Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/a50372-da39-482e-9ad4-30becfc1b311/1/6_rg2nFInbDz72yr5DZPlhFFPPw.roa
File: 6_rg2nFInbDz72yr5DZPlhFFPPw.roa (raw, json)
Hash identifier: Rnb5NUcHnVXuKoF9L8QK0pHTqxopQ3Cb1HOi0vv4MJ4=
Subject key identifier: EB:FA:E0:DA:71:48:9D:B0:F3:EF:6C:AB:E4:36:4F:96:11:45:3C:FC
Certificate issuer: /CN=097e05516fc8793406868b8109e3c044b702716c
Certificate serial: 018CC6B79DE553E4D40F7D3A8812E4FB5700
Authority key identifier: 09:7E:05:51:6F:C8:79:34:06:86:8B:81:09:E3:C0:44:B7:02:71:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CX4FUW_IeTQGhouBCePARLcCcWw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/a50372-da39-482e-9ad4-30becfc1b311/1/6_rg2nFInbDz72yr5DZPlhFFPPw.roa
Signing time: Mon 01 Jan 2024 20:29:31 +0000
ROA not before: Mon 01 Jan 2024 20:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48506
IP address blocks: 185.163.192.0/22 maxlen: 32
2a0a:2c00::/29 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/a50372-da39-482e-9ad4-30becfc1b311/1/CX4FUW_IeTQGhouBCePARLcCcWw.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/a50372-da39-482e-9ad4-30becfc1b311/1/CX4FUW_IeTQGhouBCePARLcCcWw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CX4FUW_IeTQGhouBCePARLcCcWw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:02:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:9d:e5:53:e4:d4:0f:7d:3a:88:12:e4:fb:57:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097e05516fc8793406868b8109e3c044b702716c
Validity
Not Before: Jan 1 20:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ebfae0da71489db0f3ef6cabe4364f9611453cfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ba:8f:35:f9:6b:7a:0a:99:1b:a2:55:67:88:
16:ff:1c:dc:13:7f:75:d3:d3:a8:92:b2:5d:b1:be:
26:9b:ad:56:7a:5f:96:73:4d:34:cc:84:e6:f9:f0:
1b:c8:5b:c4:d3:81:08:a0:2a:71:bb:e6:b4:9f:11:
43:d9:e0:33:cf:75:19:b4:3a:7c:1f:05:1e:bd:f8:
21:00:e6:a7:0e:4c:40:96:3d:36:a8:71:43:c8:c4:
27:06:d3:dd:2f:8a:bc:d3:57:b0:fe:f7:fd:96:8c:
fd:85:5d:0d:5e:9c:d8:7b:72:30:3a:84:82:61:9b:
7f:14:34:eb:71:35:1b:68:ad:2a:aa:f0:aa:de:80:
d2:d4:07:af:95:2d:4e:33:89:8b:2e:4b:e9:49:de:
c9:b4:c6:d7:8b:0e:48:a1:b7:62:20:c9:6f:e7:8a:
94:04:a4:91:56:71:ad:b1:b2:a4:50:ea:c0:58:bd:
b5:32:e9:c3:3f:a9:26:2b:09:61:01:dd:47:f0:f6:
b6:2d:6f:ca:4b:18:ba:a5:33:1d:7b:f5:db:a3:2c:
89:b3:a9:4b:da:df:82:f5:6b:29:84:e0:6c:1b:c8:
97:4a:aa:84:9c:29:8f:cf:d2:9c:39:b6:b8:03:a1:
ce:e4:67:e9:bc:d2:69:0a:e7:14:7c:49:ac:87:f8:
a5:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:FA:E0:DA:71:48:9D:B0:F3:EF:6C:AB:E4:36:4F:96:11:45:3C:FC
X509v3 Authority Key Identifier:
keyid:09:7E:05:51:6F:C8:79:34:06:86:8B:81:09:E3:C0:44:B7:02:71:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CX4FUW_IeTQGhouBCePARLcCcWw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/a50372-da39-482e-9ad4-30becfc1b311/1/6_rg2nFInbDz72yr5DZPlhFFPPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/a50372-da39-482e-9ad4-30becfc1b311/1/CX4FUW_IeTQGhouBCePARLcCcWw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.163.192.0/22
IPv6:
2a0a:2c00::/29
Signature Algorithm: sha256WithRSAEncryption
62:2f:18:3f:d2:94:4a:85:73:ba:87:01:dd:14:02:27:f2:b6:
92:51:70:ea:2e:b1:3f:bd:3c:c4:c8:fd:20:79:b3:b4:69:c0:
b9:ea:7e:a5:89:88:dc:bf:6c:c3:92:51:b0:51:21:c0:eb:56:
af:24:72:58:a9:3a:47:81:8c:fb:35:b3:b0:87:2b:06:e2:82:
a6:22:bc:f3:36:95:a6:0a:9e:fc:8b:8d:aa:e5:58:41:c6:93:
fd:6c:e9:6d:c2:74:0f:e5:9e:39:fc:8d:46:19:43:fd:e0:6f:
e4:7a:25:17:0d:aa:d8:a2:3c:ea:59:b1:8d:2f:78:17:c4:d1:
18:ba:40:b3:20:6c:c4:19:2b:c7:10:53:a3:22:e9:91:69:ba:
ff:77:23:cb:da:33:88:09:0d:2c:a1:28:25:4c:16:c8:50:be:
73:71:82:ab:b8:cd:61:7e:3b:7b:31:76:fd:99:50:90:f3:75:
6f:93:2a:c2:1a:a2:5d:76:b0:1a:01:91:d4:85:84:43:c0:70:
98:e5:6b:f6:d0:47:e9:1d:b3:8f:aa:63:26:64:df:85:34:6c:
b5:37:52:12:2f:6b:0a:82:4d:94:b1:f8:02:02:36:4d:ac:d2:
57:a4:e9:cd:28:44:8a:9f:35:70:b4:6e:4a:64:2d:46:2a:4f:
ee:d0:55:73
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGt53lU+TUD306iBLk+1cAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5N2UwNTUxNmZjODc5MzQwNjg2OGI4MTA5ZTNjMDQ0Yjcw
MjcxNmMwHhcNMjQwMTAxMjAyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmZhZTBkYTcxNDg5ZGIwZjNlZjZjYWJlNDM2NGY5NjExNDUzY2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7qPNflregqZG6JVZ4gW/xzcE391
09OokrJdsb4mm61Wel+Wc000zITm+fAbyFvE04EIoCpxu+a0nxFD2eAzz3UZtDp8
HwUevfghAOanDkxAlj02qHFDyMQnBtPdL4q801ew/vf9loz9hV0NXpzYe3IwOoSC
YZt/FDTrcTUbaK0qqvCq3oDS1AevlS1OM4mLLkvpSd7JtMbXiw5IobdiIMlv54qU
BKSRVnGtsbKkUOrAWL21MunDP6kmKwlhAd1H8Pa2LW/KSxi6pTMde/XboyyJs6lL
2t+C9WsphOBsG8iXSqqEnCmPz9KcOba4A6HO5GfpvNJpCucUfEmsh/ilYQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOv64NpxSJ2w8+9sq+Q2T5YRRTz8MB8GA1UdIwQY
MBaAFAl+BVFvyHk0BoaLgQnjwES3AnFsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1g0RlVXX0llVFFHaG91QkNlUEFSTGNDY1d3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9hNTAzNzItZGEzOS00ODJlLTlhZDQt
MzBiZWNmYzFiMzExLzEvNl9yZzJuRkluYkR6NzJ5cjVEWlBsaEZGUFB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9hNTAzNzItZGEzOS00ODJlLTlhZDQtMzBiZWNmYzFiMzEx
LzEvQ1g0RlVXX0llVFFHaG91QkNlUEFSTGNDY1d3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaPAMA0E
AgACMAcDBQMqCiwAMA0GCSqGSIb3DQEBCwUAA4IBAQBiLxg/0pRKhXO6hwHdFAIn
8raSUXDqLrE/vTzEyP0gebO0acC56n6liYjcv2zDklGwUSHA61avJHJYqTpHgYz7
NbOwhysG4oKmIrzzNpWmCp78i42q5VhBxpP9bOltwnQP5Z45/I1GGUP94G/keiUX
DarYojzqWbGNL3gXxNEYukCzIGzEGSvHEFOjIumRabr/dyPL2jOICQ0soSglTBbI
UL5zcYKruM1hfjt7MXb9mVCQ83VvkyrCGqJddrAaAZHUhYRDwHCY5Wv20EfpHbOP
qmMmZN+FNGy1N1ISL2sKgk2UsfgCAjZNrNJXpOnNKESKnzVwtG5KZC1GKk/u0FVz
-----END CERTIFICATE-----
Generated at Fri May 17 18:46:25 2024 by rpki-client on console-ams.rpki-client.org