Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/dP6IlN_OcRl0H6NvF80oBAIoUIc.roa
File: dP6IlN_OcRl0H6NvF80oBAIoUIc.roa (raw, json)
Hash identifier: eMD/LFiWFN2Rt3gwhwXIP/a4Ckjo16nW6DKQnSOXnBI=
Subject key identifier: 74:FE:88:94:DF:CE:71:19:74:1F:A3:6F:17:CD:28:04:02:28:50:87
Certificate issuer: /CN=aedaeea9117a1d5ccc320222955a09faa0798fd9
Certificate serial: 018CC64B2397A08EF7877ED96D96C75B7563
Authority key identifier: AE:DA:EE:A9:11:7A:1D:5C:CC:32:02:22:95:5A:09:FA:A0:79:8F:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/dP6IlN_OcRl0H6NvF80oBAIoUIc.roa
Signing time: Mon 01 Jan 2024 18:31:02 +0000
ROA not before: Mon 01 Jan 2024 18:31:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 393954
IP address blocks: 31.186.225.0/24 maxlen: 24
95.172.65.0/24 maxlen: 24
2a02:b50:8002::/48 maxlen: 48
2a02:b50:4013::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/rtruqRF6HVzMMgIilVoJ-qB5j9k.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/rtruqRF6HVzMMgIilVoJ-qB5j9k.mft
rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 04:03:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:23:97:a0:8e:f7:87:7e:d9:6d:96:c7:5b:75:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aedaeea9117a1d5ccc320222955a09faa0798fd9
Validity
Not Before: Jan 1 18:31:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=74fe8894dfce7119741fa36f17cd280402285087
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:d8:6a:4d:3b:02:60:b1:65:e2:fe:ac:0a:ee:
b0:5e:2e:47:17:58:e5:21:3e:2b:a8:24:39:12:1e:
bb:7d:db:ce:db:ef:78:1f:b0:53:bb:53:be:67:8d:
c9:b1:e1:d2:63:ab:72:e7:32:23:bb:6b:6c:07:78:
cd:1b:c0:aa:4d:16:30:1d:90:7d:64:5a:46:42:89:
87:ac:c3:50:a5:9d:a4:f5:6e:2e:53:d7:34:9b:b3:
f8:b9:e2:d7:d0:3f:ec:cf:e8:80:bd:94:36:cb:a7:
e8:dc:75:04:04:e9:88:a9:cf:d0:c3:a9:19:f9:da:
75:ea:f2:ed:d3:41:65:cf:53:1d:a8:ba:83:8d:be:
59:7b:f1:0e:4b:d8:61:b4:2d:65:0e:54:9b:a3:5f:
ac:4c:32:2b:6e:be:1f:de:f8:4c:90:fc:12:ab:7f:
93:9a:9b:f7:01:e5:bc:03:12:49:a2:cc:ca:79:69:
64:b7:1f:93:94:47:8e:84:ca:98:d6:24:90:f1:c9:
60:cd:16:b3:7d:e3:f6:19:ac:4a:20:4c:94:ef:0e:
9e:48:fa:1a:8f:95:65:c6:e8:d1:e3:0f:7c:b4:dd:
cf:ef:c2:8c:06:eb:0a:90:03:8f:66:b4:30:28:4e:
2e:0e:0a:f9:63:73:e1:55:56:88:50:60:72:84:48:
3f:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:FE:88:94:DF:CE:71:19:74:1F:A3:6F:17:CD:28:04:02:28:50:87
X509v3 Authority Key Identifier:
keyid:AE:DA:EE:A9:11:7A:1D:5C:CC:32:02:22:95:5A:09:FA:A0:79:8F:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/dP6IlN_OcRl0H6NvF80oBAIoUIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/rtruqRF6HVzMMgIilVoJ-qB5j9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.225.0/24
95.172.65.0/24
IPv6:
2a02:b50:4013::/48
2a02:b50:8002::/48
Signature Algorithm: sha256WithRSAEncryption
57:17:d3:3b:73:9a:17:ef:96:c0:22:10:97:57:60:c2:33:51:
3a:aa:43:c7:06:db:22:6c:51:8c:2d:c7:b6:ef:e7:33:06:7a:
1a:ab:60:b2:47:f8:b7:a0:85:9e:23:c3:e8:1c:5a:d2:2b:d3:
96:60:34:5b:05:b4:ce:14:4f:27:d2:14:ce:54:a0:c5:0d:de:
a4:88:12:c9:3d:c8:38:1b:0d:e4:97:a5:c4:09:d5:1b:3a:79:
a1:04:d2:cd:11:4e:fa:e5:b7:67:a4:c0:15:4a:57:08:95:ff:
66:45:5d:90:72:a3:e3:a0:55:f4:c0:88:60:19:e8:96:80:62:
2c:8e:81:af:6d:9f:54:7c:36:54:9d:b2:94:2e:8d:1c:e9:5b:
76:d7:3a:10:c9:e9:5a:54:06:da:bc:5e:f4:4b:ee:87:25:e9:
ef:ac:28:22:44:e3:c2:bf:52:63:93:8f:12:64:bf:64:47:84:
cf:2d:e7:4e:bf:38:ef:99:98:e9:28:98:13:e3:ff:a8:53:a5:
c9:11:50:10:a9:a3:52:fe:a7:19:fc:fe:84:6b:b8:4b:d1:c7:
20:d7:b4:7e:df:40:c0:3e:df:06:76:cd:88:71:bd:c9:96:ab:
85:c5:eb:43:15:c7:c5:8c:dd:28:d1:fb:ff:6e:c2:0c:b0:7c:
7a:00:8e:3d
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzGSyOXoI73h37ZbZbHW3VjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZGFlZWE5MTE3YTFkNWNjYzMyMDIyMjk1NWEwOWZhYTA3
OThmZDkwHhcNMjQwMTAxMTgzMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGZlODg5NGRmY2U3MTE5NzQxZmEzNmYxN2NkMjgwNDAyMjg1MDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6thqTTsCYLFl4v6sCu6wXi5HF1jl
IT4rqCQ5Eh67fdvO2+94H7BTu1O+Z43JseHSY6ty5zIju2tsB3jNG8CqTRYwHZB9
ZFpGQomHrMNQpZ2k9W4uU9c0m7P4ueLX0D/sz+iAvZQ2y6fo3HUEBOmIqc/Qw6kZ
+dp16vLt00Flz1MdqLqDjb5Ze/EOS9hhtC1lDlSbo1+sTDIrbr4f3vhMkPwSq3+T
mpv3AeW8AxJJoszKeWlktx+TlEeOhMqY1iSQ8clgzRazfeP2GaxKIEyU7w6eSPoa
j5VlxujR4w98tN3P78KMBusKkAOPZrQwKE4uDgr5Y3PhVVaIUGByhEg/SQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHT+iJTfznEZdB+jbxfNKAQCKFCHMB8GA1UdIwQY
MBaAFK7a7qkReh1czDICIpVaCfqgeY/ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnRydXFSRjZIVnpNTWdJaWxWb0otcUI1ajlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hMTNiMDEtNDE1My00ZWE1LWJmMjEt
OTk4NjhjNTEzMjlhLzEvZFA2SWxOX09jUmwwSDZOdkY4MG9CQUlvVUljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hMTNiMDEtNDE1My00ZWE1LWJmMjEtOTk4NjhjNTEzMjlh
LzEvcnRydXFSRjZIVnpNTWdJaWxWb0otcUI1ajlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAH7rhAwQA
X6xBMBgEAgACMBIDBwAqAgtQQBMDBwAqAgtQgAIwDQYJKoZIhvcNAQELBQADggEB
AFcX0ztzmhfvlsAiEJdXYMIzUTqqQ8cG2yJsUYwtx7bv5zMGehqrYLJH+LeghZ4j
w+gcWtIr05ZgNFsFtM4UTyfSFM5UoMUN3qSIEsk9yDgbDeSXpcQJ1Rs6eaEE0s0R
Tvrlt2ekwBVKVwiV/2ZFXZByo+OgVfTAiGAZ6JaAYiyOga9tn1R8NlSdspQujRzp
W3bXOhDJ6VpUBtq8XvRL7ocl6e+sKCJE48K/UmOTjxJkv2RHhM8t506/OO+ZmOko
mBPj/6hTpckRUBCpo1L+pxn8/oRruEvRxyDXtH7fQMA+3wZ2zYhxvcmWq4XF60MV
x8WM3SjR+/9uwgywfHoAjj0=
-----END CERTIFICATE-----
Generated at Sat May 4 09:47:32 2024 by rpki-client on console-ams.rpki-client.org