Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/32ef5a-e2b9-4999-bfb2-6e8ed3c7307e/1/6DkC9YmGDmafZ4fvAb16v8ne7JU.roa
File: 6DkC9YmGDmafZ4fvAb16v8ne7JU.roa (raw, json)
Hash identifier: svG2i3lhQgqr0Sd4YbvYbr2O+dztmCLrsbFKnDQQN/0=
Subject key identifier: E8:39:02:F5:89:86:0E:66:9F:67:87:EF:01:BD:7A:BF:C9:DE:EC:95
Certificate issuer: /CN=3126e0d5d37bf66f3e9d887eaead9ca63c189489
Certificate serial: 018CC493361E9D71BAEB71286E7F5FE5582F
Authority key identifier: 31:26:E0:D5:D3:7B:F6:6F:3E:9D:88:7E:AE:AD:9C:A6:3C:18:94:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MSbg1dN79m8-nYh-rq2cpjwYlIk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/32ef5a-e2b9-4999-bfb2-6e8ed3c7307e/1/6DkC9YmGDmafZ4fvAb16v8ne7JU.roa
Signing time: Mon 01 Jan 2024 10:30:31 +0000
ROA not before: Mon 01 Jan 2024 10:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15600
IP address blocks: 185.74.116.0/22 maxlen: 22
194.153.176.0/21 maxlen: 21
94.143.88.0/21 maxlen: 21
2a00:d320::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/32ef5a-e2b9-4999-bfb2-6e8ed3c7307e/1/MSbg1dN79m8-nYh-rq2cpjwYlIk.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/32ef5a-e2b9-4999-bfb2-6e8ed3c7307e/1/MSbg1dN79m8-nYh-rq2cpjwYlIk.mft
rsync://rpki.ripe.net/repository/DEFAULT/MSbg1dN79m8-nYh-rq2cpjwYlIk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:36:1e:9d:71:ba:eb:71:28:6e:7f:5f:e5:58:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3126e0d5d37bf66f3e9d887eaead9ca63c189489
Validity
Not Before: Jan 1 10:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e83902f589860e669f6787ef01bd7abfc9deec95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:1d:ee:54:38:98:f8:7c:86:43:4c:90:20:98:
94:32:0e:43:2b:ae:e6:d7:3a:d2:7f:a3:b5:67:57:
9b:31:a8:99:82:ae:a8:5d:cb:c5:4d:0d:a0:ad:b3:
f7:1e:69:5e:5d:4a:5d:9a:8d:fe:3f:d7:48:36:54:
23:3d:80:29:b3:3f:2e:ef:c5:ba:70:93:24:af:a6:
d3:6b:cb:b1:e1:fc:52:76:a4:78:a7:26:f6:46:81:
f8:59:b9:df:48:cc:7c:5b:0c:46:96:cc:99:e8:57:
46:2e:7a:c5:0d:e2:fe:34:cb:20:20:e9:44:83:50:
bb:58:ca:cd:1d:e3:7c:a2:bd:8f:2f:19:3a:97:85:
e6:70:82:cb:5b:b5:ab:ac:3a:64:d4:46:7e:35:d3:
0d:39:71:89:83:6d:36:61:42:78:7c:fc:db:2a:c2:
04:27:d6:ec:dc:78:5a:1b:45:c0:9c:25:dc:ff:e6:
9e:42:1e:d5:1a:6a:90:f1:9d:cb:8e:de:36:40:e8:
e8:3a:11:83:72:28:e4:73:ac:66:d1:64:48:5a:d8:
fb:a2:b0:a6:95:50:63:b2:a6:96:a3:31:48:c2:8e:
79:fd:c2:be:6a:1a:00:73:5d:30:4c:72:0a:9c:14:
0c:03:99:69:7c:08:85:93:ba:89:5c:e5:39:48:c3:
5d:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:39:02:F5:89:86:0E:66:9F:67:87:EF:01:BD:7A:BF:C9:DE:EC:95
X509v3 Authority Key Identifier:
keyid:31:26:E0:D5:D3:7B:F6:6F:3E:9D:88:7E:AE:AD:9C:A6:3C:18:94:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MSbg1dN79m8-nYh-rq2cpjwYlIk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/32ef5a-e2b9-4999-bfb2-6e8ed3c7307e/1/6DkC9YmGDmafZ4fvAb16v8ne7JU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/32ef5a-e2b9-4999-bfb2-6e8ed3c7307e/1/MSbg1dN79m8-nYh-rq2cpjwYlIk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.143.88.0/21
185.74.116.0/22
194.153.176.0/21
IPv6:
2a00:d320::/29
Signature Algorithm: sha256WithRSAEncryption
8d:09:2a:ce:c2:98:fa:17:e5:95:e1:75:34:d2:66:ca:5f:43:
43:be:40:31:1f:86:74:5b:72:5d:f3:c6:65:e8:65:52:ff:24:
ec:8f:2a:bd:9a:a1:eb:c8:c8:a8:a8:a9:af:c1:83:82:d0:46:
f0:28:b9:06:76:85:6f:51:8a:52:dc:ad:db:44:54:f0:71:50:
07:e0:73:4e:4d:6c:1d:2d:89:aa:17:d0:4e:09:0f:0b:ac:f6:
06:4a:b5:24:04:e7:f3:1c:dd:3c:6c:86:ea:c7:90:17:2a:b9:
74:49:33:05:6d:65:96:35:b9:da:e9:7c:fa:6f:28:00:bf:61:
3a:b9:88:2a:40:9d:91:d1:15:08:bc:e5:04:ba:31:3d:d6:71:
e9:b8:a1:a5:1e:01:a4:0b:66:b7:10:99:86:1d:78:4e:83:ee:
a4:af:04:67:ab:0d:15:02:28:0f:7c:08:8a:9c:82:99:8e:f4:
50:15:c2:80:dd:51:4a:33:aa:60:b5:17:ad:13:fc:95:ff:cd:
6e:ec:81:8e:47:e9:80:d7:86:9e:4c:23:6f:57:e4:ac:5d:77:
1e:6c:c4:18:b9:d6:fc:10:57:73:d1:23:bc:57:2c:1d:7d:d3:
02:42:ba:1f:f6:9f:aa:99:fe:e2:69:d1:a0:9b:f5:0c:6f:42:
9d:42:7e:84
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzEkzYenXG663Eobn9f5VgvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMjZlMGQ1ZDM3YmY2NmYzZTlkODg3ZWFlYWQ5Y2E2M2Mx
ODk0ODkwHhcNMjQwMTAxMTAzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODM5MDJmNTg5ODYwZTY2OWY2Nzg3ZWYwMWJkN2FiZmM5ZGVlYzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmR3uVDiY+HyGQ0yQIJiUMg5DK67m
1zrSf6O1Z1ebMaiZgq6oXcvFTQ2grbP3HmleXUpdmo3+P9dINlQjPYApsz8u78W6
cJMkr6bTa8ux4fxSdqR4pyb2RoH4WbnfSMx8WwxGlsyZ6FdGLnrFDeL+NMsgIOlE
g1C7WMrNHeN8or2PLxk6l4XmcILLW7WrrDpk1EZ+NdMNOXGJg202YUJ4fPzbKsIE
J9bs3HhaG0XAnCXc/+aeQh7VGmqQ8Z3Ljt42QOjoOhGDcijkc6xm0WRIWtj7orCm
lVBjsqaWozFIwo55/cK+ahoAc10wTHIKnBQMA5lpfAiFk7qJXOU5SMNdWQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOg5AvWJhg5mn2eH7wG9er/J3uyVMB8GA1UdIwQY
MBaAFDEm4NXTe/ZvPp2Ifq6tnKY8GJSJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVNiZzFkTjc5bTgtblloLXJxMmNwandZbElrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8zMmVmNWEtZTJiOS00OTk5LWJmYjIt
NmU4ZWQzYzczMDdlLzEvNkRrQzlZbUdEbWFmWjRmdkFiMTZ2OG5lN0pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8zMmVmNWEtZTJiOS00OTk5LWJmYjItNmU4ZWQzYzczMDdl
LzEvTVNiZzFkTjc5bTgtblloLXJxMmNwandZbElrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDXo9YAwQC
uUp0AwQDwpmwMA0EAgACMAcDBQMqANMgMA0GCSqGSIb3DQEBCwUAA4IBAQCNCSrO
wpj6F+WV4XU00mbKX0NDvkAxH4Z0W3Jd88Zl6GVS/yTsjyq9mqHryMioqKmvwYOC
0EbwKLkGdoVvUYpS3K3bRFTwcVAH4HNOTWwdLYmqF9BOCQ8LrPYGSrUkBOfzHN08
bIbqx5AXKrl0STMFbWWWNbna6Xz6bygAv2E6uYgqQJ2R0RUIvOUEujE91nHpuKGl
HgGkC2a3EJmGHXhOg+6krwRnqw0VAigPfAiKnIKZjvRQFcKA3VFKM6pgtRetE/yV
/81u7IGOR+mA14aeTCNvV+SsXXcebMQYudb8EFdz0SO8VywdfdMCQrof9p+qmf7i
adGgm/UMb0KdQn6E
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:38:44 2024 by rpki-client on console-fra.rpki-client.org