Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/afe373-e5bc-4010-8ad6-6aab2b1b922c/1/S25HOeGIJ5VRJJWoY27dZdHTE-o.roa
File: S25HOeGIJ5VRJJWoY27dZdHTE-o.roa (raw, json)
Hash identifier: jGh0wssupfk40T2Qtluw6S5jUsIEoRlNwTPY1PPT8p0=
Subject key identifier: 4B:6E:47:39:E1:88:27:95:51:24:95:A8:63:6E:DD:65:D1:D3:13:EA
Certificate issuer: /CN=6fa86d1c1676a59a46acf37336192e985cff0e5b
Certificate serial: 018CC5DC2AF060CCAEAB8FFD04F729D00716
Authority key identifier: 6F:A8:6D:1C:16:76:A5:9A:46:AC:F3:73:36:19:2E:98:5C:FF:0E:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b6htHBZ2pZpGrPNzNhkumFz_Dls.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/afe373-e5bc-4010-8ad6-6aab2b1b922c/1/S25HOeGIJ5VRJJWoY27dZdHTE-o.roa
Signing time: Mon 01 Jan 2024 16:29:49 +0000
ROA not before: Mon 01 Jan 2024 16:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209242
IP address blocks: 188.244.122.0/24 maxlen: 24
45.14.174.0/24 maxlen: 24
45.80.111.0/24 maxlen: 24
45.80.109.0/24 maxlen: 24
80.94.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/afe373-e5bc-4010-8ad6-6aab2b1b922c/1/b6htHBZ2pZpGrPNzNhkumFz_Dls.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/afe373-e5bc-4010-8ad6-6aab2b1b922c/1/b6htHBZ2pZpGrPNzNhkumFz_Dls.mft
rsync://rpki.ripe.net/repository/DEFAULT/b6htHBZ2pZpGrPNzNhkumFz_Dls.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Apr 2024 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:2a:f0:60:cc:ae:ab:8f:fd:04:f7:29:d0:07:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fa86d1c1676a59a46acf37336192e985cff0e5b
Validity
Not Before: Jan 1 16:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b6e4739e1882795512495a8636edd65d1d313ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c7:1f:09:b1:ee:3a:4b:a3:5c:41:df:e2:6e:
7a:51:db:e0:5b:2a:71:a4:d7:b2:1e:b9:4b:30:b8:
bd:8d:1d:23:d7:b7:d7:d0:b1:8c:ed:57:db:de:4a:
a9:35:c6:58:d1:bf:7b:fd:8d:fb:e5:56:d9:e3:e2:
ae:24:e8:ce:e0:67:56:4c:5f:72:ef:a5:d2:fd:54:
b8:0c:5c:22:82:e2:16:89:01:67:de:43:8a:c3:a6:
58:60:d6:a4:4a:c4:1a:c8:5c:b1:0d:32:a7:e9:c6:
bc:5e:72:4f:29:e3:f0:c4:25:21:c8:35:f6:3d:ab:
e1:9c:39:aa:fc:9f:ef:cc:95:86:57:ef:77:28:9b:
60:fd:f1:05:8d:c8:9c:a0:4c:41:c8:46:0a:f8:2f:
b2:f7:fa:53:c0:85:23:9b:73:26:3b:22:ab:9b:38:
13:a8:8e:d8:e3:8f:70:a7:95:c7:f9:bc:cc:96:1f:
7a:6b:e6:d8:ca:f6:ad:b6:21:75:be:a3:1d:fa:31:
a3:fa:bc:5b:7f:9e:4f:f0:62:93:bb:c4:68:37:b7:
5f:ec:a0:74:b0:a4:5b:ab:d4:8a:6b:e2:da:21:ad:
9e:9a:20:eb:25:01:c1:0d:d0:70:9a:03:e0:32:ea:
84:1a:56:5e:43:d1:a3:90:67:b6:71:e9:49:e8:71:
cc:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:6E:47:39:E1:88:27:95:51:24:95:A8:63:6E:DD:65:D1:D3:13:EA
X509v3 Authority Key Identifier:
keyid:6F:A8:6D:1C:16:76:A5:9A:46:AC:F3:73:36:19:2E:98:5C:FF:0E:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6htHBZ2pZpGrPNzNhkumFz_Dls.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/afe373-e5bc-4010-8ad6-6aab2b1b922c/1/S25HOeGIJ5VRJJWoY27dZdHTE-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/afe373-e5bc-4010-8ad6-6aab2b1b922c/1/b6htHBZ2pZpGrPNzNhkumFz_Dls.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.174.0/24
45.80.109.0/24
45.80.111.0/24
80.94.83.0/24
188.244.122.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:35:e6:d7:a4:cb:d1:01:09:7a:81:83:ce:49:b4:62:22:b3:
54:43:ea:6b:d2:93:02:89:38:1c:ba:31:c3:69:0e:21:91:57:
0f:30:dd:a0:76:af:8f:aa:1d:cd:3d:e3:4f:fe:a2:cb:ee:62:
d5:3d:e8:fd:70:b5:5a:1a:a2:fe:3e:40:74:f4:8a:ea:ca:1c:
43:9c:4f:cf:c9:b8:45:c6:55:2c:7f:aa:d1:52:90:64:12:d3:
7e:9a:ad:cd:a5:ca:5c:ce:99:3c:22:5c:fd:2f:d0:da:d5:b8:
41:06:c5:1b:3f:95:58:c2:56:eb:4a:aa:ed:44:f5:5a:16:66:
af:cf:00:a3:eb:a9:a7:79:26:f9:bf:70:2d:46:88:c4:da:99:
5f:ac:2f:ff:fb:89:e8:15:71:5e:be:46:9d:29:d5:20:53:97:
03:3d:7e:cc:b7:cc:df:73:b0:f4:39:1d:ab:d6:bb:42:b7:be:
77:72:67:6a:96:df:10:15:21:00:0f:d9:3d:fe:9f:de:c0:45:
ea:f7:b1:f3:40:0c:7c:fe:e1:8e:f3:6a:d3:6c:c5:eb:bb:a7:
45:e8:09:52:48:60:58:96:60:29:dc:c0:81:75:b3:4e:16:81:
03:65:35:91:69:89:0b:5e:89:c2:c0:6b:9f:0c:d6:d2:55:c0:
1f:ad:c3:5a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzF3CrwYMyuq4/9BPcp0AcWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYTg2ZDFjMTY3NmE1OWE0NmFjZjM3MzM2MTkyZTk4NWNm
ZjBlNWIwHhcNMjQwMTAxMTYyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjZlNDczOWUxODgyNzk1NTEyNDk1YTg2MzZlZGQ2NWQxZDMxM2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMcfCbHuOkujXEHf4m56UdvgWypx
pNeyHrlLMLi9jR0j17fX0LGM7Vfb3kqpNcZY0b97/Y375VbZ4+KuJOjO4GdWTF9y
76XS/VS4DFwiguIWiQFn3kOKw6ZYYNakSsQayFyxDTKn6ca8XnJPKePwxCUhyDX2
PavhnDmq/J/vzJWGV+93KJtg/fEFjcicoExByEYK+C+y9/pTwIUjm3MmOyKrmzgT
qI7Y449wp5XH+bzMlh96a+bYyvattiF1vqMd+jGj+rxbf55P8GKTu8RoN7df7KB0
sKRbq9SKa+LaIa2emiDrJQHBDdBwmgPgMuqEGlZeQ9GjkGe2celJ6HHMHwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEtuRznhiCeVUSSVqGNu3WXR0xPqMB8GA1UdIwQY
MBaAFG+obRwWdqWaRqzzczYZLphc/w5bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjZodEhCWjJwWnBHclBOek5oa3VtRnpfRGxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9hZmUzNzMtZTViYy00MDEwLThhZDYt
NmFhYjJiMWI5MjJjLzEvUzI1SE9lR0lKNVZSSkpXb1kyN2RaZEhURS1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9hZmUzNzMtZTViYy00MDEwLThhZDYtNmFhYjJiMWI5MjJj
LzEvYjZodEhCWjJwWnBHclBOek5oa3VtRnpfRGxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALQ6uAwQA
LVBtAwQALVBvAwQAUF5TAwQAvPR6MA0GCSqGSIb3DQEBCwUAA4IBAQBONebXpMvR
AQl6gYPOSbRiIrNUQ+pr0pMCiTgcujHDaQ4hkVcPMN2gdq+Pqh3NPeNP/qLL7mLV
Pej9cLVaGqL+PkB09IrqyhxDnE/PybhFxlUsf6rRUpBkEtN+mq3Npcpczpk8Ilz9
L9Da1bhBBsUbP5VYwlbrSqrtRPVaFmavzwCj66mneSb5v3AtRojE2plfrC//+4no
FXFevkadKdUgU5cDPX7Mt8zfc7D0OR2r1rtCt753cmdqlt8QFSEAD9k9/p/ewEXq
97HzQAx8/uGO82rTbMXru6dF6AlSSGBYlmAp3MCBdbNOFoEDZTWRaYkLXonCwGuf
DNbSVcAfrcNa
-----END CERTIFICATE-----
Generated at Fri Apr 26 11:50:58 2024 by rpki-client on console-ams.rpki-client.org