Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/923448-3027-4941-98a4-ba7b1f3769e3/1/S6Eh50Yh63nKA_rUxWksCl7o2l8.roa
File: S6Eh50Yh63nKA_rUxWksCl7o2l8.roa (raw, json)
Hash identifier: 6kEf+yc6KAeWbGOKOmjKW4EyKkM/P+/G60k2xOgdDkU=
Subject key identifier: 4B:A1:21:E7:46:21:EB:79:CA:03:FA:D4:C5:69:2C:0A:5E:E8:DA:5F
Certificate issuer: /CN=6ddd4052e0fc76536361cbbdc7750877ddf360ad
Certificate serial: 018CC50111363C5F400B6B2115FD6B38908C
Authority key identifier: 6D:DD:40:52:E0:FC:76:53:63:61:CB:BD:C7:75:08:77:DD:F3:60:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bd1AUuD8dlNjYcu9x3UId93zYK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/923448-3027-4941-98a4-ba7b1f3769e3/1/S6Eh50Yh63nKA_rUxWksCl7o2l8.roa
Signing time: Mon 01 Jan 2024 12:30:30 +0000
ROA not before: Mon 01 Jan 2024 12:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210874
IP address blocks: 45.10.100.0/22 maxlen: 22
2a0e:3700::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/923448-3027-4941-98a4-ba7b1f3769e3/1/bd1AUuD8dlNjYcu9x3UId93zYK0.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/923448-3027-4941-98a4-ba7b1f3769e3/1/bd1AUuD8dlNjYcu9x3UId93zYK0.mft
rsync://rpki.ripe.net/repository/DEFAULT/bd1AUuD8dlNjYcu9x3UId93zYK0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:11:36:3c:5f:40:0b:6b:21:15:fd:6b:38:90:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddd4052e0fc76536361cbbdc7750877ddf360ad
Validity
Not Before: Jan 1 12:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ba121e74621eb79ca03fad4c5692c0a5ee8da5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:da:c6:c9:e0:43:4b:39:b4:d7:48:ff:52:80:
e8:a8:f5:37:8b:d7:18:27:15:51:61:2e:9c:d7:5f:
dd:19:f0:db:29:53:d2:54:73:b1:3c:8b:7c:86:12:
94:aa:9a:80:f7:09:0c:92:c0:ab:0a:cf:97:d2:63:
7b:f0:08:0b:03:70:17:c6:30:54:71:d9:cc:60:94:
dd:3e:db:9c:ab:34:5a:9c:61:f2:c0:25:b5:81:eb:
91:d7:1d:74:b1:17:f5:a3:c9:6c:d3:43:3d:f6:75:
f0:6b:50:08:b8:5f:4f:b2:36:27:28:54:1d:d6:95:
27:60:4e:57:07:a1:57:cf:83:30:d4:d2:22:7f:b0:
56:1d:0b:e6:80:b7:25:c9:fd:8c:43:f0:ca:2d:9b:
7b:b5:02:90:94:6d:14:87:86:63:37:b3:f1:34:13:
e7:19:14:1f:5f:ca:49:1c:e3:cb:af:00:78:f8:ef:
e0:07:6b:a6:94:e2:3c:e3:1e:5f:a2:45:87:1e:cd:
37:85:58:1d:2b:2f:a6:09:01:64:58:6b:52:47:da:
4d:58:c4:89:8a:a6:76:8e:51:86:05:35:e6:ba:52:
e1:ab:a8:7f:1a:9e:73:95:82:c6:3a:0e:f3:1d:71:
14:75:e9:47:fd:5d:3a:84:28:77:d7:7e:69:ff:e1:
23:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:A1:21:E7:46:21:EB:79:CA:03:FA:D4:C5:69:2C:0A:5E:E8:DA:5F
X509v3 Authority Key Identifier:
keyid:6D:DD:40:52:E0:FC:76:53:63:61:CB:BD:C7:75:08:77:DD:F3:60:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd1AUuD8dlNjYcu9x3UId93zYK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/923448-3027-4941-98a4-ba7b1f3769e3/1/S6Eh50Yh63nKA_rUxWksCl7o2l8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/923448-3027-4941-98a4-ba7b1f3769e3/1/bd1AUuD8dlNjYcu9x3UId93zYK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.100.0/22
IPv6:
2a0e:3700::/29
Signature Algorithm: sha256WithRSAEncryption
66:45:7e:df:ea:7b:00:03:8e:ec:54:ec:98:71:53:eb:e8:a4:
d0:dc:ea:db:c5:6d:48:00:28:7b:41:2b:fc:e9:41:46:3f:83:
da:25:10:84:fb:0f:fa:c1:b4:ca:28:a8:7d:6f:4e:6a:40:c7:
07:c0:e6:40:e7:86:f0:a9:fe:22:22:43:b5:98:66:af:fb:14:
ef:6f:8c:e3:54:60:36:16:d3:00:73:13:89:4c:43:35:52:96:
bd:e6:72:39:86:02:af:bf:da:9c:7a:fe:7e:70:66:c8:9e:fe:
29:7b:99:e2:dc:92:cb:61:fc:71:0f:f1:6f:0a:43:91:3b:8c:
c5:b0:b0:82:33:d7:04:39:5d:5d:98:24:d3:87:42:d1:06:30:
13:32:28:77:ae:a9:a6:9d:74:0e:48:31:c8:13:5b:88:42:ec:
15:72:33:46:0c:ff:1a:87:0f:14:d8:a9:55:33:23:74:89:40:
e3:b8:b7:a1:b5:bf:b9:db:b5:de:da:04:d5:a5:d5:fe:d2:01:
ac:0e:4b:53:4e:16:44:74:8e:01:c8:19:49:9c:d4:21:aa:ef:
cd:af:e1:ee:61:3c:76:83:07:3e:6b:0e:ea:5a:35:4d:d1:76:
b5:13:80:38:9c:92:72:a5:00:5e:75:76:fe:c6:13:a1:21:d4:
1e:5c:5e:b4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFARE2PF9AC2shFf1rOJCMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGQ0MDUyZTBmYzc2NTM2MzYxY2JiZGM3NzUwODc3ZGRm
MzYwYWQwHhcNMjQwMTAxMTIzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmExMjFlNzQ2MjFlYjc5Y2EwM2ZhZDRjNTY5MmMwYTVlZThkYTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNrGyeBDSzm010j/UoDoqPU3i9cY
JxVRYS6c11/dGfDbKVPSVHOxPIt8hhKUqpqA9wkMksCrCs+X0mN78AgLA3AXxjBU
cdnMYJTdPtucqzRanGHywCW1geuR1x10sRf1o8ls00M99nXwa1AIuF9PsjYnKFQd
1pUnYE5XB6FXz4Mw1NIif7BWHQvmgLclyf2MQ/DKLZt7tQKQlG0Uh4ZjN7PxNBPn
GRQfX8pJHOPLrwB4+O/gB2umlOI84x5fokWHHs03hVgdKy+mCQFkWGtSR9pNWMSJ
iqZ2jlGGBTXmulLhq6h/Gp5zlYLGOg7zHXEUdelH/V06hCh3135p/+Ej8QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEuhIedGIet5ygP61MVpLApe6NpfMB8GA1UdIwQY
MBaAFG3dQFLg/HZTY2HLvcd1CHfd82CtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmQxQVV1RDhkbE5qWWN1OXgzVUlkOTN6WUswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85MjM0NDgtMzAyNy00OTQxLTk4YTQt
YmE3YjFmMzc2OWUzLzEvUzZFaDUwWWg2M25LQV9yVXhXa3NDbDdvMmw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85MjM0NDgtMzAyNy00OTQxLTk4YTQtYmE3YjFmMzc2OWUz
LzEvYmQxQVV1RDhkbE5qWWN1OXgzVUlkOTN6WUswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLQpkMA0E
AgACMAcDBQMqDjcAMA0GCSqGSIb3DQEBCwUAA4IBAQBmRX7f6nsAA47sVOyYcVPr
6KTQ3OrbxW1IACh7QSv86UFGP4PaJRCE+w/6wbTKKKh9b05qQMcHwOZA54bwqf4i
IkO1mGav+xTvb4zjVGA2FtMAcxOJTEM1Upa95nI5hgKvv9qcev5+cGbInv4pe5ni
3JLLYfxxD/FvCkORO4zFsLCCM9cEOV1dmCTTh0LRBjATMih3rqmmnXQOSDHIE1uI
QuwVcjNGDP8ahw8U2KlVMyN0iUDjuLehtb+527Xe2gTVpdX+0gGsDktTThZEdI4B
yBlJnNQhqu/Nr+HuYTx2gwc+aw7qWjVN0Xa1E4A4nJJypQBedXb+xhOhIdQeXF60
-----END CERTIFICATE-----
Generated at Sat Jun 8 05:52:52 2024 by rpki-client on console-fra.rpki-client.org