Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/6BS05qGIhK4HZPUlfUvY8CedC40.roa
File: 6BS05qGIhK4HZPUlfUvY8CedC40.roa (raw, json)
Hash identifier: ZsMXrnvlJxPyyivzWimb4imQtHGs5MykFqJHXyJY4Xc=
Subject key identifier: E8:14:B4:E6:A1:88:84:AE:07:64:F5:25:7D:4B:D8:F0:27:9D:0B:8D
Certificate issuer: /CN=bdd244214d76468d3fb72abad1892ef23dede978
Certificate serial: 019353DE7D3F313F784BF5706D8094A828AC
Authority key identifier: BD:D2:44:21:4D:76:46:8D:3F:B7:2A:BA:D1:89:2E:F2:3D:ED:E9:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vdJEIU12Ro0_tyq60Yku8j3t6Xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/6BS05qGIhK4HZPUlfUvY8CedC40.roa
Signing time: Fri 22 Nov 2024 12:35:10 +0000
ROA not before: Fri 22 Nov 2024 12:35:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6730
IP address blocks: 31.10.128.0/17 maxlen: 17
31.10.128.0/18 maxlen: 18
31.10.192.0/18 maxlen: 18
46.126.0.0/15 maxlen: 15
46.126.0.0/16 maxlen: 16
46.127.0.0/16 maxlen: 16
46.140.0.0/16 maxlen: 16
46.140.0.0/17 maxlen: 17
46.140.128.0/17 maxlen: 17
62.2.0.0/16 maxlen: 16
62.2.0.0/17 maxlen: 17
62.2.128.0/17 maxlen: 17
77.56.0.0/14 maxlen: 14
77.56.0.0/15 maxlen: 15
77.58.0.0/15 maxlen: 15
80.218.0.0/15 maxlen: 15
80.218.0.0/16 maxlen: 16
80.219.0.0/16 maxlen: 16
81.7.224.0/19 maxlen: 19
81.7.224.0/20 maxlen: 20
81.7.240.0/20 maxlen: 20
84.20.32.0/20 maxlen: 20
84.20.32.0/21 maxlen: 21
84.20.40.0/21 maxlen: 21
84.20.48.0/21 maxlen: 21
84.20.48.0/22 maxlen: 22
84.20.52.0/22 maxlen: 22
84.72.0.0/14 maxlen: 14
84.72.0.0/15 maxlen: 15
84.74.0.0/15 maxlen: 15
178.82.0.0/15 maxlen: 15
178.82.0.0/16 maxlen: 16
178.82.0.0/17 maxlen: 17
178.82.128.0/17 maxlen: 17
178.83.0.0/16 maxlen: 16
194.29.0.0/19 maxlen: 19
194.29.0.0/20 maxlen: 20
194.29.16.0/20 maxlen: 20
195.202.192.0/18 maxlen: 18
195.202.192.0/19 maxlen: 19
195.202.224.0/19 maxlen: 19
212.47.160.0/19 maxlen: 19
212.47.160.0/20 maxlen: 20
212.47.176.0/20 maxlen: 20
213.193.64.0/18 maxlen: 18
213.193.64.0/19 maxlen: 19
213.193.96.0/19 maxlen: 19
217.162.0.0/16 maxlen: 16
217.162.0.0/17 maxlen: 17
217.162.128.0/17 maxlen: 17
217.168.32.0/19 maxlen: 19
217.168.32.0/20 maxlen: 20
217.168.48.0/20 maxlen: 20
2a00:e2c0::/32 maxlen: 32
2a00:e2c0::/33 maxlen: 33
2a00:e2c0:8000::/33 maxlen: 33
2a02:aa00::/27 maxlen: 27
2a02:aa00::/28 maxlen: 28
2a02:aa10::/28 maxlen: 28
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/vdJEIU12Ro0_tyq60Yku8j3t6Xg.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/vdJEIU12Ro0_tyq60Yku8j3t6Xg.mft
rsync://rpki.ripe.net/repository/DEFAULT/vdJEIU12Ro0_tyq60Yku8j3t6Xg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:53:de:7d:3f:31:3f:78:4b:f5:70:6d:80:94:a8:28:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdd244214d76468d3fb72abad1892ef23dede978
Validity
Not Before: Nov 22 12:35:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e814b4e6a18884ae0764f5257d4bd8f0279d0b8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:75:44:a6:c3:3d:cf:8f:b3:b9:67:e8:61:be:
de:bf:d3:64:54:f9:6a:57:eb:3c:b1:24:67:b9:f6:
d9:a2:8e:58:f6:8b:c3:c3:13:30:1f:9f:90:72:bc:
ba:15:4a:ef:57:25:af:e6:4c:b8:7f:7c:09:22:14:
a6:0c:65:eb:78:87:0a:f7:18:90:72:e4:c4:1f:e0:
96:95:a2:75:9a:f2:83:e4:80:d9:44:db:11:1c:50:
a1:05:d1:d3:b4:d7:40:ea:b1:57:2b:aa:66:50:e4:
46:b7:de:79:5c:f6:78:62:dc:7b:4c:f6:38:8f:ba:
0a:47:14:f6:3e:02:de:03:61:a2:14:be:5f:1b:12:
4d:bb:50:55:00:26:e8:08:5c:54:71:27:d3:5d:43:
6d:60:f4:43:c9:b8:9e:43:0e:d8:38:c1:53:1c:e8:
b3:43:83:73:c4:88:31:cc:3a:df:11:ff:ad:fa:d0:
24:a2:c5:d7:5c:2b:65:65:cd:ea:3b:27:c8:9d:d3:
b4:bf:dd:f1:7e:a6:84:c3:95:c1:aa:6b:f2:79:dd:
52:f0:e0:5d:1b:8e:e6:36:6e:e8:b7:03:c6:75:9d:
ed:14:25:65:26:41:5e:88:c5:d4:4d:53:6e:91:11:
69:58:e4:71:b2:ff:e2:94:8a:08:4a:93:2b:4b:ee:
1c:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:14:B4:E6:A1:88:84:AE:07:64:F5:25:7D:4B:D8:F0:27:9D:0B:8D
X509v3 Authority Key Identifier:
keyid:BD:D2:44:21:4D:76:46:8D:3F:B7:2A:BA:D1:89:2E:F2:3D:ED:E9:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vdJEIU12Ro0_tyq60Yku8j3t6Xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/6BS05qGIhK4HZPUlfUvY8CedC40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/vdJEIU12Ro0_tyq60Yku8j3t6Xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.10.128.0/17
46.126.0.0/15
46.140.0.0/16
62.2.0.0/16
77.56.0.0/14
80.218.0.0/15
81.7.224.0/19
84.20.32.0-84.20.55.255
84.72.0.0/14
178.82.0.0/15
194.29.0.0/19
195.202.192.0/18
212.47.160.0/19
213.193.64.0/18
217.162.0.0/16
217.168.32.0/19
IPv6:
2a00:e2c0::/32
2a02:aa00::/27
Signature Algorithm: sha256WithRSAEncryption
6f:51:c6:63:2f:de:c9:8e:df:e2:b8:e0:f4:9b:ab:8f:5d:50:
38:e6:7a:3d:97:c0:71:4c:b1:bf:2f:23:6f:fc:fa:4d:49:58:
bf:ea:17:4f:11:13:e4:cc:e6:3d:c7:e6:c5:69:87:f4:ce:f9:
83:05:ac:d9:26:d6:2f:0d:b5:56:e9:2d:71:06:b8:7a:9a:03:
ae:cd:77:5e:90:12:2c:a8:d8:d5:ec:c2:ac:3f:45:e0:70:63:
5e:dd:62:ac:6e:a2:fa:02:36:3d:87:d2:00:01:15:4a:8f:36:
14:64:b3:30:0c:cf:40:1c:43:ed:73:4d:18:73:e4:02:77:8d:
62:be:15:b6:22:b3:ea:5d:15:35:ad:84:38:38:d3:22:c8:9f:
bc:db:b5:c8:77:12:24:2e:d0:d2:4e:bb:cf:73:d8:59:71:75:
98:4a:3f:29:0d:4c:d5:05:92:d9:28:35:1f:63:74:05:40:10:
65:70:08:b0:25:3d:33:e0:8a:d5:19:80:6f:fa:8c:72:41:e7:
5f:02:6a:ac:78:15:96:c1:25:0c:7c:1d:e8:0f:3c:5f:d6:e1:
84:37:66:d7:16:4f:cd:c8:b8:95:c3:08:ad:92:d0:57:95:47:
1c:f3:83:fa:26:75:bd:d5:59:7a:bc:ea:49:de:53:c7:b3:75:
60:c2:4d:89
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAZNT3n0/MT94S/VwbYCUqCisMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZDI0NDIxNGQ3NjQ2OGQzZmI3MmFiYWQxODkyZWYyM2Rl
ZGU5NzgwHhcNMjQxMTIyMTIzNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODE0YjRlNmExODg4NGFlMDc2NGY1MjU3ZDRiZDhmMDI3OWQwYjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXVEpsM9z4+zuWfoYb7ev9NkVPlq
V+s8sSRnufbZoo5Y9ovDwxMwH5+Qcry6FUrvVyWv5ky4f3wJIhSmDGXreIcK9xiQ
cuTEH+CWlaJ1mvKD5IDZRNsRHFChBdHTtNdA6rFXK6pmUORGt955XPZ4Ytx7TPY4
j7oKRxT2PgLeA2GiFL5fGxJNu1BVACboCFxUcSfTXUNtYPRDybieQw7YOMFTHOiz
Q4NzxIgxzDrfEf+t+tAkosXXXCtlZc3qOyfIndO0v93xfqaEw5XBqmvyed1S8OBd
G47mNm7otwPGdZ3tFCVlJkFeiMXUTVNukRFpWORxsv/ilIoISpMrS+4c4wIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFOgUtOahiISuB2T1JX1L2PAnnQuNMB8GA1UdIwQY
MBaAFL3SRCFNdkaNP7cqutGJLvI97el4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmRKRUlVMTJSbzBfdHlxNjBZa3U4ajN0NlhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC83NTZlZWYtNjYyOS00NjNhLTk5ZmYt
NDZhNDNlZjAyMjFiLzEvNkJTMDVxR0loSzRIWlBVbGZVdlk4Q2VkQzQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC83NTZlZWYtNjYyOS00NjNhLTk5ZmYtNDZhNDNlZjAyMjFi
LzEvdmRKRUlVMTJSbzBfdHlxNjBZa3U4ajN0NlhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MGYEAgABMGADBAcfCoAD
AwEufgMDAC6MAwMAPgIDAwJNOAMDAVDaAwQFUQfgMAwDBAVUFCADBANUFDADAwJU
SAMDAbJSAwQFwh0AAwQGw8rAAwQF1C+gAwQG1cFAAwMA2aIDBAXZqCAwFAQCAAIw
DgMFACoA4sADBQUqAqoAMA0GCSqGSIb3DQEBCwUAA4IBAQBvUcZjL97Jjt/iuOD0
m6uPXVA45no9l8BxTLG/LyNv/PpNSVi/6hdPERPkzOY9x+bFaYf0zvmDBazZJtYv
DbVW6S1xBrh6mgOuzXdekBIsqNjV7MKsP0XgcGNe3WKsbqL6AjY9h9IAARVKjzYU
ZLMwDM9AHEPtc00Yc+QCd41ivhW2IrPqXRU1rYQ4ONMiyJ+827XIdxIkLtDSTrvP
c9hZcXWYSj8pDUzVBZLZKDUfY3QFQBBlcAiwJT0z4IrVGYBv+oxyQedfAmqseBWW
wSUMfB3oDzxf1uGEN2bXFk/NyLiVwwitktBXlUcc84P6JnW91Vl6vOpJ3lPHs3Vg
wk2J
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:39:31 2024 by rpki-client on console-fra.rpki-client.org