Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/6CHmKPYGP7NiFfjTxXFQ-ELHtvQ.roa
File: 6CHmKPYGP7NiFfjTxXFQ-ELHtvQ.roa (raw, json)
Hash identifier: pGfU7RivjFEpfJm5sv7H6GBde3v+RF9ajHqpa0ZlH/Q=
Subject key identifier: E8:21:E6:28:F6:06:3F:B3:62:15:F8:D3:C5:71:50:F8:42:C7:B6:F4
Certificate issuer: /CN=ca01df493936a62e2ec9a9805a8fa36b8335bd50
Certificate serial: 018CC56EA79828D7B509A3FBA616F85C3583
Authority key identifier: CA:01:DF:49:39:36:A6:2E:2E:C9:A9:80:5A:8F:A3:6B:83:35:BD:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/6CHmKPYGP7NiFfjTxXFQ-ELHtvQ.roa
Signing time: Mon 01 Jan 2024 14:30:12 +0000
ROA not before: Mon 01 Jan 2024 14:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56407
IP address blocks: 188.190.136.0/21 maxlen: 21
188.190.144.0/21 maxlen: 21
188.190.152.0/22 maxlen: 22
188.190.156.0/22 maxlen: 22
188.190.128.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 22:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:a7:98:28:d7:b5:09:a3:fb:a6:16:f8:5c:35:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca01df493936a62e2ec9a9805a8fa36b8335bd50
Validity
Not Before: Jan 1 14:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e821e628f6063fb36215f8d3c57150f842c7b6f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:e4:37:d6:fb:92:19:1d:a2:02:f2:6d:06:b4:
e1:1b:32:d6:2b:4d:b5:38:44:2f:f3:24:b7:cf:e3:
28:6e:8a:83:7a:57:d5:09:c6:f3:6d:43:fc:ad:ca:
91:09:ba:bc:11:37:1b:ea:4d:fd:84:5f:bc:55:9c:
6d:76:df:53:5c:80:60:02:ae:06:16:7d:a7:e1:e3:
e4:60:51:00:ce:17:09:60:91:0a:03:5c:0f:0b:6b:
06:d9:e4:ba:c1:4c:a2:e5:8e:a1:df:7d:b8:8e:fc:
0a:48:d2:4b:15:05:e3:c6:87:61:89:71:b5:a8:d3:
b2:a0:5f:4b:ef:d8:87:f7:66:36:9e:ff:f9:47:65:
96:b9:8b:34:51:51:c7:68:7c:db:58:8a:67:54:76:
1f:2c:42:dc:42:33:53:7e:69:cb:cd:29:4b:d7:09:
68:d4:2c:36:e6:d8:c8:5f:f8:f3:2d:10:c3:4a:b3:
8e:80:f6:6d:3c:50:b5:3b:da:9b:6e:34:b5:15:55:
1e:f2:59:a9:dd:29:b2:37:36:8e:db:b1:a7:9d:a8:
77:9e:41:10:3b:6d:eb:0b:71:92:e1:be:a9:53:e0:
53:c8:01:23:79:70:5d:8c:08:4e:84:3c:29:e2:a3:
5d:6d:ca:8f:1b:b5:25:10:aa:ad:b6:24:a2:ae:21:
84:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:21:E6:28:F6:06:3F:B3:62:15:F8:D3:C5:71:50:F8:42:C7:B6:F4
X509v3 Authority Key Identifier:
keyid:CA:01:DF:49:39:36:A6:2E:2E:C9:A9:80:5A:8F:A3:6B:83:35:BD:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ygHfSTk2pi4uyamAWo-ja4M1vVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/6CHmKPYGP7NiFfjTxXFQ-ELHtvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/649e81-cca2-404c-98a5-962758a3d5ea/1/ygHfSTk2pi4uyamAWo-ja4M1vVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.190.128.0/19
Signature Algorithm: sha256WithRSAEncryption
b1:95:ae:ea:9c:c1:62:21:86:31:79:05:f2:4d:85:c9:09:b9:
3b:58:1e:ed:21:ee:fc:c5:44:88:79:6c:b9:d0:19:67:1d:e9:
e1:dd:e2:af:14:db:8d:93:62:e5:57:8e:35:f2:aa:68:4e:06:
12:fb:09:9a:f5:2f:64:09:85:27:5c:fe:e1:18:e6:13:23:c7:
0f:4c:04:b7:89:c0:d6:74:2e:f3:5b:11:07:bf:3f:0f:9b:03:
77:33:a3:1a:5d:1a:cc:e5:33:f3:5d:ab:b6:26:93:5c:c2:84:
ad:a2:d8:df:9c:b3:e6:9e:b7:b3:dc:99:1a:67:59:66:bf:25:
28:e8:65:65:3b:c2:ae:f3:81:e5:a1:04:23:14:96:81:02:14:
91:50:17:b5:06:98:cb:cd:bf:99:9d:7d:8b:f9:94:2f:4c:4a:
9c:be:ae:86:0b:82:0d:6b:39:29:b5:66:6d:10:9f:a4:0b:2c:
67:2e:a0:16:46:af:6a:c1:e9:a5:b4:1c:19:97:6d:0c:e8:0e:
7c:f9:73:2b:ed:be:f6:ce:1c:eb:dc:03:ba:5e:44:f5:51:39:
a3:bd:a5:fe:bf:da:43:8d:1d:bb:48:5b:ed:c9:bb:05:8d:1a:
13:07:ad:c9:05:33:66:74:a1:ee:93:02:70:6e:fc:a0:5b:1a:
03:44:ce:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbqeYKNe1CaP7phb4XDWDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMDFkZjQ5MzkzNmE2MmUyZWM5YTk4MDVhOGZhMzZiODMz
NWJkNTAwHhcNMjQwMTAxMTQzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODIxZTYyOGY2MDYzZmIzNjIxNWY4ZDNjNTcxNTBmODQyYzdiNmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+Q31vuSGR2iAvJtBrThGzLWK021
OEQv8yS3z+MoboqDelfVCcbzbUP8rcqRCbq8ETcb6k39hF+8VZxtdt9TXIBgAq4G
Fn2n4ePkYFEAzhcJYJEKA1wPC2sG2eS6wUyi5Y6h3324jvwKSNJLFQXjxodhiXG1
qNOyoF9L79iH92Y2nv/5R2WWuYs0UVHHaHzbWIpnVHYfLELcQjNTfmnLzSlL1wlo
1Cw25tjIX/jzLRDDSrOOgPZtPFC1O9qbbjS1FVUe8lmp3SmyNzaO27Gnnah3nkEQ
O23rC3GS4b6pU+BTyAEjeXBdjAhOhDwp4qNdbcqPG7UlEKqttiSiriGENQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOgh5ij2Bj+zYhX408VxUPhCx7b0MB8GA1UdIwQY
MBaAFMoB30k5NqYuLsmpgFqPo2uDNb1QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC82NDllODEtY2NhMi00MDRjLTk4YTUt
OTYyNzU4YTNkNWVhLzEvNkNIbUtQWUdQN05pRmZqVHhYRlEtRUxIdHZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC82NDllODEtY2NhMi00MDRjLTk4YTUtOTYyNzU4YTNkNWVh
LzEveWdIZlNUazJwaTR1eWFtQVdvLWphNE0xdlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFvL6AMA0G
CSqGSIb3DQEBCwUAA4IBAQCxla7qnMFiIYYxeQXyTYXJCbk7WB7tIe78xUSIeWy5
0BlnHenh3eKvFNuNk2LlV4418qpoTgYS+wma9S9kCYUnXP7hGOYTI8cPTAS3icDW
dC7zWxEHvz8PmwN3M6MaXRrM5TPzXau2JpNcwoStotjfnLPmnrez3JkaZ1lmvyUo
6GVlO8Ku84HloQQjFJaBAhSRUBe1BpjLzb+ZnX2L+ZQvTEqcvq6GC4INazkptWZt
EJ+kCyxnLqAWRq9qwemltBwZl20M6A58+XMr7b72zhzr3AO6XkT1UTmjvaX+v9pD
jR27SFvtybsFjRoTB63JBTNmdKHukwJwbvygWxoDRM6o
-----END CERTIFICATE-----
Generated at Mon Jun 3 01:40:41 2024 by rpki-client on console-fra.rpki-client.org