Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/L62Fhf1A-hGTamwHiJIEtSHe8yk.roa
File: L62Fhf1A-hGTamwHiJIEtSHe8yk.roa (raw, json)
Hash identifier: v9xdzC4sf2WrfIqmb42hhUVs2xwDa+vG/8Sd9w+VDTg=
Subject key identifier: 2F:AD:85:85:FD:40:FA:11:93:6A:6C:07:88:92:04:B5:21:DE:F3:29
Certificate issuer: /CN=3bfa6636fe6440acf293b75705a7a1dcada8420b
Certificate serial: 018CC870971CEBF00A884D91EB5E62992185
Authority key identifier: 3B:FA:66:36:FE:64:40:AC:F2:93:B7:57:05:A7:A1:DC:AD:A8:42:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O_pmNv5kQKzyk7dXBaeh3K2oQgs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/L62Fhf1A-hGTamwHiJIEtSHe8yk.roa
Signing time: Tue 02 Jan 2024 04:31:11 +0000
ROA not before: Tue 02 Jan 2024 04:31:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209908
IP address blocks: 149.3.186.0/24 maxlen: 24
185.161.216.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/O_pmNv5kQKzyk7dXBaeh3K2oQgs.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/O_pmNv5kQKzyk7dXBaeh3K2oQgs.mft
rsync://rpki.ripe.net/repository/DEFAULT/O_pmNv5kQKzyk7dXBaeh3K2oQgs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Jun 2024 04:02:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:97:1c:eb:f0:0a:88:4d:91:eb:5e:62:99:21:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bfa6636fe6440acf293b75705a7a1dcada8420b
Validity
Not Before: Jan 2 04:31:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2fad8585fd40fa11936a6c07889204b521def329
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:83:38:51:93:0d:50:4e:86:4c:11:75:1e:56:
e7:48:9d:e4:16:94:49:19:bf:2c:00:82:83:94:92:
f3:87:29:4d:10:25:91:40:0d:2b:5a:c0:69:a3:8b:
c8:af:fd:52:a1:22:a8:2d:46:1f:e1:54:47:79:29:
1e:6c:db:4e:65:8f:7b:19:c8:97:a0:fd:da:a9:95:
17:64:88:b1:fc:03:65:c5:99:d7:e6:a5:37:b8:fd:
c8:c1:02:72:75:41:c8:07:84:8d:2a:83:b1:47:ef:
33:1c:f2:6d:6c:ae:3a:8c:28:74:de:83:40:9f:b1:
24:40:0d:e4:9d:8c:9b:f9:89:12:bc:e8:4e:70:7c:
2e:19:c3:2b:34:44:c0:18:b4:9d:07:07:a7:60:4e:
17:68:8c:50:a3:ee:0d:22:4c:c2:54:46:8a:7b:70:
66:25:80:77:96:d2:12:e3:25:62:50:94:02:ad:77:
a0:b1:14:c5:8d:5f:c1:c8:07:17:6f:9a:9f:a2:40:
28:29:03:91:b7:af:ed:ca:35:8b:5e:4e:03:d0:fe:
3e:8d:d5:81:97:6e:c3:54:e1:d2:e9:c5:1e:ca:b4:
31:78:f4:cc:1a:51:ee:a3:f5:05:66:7c:44:ce:f5:
8c:35:cf:9e:86:77:db:15:08:2b:1b:06:e2:c4:99:
51:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:AD:85:85:FD:40:FA:11:93:6A:6C:07:88:92:04:B5:21:DE:F3:29
X509v3 Authority Key Identifier:
keyid:3B:FA:66:36:FE:64:40:AC:F2:93:B7:57:05:A7:A1:DC:AD:A8:42:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O_pmNv5kQKzyk7dXBaeh3K2oQgs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/L62Fhf1A-hGTamwHiJIEtSHe8yk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/O_pmNv5kQKzyk7dXBaeh3K2oQgs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.3.186.0/24
185.161.216.0/23
Signature Algorithm: sha256WithRSAEncryption
94:c4:cd:f5:22:09:51:49:06:98:41:8b:7c:01:82:90:60:0d:
48:25:4e:da:b4:57:60:5c:ef:d4:4e:d2:a8:a0:85:bc:ae:e3:
f9:ca:68:56:0c:bf:3a:2c:29:c3:fd:50:98:a8:8e:dc:b4:f8:
16:43:45:4e:78:2d:8b:f1:5a:90:45:99:99:91:63:95:b8:ef:
60:9c:f1:ea:97:e9:4d:c3:97:87:05:17:57:86:bd:48:33:d7:
3f:46:5a:9b:a2:53:90:13:ec:4e:50:77:92:4e:78:12:50:e5:
71:c5:49:ea:51:9d:a8:9a:53:41:6e:8d:cf:2c:99:e7:6a:ab:
4e:f4:06:bb:72:34:4a:e0:3c:42:fb:3a:50:d3:4a:61:ec:4a:
16:9f:09:17:9a:c0:d2:19:e3:d9:2f:26:20:a4:5d:df:e1:71:
fe:87:c4:df:7b:55:d7:63:a1:38:15:33:7f:87:9a:51:23:ef:
97:25:1c:39:7d:f5:12:38:78:b7:45:3f:52:6b:b4:01:3e:cd:
d0:d0:ce:c9:f0:74:97:aa:f3:aa:c6:db:1f:76:64:87:8a:33:
7b:dc:86:f0:79:45:8a:0d:10:ad:12:14:62:b9:65:fd:d9:bf:
7c:bd:c1:64:94:ea:75:04:2c:1f:94:1e:6c:4e:c9:b3:0a:d3:
12:0c:b7:81
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIcJcc6/AKiE2R615imSGFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZmE2NjM2ZmU2NDQwYWNmMjkzYjc1NzA1YTdhMWRjYWRh
ODQyMGIwHhcNMjQwMTAyMDQzMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmFkODU4NWZkNDBmYTExOTM2YTZjMDc4ODkyMDRiNTIxZGVmMzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4M4UZMNUE6GTBF1HlbnSJ3kFpRJ
Gb8sAIKDlJLzhylNECWRQA0rWsBpo4vIr/1SoSKoLUYf4VRHeSkebNtOZY97GciX
oP3aqZUXZIix/ANlxZnX5qU3uP3IwQJydUHIB4SNKoOxR+8zHPJtbK46jCh03oNA
n7EkQA3knYyb+YkSvOhOcHwuGcMrNETAGLSdBwenYE4XaIxQo+4NIkzCVEaKe3Bm
JYB3ltIS4yViUJQCrXegsRTFjV/ByAcXb5qfokAoKQORt6/tyjWLXk4D0P4+jdWB
l27DVOHS6cUeyrQxePTMGlHuo/UFZnxEzvWMNc+ehnfbFQgrGwbixJlRoQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC+thYX9QPoRk2psB4iSBLUh3vMpMB8GA1UdIwQY
MBaAFDv6Zjb+ZECs8pO3VwWnodytqEILMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT19wbU52NWtRS3p5azdkWEJhZWgzSzJvUWdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hNDdjZGYtZDIxYi00ZjFkLTg5MDEt
OTJlYzUxNWM1OTVhLzEvTDYyRmhmMUEtaEdUYW13SGlKSUV0U0hlOHlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hNDdjZGYtZDIxYi00ZjFkLTg5MDEtOTJlYzUxNWM1OTVh
LzEvT19wbU52NWtRS3p5azdkWEJhZWgzSzJvUWdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAlQO6AwQB
uaHYMA0GCSqGSIb3DQEBCwUAA4IBAQCUxM31IglRSQaYQYt8AYKQYA1IJU7atFdg
XO/UTtKooIW8ruP5ymhWDL86LCnD/VCYqI7ctPgWQ0VOeC2L8VqQRZmZkWOVuO9g
nPHql+lNw5eHBRdXhr1IM9c/RlqbolOQE+xOUHeSTngSUOVxxUnqUZ2omlNBbo3P
LJnnaqtO9Aa7cjRK4DxC+zpQ00ph7EoWnwkXmsDSGePZLyYgpF3f4XH+h8Tfe1XX
Y6E4FTN/h5pRI++XJRw5ffUSOHi3RT9Sa7QBPs3Q0M7J8HSXqvOqxtsfdmSHijN7
3IbweUWKDRCtEhRiuWX92b98vcFklOp1BCwflB5sTsmzCtMSDLeB
-----END CERTIFICATE-----
Generated at Mon Jun 3 12:15:47 2024 by rpki-client on console-fra.rpki-client.org