Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/0376a1-49d6-4a4d-8c2a-ed7915436b27/1/6N9wkEW1koHFgxAzyrBcLPMREUw.roa
File: 6N9wkEW1koHFgxAzyrBcLPMREUw.roa (raw, json)
Hash identifier: +nOmtODFCfRKL1IzVslTdVTItqGUEnG3IPgaKEnBZWw=
Subject key identifier: E8:DF:70:90:45:B5:92:81:C5:83:10:33:CA:B0:5C:2C:F3:11:11:4C
Certificate issuer: /CN=1501c845f13dd4ad6e9dae470d5ff69c5cca3771
Certificate serial: 018CC4930226E72814DDCD2BACC19074A867
Authority key identifier: 15:01:C8:45:F1:3D:D4:AD:6E:9D:AE:47:0D:5F:F6:9C:5C:CA:37:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FQHIRfE91K1una5HDV_2nFzKN3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/0376a1-49d6-4a4d-8c2a-ed7915436b27/1/6N9wkEW1koHFgxAzyrBcLPMREUw.roa
Signing time: Mon 01 Jan 2024 10:30:17 +0000
ROA not before: Mon 01 Jan 2024 10:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39636
IP address blocks: 46.233.128.0/18 maxlen: 18
94.74.0.0/18 maxlen: 18
89.184.96.0/19 maxlen: 19
89.184.118.0/24 maxlen: 24
185.182.116.0/22 maxlen: 22
2a01:8320::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/0376a1-49d6-4a4d-8c2a-ed7915436b27/1/FQHIRfE91K1una5HDV_2nFzKN3E.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/0376a1-49d6-4a4d-8c2a-ed7915436b27/1/FQHIRfE91K1una5HDV_2nFzKN3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/FQHIRfE91K1una5HDV_2nFzKN3E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 01:03:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:02:26:e7:28:14:dd:cd:2b:ac:c1:90:74:a8:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1501c845f13dd4ad6e9dae470d5ff69c5cca3771
Validity
Not Before: Jan 1 10:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e8df709045b59281c5831033cab05c2cf311114c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:f3:d7:d3:91:b2:27:04:dc:6b:46:aa:0f:90:
7f:7d:91:eb:b5:69:ca:a1:d0:d6:44:c5:4a:cf:68:
8e:e7:d5:14:96:5e:1e:68:06:0d:b9:eb:09:33:cf:
fb:6e:19:bd:f1:5e:12:dd:9b:bf:0e:eb:d6:ea:87:
c5:fa:5a:03:98:ee:68:f9:77:1f:37:6d:b2:96:59:
5c:e8:da:0f:bb:6e:73:6e:f6:57:87:58:fd:3b:70:
47:0d:b4:33:fa:16:68:c8:d5:7c:89:2c:df:b2:fd:
62:1e:80:26:9d:c8:c7:e2:73:4f:90:bb:d3:82:62:
b2:27:eb:0d:cc:54:43:4e:50:0b:3f:9a:91:5a:58:
d5:8f:fc:05:ed:3a:f5:63:6a:9d:c4:a5:a4:12:b0:
e7:a5:fc:67:4e:0e:0d:63:4f:d0:e0:92:e7:b9:e9:
e2:84:24:87:b3:02:11:49:1f:6b:ea:13:82:ed:d4:
fa:ba:12:1c:77:8b:35:51:d7:c4:2d:00:99:d0:5e:
cd:6a:32:53:d7:5a:95:27:80:38:5c:6f:e9:ee:dc:
14:55:e5:50:f4:04:80:1c:bf:c2:46:e3:09:bb:65:
64:cf:59:f1:9a:3f:c9:17:b2:c3:97:6e:6f:64:a0:
3f:6c:cb:27:9e:57:86:aa:1e:8a:d1:42:8a:2d:67:
c7:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:DF:70:90:45:B5:92:81:C5:83:10:33:CA:B0:5C:2C:F3:11:11:4C
X509v3 Authority Key Identifier:
keyid:15:01:C8:45:F1:3D:D4:AD:6E:9D:AE:47:0D:5F:F6:9C:5C:CA:37:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FQHIRfE91K1una5HDV_2nFzKN3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/0376a1-49d6-4a4d-8c2a-ed7915436b27/1/6N9wkEW1koHFgxAzyrBcLPMREUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/0376a1-49d6-4a4d-8c2a-ed7915436b27/1/FQHIRfE91K1una5HDV_2nFzKN3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.233.128.0/18
89.184.96.0/19
94.74.0.0/18
185.182.116.0/22
IPv6:
2a01:8320::/32
Signature Algorithm: sha256WithRSAEncryption
b4:13:0b:bc:95:3f:27:0a:92:1a:67:11:28:30:6a:a1:1e:27:
51:62:27:c4:89:53:52:ed:8b:9d:a3:a2:53:4f:86:98:12:01:
42:36:e5:84:5b:06:ee:b8:c7:89:3d:a7:77:c3:a7:cd:3f:d3:
b9:ae:4d:cb:d5:25:03:1d:c6:f8:fe:13:9d:ba:bd:89:2c:0d:
c1:4c:26:3a:4f:ae:22:6c:7f:fc:83:3b:24:bf:28:69:14:3c:
b9:5f:c2:b6:4c:d6:bb:50:1d:e7:0a:da:79:1a:d6:de:95:fb:
37:54:40:86:04:b3:d3:ca:4e:85:8d:62:e9:54:1e:a6:aa:f5:
6a:8e:85:dc:83:35:18:ee:6a:e4:eb:11:93:cb:eb:c7:6e:4e:
96:c6:d5:e7:e6:b8:f2:81:22:d8:27:93:bc:d8:57:04:b8:1f:
fb:b4:82:e1:90:21:4b:61:f3:ff:de:a4:bd:78:b2:c3:a0:91:
65:a5:12:47:c6:6f:57:a2:6d:97:a2:94:81:ae:60:01:ec:9a:
b5:d8:ae:b8:d1:2c:d9:a3:f0:f1:1d:9e:59:ff:c0:6b:fe:fc:
cb:26:1f:4e:6c:4b:08:d7:70:91:e7:4c:02:ae:fa:bb:9f:ff:
b3:95:c1:59:19:2c:58:a2:69:1c:34:3d:fa:2d:05:06:b8:9e:
51:31:e2:1a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzEkwIm5ygU3c0rrMGQdKhnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MDFjODQ1ZjEzZGQ0YWQ2ZTlkYWU0NzBkNWZmNjljNWNj
YTM3NzEwHhcNMjQwMTAxMTAzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGRmNzA5MDQ1YjU5MjgxYzU4MzEwMzNjYWIwNWMyY2YzMTExMTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfPX05GyJwTca0aqD5B/fZHrtWnK
odDWRMVKz2iO59UUll4eaAYNuesJM8/7bhm98V4S3Zu/DuvW6ofF+loDmO5o+Xcf
N22ylllc6NoPu25zbvZXh1j9O3BHDbQz+hZoyNV8iSzfsv1iHoAmncjH4nNPkLvT
gmKyJ+sNzFRDTlALP5qRWljVj/wF7Tr1Y2qdxKWkErDnpfxnTg4NY0/Q4JLnueni
hCSHswIRSR9r6hOC7dT6uhIcd4s1UdfELQCZ0F7NajJT11qVJ4A4XG/p7twUVeVQ
9ASAHL/CRuMJu2Vkz1nxmj/JF7LDl25vZKA/bMsnnleGqh6K0UKKLWfHZQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFOjfcJBFtZKBxYMQM8qwXCzzERFMMB8GA1UdIwQY
MBaAFBUByEXxPdStbp2uRw1f9pxcyjdxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlFISVJmRTkxSzF1bmE1SERWXzJuRnpLTjNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8wMzc2YTEtNDlkNi00YTRkLThjMmEt
ZWQ3OTE1NDM2YjI3LzEvNk45d2tFVzFrb0hGZ3hBenlyQmNMUE1SRVV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8wMzc2YTEtNDlkNi00YTRkLThjMmEtZWQ3OTE1NDM2YjI3
LzEvRlFISVJmRTkxSzF1bmE1SERWXzJuRnpLTjNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGLumAAwQF
WbhgAwQGXkoAAwQCubZ0MA0EAgACMAcDBQAqAYMgMA0GCSqGSIb3DQEBCwUAA4IB
AQC0Ewu8lT8nCpIaZxEoMGqhHidRYifEiVNS7Yudo6JTT4aYEgFCNuWEWwbuuMeJ
Pad3w6fNP9O5rk3L1SUDHcb4/hOdur2JLA3BTCY6T64ibH/8gzskvyhpFDy5X8K2
TNa7UB3nCtp5Gtbelfs3VECGBLPTyk6FjWLpVB6mqvVqjoXcgzUY7mrk6xGTy+vH
bk6WxtXn5rjygSLYJ5O82FcEuB/7tILhkCFLYfP/3qS9eLLDoJFlpRJHxm9Xom2X
opSBrmAB7Jq12K640SzZo/DxHZ5Z/8Br/vzLJh9ObEsI13CR50wCrvq7n/+zlcFZ
GSxYomkcND36LQUGuJ5RMeIa
-----END CERTIFICATE-----
Generated at Thu May 9 11:57:01 2024 by rpki-client on console-fra.rpki-client.org