Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/6O23vnLv_8v6I4ezbgtrh04M2Fo.roa
File: 6O23vnLv_8v6I4ezbgtrh04M2Fo.roa (raw, json)
Hash identifier: B+zN20XJfaCN3vCj0iFGb7SfEPZ+3u0DQSrgTDI7XeM=
Subject key identifier: E8:ED:B7:BE:72:EF:FF:CB:FA:23:87:B3:6E:0B:6B:87:4E:0C:D8:5A
Certificate issuer: /CN=217b7ab062bc828b348d05306e65354748b9d6d6
Certificate serial: 018CC9BC14B0CDE7E41239B96102149B41D7
Authority key identifier: 21:7B:7A:B0:62:BC:82:8B:34:8D:05:30:6E:65:35:47:48:B9:D6:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IXt6sGK8gos0jQUwbmU1R0i51tY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/6O23vnLv_8v6I4ezbgtrh04M2Fo.roa
Signing time: Tue 02 Jan 2024 10:33:15 +0000
ROA not before: Tue 02 Jan 2024 10:33:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212982
IP address blocks: 146.19.59.0/24 maxlen: 24
91.219.23.0/24 maxlen: 24
91.219.23.32/27 maxlen: 27
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/IXt6sGK8gos0jQUwbmU1R0i51tY.crl
rsync://rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/IXt6sGK8gos0jQUwbmU1R0i51tY.mft
rsync://rpki.ripe.net/repository/DEFAULT/IXt6sGK8gos0jQUwbmU1R0i51tY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 05:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:14:b0:cd:e7:e4:12:39:b9:61:02:14:9b:41:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=217b7ab062bc828b348d05306e65354748b9d6d6
Validity
Not Before: Jan 2 10:33:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e8edb7be72efffcbfa2387b36e0b6b874e0cd85a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:0a:85:51:26:0c:66:12:ed:60:99:a3:45:a8:
10:97:f7:a3:b4:be:d7:29:71:b4:97:35:83:eb:eb:
57:5d:6a:40:13:73:bf:8a:d7:9e:30:84:c2:27:46:
d4:6a:cb:70:1f:12:d7:ce:1c:76:44:3b:92:ce:c8:
07:24:b8:27:26:a1:0d:af:f1:47:1b:af:c5:a4:f8:
e6:bd:32:28:36:ea:49:7b:58:75:17:9d:44:6c:3e:
f0:3b:ad:ba:f8:2a:60:8b:a6:e7:5c:54:a7:25:3b:
ab:06:e1:a2:75:d4:30:c2:a0:bf:74:b5:9e:50:c3:
31:79:6b:50:91:5b:3a:30:d1:ce:ca:14:2f:f5:24:
a5:99:75:67:d7:e8:de:e1:f6:8c:39:e3:75:69:71:
c2:27:5f:52:62:0c:a5:08:02:95:3d:72:27:33:9f:
b4:b8:d6:63:b1:57:d1:20:24:d3:34:62:1a:75:f8:
89:61:e2:71:09:75:2f:39:33:4f:7d:3f:f2:1e:3b:
13:06:36:52:88:2a:44:b7:8b:a3:94:27:58:3e:bc:
04:63:34:fa:d0:28:6d:51:96:a9:9c:87:9e:ce:de:
32:89:35:48:4d:24:d0:6f:58:01:4e:3f:f3:b8:a6:
8a:25:44:68:f1:e0:44:73:00:11:df:72:35:4e:db:
3d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:ED:B7:BE:72:EF:FF:CB:FA:23:87:B3:6E:0B:6B:87:4E:0C:D8:5A
X509v3 Authority Key Identifier:
keyid:21:7B:7A:B0:62:BC:82:8B:34:8D:05:30:6E:65:35:47:48:B9:D6:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IXt6sGK8gos0jQUwbmU1R0i51tY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/6O23vnLv_8v6I4ezbgtrh04M2Fo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/a8dadc-611b-4063-adb6-55b659cd82bb/1/IXt6sGK8gos0jQUwbmU1R0i51tY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.23.0/24
146.19.59.0/24
Signature Algorithm: sha256WithRSAEncryption
78:e7:3e:b0:36:1d:c7:f7:63:11:1d:f0:11:80:fd:a6:22:7a:
cb:53:f6:d1:a8:f1:c2:15:97:a5:41:6a:f9:75:1f:b1:77:2f:
4c:1f:0c:a4:8f:a3:a2:00:e1:50:1f:2c:b0:5b:3d:5f:a5:58:
af:8b:11:64:0d:d0:c8:14:60:8c:ad:9c:89:e3:17:8d:06:7b:
86:64:30:56:99:7e:1b:1c:b5:b0:10:f3:84:e0:4f:9a:3c:51:
fe:07:8a:ba:ea:3d:c5:a2:a9:21:e2:a7:5c:d6:f9:e8:ea:51:
a9:50:3c:9c:2d:17:21:33:2e:e0:5b:58:ca:fa:cf:c7:d2:e7:
fc:df:a7:09:f3:3c:a4:9a:c4:0e:00:dd:82:8a:21:46:aa:b3:
ea:7d:6c:71:8a:cd:13:5f:40:ed:ed:9c:fc:f6:f5:a0:a1:fd:
cc:0e:32:65:9b:5a:c3:3a:79:1d:90:89:f2:4a:ef:e4:f1:18:
c1:71:93:52:cd:1f:c6:3d:86:6d:48:0e:88:20:63:e6:72:2a:
44:d8:c7:cc:f1:3f:65:e5:1b:d9:6f:40:6a:03:d4:87:e7:44:
a2:62:ea:ae:3d:cf:38:28:72:c7:d3:c2:9c:9d:bd:82:4b:6a:
0f:6d:e5:44:39:95:f1:c7:02:1b:39:34:6e:9e:36:44:03:ff:
b5:f6:90:84
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJvBSwzefkEjm5YQIUm0HXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxN2I3YWIwNjJiYzgyOGIzNDhkMDUzMDZlNjUzNTQ3NDhi
OWQ2ZDYwHhcNMjQwMTAyMTAzMzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGVkYjdiZTcyZWZmZmNiZmEyMzg3YjM2ZTBiNmI4NzRlMGNkODVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0gqFUSYMZhLtYJmjRagQl/ejtL7X
KXG0lzWD6+tXXWpAE3O/iteeMITCJ0bUastwHxLXzhx2RDuSzsgHJLgnJqENr/FH
G6/FpPjmvTIoNupJe1h1F51EbD7wO626+Cpgi6bnXFSnJTurBuGiddQwwqC/dLWe
UMMxeWtQkVs6MNHOyhQv9SSlmXVn1+je4faMOeN1aXHCJ19SYgylCAKVPXInM5+0
uNZjsVfRICTTNGIadfiJYeJxCXUvOTNPfT/yHjsTBjZSiCpEt4ujlCdYPrwEYzT6
0ChtUZapnIeezt4yiTVITSTQb1gBTj/zuKaKJURo8eBEcwAR33I1Tts9IQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOjtt75y7//L+iOHs24La4dODNhaMB8GA1UdIwQY
MBaAFCF7erBivIKLNI0FMG5lNUdIudbWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVh0NnNHSzhnb3MwalFVd2JtVTFSMGk1MXRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9hOGRhZGMtNjExYi00MDYzLWFkYjYt
NTViNjU5Y2Q4MmJiLzEvNk8yM3ZuTHZfOHY2STRlemJndHJoMDRNMkZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9hOGRhZGMtNjExYi00MDYzLWFkYjYtNTViNjU5Y2Q4MmJi
LzEvSVh0NnNHSzhnb3MwalFVd2JtVTFSMGk1MXRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9sXAwQA
khM7MA0GCSqGSIb3DQEBCwUAA4IBAQB45z6wNh3H92MRHfARgP2mInrLU/bRqPHC
FZelQWr5dR+xdy9MHwykj6OiAOFQHyywWz1fpVivixFkDdDIFGCMrZyJ4xeNBnuG
ZDBWmX4bHLWwEPOE4E+aPFH+B4q66j3Foqkh4qdc1vno6lGpUDycLRchMy7gW1jK
+s/H0uf836cJ8zykmsQOAN2CiiFGqrPqfWxxis0TX0Dt7Zz89vWgof3MDjJlm1rD
OnkdkInySu/k8RjBcZNSzR/GPYZtSA6IIGPmcipE2MfM8T9l5RvZb0BqA9SH50Si
YuquPc84KHLH08Kcnb2CS2oPbeVEOZXxxwIbOTRunjZEA/+19pCE
-----END CERTIFICATE-----
Generated at Sat May 18 14:43:16 2024 by rpki-client on console-ams.rpki-client.org