Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/6m8Y_6QKKPQ5eEByCelrpAdvkn4.roa
File: 6m8Y_6QKKPQ5eEByCelrpAdvkn4.roa (raw, json)
Hash identifier: 9lBKCDrhHxefTSXJkPJbaSDQ53/jX2P7oOPgM5Zo5CE=
Subject key identifier: EA:6F:18:FF:A4:0A:28:F4:39:78:40:72:09:E9:6B:A4:07:6F:92:7E
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0192F1D5EC35E9F1A440BB697C225290B08F
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/6m8Y_6QKKPQ5eEByCelrpAdvkn4.roa
Signing time: Sun 03 Nov 2024 11:43:01 +0000
ROA not before: Sun 03 Nov 2024 11:43:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 134176
IP address blocks: 45.138.109.0/24 maxlen: 32
85.209.254.0/24 maxlen: 32
185.190.81.0/24 maxlen: 24
185.236.80.0/24 maxlen: 32
194.49.108.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 09:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f1:d5:ec:35:e9:f1:a4:40:bb:69:7c:22:52:90:b0:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Nov 3 11:43:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea6f18ffa40a28f43978407209e96ba4076f927e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e6:fd:d5:68:53:cd:7c:2b:b1:fe:24:e0:93:
29:d2:9b:a5:34:6f:e9:3f:b4:3d:a9:52:a7:16:e3:
56:14:0b:7c:8d:d0:75:ea:0b:ca:9e:77:51:0d:7a:
6e:a2:43:4f:d4:b5:86:a9:cd:aa:64:ca:65:da:83:
86:00:b8:a0:63:d1:47:6c:fc:c4:3c:47:3d:3c:7b:
1a:43:ec:96:cf:d7:bd:3b:64:fb:2c:49:71:0c:ac:
45:66:98:4c:30:6c:88:92:98:72:dd:75:ec:b7:c6:
05:14:da:1b:d6:4a:f8:93:d1:1e:f4:8a:28:40:18:
bc:ad:9b:4a:bc:2c:b0:71:b9:60:86:08:5b:35:a2:
77:8c:18:56:50:70:d6:24:c3:7d:8d:e5:a6:d1:c8:
1a:19:77:44:ed:d0:25:48:d7:0f:62:d4:45:87:b8:
2e:81:e5:a5:c7:fe:7a:c9:bc:83:d5:c5:90:c8:c6:
e6:01:77:33:ac:a5:75:d1:88:81:69:c2:80:f6:ca:
32:fe:75:40:9a:1e:72:3a:c4:48:8d:e1:b8:d5:d2:
48:be:fe:f1:48:4e:47:bd:7a:68:e1:f6:30:93:64:
7c:29:d5:f2:ea:48:4f:0b:26:d2:da:50:14:62:51:
d6:31:0f:4c:2d:f3:04:03:4b:66:f7:d2:ed:2b:34:
c5:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:6F:18:FF:A4:0A:28:F4:39:78:40:72:09:E9:6B:A4:07:6F:92:7E
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/6m8Y_6QKKPQ5eEByCelrpAdvkn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.109.0/24
85.209.254.0/24
185.190.81.0/24
185.236.80.0/24
194.49.108.0/24
Signature Algorithm: sha256WithRSAEncryption
10:60:ee:c9:5c:f2:13:32:d8:14:6f:e9:25:06:e9:4e:33:a9:
c6:73:ba:9b:b4:c9:c7:e1:e1:4f:00:5c:d0:05:7c:3c:67:70:
64:4c:3e:e6:5b:1e:bf:3b:01:c1:47:9c:fa:ce:1a:d2:c1:d6:
89:ef:06:89:16:fb:da:eb:ba:d9:b4:68:3f:de:d0:57:79:1b:
e1:8d:69:d9:1d:6d:4d:c9:35:f2:82:e4:85:a6:04:91:be:bf:
9a:c4:b6:25:a5:9a:31:82:27:10:7f:95:43:3f:40:46:11:bc:
b1:ba:0f:ee:0f:b1:42:c3:54:d3:de:49:13:94:f7:ed:e3:b7:
a0:88:ab:89:8f:4e:10:a0:9f:07:b4:fd:e5:df:e8:b3:86:39:
64:c5:4f:02:b8:81:d7:cf:81:17:4c:4e:00:db:1c:78:42:51:
a6:5d:d7:d6:e4:45:16:74:0d:cf:c8:4c:1e:02:41:9e:e4:06:
75:a5:a5:46:63:b0:0f:33:b3:f7:3d:33:90:8e:59:fe:10:d8:
91:f6:c1:1b:6d:82:4c:d5:8a:ac:8c:a1:99:38:31:aa:62:c8:
8d:d8:b4:19:24:b9:87:b5:90:d5:19:da:e3:7a:89:9a:c9:45:
11:8d:79:f4:fa:83:21:7f:e0:b7:6c:83:b5:66:8a:e6:32:7c:
f8:b0:53:52
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZLx1ew16fGkQLtpfCJSkLCPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjQxMTAzMTE0MzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTZmMThmZmE0MGEyOGY0Mzk3ODQwNzIwOWU5NmJhNDA3NmY5MjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApub91WhTzXwrsf4k4JMp0pulNG/p
P7Q9qVKnFuNWFAt8jdB16gvKnndRDXpuokNP1LWGqc2qZMpl2oOGALigY9FHbPzE
PEc9PHsaQ+yWz9e9O2T7LElxDKxFZphMMGyIkphy3XXst8YFFNob1kr4k9Ee9Ioo
QBi8rZtKvCywcblghghbNaJ3jBhWUHDWJMN9jeWm0cgaGXdE7dAlSNcPYtRFh7gu
geWlx/56ybyD1cWQyMbmAXczrKV10YiBacKA9soy/nVAmh5yOsRIjeG41dJIvv7x
SE5HvXpo4fYwk2R8KdXy6khPCybS2lAUYlHWMQ9MLfMEA0tm99LtKzTF7QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOpvGP+kCij0OXhAcgnpa6QHb5J+MB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvNm04WV82UUtLUFE1ZUVCeUNlbHJwQWR2a240LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALYptAwQA
VdH+AwQAub5RAwQAuexQAwQAwjFsMA0GCSqGSIb3DQEBCwUAA4IBAQAQYO7JXPIT
MtgUb+klBulOM6nGc7qbtMnH4eFPAFzQBXw8Z3BkTD7mWx6/OwHBR5z6zhrSwdaJ
7waJFvva67rZtGg/3tBXeRvhjWnZHW1NyTXyguSFpgSRvr+axLYlpZoxgicQf5VD
P0BGEbyxug/uD7FCw1TT3kkTlPft47egiKuJj04QoJ8HtP3l3+izhjlkxU8CuIHX
z4EXTE4A2xx4QlGmXdfW5EUWdA3PyEweAkGe5AZ1paVGY7APM7P3PTOQjln+ENiR
9sEbbYJM1YqsjKGZODGqYsiN2LQZJLmHtZDVGdrjeomayUURjXn0+oMhf+C3bIO1
ZormMnz4sFNS
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:50:05 2024 by rpki-client on console-ams.rpki-client.org