Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/6F62s0rmP1FGLkvtXDbcN85JJWI.roa
File: 6F62s0rmP1FGLkvtXDbcN85JJWI.roa (raw, json)
Hash identifier: 9r1UAhglLgpR03a5o2CpyIX/uHo5M6m8DtGFICqwjwc=
Subject key identifier: E8:5E:B6:B3:4A:E6:3F:51:46:2E:4B:ED:5C:36:DC:37:CE:49:25:62
Certificate issuer: /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial: 018CC9BC6CFADFBAF41F1C3A9D799A5ACFFB
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/6F62s0rmP1FGLkvtXDbcN85JJWI.roa
Signing time: Tue 02 Jan 2024 10:33:38 +0000
ROA not before: Tue 02 Jan 2024 10:33:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47950
IP address blocks: 193.41.244.0/24 maxlen: 24
193.41.246.0/24 maxlen: 24
2a0d:f400::/32 maxlen: 32
2a06:e800::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 01:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:6c:fa:df:ba:f4:1f:1c:3a:9d:79:9a:5a:cf:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Validity
Not Before: Jan 2 10:33:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e85eb6b34ae63f51462e4bed5c36dc37ce492562
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:04:32:58:f7:ae:af:04:b8:86:5f:c6:9c:b2:
18:ff:84:34:1f:28:b4:bd:b3:2b:02:13:22:60:04:
17:17:7a:7a:c4:18:0a:f0:5b:5f:24:ba:71:71:78:
39:90:60:2d:f7:e2:5c:b3:ac:8a:7d:00:53:93:7b:
ce:68:71:53:08:d8:e1:26:ca:c6:a7:49:e8:7a:e1:
e9:7d:c3:92:d1:02:2b:f3:6f:0c:db:4d:e6:ad:32:
d4:88:50:3d:f8:f1:1d:1d:99:79:09:10:db:c3:4d:
5f:65:29:c2:54:76:21:8a:d1:91:68:73:e1:28:ee:
72:01:42:39:32:1a:23:a0:0a:77:3c:d1:9a:38:8e:
00:8e:f0:dc:dd:db:63:a5:4b:79:a4:f1:f8:c2:05:
d7:ed:6e:b9:ab:6b:23:66:1c:0c:08:29:3a:74:bb:
03:23:bb:5a:30:29:f0:a9:0d:47:c6:95:6e:e4:0b:
c5:7b:a3:21:ea:ce:fc:3e:fa:99:e6:a6:1f:7d:fd:
b9:16:a5:00:44:2d:1e:e1:61:05:ef:13:2a:61:89:
d6:95:a7:a1:dd:8d:c3:a2:33:aa:3e:29:31:f4:eb:
0e:ad:79:b0:07:45:43:9f:ad:d1:80:e4:cc:34:93:
0d:d4:08:1a:d0:cf:83:8c:0b:ca:fa:7f:d0:6c:5d:
62:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:5E:B6:B3:4A:E6:3F:51:46:2E:4B:ED:5C:36:DC:37:CE:49:25:62
X509v3 Authority Key Identifier:
keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/6F62s0rmP1FGLkvtXDbcN85JJWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.41.244.0/24
193.41.246.0/24
IPv6:
2a06:e800::/32
2a0d:f400::/32
Signature Algorithm: sha256WithRSAEncryption
37:92:4c:75:8f:a9:eb:76:87:0a:54:d0:ca:92:e2:26:d6:2b:
18:57:7b:e5:14:f6:36:a3:bd:ab:5b:07:2f:b2:7d:d1:2a:a1:
75:83:95:3c:75:22:5d:57:c6:f2:3c:47:f4:55:d7:b7:39:56:
1f:41:d2:70:76:07:3a:c4:42:1f:b2:1c:e6:5e:96:25:35:7c:
69:d2:b4:12:30:83:45:99:46:5b:92:c0:25:18:06:e1:68:26:
0b:82:53:ee:e2:c5:a4:06:62:09:81:b4:3d:39:07:a4:b5:b4:
d6:a7:08:b8:fd:48:62:52:7f:fb:d0:8b:6d:a2:1c:b4:1e:71:
74:f6:17:ab:37:46:14:36:9d:e8:d4:fa:64:24:2f:49:dc:07:
06:4b:af:b5:41:83:34:ff:dc:35:18:0f:3d:7a:42:40:87:e3:
a2:e0:78:7e:16:54:71:f6:bb:70:39:67:04:42:ef:2a:d6:fa:
3e:62:a9:3f:9a:33:92:8f:05:f5:3b:dc:9c:a1:1f:ce:84:3c:
03:9e:56:b5:67:f9:8a:6e:6e:4b:53:0a:a6:99:84:77:e1:fd:
b6:d1:5a:86:bb:60:91:cf:bd:c4:e3:3e:43:26:b1:0d:50:15:
db:be:26:97:06:c6:98:d2:ea:1c:d9:bd:37:8d:b9:b3:c2:9d:
af:0e:ec:18
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzJvGz637r0Hxw6nXmaWs/7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NmQ5ZDUwYjNiODlkNTFjOGFhMjQ5M2U3ZWY0NzAxZDYy
NTFkYWQwHhcNMjQwMTAyMTAzMzM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODVlYjZiMzRhZTYzZjUxNDYyZTRiZWQ1YzM2ZGMzN2NlNDkyNTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQQyWPeurwS4hl/GnLIY/4Q0Hyi0
vbMrAhMiYAQXF3p6xBgK8FtfJLpxcXg5kGAt9+Jcs6yKfQBTk3vOaHFTCNjhJsrG
p0noeuHpfcOS0QIr828M203mrTLUiFA9+PEdHZl5CRDbw01fZSnCVHYhitGRaHPh
KO5yAUI5MhojoAp3PNGaOI4AjvDc3dtjpUt5pPH4wgXX7W65q2sjZhwMCCk6dLsD
I7taMCnwqQ1HxpVu5AvFe6Mh6s78PvqZ5qYfff25FqUARC0e4WEF7xMqYYnWlaeh
3Y3DojOqPikx9OsOrXmwB0VDn63RgOTMNJMN1Aga0M+DjAvK+n/QbF1ivQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFOhetrNK5j9RRi5L7Vw23DfOSSViMB8GA1UdIwQY
MBaAFMZtnVCzuJ1RyKokk+fvRwHWJR2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMt
YjdjNTc4Yjc0ZTM1LzEvNkY2MnMwcm1QMUZHTGt2dFhEYmNOODVKSldJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMtYjdjNTc4Yjc0ZTM1
LzEveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQAwSn0AwQA
wSn2MBQEAgACMA4DBQAqBugAAwUAKg30ADANBgkqhkiG9w0BAQsFAAOCAQEAN5JM
dY+p63aHClTQypLiJtYrGFd75RT2NqO9q1sHL7J90SqhdYOVPHUiXVfG8jxH9FXX
tzlWH0HScHYHOsRCH7Ic5l6WJTV8adK0EjCDRZlGW5LAJRgG4WgmC4JT7uLFpAZi
CYG0PTkHpLW01qcIuP1IYlJ/+9CLbaIctB5xdPYXqzdGFDad6NT6ZCQvSdwHBkuv
tUGDNP/cNRgPPXpCQIfjouB4fhZUcfa7cDlnBELvKtb6PmKpP5ozko8F9TvcnKEf
zoQ8A55WtWf5im5uS1MKppmEd+H9ttFahrtgkc+9xOM+QyaxDVAV274mlwbGmNLq
HNm9N425s8Kdrw7sGA==
-----END CERTIFICATE-----
Generated at Sat Jun 1 09:35:41 2024 by rpki-client on console-ams.rpki-client.org