Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/396709-20e1-4f7d-963e-3b5e83f626e3/1/pt6zw4hIVJDWAcxY0bzU-YY9ei4.roa
File: pt6zw4hIVJDWAcxY0bzU-YY9ei4.roa (raw, json)
Hash identifier: aka2cRqPn+Bi5piL1W2OL0T+xEvvg30jbAfTUqiGcGQ=
Subject key identifier: A6:DE:B3:C3:88:48:54:90:D6:01:CC:58:D1:BC:D4:F9:86:3D:7A:2E
Certificate issuer: /CN=33710cf81d21777a98d3d999dc1e6eae055f7c3c
Certificate serial: 018CC94AD73DD783C7A4669DCD88A491ACC6
Authority key identifier: 33:71:0C:F8:1D:21:77:7A:98:D3:D9:99:DC:1E:6E:AE:05:5F:7C:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M3EM-B0hd3qY09mZ3B5urgVffDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/396709-20e1-4f7d-963e-3b5e83f626e3/1/pt6zw4hIVJDWAcxY0bzU-YY9ei4.roa
Signing time: Tue 02 Jan 2024 08:29:34 +0000
ROA not before: Tue 02 Jan 2024 08:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47698
IP address blocks: 91.206.174.0/23 maxlen: 23
91.208.103.0/24 maxlen: 24
2001:67c:394::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/396709-20e1-4f7d-963e-3b5e83f626e3/1/M3EM-B0hd3qY09mZ3B5urgVffDw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/396709-20e1-4f7d-963e-3b5e83f626e3/1/M3EM-B0hd3qY09mZ3B5urgVffDw.mft
rsync://rpki.ripe.net/repository/DEFAULT/M3EM-B0hd3qY09mZ3B5urgVffDw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:d7:3d:d7:83:c7:a4:66:9d:cd:88:a4:91:ac:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33710cf81d21777a98d3d999dc1e6eae055f7c3c
Validity
Not Before: Jan 2 08:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6deb3c388485490d601cc58d1bcd4f9863d7a2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:38:ca:49:28:cc:c0:49:eb:92:4b:ee:9c:74:
d3:1b:00:10:f8:22:ca:e8:bf:b5:a6:cf:42:38:85:
d6:90:1e:67:7f:cb:95:02:3a:50:08:0c:52:7b:fc:
51:02:c8:b8:7e:29:d4:1c:f3:c1:44:19:97:62:72:
2a:10:fc:07:56:2a:ef:3f:d0:bd:66:3c:f2:73:cb:
4d:1d:f6:78:04:b0:5f:a2:aa:49:aa:c4:d7:5f:c3:
6b:38:31:c0:70:23:cd:a0:31:87:e7:2e:87:07:3e:
da:3f:0f:99:52:bf:5b:30:53:56:f2:37:ae:f1:84:
10:fd:b5:73:38:a2:88:98:24:22:bb:77:cc:a7:c7:
9c:3e:8c:52:db:fc:5d:06:91:ed:72:24:b4:80:6a:
b1:49:57:fe:32:43:3e:27:7a:1e:9d:a8:3f:a0:2d:
e9:34:e0:e9:94:67:6b:2e:45:3d:dd:85:b0:c7:3e:
45:b1:a5:41:e9:fd:e8:b1:cf:0a:ef:d1:b1:af:cc:
34:97:eb:1f:45:df:a0:96:d5:f8:3c:7d:7e:0a:94:
d1:ae:cb:4d:43:95:24:5a:e7:ce:4b:fa:62:29:1d:
9e:14:c7:b3:66:6a:61:e0:d8:b4:25:8b:71:23:c9:
eb:b2:0a:da:4c:88:be:43:be:31:29:eb:49:13:45:
1a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:DE:B3:C3:88:48:54:90:D6:01:CC:58:D1:BC:D4:F9:86:3D:7A:2E
X509v3 Authority Key Identifier:
keyid:33:71:0C:F8:1D:21:77:7A:98:D3:D9:99:DC:1E:6E:AE:05:5F:7C:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M3EM-B0hd3qY09mZ3B5urgVffDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/396709-20e1-4f7d-963e-3b5e83f626e3/1/pt6zw4hIVJDWAcxY0bzU-YY9ei4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/396709-20e1-4f7d-963e-3b5e83f626e3/1/M3EM-B0hd3qY09mZ3B5urgVffDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.174.0/23
91.208.103.0/24
IPv6:
2001:67c:394::/48
Signature Algorithm: sha256WithRSAEncryption
9b:4b:6d:7b:1a:b5:ae:7c:b4:0e:78:ec:b6:2e:53:df:12:05:
07:6d:cf:04:bd:43:c6:37:19:cc:d3:27:13:80:7a:6f:7e:67:
20:bf:36:5b:38:73:f5:90:97:28:3d:c8:b3:23:9b:93:52:35:
cd:87:92:73:56:28:7e:96:01:a5:5b:e8:5b:1a:a0:74:9e:82:
3c:0e:33:22:bd:b0:0e:cb:27:9d:1e:26:f1:b5:00:89:a9:c8:
c2:b7:fe:e8:f1:78:46:27:83:76:d4:49:36:05:cc:19:fc:76:
10:4d:b8:db:4a:9e:4e:bb:79:31:bb:cc:64:c8:e6:7b:51:7a:
bd:d0:5b:0d:30:ca:0e:b1:9d:e5:d8:b2:02:40:00:cc:22:f6:
a3:12:48:a1:48:fe:14:86:c1:e2:6f:cb:cb:3c:78:53:f0:ad:
5f:66:60:fc:73:2b:0d:75:79:a3:d0:e8:98:da:74:0f:5f:a5:
9a:31:62:4e:ef:85:fc:3d:19:6e:9d:6b:ff:0e:41:1a:e7:9d:
ca:b1:c3:37:2d:3f:60:97:4e:cd:f2:04:a6:52:c7:23:97:32:
d6:52:d5:f2:e6:03:26:e1:bc:58:16:23:e2:70:9e:48:bf:1a:
db:df:17:89:13:46:6a:e0:5f:59:21:f9:0f:60:fd:63:98:57:
e9:f3:9d:d1
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzJStc914PHpGadzYikkazGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNzEwY2Y4MWQyMTc3N2E5OGQzZDk5OWRjMWU2ZWFlMDU1
ZjdjM2MwHhcNMjQwMTAyMDgyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmRlYjNjMzg4NDg1NDkwZDYwMWNjNThkMWJjZDRmOTg2M2Q3YTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjjKSSjMwEnrkkvunHTTGwAQ+CLK
6L+1ps9COIXWkB5nf8uVAjpQCAxSe/xRAsi4finUHPPBRBmXYnIqEPwHVirvP9C9
Zjzyc8tNHfZ4BLBfoqpJqsTXX8NrODHAcCPNoDGH5y6HBz7aPw+ZUr9bMFNW8jeu
8YQQ/bVzOKKImCQiu3fMp8ecPoxS2/xdBpHtciS0gGqxSVf+MkM+J3oenag/oC3p
NODplGdrLkU93YWwxz5FsaVB6f3osc8K79Gxr8w0l+sfRd+gltX4PH1+CpTRrstN
Q5UkWufOS/piKR2eFMezZmph4Ni0JYtxI8nrsgraTIi+Q74xKetJE0UaxwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFKbes8OISFSQ1gHMWNG81PmGPXouMB8GA1UdIwQY
MBaAFDNxDPgdIXd6mNPZmdwebq4FX3w8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTNFTS1CMGhkM3FZMDltWjNCNXVyZ1ZmZkR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8zOTY3MDktMjBlMS00ZjdkLTk2M2Ut
M2I1ZTgzZjYyNmUzLzEvcHQ2enc0aElWSkRXQWN4WTBielUtWVk5ZWk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8zOTY3MDktMjBlMS00ZjdkLTk2M2UtM2I1ZTgzZjYyNmUz
LzEvTTNFTS1CMGhkM3FZMDltWjNCNXVyZ1ZmZkR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBW86uAwQA
W9BnMA8EAgACMAkDBwAgAQZ8A5QwDQYJKoZIhvcNAQELBQADggEBAJtLbXsata58
tA547LYuU98SBQdtzwS9Q8Y3GczTJxOAem9+ZyC/Nls4c/WQlyg9yLMjm5NSNc2H
knNWKH6WAaVb6FsaoHSegjwOMyK9sA7LJ50eJvG1AImpyMK3/ujxeEYng3bUSTYF
zBn8dhBNuNtKnk67eTG7zGTI5ntRer3QWw0wyg6xneXYsgJAAMwi9qMSSKFI/hSG
weJvy8s8eFPwrV9mYPxzKw11eaPQ6JjadA9fpZoxYk7vhfw9GW6da/8OQRrnncqx
wzctP2CXTs3yBKZSxyOXMtZS1fLmAybhvFgWI+Jwnki/GtvfF4kTRmrgX1kh+Q9g
/WOYV+nzndE=
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:15:55 2024 by rpki-client on console-fra.rpki-client.org