Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/f8434c-0230-4adf-bd00-2829aa3df258/1/Q6S67dUtQlrlYptIoghLLcauLms.roa
File: Q6S67dUtQlrlYptIoghLLcauLms.roa (raw, json)
Hash identifier: LdBMFn1GdF4yFbRHb1cfXRR//0d9C25uFjgCDDJn5BE=
Subject key identifier: 43:A4:BA:ED:D5:2D:42:5A:E5:62:9B:48:A2:08:4B:2D:C6:AE:2E:6B
Certificate issuer: /CN=9c52b6a051471bec51db74d7256e7a30a55ecf1a
Certificate serial: 018CC64B87657E037A0AE6097B9265EC47FF
Authority key identifier: 9C:52:B6:A0:51:47:1B:EC:51:DB:74:D7:25:6E:7A:30:A5:5E:CF:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nFK2oFFHG-xR23TXJW56MKVezxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/f8434c-0230-4adf-bd00-2829aa3df258/1/Q6S67dUtQlrlYptIoghLLcauLms.roa
Signing time: Mon 01 Jan 2024 18:31:27 +0000
ROA not before: Mon 01 Jan 2024 18:31:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204386
IP address blocks: 185.250.159.0/24 maxlen: 24
185.250.156.0/24 maxlen: 24
185.250.157.0/24 maxlen: 24
185.250.158.0/24 maxlen: 24
185.250.156.0/22 maxlen: 22
185.251.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/f8434c-0230-4adf-bd00-2829aa3df258/1/nFK2oFFHG-xR23TXJW56MKVezxo.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/f8434c-0230-4adf-bd00-2829aa3df258/1/nFK2oFFHG-xR23TXJW56MKVezxo.mft
rsync://rpki.ripe.net/repository/DEFAULT/nFK2oFFHG-xR23TXJW56MKVezxo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:87:65:7e:03:7a:0a:e6:09:7b:92:65:ec:47:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c52b6a051471bec51db74d7256e7a30a55ecf1a
Validity
Not Before: Jan 1 18:31:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43a4baedd52d425ae5629b48a2084b2dc6ae2e6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c4:ed:ff:0f:b3:f4:d1:63:21:54:f9:f2:77:
39:4c:86:94:94:aa:89:29:f4:57:ad:60:15:67:52:
a2:1b:08:ff:72:6f:1f:5c:f6:0c:e4:eb:4d:ce:05:
f9:fc:2d:fb:8f:cb:10:e9:f4:45:55:d9:fe:e0:a9:
f8:23:17:ad:3e:5a:30:1d:ca:d3:ae:2b:8c:26:a6:
38:b8:ae:2c:20:60:e4:35:13:08:6d:a4:e2:29:ae:
5c:8d:71:fd:61:e3:32:6d:f3:cf:a3:c5:60:f2:8f:
43:69:06:98:91:54:18:28:f2:ef:66:16:85:c5:92:
e3:13:d0:1c:85:9c:5d:bd:ab:41:f7:88:f8:af:56:
77:67:94:1a:32:25:82:65:5a:1c:ad:b9:91:50:2e:
03:f8:96:f7:d2:c0:98:9f:99:ff:49:0a:93:d8:43:
bf:77:96:7c:6b:04:78:aa:56:5c:d4:6d:b0:6f:04:
45:4d:37:0e:ac:d7:9a:b9:06:0d:f7:10:99:9c:1d:
fa:31:f4:00:65:e2:63:12:38:48:6e:b9:aa:8b:76:
21:97:8f:08:98:c1:da:e7:9d:fd:0f:9f:5e:d9:2c:
a7:69:9d:9d:34:85:45:6b:d7:e0:08:31:7e:b6:0e:
10:7d:b9:e5:41:8a:b5:e7:ee:81:8a:62:63:28:31:
58:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:A4:BA:ED:D5:2D:42:5A:E5:62:9B:48:A2:08:4B:2D:C6:AE:2E:6B
X509v3 Authority Key Identifier:
keyid:9C:52:B6:A0:51:47:1B:EC:51:DB:74:D7:25:6E:7A:30:A5:5E:CF:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nFK2oFFHG-xR23TXJW56MKVezxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f8434c-0230-4adf-bd00-2829aa3df258/1/Q6S67dUtQlrlYptIoghLLcauLms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f8434c-0230-4adf-bd00-2829aa3df258/1/nFK2oFFHG-xR23TXJW56MKVezxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.156.0/22
185.251.26.0/24
Signature Algorithm: sha256WithRSAEncryption
52:6a:e5:ee:01:21:e6:03:f6:c0:b8:70:58:7e:06:e9:72:a3:
01:0a:23:35:17:f9:90:9e:fb:ef:a1:09:3b:88:29:b8:cc:a3:
2e:cf:ce:50:93:c0:94:fa:88:6e:41:ec:d2:e0:0c:db:89:85:
69:93:15:82:68:72:7b:4a:13:07:2c:3b:70:60:a5:30:68:74:
88:82:61:bd:0a:98:9c:bf:54:d7:12:b3:62:4d:ea:d6:d3:d0:
83:e5:2f:6c:5b:36:3e:a5:fc:ed:66:38:b3:d6:e1:af:6b:dd:
40:2d:19:11:68:2b:47:5b:dc:32:fd:44:75:0c:b1:92:79:5d:
14:32:f9:2e:cd:b4:03:c8:9d:d9:b2:ed:dd:ba:7c:07:2e:88:
db:bd:7c:7d:a0:00:44:91:9b:3f:7f:c8:93:ef:9a:39:8c:76:
d9:3c:7f:42:5d:9c:e5:a8:c3:bd:0b:33:9b:46:b5:b9:4e:ea:
5f:3e:b1:72:1e:58:7a:a9:68:31:bf:2f:87:99:06:9d:c7:ba:
9e:a6:30:3d:9d:64:07:1a:a2:b5:a7:77:f5:d2:59:33:e7:e2:
f1:4d:b7:16:2d:8d:43:fd:b3:90:bd:03:6d:a9:9c:6a:b1:71:
d1:99:c1:c1:2f:d1:87:28:90:42:a2:eb:04:42:b0:73:c1:2a:
3f:52:03:df
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGS4dlfgN6CuYJe5Jl7Ef/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNTJiNmEwNTE0NzFiZWM1MWRiNzRkNzI1NmU3YTMwYTU1
ZWNmMWEwHhcNMjQwMTAxMTgzMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2E0YmFlZGQ1MmQ0MjVhZTU2MjliNDhhMjA4NGIyZGM2YWUyZTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsTt/w+z9NFjIVT58nc5TIaUlKqJ
KfRXrWAVZ1KiGwj/cm8fXPYM5OtNzgX5/C37j8sQ6fRFVdn+4Kn4IxetPlowHcrT
riuMJqY4uK4sIGDkNRMIbaTiKa5cjXH9YeMybfPPo8Vg8o9DaQaYkVQYKPLvZhaF
xZLjE9AchZxdvatB94j4r1Z3Z5QaMiWCZVocrbmRUC4D+Jb30sCYn5n/SQqT2EO/
d5Z8awR4qlZc1G2wbwRFTTcOrNeauQYN9xCZnB36MfQAZeJjEjhIbrmqi3Yhl48I
mMHa5539D59e2SynaZ2dNIVFa9fgCDF+tg4QfbnlQYq15+6BimJjKDFYjwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEOkuu3VLUJa5WKbSKIISy3Gri5rMB8GA1UdIwQY
MBaAFJxStqBRRxvsUdt01yVuejClXs8aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkZLMm9GRkhHLXhSMjNUWEpXNTZNS1ZlenhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9mODQzNGMtMDIzMC00YWRmLWJkMDAt
MjgyOWFhM2RmMjU4LzEvUTZTNjdkVXRRbHJsWXB0SW9naExMY2F1TG1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9mODQzNGMtMDIzMC00YWRmLWJkMDAtMjgyOWFhM2RmMjU4
LzEvbkZLMm9GRkhHLXhSMjNUWEpXNTZNS1ZlenhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCufqcAwQA
ufsaMA0GCSqGSIb3DQEBCwUAA4IBAQBSauXuASHmA/bAuHBYfgbpcqMBCiM1F/mQ
nvvvoQk7iCm4zKMuz85Qk8CU+ohuQezS4AzbiYVpkxWCaHJ7ShMHLDtwYKUwaHSI
gmG9Cpicv1TXErNiTerW09CD5S9sWzY+pfztZjiz1uGva91ALRkRaCtHW9wy/UR1
DLGSeV0UMvkuzbQDyJ3Zsu3dunwHLojbvXx9oABEkZs/f8iT75o5jHbZPH9CXZzl
qMO9CzObRrW5TupfPrFyHlh6qWgxvy+HmQadx7qepjA9nWQHGqK1p3f10lkz5+Lx
TbcWLY1D/bOQvQNtqZxqsXHRmcHBL9GHKJBCousEQrBzwSo/UgPf
-----END CERTIFICATE-----
Generated at Fri Jun 7 18:51:29 2024 by rpki-client on console-fra.rpki-client.org