Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/a04da6-9887-42a5-8ed7-94e5d49cc628/1/6qOuHHwOa5pTVUMkyemjPV5IgFw.roa
File: 6qOuHHwOa5pTVUMkyemjPV5IgFw.roa (raw, json)
Hash identifier: yNDZRyeI5AbBls2TRwB54YnOsTrsc9/5J3LjMTfwDrQ=
Subject key identifier: EA:A3:AE:1C:7C:0E:6B:9A:53:55:43:24:C9:E9:A3:3D:5E:48:80:5C
Certificate issuer: /CN=2875f185823dbc6a82d105b3ca16077db5729377
Certificate serial: 018E74FCBFD7CA3155E6EF682A7571386E90
Authority key identifier: 28:75:F1:85:82:3D:BC:6A:82:D1:05:B3:CA:16:07:7D:B5:72:93:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KHXxhYI9vGqC0QWzyhYHfbVyk3c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/a04da6-9887-42a5-8ed7-94e5d49cc628/1/6qOuHHwOa5pTVUMkyemjPV5IgFw.roa
Signing time: Mon 25 Mar 2024 09:41:44 +0000
ROA not before: Mon 25 Mar 2024 09:41:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31472
IP address blocks: 37.157.48.0/21 maxlen: 21
84.247.32.0/22 maxlen: 22
89.35.164.0/22 maxlen: 22
149.19.176.0/22 maxlen: 22
185.2.76.0/22 maxlen: 22
185.2.76.0/23 maxlen: 23
185.34.80.0/22 maxlen: 22
185.60.4.0/22 maxlen: 22
185.61.88.0/22 maxlen: 22
185.86.20.0/22 maxlen: 22
185.91.40.0/22 maxlen: 22
185.91.41.0/24 maxlen: 24
195.206.184.0/21 maxlen: 21
2a00:b840::/29 maxlen: 29
2a00:b840:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/a04da6-9887-42a5-8ed7-94e5d49cc628/1/KHXxhYI9vGqC0QWzyhYHfbVyk3c.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/a04da6-9887-42a5-8ed7-94e5d49cc628/1/KHXxhYI9vGqC0QWzyhYHfbVyk3c.mft
rsync://rpki.ripe.net/repository/DEFAULT/KHXxhYI9vGqC0QWzyhYHfbVyk3c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 06:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:74:fc:bf:d7:ca:31:55:e6:ef:68:2a:75:71:38:6e:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2875f185823dbc6a82d105b3ca16077db5729377
Validity
Not Before: Mar 25 09:41:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eaa3ae1c7c0e6b9a53554324c9e9a33d5e48805c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:48:38:bb:52:6c:e4:6f:30:f3:7f:8f:f9:90:
88:95:1d:a3:a6:09:e1:c7:87:8d:36:4e:8b:a7:4f:
13:4f:16:d1:31:78:ad:7c:67:1b:2a:15:20:71:36:
e6:b3:4f:5a:96:ea:f8:d6:eb:c0:d7:61:58:8a:6d:
cd:af:f7:35:c1:27:39:6c:cd:32:27:ec:4a:b6:b2:
05:e5:b1:45:5d:0d:d1:60:41:a0:b1:ef:d9:87:c3:
19:6f:46:46:9a:2e:fa:37:de:c7:31:59:1e:74:e8:
72:e4:30:a2:b0:4c:b0:35:4a:8e:31:d6:3f:e4:51:
a0:cb:62:4b:b5:2d:a3:64:a4:9c:08:d1:8d:59:e6:
76:4f:9e:6b:4f:78:b1:11:d0:38:0d:df:48:23:3c:
9b:0f:75:0b:d3:02:fe:72:56:47:32:29:e3:f7:9a:
a2:62:8c:74:db:7d:f3:a3:d3:cf:dc:93:b8:27:b7:
62:15:2f:75:f3:9c:32:31:c6:62:d6:a3:e1:54:47:
55:2c:bc:a0:41:36:d7:68:12:08:b5:6a:ef:0f:32:
51:a6:0c:80:5c:20:b8:6a:a1:a2:3e:99:8f:af:71:
be:cc:c0:e1:66:47:ec:d7:3f:ce:88:d6:5d:3f:25:
ba:f2:8e:bd:32:e4:b3:e4:1b:18:07:4e:4c:72:20:
3e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:A3:AE:1C:7C:0E:6B:9A:53:55:43:24:C9:E9:A3:3D:5E:48:80:5C
X509v3 Authority Key Identifier:
keyid:28:75:F1:85:82:3D:BC:6A:82:D1:05:B3:CA:16:07:7D:B5:72:93:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KHXxhYI9vGqC0QWzyhYHfbVyk3c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/a04da6-9887-42a5-8ed7-94e5d49cc628/1/6qOuHHwOa5pTVUMkyemjPV5IgFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/a04da6-9887-42a5-8ed7-94e5d49cc628/1/KHXxhYI9vGqC0QWzyhYHfbVyk3c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.157.48.0/21
84.247.32.0/22
89.35.164.0/22
149.19.176.0/22
185.2.76.0/22
185.34.80.0/22
185.60.4.0/22
185.61.88.0/22
185.86.20.0/22
185.91.40.0/22
195.206.184.0/21
IPv6:
2a00:b840::/29
Signature Algorithm: sha256WithRSAEncryption
0f:04:bc:7b:0c:8b:c3:d1:d3:88:27:3f:07:f6:a8:0c:c6:2c:
62:5a:85:45:db:ca:d7:0f:5f:0d:d4:a4:43:f1:83:f9:96:ce:
80:3c:41:b6:a8:eb:89:3f:0a:b6:f2:5e:e7:bc:e4:9b:23:1e:
d4:33:74:9e:63:85:84:12:02:e1:6f:14:f1:e2:0b:2e:0d:1a:
25:0d:58:f6:2b:9f:7a:e7:fd:a9:c7:4f:0d:79:6f:92:ac:16:
16:c4:84:0e:fe:8e:7d:95:da:1c:71:3b:7c:e1:90:ce:84:e0:
58:e9:50:35:99:e7:70:3a:40:92:c3:2e:03:15:fe:a9:fd:7e:
60:d0:74:90:5b:5e:84:00:13:d8:81:8e:ae:cb:07:34:14:c2:
0c:2c:8d:f9:27:bc:58:da:f0:38:e8:93:22:1a:7b:03:17:ba:
e5:50:16:37:4a:78:17:33:2f:8b:dc:c6:d3:4d:0b:69:0b:89:
b1:d5:5e:09:5b:b6:fa:cb:9d:d6:c5:b8:61:3e:a5:37:77:e7:
e7:f1:75:48:d8:56:80:d6:0a:97:22:da:54:7e:01:4d:76:ad:
c2:f8:ea:93:65:eb:48:75:1c:be:ee:9c:b7:17:ff:81:67:bc:
0d:d0:86:e4:9b:77:be:17:1e:90:c8:dd:9b:b9:c0:c4:64:69:
86:cd:c4:96
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAY50/L/XyjFV5u9oKnVxOG6QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NzVmMTg1ODIzZGJjNmE4MmQxMDViM2NhMTYwNzdkYjU3
MjkzNzcwHhcNMjQwMzI1MDk0MTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWEzYWUxYzdjMGU2YjlhNTM1NTQzMjRjOWU5YTMzZDVlNDg4MDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEg4u1Js5G8w83+P+ZCIlR2jpgnh
x4eNNk6Lp08TTxbRMXitfGcbKhUgcTbms09alur41uvA12FYim3Nr/c1wSc5bM0y
J+xKtrIF5bFFXQ3RYEGgse/Zh8MZb0ZGmi76N97HMVkedOhy5DCisEywNUqOMdY/
5FGgy2JLtS2jZKScCNGNWeZ2T55rT3ixEdA4Dd9IIzybD3UL0wL+clZHMinj95qi
Yox0233zo9PP3JO4J7diFS9185wyMcZi1qPhVEdVLLygQTbXaBIItWrvDzJRpgyA
XCC4aqGiPpmPr3G+zMDhZkfs1z/OiNZdPyW68o69MuSz5BsYB05MciA+YQIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFOqjrhx8DmuaU1VDJMnpoz1eSIBcMB8GA1UdIwQY
MBaAFCh18YWCPbxqgtEFs8oWB321cpN3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0hYeGhZSTl2R3FDMFFXenloWUhmYlZ5azNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9hMDRkYTYtOTg4Ny00MmE1LThlZDct
OTRlNWQ0OWNjNjI4LzEvNnFPdUhId09hNXBUVlVNa3llbWpQVjVJZ0Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9hMDRkYTYtOTg4Ny00MmE1LThlZDctOTRlNWQ0OWNjNjI4
LzEvS0hYeGhZSTl2R3FDMFFXenloWUhmYlZ5azNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQDJZ0wAwQC
VPcgAwQCWSOkAwQClROwAwQCuQJMAwQCuSJQAwQCuTwEAwQCuT1YAwQCuVYUAwQC
uVsoAwQDw864MA0EAgACMAcDBQMqALhAMA0GCSqGSIb3DQEBCwUAA4IBAQAPBLx7
DIvD0dOIJz8H9qgMxixiWoVF28rXD18N1KRD8YP5ls6APEG2qOuJPwq28l7nvOSb
Ix7UM3SeY4WEEgLhbxTx4gsuDRolDVj2K5965/2px08NeW+SrBYWxIQO/o59ldoc
cTt84ZDOhOBY6VA1medwOkCSwy4DFf6p/X5g0HSQW16EABPYgY6uywc0FMIMLI35
J7xY2vA46JMiGnsDF7rlUBY3SngXMy+L3MbTTQtpC4mx1V4JW7b6y53WxbhhPqU3
d+fn8XVI2FaA1gqXItpUfgFNdq3C+OqTZetIdRy+7py3F/+BZ7wN0Ibkm3e+Fx6Q
yN2bucDEZGmGzcSW
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:47:50 2024 by rpki-client on console-ams.rpki-client.org