Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/6LxCFOHbebIG8_HGs-0yRxhlbqM.roa
File: 6LxCFOHbebIG8_HGs-0yRxhlbqM.roa (raw, json)
Hash identifier: nrGpShC2Q88FC0SPwxPJXE6Ij38XsaLvjMwtO529i8w=
Subject key identifier: E8:BC:42:14:E1:DB:79:B2:06:F3:F1:C6:B3:ED:32:47:18:65:6E:A3
Certificate issuer: /CN=8d84404e5f8a4b117ae44e73d53c44ecdd578342
Certificate serial: 019145B3015F8DC55F606B14F219556599E0
Authority key identifier: 8D:84:40:4E:5F:8A:4B:11:7A:E4:4E:73:D5:3C:44:EC:DD:57:83:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/6LxCFOHbebIG8_HGs-0yRxhlbqM.roa
Signing time: Mon 12 Aug 2024 08:27:24 +0000
ROA not before: Mon 12 Aug 2024 08:27:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13238
IP address blocks: 5.45.192.0/18 maxlen: 24
5.255.192.0/18 maxlen: 24
37.9.64.0/18 maxlen: 24
37.140.128.0/18 maxlen: 24
77.88.0.0/18 maxlen: 24
84.252.160.0/19 maxlen: 24
87.250.224.0/19 maxlen: 24
90.156.176.0/20 maxlen: 24
92.255.112.0/20 maxlen: 24
92.255.127.0/24 maxlen: 24
93.158.128.0/18 maxlen: 24
95.108.128.0/17 maxlen: 24
141.8.128.0/18 maxlen: 24
178.154.128.0/19 maxlen: 24
178.154.160.0/19 maxlen: 24
185.32.187.0/24 maxlen: 24
213.180.192.0/19 maxlen: 24
2a02:6b8::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/jYRATl-KSxF65E5z1TxE7N1Xg0I.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/jYRATl-KSxF65E5z1TxE7N1Xg0I.mft
rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:45:b3:01:5f:8d:c5:5f:60:6b:14:f2:19:55:65:99:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d84404e5f8a4b117ae44e73d53c44ecdd578342
Validity
Not Before: Aug 12 08:27:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e8bc4214e1db79b206f3f1c6b3ed324718656ea3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:af:54:6b:e0:4c:d0:f6:7b:8e:42:4c:9d:b6:
c6:f1:99:9d:b5:51:fd:8c:e6:24:7c:fe:30:8b:36:
61:45:dd:fc:24:ae:60:a9:c7:60:d6:fd:1e:a0:24:
41:93:3c:1d:9f:e2:ef:5c:d9:90:51:8a:56:67:0d:
a2:77:b2:a6:83:9d:a0:c7:07:90:6b:e1:1b:f3:ee:
0b:e1:64:fc:a2:34:7e:2f:de:7f:1c:04:bb:91:89:
bf:1c:a5:56:16:07:93:f0:39:0c:24:ac:85:13:44:
32:ad:36:ed:99:11:c7:c7:a9:57:8e:c0:85:1f:33:
8d:da:27:19:25:92:bd:f9:24:66:a1:62:57:16:4e:
bb:80:40:dd:30:a0:ae:2a:60:91:43:51:6d:66:24:
e9:5d:d5:e3:1b:81:c3:5d:38:3c:89:c7:aa:9e:8a:
90:20:89:e9:17:af:0f:88:ec:af:a9:b0:96:36:29:
92:ab:73:07:80:22:b4:47:b4:64:4a:ec:4b:39:1c:
d3:b3:fb:12:26:de:d8:0a:ca:d8:e3:45:46:df:74:
39:63:3c:1a:d4:2a:96:08:1f:9d:ff:1f:5a:33:92:
9f:3d:70:15:fb:92:0a:2d:d4:82:9e:0c:2a:b2:b9:
fe:d6:6d:83:02:f4:4f:6a:26:57:d1:2e:34:4d:e9:
d8:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:BC:42:14:E1:DB:79:B2:06:F3:F1:C6:B3:ED:32:47:18:65:6E:A3
X509v3 Authority Key Identifier:
keyid:8D:84:40:4E:5F:8A:4B:11:7A:E4:4E:73:D5:3C:44:EC:DD:57:83:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/6LxCFOHbebIG8_HGs-0yRxhlbqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/jYRATl-KSxF65E5z1TxE7N1Xg0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.192.0/18
5.255.192.0/18
37.9.64.0/18
37.140.128.0/18
77.88.0.0/18
84.252.160.0/19
87.250.224.0/19
90.156.176.0/20
92.255.112.0/20
93.158.128.0/18
95.108.128.0/17
141.8.128.0/18
178.154.128.0/18
185.32.187.0/24
213.180.192.0/19
IPv6:
2a02:6b8::/29
Signature Algorithm: sha256WithRSAEncryption
5c:3e:bd:74:71:2d:07:66:04:21:a8:06:65:12:93:f2:71:94:
91:89:ae:9a:1a:49:8d:6d:99:6e:5f:35:51:df:c9:c5:d9:bc:
0c:bc:b9:68:6e:c6:4f:78:6d:ae:cf:c3:ca:26:bc:dd:56:10:
7d:9b:4b:97:44:2c:0e:77:29:42:22:6b:ce:2e:54:96:4d:50:
e1:1e:88:83:70:81:1c:df:73:16:dd:75:21:c9:51:a9:7e:20:
ba:f6:ae:33:e3:3e:ed:fb:38:75:2d:3f:f6:a4:57:7c:3d:71:
45:60:0f:da:88:09:e4:ea:26:de:d7:e3:17:0a:64:c6:5c:21:
84:18:82:5e:35:10:2d:f7:1d:fe:b1:c3:10:02:3b:04:54:e5:
38:ce:b7:1d:e7:48:27:f0:1c:fa:d7:7e:fc:07:c6:a6:64:8c:
70:c1:57:77:dc:47:85:a6:36:bc:e0:4b:4b:0b:be:23:db:12:
7e:8f:18:84:6b:f3:6d:08:66:78:bb:f0:2e:78:44:d6:73:ad:
60:cd:05:63:fc:e2:e9:b1:9b:89:e7:94:73:9c:5c:e0:c2:5f:
78:24:6c:af:c1:8f:ed:8b:a6:7c:83:e2:3c:f5:fe:2d:06:16:
41:17:99:e6:c8:bb:bd:05:2d:aa:af:bb:82:b7:53:92:bf:77:
fa:5e:4b:96
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAZFFswFfjcVfYGsU8hlVZZngMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkODQ0MDRlNWY4YTRiMTE3YWU0NGU3M2Q1M2M0NGVjZGQ1
NzgzNDIwHhcNMjQwODEyMDgyNzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGJjNDIxNGUxZGI3OWIyMDZmM2YxYzZiM2VkMzI0NzE4NjU2ZWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApq9Ua+BM0PZ7jkJMnbbG8ZmdtVH9
jOYkfP4wizZhRd38JK5gqcdg1v0eoCRBkzwdn+LvXNmQUYpWZw2id7Kmg52gxweQ
a+Eb8+4L4WT8ojR+L95/HAS7kYm/HKVWFgeT8DkMJKyFE0QyrTbtmRHHx6lXjsCF
HzON2icZJZK9+SRmoWJXFk67gEDdMKCuKmCRQ1FtZiTpXdXjG4HDXTg8iceqnoqQ
IInpF68PiOyvqbCWNimSq3MHgCK0R7RkSuxLORzTs/sSJt7YCsrY40VG33Q5Yzwa
1CqWCB+d/x9aM5KfPXAV+5IKLdSCngwqsrn+1m2DAvRPaiZX0S40TenYhwIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFOi8QhTh23myBvPxxrPtMkcYZW6jMB8GA1UdIwQY
MBaAFI2EQE5fiksReuROc9U8ROzdV4NCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvallSQVRsLUtTeEY2NUU1ejFUeEU3TjFYZzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kNTFmNjQtNWQwNi00ZmMwLWFiNjkt
MmNkOThlZTUzNTY5LzEvNkx4Q0ZPSGJlYklHOF9IR3MtMHlSeGhsYnFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9kNTFmNjQtNWQwNi00ZmMwLWFiNjktMmNkOThlZTUzNTY5
LzEvallSQVRsLUtTeEY2NUU1ejFUeEU3TjFYZzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEBgUtwAME
BgX/wAMEBiUJQAMEBiWMgAMEBk1YAAMEBVT8oAMEBVf64AMEBFqcsAMEBFz/cAME
Bl2egAMEB19sgAMEBo0IgAMEBrKagAMEALkguwMEBdW0wDANBAIAAjAHAwUDKgIG
uDANBgkqhkiG9w0BAQsFAAOCAQEAXD69dHEtB2YEIagGZRKT8nGUkYmumhpJjW2Z
bl81Ud/Jxdm8DLy5aG7GT3htrs/Dyia83VYQfZtLl0QsDncpQiJrzi5Ulk1Q4R6I
g3CBHN9zFt11IclRqX4guvauM+M+7fs4dS0/9qRXfD1xRWAP2ogJ5Oom3tfjFwpk
xlwhhBiCXjUQLfcd/rHDEAI7BFTlOM63HedIJ/Ac+td+/AfGpmSMcMFXd9xHhaY2
vOBLSwu+I9sSfo8YhGvzbQhmeLvwLnhE1nOtYM0FY/zi6bGbieeUc5xc4MJfeCRs
r8GP7YumfIPiPPX+LQYWQReZ5si7vQUtqq+7grdTkr93+l5Llg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:53:40 2024 by rpki-client on console-fra.rpki-client.org