Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/s6s_d4g_skp7fUFg555mRTncyvY.roa
File: s6s_d4g_skp7fUFg555mRTncyvY.roa (raw, json)
Hash identifier: XzBiMtb8M8F4pL/yOmj/nurbva8xb3lGKdQQqrnKo6c=
Subject key identifier: B3:AB:3F:77:88:3F:B2:4A:7B:7D:41:60:E7:9E:66:45:39:DC:CA:F6
Certificate issuer: /CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Certificate serial: 019096A5EB7D6543B47955BA638C223591BE
Authority key identifier: 6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/s6s_d4g_skp7fUFg555mRTncyvY.roa
Signing time: Tue 09 Jul 2024 08:39:34 +0000
ROA not before: Tue 09 Jul 2024 08:39:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203020
IP address blocks: 45.114.12.0/22 maxlen: 32
45.145.104.0/22 maxlen: 32
45.250.64.0/22 maxlen: 32
91.132.114.0/23 maxlen: 32
103.53.216.0/22 maxlen: 22
103.240.180.0/22 maxlen: 32
193.19.204.0/24 maxlen: 32
193.19.205.0/24 maxlen: 32
193.19.206.0/24 maxlen: 32
193.19.207.0/24 maxlen: 32
193.28.182.0/24 maxlen: 32
193.28.191.0/24 maxlen: 32
193.28.202.0/24 maxlen: 32
193.28.237.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.mft
rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:96:a5:eb:7d:65:43:b4:79:55:ba:63:8c:22:35:91:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Validity
Not Before: Jul 9 08:39:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3ab3f77883fb24a7b7d4160e79e664539dccaf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b5:d6:9f:06:85:93:b5:4b:43:33:19:95:b0:
c3:2f:5f:ee:ac:53:2d:0d:69:99:f9:a0:e7:67:0c:
4d:bf:1a:d1:ea:11:41:df:ce:6a:fa:7c:b2:88:2f:
1b:11:ec:93:f2:92:8d:12:0f:5d:4e:84:cf:a2:d4:
6a:9b:2a:e7:cd:dc:97:1a:81:cb:b7:aa:38:4d:ab:
e2:a6:0a:88:13:13:30:a5:98:05:b1:9d:a7:b6:1e:
7e:c9:ea:c1:ba:ec:9a:46:dd:89:ef:49:94:3c:0b:
76:07:d5:b3:89:a0:60:a3:81:54:39:d3:2d:94:98:
97:06:32:af:e5:16:7b:98:6e:f1:60:96:1a:1a:b8:
ca:d1:4a:b6:ba:ca:3b:24:ee:6f:ab:2e:b8:41:89:
14:d3:ac:57:43:50:d4:2b:53:18:4e:34:7a:17:91:
d6:f2:04:a3:70:84:36:59:71:0d:c0:4b:52:24:41:
66:31:f1:7e:7c:d3:79:27:72:6c:f5:6e:00:4c:d4:
08:9c:37:46:15:47:bb:a4:96:59:46:21:73:f3:19:
7b:35:23:0f:5a:53:cd:b2:13:f1:46:78:9c:b2:f1:
b5:5c:c1:e4:c1:b2:c3:4f:0c:6f:68:6f:e6:6d:1c:
a2:22:f1:e0:04:d0:9e:7c:ac:de:9e:ed:69:a5:d0:
35:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:AB:3F:77:88:3F:B2:4A:7B:7D:41:60:E7:9E:66:45:39:DC:CA:F6
X509v3 Authority Key Identifier:
keyid:6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/s6s_d4g_skp7fUFg555mRTncyvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.114.12.0/22
45.145.104.0/22
45.250.64.0/22
91.132.114.0/23
103.53.216.0/22
103.240.180.0/22
193.19.204.0/22
193.28.182.0/24
193.28.191.0/24
193.28.202.0/24
193.28.237.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:8e:f4:e2:4d:af:b6:5d:a4:9d:63:e3:ce:e5:62:18:39:1a:
4d:4a:2d:d3:80:56:21:9b:bc:a7:85:43:43:c0:23:cc:48:2b:
37:d4:0a:73:bc:61:0b:54:c0:f7:91:e3:8b:a0:6a:80:27:56:
dd:3f:ac:55:3e:e3:06:9d:58:50:f3:e0:0a:8a:31:c3:d3:16:
71:1c:df:69:a7:7a:10:d2:e2:75:08:02:cd:c6:03:f9:3e:b1:
08:cf:a9:ff:93:09:5b:90:1b:f3:ee:34:84:d6:7a:d0:10:ff:
e7:0d:de:a0:45:59:38:47:a4:55:0f:75:3f:3d:5f:41:07:ac:
42:e4:53:17:f7:dd:37:59:c1:e4:b0:e8:a0:c5:83:a1:c1:f6:
f8:b8:6b:70:09:60:21:0c:ec:b8:c3:46:67:ef:2d:27:4e:bb:
95:b2:01:73:d6:b8:22:30:2c:9c:ed:c0:20:ce:67:3c:05:aa:
74:b5:55:93:fb:a3:5e:7e:22:15:3f:25:3b:88:19:9b:aa:3f:
33:4e:9b:3d:3b:56:13:aa:2d:73:e4:49:67:ac:37:9f:25:84:
39:1c:7b:6b:dd:b4:2b:24:40:24:97:c6:e7:35:3c:c2:74:cc:
a8:2e:93:b6:74:0a:60:15:fe:7d:af:e0:e3:13:c5:ae:a4:0e:
59:6b:6d:c8
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZCWpet9ZUO0eVW6Y4wiNZG+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMDNhMmNhZjI5ODAxOWZiZDY2ODYyMTUxNmM4YzZlMWQx
MGU4M2MwHhcNMjQwNzA5MDgzOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2FiM2Y3Nzg4M2ZiMjRhN2I3ZDQxNjBlNzllNjY0NTM5ZGNjYWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLXWnwaFk7VLQzMZlbDDL1/urFMt
DWmZ+aDnZwxNvxrR6hFB385q+nyyiC8bEeyT8pKNEg9dToTPotRqmyrnzdyXGoHL
t6o4TavipgqIExMwpZgFsZ2nth5+yerBuuyaRt2J70mUPAt2B9WziaBgo4FUOdMt
lJiXBjKv5RZ7mG7xYJYaGrjK0Uq2uso7JO5vqy64QYkU06xXQ1DUK1MYTjR6F5HW
8gSjcIQ2WXENwEtSJEFmMfF+fNN5J3Js9W4ATNQInDdGFUe7pJZZRiFz8xl7NSMP
WlPNshPxRnicsvG1XMHkwbLDTwxvaG/mbRyiIvHgBNCefKzenu1ppdA1eQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFLOrP3eIP7JKe31BYOeeZkU53Mr2MB8GA1UdIwQY
MBaAFGwDosrymAGfvWaGIVFsjG4dEOg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDkt
ZmMzN2ZiMGNkNDNiLzEvczZzX2Q0Z19za3A3ZlVGZzU1NW1SVG5jeXZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8xNmI4ZTQtMTI1My00ZDllLWJkNDktZmMzN2ZiMGNkNDNi
LzEvYkFPaXl2S1lBWi05Wm9ZaFVXeU1iaDBRNkR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQCLXIMAwQC
LZFoAwQCLfpAAwQBW4RyAwQCZzXYAwQCZ/C0AwQCwRPMAwQAwRy2AwQAwRy/AwQA
wRzKAwQAwRztMA0GCSqGSIb3DQEBCwUAA4IBAQCrjvTiTa+2XaSdY+PO5WIYORpN
Si3TgFYhm7ynhUNDwCPMSCs31ApzvGELVMD3keOLoGqAJ1bdP6xVPuMGnVhQ8+AK
ijHD0xZxHN9pp3oQ0uJ1CALNxgP5PrEIz6n/kwlbkBvz7jSE1nrQEP/nDd6gRVk4
R6RVD3U/PV9BB6xC5FMX9903WcHksOigxYOhwfb4uGtwCWAhDOy4w0Zn7y0nTruV
sgFz1rgiMCyc7cAgzmc8Bap0tVWT+6NefiIVPyU7iBmbqj8zTps9O1YTqi1z5Eln
rDefJYQ5HHtr3bQrJEAkl8bnNTzCdMyoLpO2dApgFf59r+DjE8WupA5Za23I
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:35:16 2024 by rpki-client on console-fra.rpki-client.org