Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/23d525-8296-4f9c-9de4-91e32c517152/1/6K_qLhpSQxpeIk1YtdGv_X3U2Tg.roa
File: 6K_qLhpSQxpeIk1YtdGv_X3U2Tg.roa (raw, json)
Hash identifier: RyGcAynXiPfKoh8TzwYjALhgv/uULsVOUmUsqTi2lpo=
Subject key identifier: E8:AF:EA:2E:1A:52:43:1A:5E:22:4D:58:B5:D1:AF:FD:7D:D4:D9:38
Certificate issuer: /CN=56c8a1713c7476e00ed2b77fd98fd89330365d87
Certificate serial: 018CC348FB9999F8835F0E5DD60411D43D45
Authority key identifier: 56:C8:A1:71:3C:74:76:E0:0E:D2:B7:7F:D9:8F:D8:93:30:36:5D:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VsihcTx0duAO0rd_2Y_YkzA2XYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/23d525-8296-4f9c-9de4-91e32c517152/1/6K_qLhpSQxpeIk1YtdGv_X3U2Tg.roa
Signing time: Mon 01 Jan 2024 04:29:49 +0000
ROA not before: Mon 01 Jan 2024 04:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44901
IP address blocks: 185.206.145.0/24 maxlen: 24
185.206.144.0/24 maxlen: 24
185.206.147.0/24 maxlen: 24
185.206.146.0/24 maxlen: 24
212.73.150.0/24 maxlen: 24
94.156.35.0/24 maxlen: 24
91.92.111.0/24 maxlen: 24
91.92.108.0/24 maxlen: 24
91.92.120.0/24 maxlen: 24
91.92.128.0/24 maxlen: 24
91.92.136.0/24 maxlen: 24
91.92.137.0/24 maxlen: 24
94.156.144.0/24 maxlen: 24
91.92.144.0/24 maxlen: 24
185.203.117.0/24 maxlen: 24
185.203.116.0/24 maxlen: 24
185.203.118.0/24 maxlen: 24
185.203.119.0/24 maxlen: 24
88.80.145.0/24 maxlen: 24
88.80.151.0/24 maxlen: 24
88.80.150.0/24 maxlen: 24
88.80.148.0/24 maxlen: 24
88.80.147.0/24 maxlen: 24
88.80.149.0/24 maxlen: 24
88.80.146.0/24 maxlen: 24
185.141.63.0/24 maxlen: 24
185.141.62.0/24 maxlen: 24
185.141.61.0/24 maxlen: 24
185.205.210.0/24 maxlen: 24
185.205.209.0/24 maxlen: 24
85.217.170.0/24 maxlen: 24
85.217.171.0/24 maxlen: 24
94.156.189.0/24 maxlen: 24
193.37.213.0/24 maxlen: 24
193.37.212.0/24 maxlen: 24
193.37.215.0/24 maxlen: 24
193.37.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/23d525-8296-4f9c-9de4-91e32c517152/1/VsihcTx0duAO0rd_2Y_YkzA2XYc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/23d525-8296-4f9c-9de4-91e32c517152/1/VsihcTx0duAO0rd_2Y_YkzA2XYc.mft
rsync://rpki.ripe.net/repository/DEFAULT/VsihcTx0duAO0rd_2Y_YkzA2XYc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 12 May 2024 10:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:fb:99:99:f8:83:5f:0e:5d:d6:04:11:d4:3d:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56c8a1713c7476e00ed2b77fd98fd89330365d87
Validity
Not Before: Jan 1 04:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e8afea2e1a52431a5e224d58b5d1affd7dd4d938
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:87:c0:cc:0b:f0:4d:8b:15:b0:c0:58:3e:01:
af:14:21:ae:6b:b3:40:9b:82:88:cd:44:b9:8f:a5:
07:eb:4f:23:41:49:06:d4:2f:5a:f6:10:a7:9c:8c:
6d:46:07:0c:4c:c7:20:53:67:07:bf:22:1b:45:16:
6d:fc:1d:58:ac:bf:10:01:4f:77:e9:2a:18:0e:74:
38:63:e5:d4:c5:c4:6c:a2:a5:f7:aa:9e:a6:9a:7e:
c4:d1:6d:01:ca:e0:da:83:6d:8b:e0:80:60:d7:a1:
aa:34:fd:99:af:a3:6a:b0:b4:6a:3c:83:02:24:18:
ae:a8:49:d8:f1:61:bc:9a:f1:7b:a2:0b:e8:e7:37:
2b:96:04:1e:b2:7b:69:51:f1:ee:db:68:10:ae:ec:
f2:b5:e2:89:3a:c1:a1:4f:11:fb:3e:4e:b0:25:99:
9b:a6:9d:19:38:71:44:16:fd:e7:84:e4:a7:06:d0:
76:2e:b3:7d:7d:f0:09:1a:dc:b2:88:8b:35:8b:bd:
68:22:40:4f:6d:b7:06:84:97:ea:30:ec:1a:3d:28:
75:52:b1:60:81:39:0e:03:db:e8:8b:8b:6c:d2:6e:
23:0e:07:ef:4b:d3:79:fe:9b:66:77:f6:87:0e:1f:
cf:83:c9:b6:ed:b5:2e:1c:49:ab:83:57:62:02:89:
40:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:AF:EA:2E:1A:52:43:1A:5E:22:4D:58:B5:D1:AF:FD:7D:D4:D9:38
X509v3 Authority Key Identifier:
keyid:56:C8:A1:71:3C:74:76:E0:0E:D2:B7:7F:D9:8F:D8:93:30:36:5D:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VsihcTx0duAO0rd_2Y_YkzA2XYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/23d525-8296-4f9c-9de4-91e32c517152/1/6K_qLhpSQxpeIk1YtdGv_X3U2Tg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/23d525-8296-4f9c-9de4-91e32c517152/1/VsihcTx0duAO0rd_2Y_YkzA2XYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.170.0/23
88.80.145.0-88.80.151.255
91.92.108.0/24
91.92.111.0/24
91.92.120.0/24
91.92.128.0/24
91.92.136.0/23
91.92.144.0/24
94.156.35.0/24
94.156.144.0/24
94.156.189.0/24
185.141.61.0-185.141.63.255
185.203.116.0/22
185.205.209.0-185.205.210.255
185.206.144.0/22
193.37.212.0/22
212.73.150.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:57:16:55:0f:00:b5:56:7a:cf:57:b3:35:cb:be:8d:7b:66:
fa:dc:2d:d3:7d:65:40:7e:1f:9d:3b:36:33:72:48:16:c4:03:
2a:88:f5:85:55:ef:61:8b:43:90:2d:ac:93:41:55:f4:a7:7c:
f0:38:69:26:d1:48:20:61:c9:f1:ed:35:45:dd:f4:2e:56:46:
a4:c5:dc:fb:cf:c2:5b:09:f0:1d:07:b9:9a:10:d5:f0:ab:92:
9a:6c:00:03:cb:69:0e:11:b1:fa:b7:f6:b4:72:07:ee:c9:93:
b5:09:0e:8e:b6:26:73:e3:7d:02:5b:2f:9c:8d:fb:e8:c3:ed:
9e:6a:e5:4e:b5:d1:d9:51:66:e6:b2:93:18:4f:f4:9e:31:78:
37:2f:df:97:18:4f:4c:68:21:cd:ac:23:64:6e:93:ee:3a:0f:
ab:da:84:76:60:4a:b9:9b:b8:28:4f:58:46:d8:57:2a:90:31:
90:7a:8a:fd:d0:d3:3e:2e:24:1b:37:a0:0e:a6:41:22:8f:91:
5a:8e:c7:c2:3d:a1:3a:ee:48:cd:d9:f4:eb:10:c3:a1:9b:5a:
02:54:d4:33:df:6b:b8:05:7d:70:f3:49:be:34:55:21:1f:bc:
d7:1c:00:8c:26:c5:af:3d:f8:c0:48:6f:d1:65:4e:5f:0d:cf:
cd:be:a1:60
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYzDSPuZmfiDXw5d1gQR1D1FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YzhhMTcxM2M3NDc2ZTAwZWQyYjc3ZmQ5OGZkODkzMzAz
NjVkODcwHhcNMjQwMTAxMDQyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGFmZWEyZTFhNTI0MzFhNWUyMjRkNThiNWQxYWZmZDdkZDRkOTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIfAzAvwTYsVsMBYPgGvFCGua7NA
m4KIzUS5j6UH608jQUkG1C9a9hCnnIxtRgcMTMcgU2cHvyIbRRZt/B1YrL8QAU93
6SoYDnQ4Y+XUxcRsoqX3qp6mmn7E0W0ByuDag22L4IBg16GqNP2Zr6NqsLRqPIMC
JBiuqEnY8WG8mvF7ogvo5zcrlgQesntpUfHu22gQruzyteKJOsGhTxH7Pk6wJZmb
pp0ZOHFEFv3nhOSnBtB2LrN9ffAJGtyyiIs1i71oIkBPbbcGhJfqMOwaPSh1UrFg
gTkOA9voi4ts0m4jDgfvS9N5/ptmd/aHDh/Pg8m27bUuHEmrg1diAolALQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFOiv6i4aUkMaXiJNWLXRr/191Nk4MB8GA1UdIwQY
MBaAFFbIoXE8dHbgDtK3f9mP2JMwNl2HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnNpaGNUeDBkdUFPMHJkXzJZX1lrekEyWFljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8yM2Q1MjUtODI5Ni00ZjljLTlkZTQt
OTFlMzJjNTE3MTUyLzEvNktfcUxocFNReHBlSWsxWXRkR3ZfWDNVMlRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8yM2Q1MjUtODI5Ni00ZjljLTlkZTQtOTFlMzJjNTE3MTUy
LzEvVnNpaGNUeDBkdUFPMHJkXzJZX1lrekEyWFljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAVXZ
qjAMAwQAWFCRAwQDWFCQAwQAW1xsAwQAW1xvAwQAW1x4AwQAW1yAAwQBW1yIAwQA
W1yQAwQAXpwjAwQAXpyQAwQAXpy9MAwDBAC5jT0DBAa5jQADBAK5y3QwDAMEALnN
0QMEALnN0gMEArnOkAMEAsEl1AMEANRJljANBgkqhkiG9w0BAQsFAAOCAQEAj1cW
VQ8AtVZ6z1ezNcu+jXtm+twt031lQH4fnTs2M3JIFsQDKoj1hVXvYYtDkC2sk0FV
9Kd88DhpJtFIIGHJ8e01Rd30LlZGpMXc+8/CWwnwHQe5mhDV8KuSmmwAA8tpDhGx
+rf2tHIH7smTtQkOjrYmc+N9AlsvnI376MPtnmrlTrXR2VFm5rKTGE/0njF4Ny/f
lxhPTGghzawjZG6T7joPq9qEdmBKuZu4KE9YRthXKpAxkHqK/dDTPi4kGzegDqZB
Io+RWo7Hwj2hOu5Izdn06xDDoZtaAlTUM99ruAV9cPNJvjRVIR+81xwAjCbFrz34
wEhv0WVOXw3Pzb6hYA==
-----END CERTIFICATE-----
Generated at Sat May 11 19:39:55 2024 by rpki-client on console-fra.rpki-client.org