Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/6BoLlA67BYUvZPflyfDb2uUxvFw.roa
File: 6BoLlA67BYUvZPflyfDb2uUxvFw.roa (raw, json)
Hash identifier: hkkRuv8H9R08oYT5ZnLzIpGrkgp8SEgQd7dtS6pBNBI=
Subject key identifier: E8:1A:0B:94:0E:BB:05:85:2F:64:F7:E5:C9:F0:DB:DA:E5:31:BC:5C
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018CC802F024FD549971AC3131636D5E4B32
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/6BoLlA67BYUvZPflyfDb2uUxvFw.roa
Signing time: Tue 02 Jan 2024 02:31:24 +0000
ROA not before: Tue 02 Jan 2024 02:31:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48803
IP address blocks: 194.68.117.0/24 maxlen: 24
194.132.224.0/22 maxlen: 22
193.183.212.0/22 maxlen: 22
194.132.228.0/22 maxlen: 22
193.234.108.0/22 maxlen: 22
193.183.250.0/23 maxlen: 23
193.183.148.0/22 maxlen: 22
193.183.192.0/22 maxlen: 22
193.234.72.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 May 2024 05:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:f0:24:fd:54:99:71:ac:31:31:63:6d:5e:4b:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 02:31:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e81a0b940ebb05852f64f7e5c9f0dbdae531bc5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:fa:30:bc:82:b1:44:99:44:74:d5:aa:00:f8:
6c:50:8d:b9:2f:48:34:bd:ef:d4:14:b9:26:61:0c:
74:65:7c:95:b3:29:64:7d:83:38:ae:12:4d:37:12:
3c:e2:8c:8f:17:5b:40:27:88:36:21:84:68:a2:3b:
15:7a:be:d2:57:f0:9a:bf:8d:e2:5c:32:3a:22:e7:
96:0f:2f:de:75:82:9c:19:5e:d4:4f:df:17:a4:44:
15:ce:ec:47:89:e7:a9:93:52:75:d3:70:e3:40:97:
ff:67:4a:0b:c0:9b:f6:88:e5:b7:12:38:20:3b:7a:
fa:33:9e:5c:d0:ea:64:1a:6d:6e:e7:de:b6:6d:0b:
d2:c5:08:d5:92:67:cb:b3:b8:14:d9:b3:c4:2c:8b:
1c:0e:0c:4d:87:8d:4b:6a:3c:d3:2e:2d:93:6c:8c:
a9:a0:c4:7e:f0:d0:ac:ee:07:55:48:fb:f6:f8:ee:
62:fa:5b:8f:03:88:56:9b:7d:2e:50:49:3d:5b:5d:
fd:2d:45:5f:8c:19:a5:1c:4f:63:af:d4:fd:62:60:
36:21:13:c0:56:4c:80:97:0b:44:20:d6:90:7a:1d:
15:d5:8d:c5:04:9c:03:75:fe:0a:f4:49:90:2d:26:
0b:ad:44:aa:71:e3:bf:ce:90:b0:6e:47:0a:55:c2:
6b:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:1A:0B:94:0E:BB:05:85:2F:64:F7:E5:C9:F0:DB:DA:E5:31:BC:5C
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/6BoLlA67BYUvZPflyfDb2uUxvFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.183.148.0/22
193.183.192.0/22
193.183.212.0/22
193.183.250.0/23
193.234.72.0/22
193.234.108.0/22
194.68.117.0/24
194.132.224.0/21
Signature Algorithm: sha256WithRSAEncryption
c1:d6:05:2b:2e:81:f3:f5:f4:57:2d:4d:e4:80:38:d0:b2:35:
17:a7:46:28:c1:1f:b0:2d:e5:96:71:9a:cf:b7:62:8c:28:41:
fd:67:01:ff:85:b1:93:61:4b:36:ab:b4:7e:6f:e3:ac:c3:c2:
fb:e0:1c:fb:13:70:33:51:0b:0f:29:91:b0:4b:94:3f:cc:5a:
7b:f5:87:bb:68:1b:0f:21:53:dd:ed:cd:9b:1a:01:6a:b5:00:
07:1c:37:14:30:1a:2c:2d:03:f0:f4:9f:6a:bf:a2:5b:4c:52:
8e:26:81:d4:59:e3:dc:7d:1c:4c:a4:b2:96:0d:04:c5:59:4b:
fb:ef:9e:3b:d4:0b:e2:95:94:6b:08:1a:f3:69:05:a9:ed:49:
c8:43:35:8f:4b:f7:69:d6:71:f8:dc:05:fe:44:ad:5f:79:0e:
f0:66:ce:82:64:12:01:e1:f0:b9:83:14:a7:4b:74:e3:99:fd:
d5:6e:3c:d4:99:ce:ef:6c:bc:0f:b5:ae:2c:c6:1d:5e:4c:26:
d3:2e:87:8b:0b:f6:33:a3:6f:4e:af:c5:65:51:e9:1c:20:a5:
f4:e5:6e:5d:81:bd:6f:57:89:72:a7:47:b5:d5:43:4f:a6:58:
95:3e:e5:f8:a3:90:1a:ba:8c:aa:24:f2:38:d3:0f:70:8d:c4:
b7:e9:4b:35
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzIAvAk/VSZcawxMWNtXksyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMTAyMDIzMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODFhMGI5NDBlYmIwNTg1MmY2NGY3ZTVjOWYwZGJkYWU1MzFiYzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPowvIKxRJlEdNWqAPhsUI25L0g0
ve/UFLkmYQx0ZXyVsylkfYM4rhJNNxI84oyPF1tAJ4g2IYRoojsVer7SV/Cav43i
XDI6IueWDy/edYKcGV7UT98XpEQVzuxHieepk1J103DjQJf/Z0oLwJv2iOW3Ejgg
O3r6M55c0OpkGm1u5962bQvSxQjVkmfLs7gU2bPELIscDgxNh41LajzTLi2TbIyp
oMR+8NCs7gdVSPv2+O5i+luPA4hWm30uUEk9W139LUVfjBmlHE9jr9T9YmA2IRPA
VkyAlwtEINaQeh0V1Y3FBJwDdf4K9EmQLSYLrUSqceO/zpCwbkcKVcJrCQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFOgaC5QOuwWFL2T35cnw29rlMbxcMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvNkJvTGxBNjdCWVV2WlBmbHlmRGIydVV4dkZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCwbeUAwQC
wbfAAwQCwbfUAwQBwbf6AwQCwepIAwQCwepsAwQAwkR1AwQDwoTgMA0GCSqGSIb3
DQEBCwUAA4IBAQDB1gUrLoHz9fRXLU3kgDjQsjUXp0YowR+wLeWWcZrPt2KMKEH9
ZwH/hbGTYUs2q7R+b+Osw8L74Bz7E3AzUQsPKZGwS5Q/zFp79Ye7aBsPIVPd7c2b
GgFqtQAHHDcUMBosLQPw9J9qv6JbTFKOJoHUWePcfRxMpLKWDQTFWUv775471Avi
lZRrCBrzaQWp7UnIQzWPS/dp1nH43AX+RK1feQ7wZs6CZBIB4fC5gxSnS3Tjmf3V
bjzUmc7vbLwPta4sxh1eTCbTLoeLC/Yzo29Or8VlUekcIKX05W5dgb1vV4lyp0e1
1UNPpliVPuX4o5AauoyqJPI40w9wjcS36Us1
-----END CERTIFICATE-----
Generated at Sat May 25 09:13:22 2024 by rpki-client on console-fra.rpki-client.org