Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/deef22-2624-49b6-a23b-aa01dcd3dfa7/1/6KfMGfMs7D1OVd9zN__GQqoCJmQ.roa
File: 6KfMGfMs7D1OVd9zN__GQqoCJmQ.roa (raw, json)
Hash identifier: b0hVEPAGLt9ceIJZ+TAN0Ph87yu+8yfGhqXa582jA2E=
Subject key identifier: E8:A7:CC:19:F3:2C:EC:3D:4E:55:DF:73:37:FF:C6:42:AA:02:26:64
Certificate issuer: /CN=07da03c9c82685ae6d6b3d21d684bbcf468bf75b
Certificate serial: 018CC87145D3BFFEEFF4892A7560F6EF5B56
Authority key identifier: 07:DA:03:C9:C8:26:85:AE:6D:6B:3D:21:D6:84:BB:CF:46:8B:F7:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B9oDycgmha5taz0h1oS7z0aL91s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/deef22-2624-49b6-a23b-aa01dcd3dfa7/1/6KfMGfMs7D1OVd9zN__GQqoCJmQ.roa
Signing time: Tue 02 Jan 2024 04:31:55 +0000
ROA not before: Tue 02 Jan 2024 04:31:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51319
IP address blocks: 185.164.8.0/22 maxlen: 22
178.251.144.0/21 maxlen: 21
2a02:2340::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/deef22-2624-49b6-a23b-aa01dcd3dfa7/1/B9oDycgmha5taz0h1oS7z0aL91s.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/deef22-2624-49b6-a23b-aa01dcd3dfa7/1/B9oDycgmha5taz0h1oS7z0aL91s.mft
rsync://rpki.ripe.net/repository/DEFAULT/B9oDycgmha5taz0h1oS7z0aL91s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:45:d3:bf:fe:ef:f4:89:2a:75:60:f6:ef:5b:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07da03c9c82685ae6d6b3d21d684bbcf468bf75b
Validity
Not Before: Jan 2 04:31:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e8a7cc19f32cec3d4e55df7337ffc642aa022664
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:01:bd:18:55:04:67:0e:b9:a5:59:d2:fa:12:
41:62:ec:f2:ab:7a:f8:42:ea:7b:7c:5d:ac:2f:72:
ad:25:7f:9e:08:4c:8c:ed:9e:39:8c:1d:fd:b4:92:
b2:ca:4a:56:6b:3d:96:0a:d2:64:f4:08:e3:cc:5d:
a9:50:d4:25:28:b0:e8:ba:25:98:66:f0:92:53:58:
88:43:8b:07:14:09:5d:81:b4:2f:01:1e:0d:bb:79:
8d:e9:a5:d1:4b:a9:f2:69:8f:c7:4e:c0:27:7b:22:
1d:9b:ab:9d:bb:01:47:4e:82:36:87:67:be:21:fd:
33:b1:91:3e:e2:5c:21:a2:f6:4b:92:9d:ef:a7:2d:
55:e0:66:77:7d:b1:d5:15:ef:04:95:b5:15:ba:22:
9c:b3:eb:bb:04:2b:d9:ab:9b:80:c4:df:5a:f8:b8:
e9:86:8c:17:f1:63:a9:6b:9f:9e:5e:97:dc:c2:07:
ed:c4:fd:a3:16:f7:ea:0e:e3:29:2f:ca:dc:dc:60:
77:02:76:1c:2c:e3:d9:07:23:95:b6:72:35:9f:33:
5b:73:05:55:23:3d:95:79:4b:56:d7:47:f8:8a:24:
24:0e:f1:a0:09:e3:a0:c3:b5:62:25:49:04:53:9a:
e9:ea:03:0e:e2:8e:d5:25:10:5d:ea:ec:f8:74:b5:
a3:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:A7:CC:19:F3:2C:EC:3D:4E:55:DF:73:37:FF:C6:42:AA:02:26:64
X509v3 Authority Key Identifier:
keyid:07:DA:03:C9:C8:26:85:AE:6D:6B:3D:21:D6:84:BB:CF:46:8B:F7:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B9oDycgmha5taz0h1oS7z0aL91s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/deef22-2624-49b6-a23b-aa01dcd3dfa7/1/6KfMGfMs7D1OVd9zN__GQqoCJmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/deef22-2624-49b6-a23b-aa01dcd3dfa7/1/B9oDycgmha5taz0h1oS7z0aL91s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.251.144.0/21
185.164.8.0/22
IPv6:
2a02:2340::/32
Signature Algorithm: sha256WithRSAEncryption
6d:7a:fe:69:01:40:10:ca:16:71:e6:bc:66:06:c7:12:c4:04:
15:ae:88:5e:cf:fe:fb:45:82:7a:d8:12:4a:59:2a:b1:28:7a:
29:0a:62:4f:83:df:fe:87:a9:9d:81:15:78:00:e3:7a:c5:6b:
30:d1:45:02:e4:3b:10:81:1c:3e:56:4a:19:30:de:84:55:99:
27:9e:b8:08:9b:8a:cd:35:e3:f0:89:c8:07:df:f1:17:6f:27:
48:aa:29:cd:46:0b:2e:01:b0:82:5e:b4:9c:90:c5:07:91:97:
d5:60:f6:f3:7f:8a:fa:51:3d:1a:0e:9e:87:13:34:16:27:06:
e6:d9:3c:a7:04:bb:0a:1d:d1:b3:1b:95:8b:27:68:31:43:16:
28:78:b4:17:55:ab:90:3a:a8:bb:d1:2c:ae:3f:df:30:c7:51:
e0:1f:8a:a8:aa:da:f9:b7:44:01:0e:9c:d8:61:ff:0e:30:2c:
dc:4b:d0:23:99:7f:85:17:20:74:27:a8:84:d9:67:2b:5c:b2:
11:d2:3a:67:6d:77:20:34:9e:7b:8e:4d:35:af:60:8e:b4:2a:
da:65:2b:7f:5b:24:2d:33:bc:fd:fc:c9:97:62:a1:a2:85:28:
9d:1f:d4:57:7a:62:ff:df:7f:10:eb:aa:d1:b7:66:d5:35:6a:
fa:a9:0d:34
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzIcUXTv/7v9IkqdWD271tWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZGEwM2M5YzgyNjg1YWU2ZDZiM2QyMWQ2ODRiYmNmNDY4
YmY3NWIwHhcNMjQwMTAyMDQzMTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGE3Y2MxOWYzMmNlYzNkNGU1NWRmNzMzN2ZmYzY0MmFhMDIyNjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgG9GFUEZw65pVnS+hJBYuzyq3r4
Qup7fF2sL3KtJX+eCEyM7Z45jB39tJKyykpWaz2WCtJk9AjjzF2pUNQlKLDouiWY
ZvCSU1iIQ4sHFAldgbQvAR4Nu3mN6aXRS6nyaY/HTsAneyIdm6uduwFHToI2h2e+
If0zsZE+4lwhovZLkp3vpy1V4GZ3fbHVFe8ElbUVuiKcs+u7BCvZq5uAxN9a+Ljp
howX8WOpa5+eXpfcwgftxP2jFvfqDuMpL8rc3GB3AnYcLOPZByOVtnI1nzNbcwVV
Iz2VeUtW10f4iiQkDvGgCeOgw7ViJUkEU5rp6gMO4o7VJRBd6uz4dLWjqwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOinzBnzLOw9TlXfczf/xkKqAiZkMB8GA1UdIwQY
MBaAFAfaA8nIJoWubWs9IdaEu89Gi/dbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjlvRHljZ21oYTV0YXowaDFvUzd6MGFMOTFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9kZWVmMjItMjYyNC00OWI2LWEyM2It
YWEwMWRjZDNkZmE3LzEvNktmTUdmTXM3RDFPVmQ5ek5fX0dRcW9DSm1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9kZWVmMjItMjYyNC00OWI2LWEyM2ItYWEwMWRjZDNkZmE3
LzEvQjlvRHljZ21oYTV0YXowaDFvUzd6MGFMOTFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDsvuQAwQC
uaQIMA0EAgACMAcDBQAqAiNAMA0GCSqGSIb3DQEBCwUAA4IBAQBtev5pAUAQyhZx
5rxmBscSxAQVrohez/77RYJ62BJKWSqxKHopCmJPg9/+h6mdgRV4AON6xWsw0UUC
5DsQgRw+VkoZMN6EVZknnrgIm4rNNePwicgH3/EXbydIqinNRgsuAbCCXrSckMUH
kZfVYPbzf4r6UT0aDp6HEzQWJwbm2TynBLsKHdGzG5WLJ2gxQxYoeLQXVauQOqi7
0SyuP98wx1HgH4qoqtr5t0QBDpzYYf8OMCzcS9AjmX+FFyB0J6iE2WcrXLIR0jpn
bXcgNJ57jk01r2COtCraZSt/WyQtM7z9/MmXYqGihSidH9RXemL/338Q66rRt2bV
NWr6qQ00
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:13:48 2024 by rpki-client on console-fra.rpki-client.org