Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/5c3b99-b8ef-4ed1-857c-b65cd136262e/1/6fnXH5hlPamd-M1qLtVZJCnlKgQ.roa
File: 6fnXH5hlPamd-M1qLtVZJCnlKgQ.roa (raw, json)
Hash identifier: wbsGEGRSKyB50eO2U94WuA3IwxsHE4fM6BH+GN65s9Q=
Subject key identifier: E9:F9:D7:1F:98:65:3D:A9:9D:F8:CD:6A:2E:D5:59:24:29:E5:2A:04
Certificate issuer: /CN=f1f186e97097c8417d9437d70cfdfc527331b5a8
Certificate serial: 018DA6A536B1623704ABA9E6619C1DBAF8CB
Authority key identifier: F1:F1:86:E9:70:97:C8:41:7D:94:37:D7:0C:FD:FC:52:73:31:B5:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8fGG6XCXyEF9lDfXDP38UnMxtag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/5c3b99-b8ef-4ed1-857c-b65cd136262e/1/6fnXH5hlPamd-M1qLtVZJCnlKgQ.roa
Signing time: Wed 14 Feb 2024 08:04:21 +0000
ROA not before: Wed 14 Feb 2024 08:04:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39683
IP address blocks: 5.61.96.0/21 maxlen: 24
5.61.111.0/24 maxlen: 24
185.252.22.0/23 maxlen: 23
195.189.224.0/23 maxlen: 23
195.189.224.0/24 maxlen: 24
195.189.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/5c3b99-b8ef-4ed1-857c-b65cd136262e/1/8fGG6XCXyEF9lDfXDP38UnMxtag.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/5c3b99-b8ef-4ed1-857c-b65cd136262e/1/8fGG6XCXyEF9lDfXDP38UnMxtag.mft
rsync://rpki.ripe.net/repository/DEFAULT/8fGG6XCXyEF9lDfXDP38UnMxtag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 05:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a6:a5:36:b1:62:37:04:ab:a9:e6:61:9c:1d:ba:f8:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1f186e97097c8417d9437d70cfdfc527331b5a8
Validity
Not Before: Feb 14 08:04:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e9f9d71f98653da99df8cd6a2ed5592429e52a04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:2f:2b:49:be:05:34:6f:01:53:34:48:11:2e:
61:38:a4:d8:d5:e3:b9:a3:12:c9:29:a7:da:86:1f:
74:7c:c9:42:81:82:80:8b:3c:52:c0:03:b9:bd:f6:
1e:a3:fa:67:0b:e6:c8:5c:01:2a:62:d1:f9:7d:2c:
bf:50:72:8d:d6:f3:b6:aa:77:cd:5b:7f:22:c9:e1:
26:b1:2d:b6:fe:21:80:7b:4c:f7:cd:b4:61:85:32:
ef:49:18:1e:de:46:2d:06:24:a4:a7:de:b4:33:a6:
86:2d:21:2b:b4:e3:ed:d0:a6:1b:1b:e4:e1:68:ec:
08:43:96:72:70:46:77:e2:60:a1:e5:8a:02:2e:53:
32:ae:d0:83:dc:9f:f8:cc:2d:02:c1:e0:c8:01:7f:
80:4b:7d:f0:85:cf:95:16:d4:f9:b2:24:bc:d5:dc:
3e:a6:fc:33:0d:d1:6e:90:3f:03:a6:4c:7f:99:11:
13:3c:bc:22:3e:5d:bc:f0:a2:97:94:8d:be:d6:78:
79:d8:b6:a8:d0:63:69:bb:6b:e3:7b:e8:22:cb:82:
f0:d4:6a:e2:9e:f7:cd:22:1d:96:9b:d4:c6:c9:e6:
97:4f:0f:1f:ed:b1:39:2f:9f:22:86:17:d7:b0:2c:
e1:33:b7:7d:89:c7:ae:c2:46:f7:77:59:11:d7:b9:
83:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:F9:D7:1F:98:65:3D:A9:9D:F8:CD:6A:2E:D5:59:24:29:E5:2A:04
X509v3 Authority Key Identifier:
keyid:F1:F1:86:E9:70:97:C8:41:7D:94:37:D7:0C:FD:FC:52:73:31:B5:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8fGG6XCXyEF9lDfXDP38UnMxtag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/5c3b99-b8ef-4ed1-857c-b65cd136262e/1/6fnXH5hlPamd-M1qLtVZJCnlKgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/5c3b99-b8ef-4ed1-857c-b65cd136262e/1/8fGG6XCXyEF9lDfXDP38UnMxtag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.96.0/21
5.61.111.0/24
185.252.22.0/23
195.189.224.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:ac:30:1e:73:a6:cf:14:0c:03:2c:ec:e7:72:fd:fb:51:9e:
28:ea:2b:4d:5d:4d:69:e7:ac:b6:6a:04:65:f2:4f:66:c4:3c:
78:1b:49:39:f0:0b:86:5a:ca:ad:ee:fa:8d:c1:02:f0:b7:15:
79:83:f6:d4:35:cf:78:b2:41:f2:8f:a7:3f:8d:25:72:cc:c7:
8a:db:57:4a:63:c4:e8:68:f5:ea:36:aa:9f:e4:f3:16:21:38:
e1:53:83:ab:2a:9e:9e:b7:ba:df:29:36:22:e8:cb:7f:ac:17:
62:60:4c:35:b7:1e:fa:2a:27:93:67:f9:06:cf:a7:a8:13:03:
68:3d:89:33:26:bc:8c:2a:f9:bb:a0:db:89:87:2f:aa:5f:0d:
00:bd:e0:9b:f4:c4:fa:c7:e7:8d:c8:aa:44:77:08:52:70:7b:
db:bf:8a:6e:58:34:79:7e:d6:3e:98:aa:08:62:c5:5a:28:54:
30:eb:71:6f:7f:5f:60:bd:fb:8a:6d:d4:92:85:5b:02:c3:c9:
38:11:20:84:6e:52:62:3c:d3:a7:fe:25:26:95:5c:a2:0f:7b:
dc:a9:39:af:db:e4:49:f0:e5:6e:0b:37:82:99:d6:e5:28:c5:
2e:30:9c:d7:0a:0d:77:2f:df:d5:01:ab:05:50:52:f8:8b:20:
89:af:c5:dd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY2mpTaxYjcEq6nmYZwduvjLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZjE4NmU5NzA5N2M4NDE3ZDk0MzdkNzBjZmRmYzUyNzMz
MWI1YTgwHhcNMjQwMjE0MDgwNDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWY5ZDcxZjk4NjUzZGE5OWRmOGNkNmEyZWQ1NTkyNDI5ZTUyYTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjS8rSb4FNG8BUzRIES5hOKTY1eO5
oxLJKafahh90fMlCgYKAizxSwAO5vfYeo/pnC+bIXAEqYtH5fSy/UHKN1vO2qnfN
W38iyeEmsS22/iGAe0z3zbRhhTLvSRge3kYtBiSkp960M6aGLSErtOPt0KYbG+Th
aOwIQ5ZycEZ34mCh5YoCLlMyrtCD3J/4zC0CweDIAX+AS33whc+VFtT5siS81dw+
pvwzDdFukD8Dpkx/mRETPLwiPl288KKXlI2+1nh52Lao0GNpu2vje+giy4Lw1Gri
nvfNIh2Wm9TGyeaXTw8f7bE5L58ihhfXsCzhM7d9iceuwkb3d1kR17mD0QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOn51x+YZT2pnfjNai7VWSQp5SoEMB8GA1UdIwQY
MBaAFPHxhulwl8hBfZQ31wz9/FJzMbWoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGZHRzZYQ1h5RUY5bERmWERQMzhVbk14dGFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi81YzNiOTktYjhlZi00ZWQxLTg1N2Mt
YjY1Y2QxMzYyNjJlLzEvNmZuWEg1aGxQYW1kLU0xcUx0VlpKQ25sS2dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi81YzNiOTktYjhlZi00ZWQxLTg1N2MtYjY1Y2QxMzYyNjJl
LzEvOGZHRzZYQ1h5RUY5bERmWERQMzhVbk14dGFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDBT1gAwQA
BT1vAwQBufwWAwQBw73gMA0GCSqGSIb3DQEBCwUAA4IBAQA6rDAec6bPFAwDLOzn
cv37UZ4o6itNXU1p56y2agRl8k9mxDx4G0k58AuGWsqt7vqNwQLwtxV5g/bUNc94
skHyj6c/jSVyzMeK21dKY8ToaPXqNqqf5PMWITjhU4OrKp6et7rfKTYi6Mt/rBdi
YEw1tx76KieTZ/kGz6eoEwNoPYkzJryMKvm7oNuJhy+qXw0AveCb9MT6x+eNyKpE
dwhScHvbv4puWDR5ftY+mKoIYsVaKFQw63Fvf19gvfuKbdSShVsCw8k4ESCEblJi
PNOn/iUmlVyiD3vcqTmv2+RJ8OVuCzeCmdblKMUuMJzXCg13L9/VAasFUFL4iyCJ
r8Xd
-----END CERTIFICATE-----
Generated at Wed May 22 11:59:05 2024 by rpki-client on console-ams.rpki-client.org