:ab:
ea:0d:61:fc:f4:10:56:ca:ea:bd:22:a4:1d:d3:1b:
c9:42:73:9a:2c:cd:78:f1:a5:f9:59:08:17:ec:c1:
c5:aa:17:c0:f2:ad:db:8e:85:8f:41:63:c1:0c:7d:
56:c6:0c:1d:5e:9a:b6:2e:7a:85:8c:66:e1:52:e2:
ce:9b:1a:33:0e:40:63:77:bd:83:d2:c9:6a:e1:79:
4e:d4:3e:1a:f7:46:15:e2:54:e8:28:54:30:37:c0:
66:d1:19:d8:a6:2b:6b:b3:38:8c:80:7b:c9:dd:fb:
79:77:d4:bf:47:46:5b:19:b7:98:f6:b9:2f:3c:83:
ca:ba:2c:c1:c6:d6:8d:99:ab:e9:f4:5a:72:a3:b9:
1c:39:9c:36:ec:58:a3:22:56:7a:42:12:3a:1f:c3:
f3:6f:bc:5a:ae:13:bd:94:fd:b4:b1:13:2f:78:9c:
95:77:50:2d:1f:54:58:44:4d:e7:27:6f:78:81:0f:
54:9e:15:3f:10:3a:52:02:9f:90:e9:58:03:1d:c9:
57:a3:a8:22:1b:c6:7b:6b:c3:8d:02:c0:c3:0c:d4:
54:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:BF:97:88:94:29:30:4E:AB:0D:14:35:24:76:B3:32:86:4C:40:34
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/6r-XiJQpME6rDRQ1JHazMoZMQDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.72.120.0/22
Signature Algorithm: sha256WithRSAEncryption
ab:03:22:f1:48:67:19:bc:4e:66:15:c8:25:45:19:34:9d:1d:
64:f1:16:1c:4c:74:81:a8:25:e7:a6:06:4e:4d:37:cd:a4:ef:
90:ae:fd:b8:42:eb:9e:86:34:70:ed:16:67:37:77:a4:fd:36:
f7:7d:fb:54:c6:49:d0:05:48:3d:30:2b:da:1b:49:6f:22:6a:
a9:ae:2d:c0:f8:8f:10:81:e6:dc:71:01:74:85:7e:54:55:27:
7f:6e:60:d0:2a:d6:e0:8d:88:f6:f4:fd:90:d0:f3:37:86:57:
e9:4e:41:79:41:48:f1:cb:16:ea:e0:04:f6:eb:e6:a5:74:49:
5d:e2:bf:74:83:14:40:3e:45:31:6f:7b:5e:e9:07:70:97:a8:
02:95:74:41:a7:61:e8:28:6e:f8:22:23:12:9f:43:46:23:51:
3f:0e:69:b8:32:c3:3f:0c:eb:8a:3f:c7:15:de:bd:7f:04:96:
1f:a1:31:13:7a:62:6f:aa:88:e8:db:19:f5:5b:12:72:26:ba:
c1:09:c3:51:30:f6:91:0a:e6:30:27:55:45:9a:8e:4e:d7:85:
e4:94:39:3f:66:d9:1e:bb:a9:b5:4b:cb:2a:46:60:b9:76:46:
a2:e6:f2:4c:0b:d6:73:81:08:d0:91:73:9a:1d:60:e0:4d:58:
4c:7b:bd:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSosIS52QdC7AqK4uCOJCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjQwMTAxMTgzMDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWJmOTc4ODk0MjkzMDRlYWIwZDE0MzUyNDc2YjMzMjg2NGM0MDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgc7qG/JmDjr91xxPlIC3QpAjy/OT
ssHUfGxjDD4OBfKJohlO/PijeN+vOKvqDWH89BBWyuq9IqQd0xvJQnOaLM148aX5
WQgX7MHFqhfA8q3bjoWPQWPBDH1WxgwdXpq2LnqFjGbhUuLOmxozDkBjd72D0slq
4XlO1D4a90YV4lToKFQwN8Bm0RnYpitrsziMgHvJ3ft5d9S/R0ZbGbeY9rkvPIPK
uizBxtaNmavp9Fpyo7kcOZw27FijIlZ6QhI6H8Pzb7xarhO9lP20sRMveJyVd1At
H1RYRE3nJ294gQ9UnhU/EDpSAp+Q6VgDHclXo6giG8Z7a8ONAsDDDNRU+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOq/l4iUKTBOqw0UNSR2szKGTEA0MB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvNnItWGlKUXBNRTZyRFJRMUpIYXpNb1pNUURRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvEh4MA0G
CSqGSIb3DQEBCwUAA4IBAQCrAyLxSGcZvE5mFcglRRk0nR1k8RYcTHSBqCXnpgZO
TTfNpO+Qrv24QuuehjRw7RZnN3ek/Tb3fftUxknQBUg9MCvaG0lvImqpri3A+I8Q
gebccQF0hX5UVSd/bmDQKtbgjYj29P2Q0PM3hlfpTkF5QUjxyxbq4AT26+aldEld
4r90gxRAPkUxb3te6Qdwl6gClXRBp2HoKG74IiMSn0NGI1E/Dmm4MsM/DOuKP8cV
3r1/BJYfoTETemJvqojo2xn1WxJyJrrBCcNRMPaRCuYwJ1VFmo5O14XklDk/Ztke
u6m1S8sqRmC5dkai5vJMC9ZzgQjQkXOaHWDgTVhMe72D
-----END CERTIFICATE-----
Generated at Sat May 18 05:46:45 2024 by rpki-client on console-fra.rpki-client.org