Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/6WADeq1-eaFim86apghPQ1IChDs.roa
File: 6WADeq1-eaFim86apghPQ1IChDs.roa (raw, json)
Hash identifier: fHtgavEVhg0ZTuHS1Pm9Dvh0fgRDFAX/HPNMXV+T4XU=
Subject key identifier: E9:60:03:7A:AD:7E:79:A1:62:9B:CE:9A:A6:08:4F:43:52:02:84:3B
Certificate issuer: /CN=d1f7cd0ec4c3bc54c59431307eec36ef03827733
Certificate serial: 018CC26D1D1DED758F97A2B079A0F45E5E8D
Authority key identifier: D1:F7:CD:0E:C4:C3:BC:54:C5:94:31:30:7E:EC:36:EF:03:82:77:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0ffNDsTDvFTFlDEwfuw27wOCdzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/6WADeq1-eaFim86apghPQ1IChDs.roa
Signing time: Mon 01 Jan 2024 00:29:39 +0000
ROA not before: Mon 01 Jan 2024 00:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47944
IP address blocks: 94.125.200.0/21 maxlen: 21
94.125.207.0/24 maxlen: 24
2a03:2ba0::/32 maxlen: 32
2a03:2ba0:1:888::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/0ffNDsTDvFTFlDEwfuw27wOCdzM.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/0ffNDsTDvFTFlDEwfuw27wOCdzM.mft
rsync://rpki.ripe.net/repository/DEFAULT/0ffNDsTDvFTFlDEwfuw27wOCdzM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:1d:1d:ed:75:8f:97:a2:b0:79:a0:f4:5e:5e:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1f7cd0ec4c3bc54c59431307eec36ef03827733
Validity
Not Before: Jan 1 00:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e960037aad7e79a1629bce9aa6084f435202843b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:90:df:76:d7:f0:79:2d:49:45:45:eb:97:02:
5f:99:cd:8b:28:52:44:f5:25:29:bb:23:0b:7b:9b:
89:8d:29:50:c5:a0:d4:25:af:a7:1e:31:33:95:75:
53:7e:2a:9f:a9:ad:1d:1c:99:71:38:e9:20:bb:de:
7d:02:f7:c8:89:d7:96:fd:0d:d3:44:d5:c0:af:cf:
fd:e6:48:8f:9a:a7:13:ed:57:89:2b:84:df:77:65:
59:38:e4:33:f2:e1:f3:c2:16:6c:1c:71:4d:58:a8:
42:01:6e:6f:30:05:e1:11:6a:35:1b:fe:0a:0b:46:
47:1a:f9:22:ba:40:86:5a:cd:e5:82:dc:2d:b9:0e:
06:ed:50:0f:56:0b:18:27:8c:93:2f:f7:3d:95:44:
7a:fd:aa:4c:fd:8b:51:4e:5f:c5:fe:10:4d:fb:8b:
19:30:fd:c4:b4:1d:6d:83:da:d1:36:9d:a1:c1:55:
18:59:6b:62:e2:84:b9:f9:89:73:05:54:d8:fb:bc:
17:e4:5a:f3:f6:85:88:29:5c:85:67:83:fe:d1:53:
f0:1a:8f:da:49:12:6a:40:88:2e:e6:e9:e1:a2:6d:
52:ba:bf:a0:e3:32:0f:98:ef:30:d7:5c:d8:da:49:
7c:de:26:32:1e:6f:8b:1f:bb:0d:e6:cc:91:29:bc:
3d:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:60:03:7A:AD:7E:79:A1:62:9B:CE:9A:A6:08:4F:43:52:02:84:3B
X509v3 Authority Key Identifier:
keyid:D1:F7:CD:0E:C4:C3:BC:54:C5:94:31:30:7E:EC:36:EF:03:82:77:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0ffNDsTDvFTFlDEwfuw27wOCdzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/6WADeq1-eaFim86apghPQ1IChDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/0ffNDsTDvFTFlDEwfuw27wOCdzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.125.200.0/21
IPv6:
2a03:2ba0::/32
Signature Algorithm: sha256WithRSAEncryption
a5:4f:5c:e0:20:91:1a:24:57:b9:79:6c:c6:50:f4:b5:7f:75:
a5:5b:9f:03:f3:6f:a4:4a:99:3c:06:d3:0c:12:a4:b5:e3:f5:
ab:0e:31:ee:01:37:02:cd:9a:fa:0a:05:2c:48:ac:51:10:e9:
22:61:77:ba:c0:ad:b2:3d:a3:e3:8b:be:ce:ab:ec:d1:53:8b:
24:b6:98:d0:b2:3d:e1:4d:78:a8:0f:52:1c:38:a2:56:49:2f:
7d:f4:bc:c7:b1:1b:07:06:5e:f3:a9:68:5a:38:c2:6f:b8:81:
99:3d:2f:ae:0f:f3:da:70:22:4f:23:4f:c6:7c:1a:08:fa:8c:
f4:bb:62:33:7a:da:95:67:50:1c:33:47:12:54:bb:75:55:14:
07:ea:23:18:08:7c:4f:f2:b7:18:f7:4e:09:73:7a:af:85:3e:
93:c4:05:eb:56:b0:64:38:59:3e:34:cc:a1:42:d5:68:83:6f:
6e:fc:70:0f:c1:67:c8:6c:9e:c2:91:db:b5:fa:50:d3:23:41:
ae:d6:5a:26:cf:09:5b:8d:f8:1b:9c:19:4b:15:ac:44:67:83:
85:c0:78:52:a5:d2:21:cc:1c:15:3a:f4:81:cc:ec:9e:2c:cf:
2e:81:19:98:0b:70:af:dc:da:58:be:33:f4:31:f8:48:38:ad:
a8:97:ff:9d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzCbR0d7XWPl6KweaD0Xl6NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZjdjZDBlYzRjM2JjNTRjNTk0MzEzMDdlZWMzNmVmMDM4
Mjc3MzMwHhcNMjQwMTAxMDAyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTYwMDM3YWFkN2U3OWExNjI5YmNlOWFhNjA4NGY0MzUyMDI4NDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpDfdtfweS1JRUXrlwJfmc2LKFJE
9SUpuyMLe5uJjSlQxaDUJa+nHjEzlXVTfiqfqa0dHJlxOOkgu959AvfIideW/Q3T
RNXAr8/95kiPmqcT7VeJK4Tfd2VZOOQz8uHzwhZsHHFNWKhCAW5vMAXhEWo1G/4K
C0ZHGvkiukCGWs3lgtwtuQ4G7VAPVgsYJ4yTL/c9lUR6/apM/YtRTl/F/hBN+4sZ
MP3EtB1tg9rRNp2hwVUYWWti4oS5+YlzBVTY+7wX5Frz9oWIKVyFZ4P+0VPwGo/a
SRJqQIgu5unhom1Sur+g4zIPmO8w11zY2kl83iYyHm+LH7sN5syRKbw9gwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOlgA3qtfnmhYpvOmqYIT0NSAoQ7MB8GA1UdIwQY
MBaAFNH3zQ7Ew7xUxZQxMH7sNu8DgnczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGZmTkRzVER2RlRGbERFd2Z1dzI3d09DZHpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8wMjRkNDctNDdiMi00MGI1LWEyYjgt
OWNiNWQ4OGZkZDM5LzEvNldBRGVxMS1lYUZpbTg2YXBnaFBRMUlDaERzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8wMjRkNDctNDdiMi00MGI1LWEyYjgtOWNiNWQ4OGZkZDM5
LzEvMGZmTkRzVER2RlRGbERFd2Z1dzI3d09DZHpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDXn3IMA0E
AgACMAcDBQAqAyugMA0GCSqGSIb3DQEBCwUAA4IBAQClT1zgIJEaJFe5eWzGUPS1
f3WlW58D82+kSpk8BtMMEqS14/WrDjHuATcCzZr6CgUsSKxREOkiYXe6wK2yPaPj
i77Oq+zRU4sktpjQsj3hTXioD1IcOKJWSS999LzHsRsHBl7zqWhaOMJvuIGZPS+u
D/PacCJPI0/GfBoI+oz0u2IzetqVZ1AcM0cSVLt1VRQH6iMYCHxP8rcY904Jc3qv
hT6TxAXrVrBkOFk+NMyhQtVog29u/HAPwWfIbJ7Ckdu1+lDTI0Gu1lomzwlbjfgb
nBlLFaxEZ4OFwHhSpdIhzBwVOvSBzOyeLM8ugRmYC3Cv3NpYvjP0MfhIOK2ol/+d
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:25:14 2024 by rpki-client on console-fra.rpki-client.org