Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/e1c373-64f8-4226-9044-81095a13b9de/1/6NxIFhx5I7B_JVz4rmKBmbyzmPo.roa
File: 6NxIFhx5I7B_JVz4rmKBmbyzmPo.roa (raw, json)
Hash identifier: Vv47UczzSAFfIlJT73A4u1K0gPpsGktp/JHyWuEfQEU=
Subject key identifier: E8:DC:48:16:1C:79:23:B0:7F:25:5C:F8:AE:62:81:99:BC:B3:98:FA
Certificate issuer: /CN=8293905afa134944f0630c949f3abda40646dac1
Certificate serial: 018CC64B80511655F16E3DECC5C65740AC25
Authority key identifier: 82:93:90:5A:FA:13:49:44:F0:63:0C:94:9F:3A:BD:A4:06:46:DA:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gpOQWvoTSUTwYwyUnzq9pAZG2sE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/e1c373-64f8-4226-9044-81095a13b9de/1/6NxIFhx5I7B_JVz4rmKBmbyzmPo.roa
Signing time: Mon 01 Jan 2024 18:31:25 +0000
ROA not before: Mon 01 Jan 2024 18:31:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201333
IP address blocks: 194.156.8.0/22 maxlen: 24
185.78.48.0/22 maxlen: 24
193.243.184.0/24 maxlen: 24
185.54.212.0/22 maxlen: 24
45.11.116.0/22 maxlen: 24
2a02:4720::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/e1c373-64f8-4226-9044-81095a13b9de/1/gpOQWvoTSUTwYwyUnzq9pAZG2sE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/e1c373-64f8-4226-9044-81095a13b9de/1/gpOQWvoTSUTwYwyUnzq9pAZG2sE.mft
rsync://rpki.ripe.net/repository/DEFAULT/gpOQWvoTSUTwYwyUnzq9pAZG2sE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:01:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:80:51:16:55:f1:6e:3d:ec:c5:c6:57:40:ac:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8293905afa134944f0630c949f3abda40646dac1
Validity
Not Before: Jan 1 18:31:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e8dc48161c7923b07f255cf8ae628199bcb398fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:0c:c7:e7:d9:64:cf:57:9a:b9:1a:3f:1f:7f:
be:c3:ae:7c:a6:e3:05:e6:7d:81:f5:47:03:67:d9:
f4:23:3e:07:6b:cd:91:63:ab:11:3d:9a:99:76:27:
ba:49:6d:a1:76:5c:01:db:06:44:cc:9c:ed:61:7f:
f0:36:9a:3a:3f:2f:e8:6f:4b:b1:fc:60:10:57:39:
02:66:a2:88:34:4a:d0:6d:b2:a0:52:e9:d9:4e:6f:
ae:fb:d2:3f:9c:4f:42:7d:00:13:21:b1:91:8a:60:
f0:06:8d:73:d2:79:21:1a:9f:67:d3:cf:26:23:02:
86:4b:0b:03:1e:9d:fc:3e:66:aa:70:fd:81:48:b2:
7c:e9:3a:a8:f2:dd:f3:15:84:6d:dc:d2:9e:28:f6:
c9:7e:da:a5:f7:01:ea:ad:71:a4:88:fe:3f:a0:c7:
3c:52:65:5b:87:0e:44:2b:2b:1e:b8:fe:6e:c1:9b:
73:3b:a5:ee:6b:d6:38:45:99:dd:96:04:76:af:1a:
43:1f:45:fb:1b:78:98:83:25:28:63:18:e3:08:a9:
63:9e:4b:0b:da:33:dc:4f:4b:99:bd:82:5a:a4:51:
e4:8f:71:50:c5:5c:4f:02:d1:15:37:bd:d7:65:ab:
f1:dc:ae:7b:1b:50:ba:ee:cc:f0:d3:89:aa:18:99:
ec:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:DC:48:16:1C:79:23:B0:7F:25:5C:F8:AE:62:81:99:BC:B3:98:FA
X509v3 Authority Key Identifier:
keyid:82:93:90:5A:FA:13:49:44:F0:63:0C:94:9F:3A:BD:A4:06:46:DA:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gpOQWvoTSUTwYwyUnzq9pAZG2sE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/e1c373-64f8-4226-9044-81095a13b9de/1/6NxIFhx5I7B_JVz4rmKBmbyzmPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/e1c373-64f8-4226-9044-81095a13b9de/1/gpOQWvoTSUTwYwyUnzq9pAZG2sE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.116.0/22
185.54.212.0/22
185.78.48.0/22
193.243.184.0/24
194.156.8.0/22
IPv6:
2a02:4720::/29
Signature Algorithm: sha256WithRSAEncryption
94:0f:cf:0d:3f:3f:2f:f2:98:43:68:a6:2b:55:c7:1d:9b:78:
99:f9:64:63:f6:01:4b:05:6b:0d:e0:6a:3e:69:ab:a9:7c:5b:
61:57:bf:1d:44:4b:9f:0a:eb:54:98:24:56:9f:7f:3b:ae:1d:
52:bf:95:32:ac:05:29:ab:2d:91:0d:6f:21:02:99:e6:5e:2a:
f9:1a:7d:87:4d:8e:6c:7e:22:83:0b:ab:d6:01:51:66:66:9c:
53:35:51:e5:f3:34:f0:c7:0f:36:86:42:3d:e3:bb:ac:61:84:
29:2e:53:a2:f1:9b:98:9e:48:b0:c4:3b:2c:36:9e:4a:6d:65:
b5:95:70:1e:37:39:50:3a:6b:a3:4a:c5:9c:71:29:a5:6b:44:
8c:a5:55:6d:f6:6a:b9:4d:c2:1a:ab:3a:6d:80:be:7b:da:40:
aa:10:53:8d:68:83:d4:07:64:41:3f:49:b6:31:c5:ad:2d:19:
ee:ca:f4:03:30:8b:98:93:0b:d6:67:f2:02:3d:43:2e:03:88:
fa:b0:cc:a7:de:49:ab:54:d7:4e:31:9a:46:67:bc:81:63:7b:
17:77:03:c3:50:4a:46:5f:0b:67:6a:86:4a:f6:18:a6:5e:a9:
57:dc:4c:fd:26:08:7b:25:cb:58:c7:4e:f0:59:08:de:8d:54:
76:33:61:86
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzGS4BRFlXxbj3sxcZXQKwlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyOTM5MDVhZmExMzQ5NDRmMDYzMGM5NDlmM2FiZGE0MDY0
NmRhYzEwHhcNMjQwMTAxMTgzMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGRjNDgxNjFjNzkyM2IwN2YyNTVjZjhhZTYyODE5OWJjYjM5OGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5QzH59lkz1eauRo/H3++w658puMF
5n2B9UcDZ9n0Iz4Ha82RY6sRPZqZdie6SW2hdlwB2wZEzJztYX/wNpo6Py/ob0ux
/GAQVzkCZqKINErQbbKgUunZTm+u+9I/nE9CfQATIbGRimDwBo1z0nkhGp9n088m
IwKGSwsDHp38PmaqcP2BSLJ86Tqo8t3zFYRt3NKeKPbJftql9wHqrXGkiP4/oMc8
UmVbhw5EKyseuP5uwZtzO6Xua9Y4RZndlgR2rxpDH0X7G3iYgyUoYxjjCKljnksL
2jPcT0uZvYJapFHkj3FQxVxPAtEVN73XZavx3K57G1C67szw04mqGJnsowIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFOjcSBYceSOwfyVc+K5igZm8s5j6MB8GA1UdIwQY
MBaAFIKTkFr6E0lE8GMMlJ86vaQGRtrBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3BPUVd2b1RTVVR3WXd5VW56cTlwQVpHMnNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9lMWMzNzMtNjRmOC00MjI2LTkwNDQt
ODEwOTVhMTNiOWRlLzEvNk54SUZoeDVJN0JfSlZ6NHJtS0JtYnl6bVBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9lMWMzNzMtNjRmOC00MjI2LTkwNDQtODEwOTVhMTNiOWRl
LzEvZ3BPUVd2b1RTVVR3WXd5VW56cTlwQVpHMnNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLQt0AwQC
uTbUAwQCuU4wAwQAwfO4AwQCwpwIMA0EAgACMAcDBQMqAkcgMA0GCSqGSIb3DQEB
CwUAA4IBAQCUD88NPz8v8phDaKYrVccdm3iZ+WRj9gFLBWsN4Go+aaupfFthV78d
REufCutUmCRWn387rh1Sv5UyrAUpqy2RDW8hApnmXir5Gn2HTY5sfiKDC6vWAVFm
ZpxTNVHl8zTwxw82hkI947usYYQpLlOi8ZuYnkiwxDssNp5KbWW1lXAeNzlQOmuj
SsWccSmla0SMpVVt9mq5TcIaqzptgL572kCqEFONaIPUB2RBP0m2McWtLRnuyvQD
MIuYkwvWZ/ICPUMuA4j6sMyn3kmrVNdOMZpGZ7yBY3sXdwPDUEpGXwtnaoZK9him
XqlX3Ez9Jgh7JctYx07wWQjejVR2M2GG
-----END CERTIFICATE-----
Generated at Sat May 18 00:35:52 2024 by rpki-client on console-fra.rpki-client.org