Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/r6aAdtAyS_c84jbT7yHSFWSckHY.roa
File: r6aAdtAyS_c84jbT7yHSFWSckHY.roa (raw, json)
Hash identifier: UxNe4DUIBBWjKLDHwbsN2XhjhzaY2AWGaDU//1xYVEs=
Subject key identifier: AF:A6:80:76:D0:32:4B:F7:3C:E2:36:D3:EF:21:D2:15:64:9C:90:76
Certificate issuer: /CN=e29b9ac2ef631b92e82f595d73e4792c816ec6e6
Certificate serial: 018F2990219CFBF838AD4C4D473DE653A36B
Authority key identifier: E2:9B:9A:C2:EF:63:1B:92:E8:2F:59:5D:73:E4:79:2C:81:6E:C6:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/r6aAdtAyS_c84jbT7yHSFWSckHY.roa
Signing time: Mon 29 Apr 2024 11:14:22 +0000
ROA not before: Mon 29 Apr 2024 11:14:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21243
IP address blocks: 37.247.244.0/23 maxlen: 23
37.247.246.0/23 maxlen: 23
212.2.105.0/24 maxlen: 24
212.2.106.0/23 maxlen: 23
2a01:2e1:ffff:6::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/4puawu9jG5LoL1ldc-R5LIFuxuY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/4puawu9jG5LoL1ldc-R5LIFuxuY.mft
rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 11:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:29:90:21:9c:fb:f8:38:ad:4c:4d:47:3d:e6:53:a3:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e29b9ac2ef631b92e82f595d73e4792c816ec6e6
Validity
Not Before: Apr 29 11:14:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=afa68076d0324bf73ce236d3ef21d215649c9076
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3a:b7:06:0f:de:0c:16:ae:81:be:14:f3:d3:
10:51:67:ef:49:64:4c:d0:6a:9b:7c:0f:c3:1c:15:
5e:0a:30:1a:89:34:63:e4:7a:dc:fe:82:8c:04:0f:
4c:c5:eb:2b:ad:51:c6:03:60:f5:4d:ee:68:4d:32:
7c:a6:26:27:82:6a:7a:61:68:e0:4e:1d:2a:18:ca:
bd:68:82:64:36:19:71:fd:fd:a9:55:d8:e9:b4:27:
9d:83:b9:17:c2:59:75:c0:80:85:73:9d:7e:27:0d:
c2:54:a9:9c:82:3e:c0:bc:db:d1:2a:d3:49:5b:f6:
77:14:d1:4c:7e:8d:39:2a:cc:04:5d:f3:b5:f9:15:
ab:d7:e4:69:e6:68:1c:5e:f0:4e:f3:d8:a4:0b:e9:
0f:10:e7:4c:08:2d:5c:fb:e3:94:ac:d8:1f:cf:b2:
34:a4:b7:11:16:1f:12:de:88:3c:6c:35:ed:89:9c:
f5:97:7e:84:ce:68:1b:2c:68:aa:d7:77:f0:9f:c5:
a2:c5:de:d1:a7:43:51:f5:b6:94:5b:42:08:8b:f4:
b2:e1:36:8d:00:99:d8:eb:fb:35:bc:3f:5c:a4:97:
dd:a1:f3:f6:94:e1:18:b9:18:02:9f:5d:1b:2f:3d:
43:a1:70:a1:33:c2:78:3d:17:60:58:91:a3:92:78:
00:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:A6:80:76:D0:32:4B:F7:3C:E2:36:D3:EF:21:D2:15:64:9C:90:76
X509v3 Authority Key Identifier:
keyid:E2:9B:9A:C2:EF:63:1B:92:E8:2F:59:5D:73:E4:79:2C:81:6E:C6:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/r6aAdtAyS_c84jbT7yHSFWSckHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/4puawu9jG5LoL1ldc-R5LIFuxuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.247.244.0/22
212.2.105.0-212.2.107.255
IPv6:
2a01:2e1:ffff:6::/64
Signature Algorithm: sha256WithRSAEncryption
6a:2c:8f:32:05:e2:e0:9c:22:54:8a:57:8c:d8:4f:91:32:e8:
5e:04:40:d8:84:a1:ae:95:a1:9c:6a:5b:23:83:cf:c7:4e:ae:
11:62:a9:ba:0c:51:e6:71:e6:93:fe:7f:a7:0b:06:50:5d:79:
1c:ec:a8:a5:b4:1f:32:c7:24:9c:35:1d:c4:6b:d9:3c:93:63:
d4:5c:9a:d3:29:1a:10:4f:fe:11:19:5f:3b:f3:20:47:f8:4c:
b6:6a:23:c5:0b:32:ed:a3:49:17:b0:e7:67:e9:76:c5:99:e0:
ea:21:f8:55:46:d6:dc:9c:00:a1:1c:0e:93:33:b6:0e:70:93:
0f:c4:db:c2:f8:8a:65:bd:7a:08:93:df:18:ff:2b:e7:c8:c0:
29:34:cd:fc:78:1b:88:9d:e5:d0:cf:61:57:10:74:19:c6:4b:
66:3c:a8:59:ed:80:58:8e:9d:4f:b9:e2:3e:44:ea:0f:21:bc:
da:10:e0:30:e4:e1:1b:b6:2b:db:39:d7:ea:07:3d:23:0c:89:
89:fc:9a:d9:8b:53:b3:43:d6:fa:12:d6:f7:26:35:db:1a:27:
51:95:64:90:dc:a2:4e:11:e5:bf:9c:e2:d5:94:9b:73:90:05:
28:e6:28:de:a0:71:0a:43:29:43:1f:41:c2:60:30:64:03:f4:
24:ac:c5:f3
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY8pkCGc+/g4rUxNRz3mU6NrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyOWI5YWMyZWY2MzFiOTJlODJmNTk1ZDczZTQ3OTJjODE2
ZWM2ZTYwHhcNMjQwNDI5MTExNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmE2ODA3NmQwMzI0YmY3M2NlMjM2ZDNlZjIxZDIxNTY0OWM5MDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzq3Bg/eDBaugb4U89MQUWfvSWRM
0GqbfA/DHBVeCjAaiTRj5Hrc/oKMBA9MxesrrVHGA2D1Te5oTTJ8piYngmp6YWjg
Th0qGMq9aIJkNhlx/f2pVdjptCedg7kXwll1wICFc51+Jw3CVKmcgj7AvNvRKtNJ
W/Z3FNFMfo05KswEXfO1+RWr1+Rp5mgcXvBO89ikC+kPEOdMCC1c++OUrNgfz7I0
pLcRFh8S3og8bDXtiZz1l36EzmgbLGiq13fwn8Wixd7Rp0NR9baUW0IIi/Sy4TaN
AJnY6/s1vD9cpJfdofP2lOEYuRgCn10bLz1DoXChM8J4PRdgWJGjkngAyQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFK+mgHbQMkv3POI20+8h0hVknJB2MB8GA1UdIwQY
MBaAFOKbmsLvYxuS6C9ZXXPkeSyBbsbmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHB1YXd1OWpHNUxvTDFsZGMtUjVMSUZ1eHVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82OTAzNTctZGZiZS00ZDg2LWFmZDYt
OTE2NGUzNTJhODNjLzEvcjZhQWR0QXlTX2M4NGpiVDd5SFNGV1Nja0hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82OTAzNTctZGZiZS00ZDg2LWFmZDYtOTE2NGUzNTJhODNj
LzEvNHB1YXd1OWpHNUxvTDFsZGMtUjVMSUZ1eHVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAaBAIAATAUAwQCJff0MAwD
BADUAmkDBALUAmgwEQQCAAIwCwMJACoBAuH//wAGMA0GCSqGSIb3DQEBCwUAA4IB
AQBqLI8yBeLgnCJUileM2E+RMuheBEDYhKGulaGcalsjg8/HTq4RYqm6DFHmceaT
/n+nCwZQXXkc7KiltB8yxyScNR3Ea9k8k2PUXJrTKRoQT/4RGV878yBH+Ey2aiPF
CzLto0kXsOdn6XbFmeDqIfhVRtbcnAChHA6TM7YOcJMPxNvC+IplvXoIk98Y/yvn
yMApNM38eBuIneXQz2FXEHQZxktmPKhZ7YBYjp1PueI+ROoPIbzaEOAw5OEbtivb
OdfqBz0jDImJ/JrZi1OzQ9b6Etb3JjXbGidRlWSQ3KJOEeW/nOLVlJtzkAUo5ije
oHEKQylDH0HCYDBkA/QkrMXz
-----END CERTIFICATE-----
Generated at Sat May 18 15:43:44 2024 by rpki-client on console-fra.rpki-client.org