Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/6c5cd2-1920-4564-bc2c-94177f8d877c/1/pY7yHF8MpeOV8qrPPOZSVf7YQQ0.roa
File: pY7yHF8MpeOV8qrPPOZSVf7YQQ0.roa (raw, json)
Hash identifier: CFeChN3Mr9gATvBj5Iz1FDvmhzQ27bwNBr/Lv8s/7ec=
Subject key identifier: A5:8E:F2:1C:5F:0C:A5:E3:95:F2:AA:CF:3C:E6:52:55:FE:D8:41:0D
Certificate issuer: /CN=6a937d95aebbbe62b90f24dea4d663170a6659ec
Certificate serial: 018CC7270E42B2D92A2D6B15DE6F3CC8F803
Authority key identifier: 6A:93:7D:95:AE:BB:BE:62:B9:0F:24:DE:A4:D6:63:17:0A:66:59:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/apN9la67vmK5DyTepNZjFwpmWew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/6c5cd2-1920-4564-bc2c-94177f8d877c/1/pY7yHF8MpeOV8qrPPOZSVf7YQQ0.roa
Signing time: Mon 01 Jan 2024 22:31:14 +0000
ROA not before: Mon 01 Jan 2024 22:31:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29210
IP address blocks: 195.69.122.0/24 maxlen: 24
195.69.120.0/22 maxlen: 22
195.69.123.0/24 maxlen: 24
195.69.120.0/24 maxlen: 24
195.69.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/6c5cd2-1920-4564-bc2c-94177f8d877c/1/apN9la67vmK5DyTepNZjFwpmWew.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/6c5cd2-1920-4564-bc2c-94177f8d877c/1/apN9la67vmK5DyTepNZjFwpmWew.mft
rsync://rpki.ripe.net/repository/DEFAULT/apN9la67vmK5DyTepNZjFwpmWew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 19:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:0e:42:b2:d9:2a:2d:6b:15:de:6f:3c:c8:f8:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a937d95aebbbe62b90f24dea4d663170a6659ec
Validity
Not Before: Jan 1 22:31:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a58ef21c5f0ca5e395f2aacf3ce65255fed8410d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:dc:d8:e2:61:4b:78:52:23:6e:a0:15:15:4a:
2b:59:6a:8c:1a:8b:a8:a8:e7:68:14:f3:5c:c5:7b:
61:7b:08:e9:d0:91:2e:7d:6a:d5:5b:41:cd:66:67:
f5:fa:45:c4:ce:ce:b8:71:0a:1d:c0:5c:31:8b:e1:
73:bf:e1:d5:15:8d:71:28:74:6b:d5:aa:9e:46:08:
9d:60:5a:8a:65:06:c9:b2:41:96:79:3e:0c:a8:9e:
65:45:3c:50:3a:02:4f:a8:ca:39:82:fd:70:ef:3a:
7b:45:6e:85:cd:9c:84:2e:93:29:15:62:d1:a7:ce:
09:b2:c7:5d:94:5d:e0:48:40:5c:fa:61:53:67:c1:
e5:b6:de:0a:16:5a:ac:6b:60:59:16:82:53:23:45:
0c:d1:63:4c:db:8e:02:31:79:cd:b8:33:e0:38:b4:
08:fa:e4:77:6a:c1:e7:81:b0:a7:18:ab:b0:a4:e7:
88:37:ba:57:7b:a1:f3:01:bc:df:bc:40:a9:79:67:
47:60:89:48:c5:6c:b1:2f:e0:b5:d7:d9:ba:82:dc:
b9:28:bd:13:ae:dd:a5:16:a5:5f:b4:3a:83:cf:36:
2c:87:35:e4:75:ad:29:4a:68:0c:a9:7c:61:ca:c9:
11:28:c0:2d:9a:c1:42:2d:ba:fb:20:e7:ca:6c:0a:
ce:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:8E:F2:1C:5F:0C:A5:E3:95:F2:AA:CF:3C:E6:52:55:FE:D8:41:0D
X509v3 Authority Key Identifier:
keyid:6A:93:7D:95:AE:BB:BE:62:B9:0F:24:DE:A4:D6:63:17:0A:66:59:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/apN9la67vmK5DyTepNZjFwpmWew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6c5cd2-1920-4564-bc2c-94177f8d877c/1/pY7yHF8MpeOV8qrPPOZSVf7YQQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6c5cd2-1920-4564-bc2c-94177f8d877c/1/apN9la67vmK5DyTepNZjFwpmWew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.69.120.0/22
Signature Algorithm: sha256WithRSAEncryption
18:25:79:a2:13:90:19:a2:2a:fd:12:4c:06:b7:0d:2d:b7:d5:
31:f7:19:0f:38:22:df:b7:25:9e:07:97:8c:27:12:d8:a6:7c:
4e:6a:b4:29:c0:c0:58:07:34:77:66:60:fe:21:ce:fd:76:9f:
b5:ad:36:7e:2c:52:ea:01:88:80:2c:5a:d8:62:8f:cb:46:84:
f2:12:68:60:8b:3f:d3:fe:57:bb:b6:c6:d8:bb:b9:19:10:1c:
e9:f1:93:0b:1a:31:4b:9e:81:4b:f3:68:81:2e:b3:44:2e:3e:
0f:03:39:f8:63:94:55:f8:3d:ab:02:86:e4:e9:1f:85:df:ee:
2f:5e:60:9d:20:19:69:c6:4f:97:41:42:7b:52:52:1c:b2:ff:
c0:49:cc:8f:e0:bc:b3:19:38:cd:f2:a6:10:2c:a2:3f:0f:0f:
87:70:4f:25:78:66:b0:70:01:fc:35:63:93:df:1c:a3:bc:53:
ba:36:ad:20:d6:f0:65:3e:69:d5:1a:49:e7:b7:55:dc:27:9e:
d6:48:fe:a9:c9:db:23:69:06:97:1d:e8:59:45:11:19:70:dc:
65:80:0b:cd:4f:f8:eb:b7:72:9d:98:f4:eb:15:17:f6:47:bd:
e6:39:a4:e1:55:13:42:ef:06:8d:1b:34:1a:f6:b0:61:8a:5b:
71:c2:86:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJw5CstkqLWsV3m88yPgDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhOTM3ZDk1YWViYmJlNjJiOTBmMjRkZWE0ZDY2MzE3MGE2
NjU5ZWMwHhcNMjQwMTAxMjIzMTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNThlZjIxYzVmMGNhNWUzOTVmMmFhY2YzY2U2NTI1NWZlZDg0MTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9zY4mFLeFIjbqAVFUorWWqMGouo
qOdoFPNcxXthewjp0JEufWrVW0HNZmf1+kXEzs64cQodwFwxi+Fzv+HVFY1xKHRr
1aqeRgidYFqKZQbJskGWeT4MqJ5lRTxQOgJPqMo5gv1w7zp7RW6FzZyELpMpFWLR
p84JssddlF3gSEBc+mFTZ8Hltt4KFlqsa2BZFoJTI0UM0WNM244CMXnNuDPgOLQI
+uR3asHngbCnGKuwpOeIN7pXe6HzAbzfvECpeWdHYIlIxWyxL+C119m6gty5KL0T
rt2lFqVftDqDzzYshzXkda0pSmgMqXxhyskRKMAtmsFCLbr7IOfKbArOiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKWO8hxfDKXjlfKqzzzmUlX+2EENMB8GA1UdIwQY
MBaAFGqTfZWuu75iuQ8k3qTWYxcKZlnsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXBOOWxhNjd2bUs1RHlUZXBOWmpGd3BtV2V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS82YzVjZDItMTkyMC00NTY0LWJjMmMt
OTQxNzdmOGQ4NzdjLzEvcFk3eUhGOE1wZU9WOHFyUFBPWlNWZjdZUVEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS82YzVjZDItMTkyMC00NTY0LWJjMmMtOTQxNzdmOGQ4Nzdj
LzEvYXBOOWxhNjd2bUs1RHlUZXBOWmpGd3BtV2V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw0V4MA0G
CSqGSIb3DQEBCwUAA4IBAQAYJXmiE5AZoir9EkwGtw0tt9Ux9xkPOCLftyWeB5eM
JxLYpnxOarQpwMBYBzR3ZmD+Ic79dp+1rTZ+LFLqAYiALFrYYo/LRoTyEmhgiz/T
/le7tsbYu7kZEBzp8ZMLGjFLnoFL82iBLrNELj4PAzn4Y5RV+D2rAobk6R+F3+4v
XmCdIBlpxk+XQUJ7UlIcsv/AScyP4LyzGTjN8qYQLKI/Dw+HcE8leGawcAH8NWOT
3xyjvFO6Nq0g1vBlPmnVGknnt1XcJ57WSP6pydsjaQaXHehZRREZcNxlgAvNT/jr
t3KdmPTrFRf2R73mOaThVRNC7waNGzQa9rBhiltxwobc
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:34:02 2024 by rpki-client on console-ams.rpki-client.org