Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ag6pzhc34y_eUvF18bRsWTvVyEI.roa
File: ag6pzhc34y_eUvF18bRsWTvVyEI.roa (raw, json)
Hash identifier: O5ZdpmpaBfT3BbG+7embDBJCjREAx3sR95oaOJWgpA8=
Subject key identifier: 6A:0E:A9:CE:17:37:E3:2F:DE:52:F1:75:F1:B4:6C:59:3B:D5:C8:42
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01903B672A331F374821EA9F8C79D2DCDEE3
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ag6pzhc34y_eUvF18bRsWTvVyEI.roa
Signing time: Fri 21 Jun 2024 15:25:34 +0000
ROA not before: Fri 21 Jun 2024 15:25:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 63150
IP address blocks: 82.152.6.0/24 maxlen: 24
89.213.150.0/24 maxlen: 24
194.105.83.0/24 maxlen: 24
194.105.89.0/24 maxlen: 24
213.218.228.0/24 maxlen: 24
213.218.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 28 Jun 2024 14:20:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:3b:67:2a:33:1f:37:48:21:ea:9f:8c:79:d2:dc:de:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 21 15:25:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a0ea9ce1737e32fde52f175f1b46c593bd5c842
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:db:f0:fe:72:54:68:8b:54:fb:3b:5e:28:0e:
34:75:73:fb:f7:af:2a:38:e2:07:95:d0:2d:b0:1e:
5f:fa:2e:54:8f:9b:e2:b1:6f:95:07:99:4a:89:9d:
26:78:27:75:f3:5f:76:f2:7e:c9:db:ea:b8:af:0d:
1a:8d:fb:2d:61:8d:1e:16:b0:e2:36:6a:5d:40:90:
d6:4c:ac:62:17:3b:c3:f7:06:c7:53:5d:02:e6:c9:
c5:c5:2e:33:9c:ae:99:5a:b7:91:08:6b:b4:31:3a:
05:6d:ea:70:dd:9f:9a:93:8f:e3:83:81:8a:ff:19:
8a:12:66:37:e7:2f:3f:77:0f:42:60:a9:6f:46:5c:
21:50:f7:4f:39:d2:3f:f0:cf:32:62:9f:f9:d5:15:
96:1f:15:b3:ca:1a:89:00:c2:6c:6f:15:ce:6b:00:
bc:11:eb:65:39:ac:51:fa:2e:bb:5b:ae:ab:40:9a:
f4:ce:67:ae:93:6a:aa:fd:dd:59:aa:5d:4b:a3:0f:
d9:46:d9:0a:fb:bb:21:d8:f2:46:15:0f:97:45:d1:
79:38:73:85:1e:79:da:d9:e1:fa:98:a0:58:11:0e:
2a:e7:5b:88:b8:be:7a:e2:1c:df:06:a1:30:f2:fc:
92:13:8c:d3:e8:7e:6f:04:9e:b2:80:a5:e7:5a:69:
05:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:0E:A9:CE:17:37:E3:2F:DE:52:F1:75:F1:B4:6C:59:3B:D5:C8:42
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ag6pzhc34y_eUvF18bRsWTvVyEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.6.0/24
89.213.150.0/24
194.105.83.0/24
194.105.89.0/24
213.218.228.0/24
213.218.255.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:64:93:59:f8:66:2f:4b:46:84:4a:42:31:1c:46:4a:75:78:
d7:1a:6f:40:e5:89:1c:5a:34:11:fc:b8:09:e5:31:b3:27:92:
f4:28:99:c0:04:98:b7:e5:db:b4:ce:7d:6e:ee:05:d9:80:df:
6c:75:1b:39:16:ed:72:ef:0f:fe:56:27:d0:7a:67:ca:4a:74:
bb:b5:da:71:38:74:91:fc:0d:13:f0:8e:67:a4:65:52:df:14:
f4:4b:36:04:3d:9c:0b:9c:87:3e:2c:9b:cc:e0:e0:06:2f:c1:
b4:31:bf:38:d0:cf:c8:16:36:4d:f2:f0:e7:1e:4c:ec:f6:ad:
50:57:9d:9f:52:68:ff:03:88:55:85:cb:d0:bc:a4:76:72:03:
41:c4:ce:d4:78:bb:ce:cd:82:98:a1:14:74:60:14:3a:c7:8c:
49:2f:de:97:a1:17:7c:a3:c0:dd:b4:e3:d6:a8:7e:53:ec:d0:
32:9c:28:e7:bc:eb:87:ca:c0:5d:75:ce:ce:c4:4d:cc:f0:b0:
cf:34:94:ee:6e:bc:67:e6:98:df:1a:fd:91:21:74:1f:db:1b:
d0:9c:64:5e:97:2b:f4:9c:8e:ba:65:f3:a6:9f:66:1a:d4:15:
bc:1a:da:59:b0:b7:76:b7:8d:71:c8:17:2d:17:34:d3:f3:79:
16:04:7c:04
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZA7ZyozHzdIIeqfjHnS3N7jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjIxMTUyNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTBlYTljZTE3MzdlMzJmZGU1MmYxNzVmMWI0NmM1OTNiZDVjODQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Nvw/nJUaItU+zteKA40dXP7968q
OOIHldAtsB5f+i5Uj5visW+VB5lKiZ0meCd181928n7J2+q4rw0ajfstYY0eFrDi
NmpdQJDWTKxiFzvD9wbHU10C5snFxS4znK6ZWreRCGu0MToFbepw3Z+ak4/jg4GK
/xmKEmY35y8/dw9CYKlvRlwhUPdPOdI/8M8yYp/51RWWHxWzyhqJAMJsbxXOawC8
EetlOaxR+i67W66rQJr0zmeuk2qq/d1Zql1Low/ZRtkK+7sh2PJGFQ+XRdF5OHOF
Hnna2eH6mKBYEQ4q51uIuL564hzfBqEw8vySE4zT6H5vBJ6ygKXnWmkFUwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGoOqc4XN+Mv3lLxdfG0bFk71chCMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvYWc2cHpoYzM0eV9lVXZGMThiUnNXVHZWeUVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUpgGAwQA
WdWWAwQAwmlTAwQAwmlZAwQA1drkAwQA1dr/MA0GCSqGSIb3DQEBCwUAA4IBAQCc
ZJNZ+GYvS0aESkIxHEZKdXjXGm9A5YkcWjQR/LgJ5TGzJ5L0KJnABJi35du0zn1u
7gXZgN9sdRs5Fu1y7w/+VifQemfKSnS7tdpxOHSR/A0T8I5npGVS3xT0SzYEPZwL
nIc+LJvM4OAGL8G0Mb840M/IFjZN8vDnHkzs9q1QV52fUmj/A4hVhcvQvKR2cgNB
xM7UeLvOzYKYoRR0YBQ6x4xJL96XoRd8o8DdtOPWqH5T7NAynCjnvOuHysBddc7O
xE3M8LDPNJTubrxn5pjfGv2RIXQf2xvQnGRelyv0nI66ZfOmn2Ya1BW8GtpZsLd2
t41xyBctFzTT83kWBHwE
-----END CERTIFICATE-----
Generated at Thu Jun 27 22:42:35 2024 by rpki-client on console-fra.rpki-client.org