Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/b903e9-6d09-4e20-b926-3692f96e33a9/1/htoUImNCz31G2mZqhleZunkR17Y.roa
File: htoUImNCz31G2mZqhleZunkR17Y.roa (raw, json)
Hash identifier: 02MHeZn1lR3w3vc8KcTQZdDWeghv5srwgHtQC4myeE4=
Subject key identifier: 86:DA:14:22:63:42:CF:7D:46:DA:66:6A:86:57:99:BA:79:11:D7:B6
Certificate issuer: /CN=6ba26b56cee97f6020941bb17c6a7c6cea0f814a
Certificate serial: 018D6C03100AD8D228733E9A3679FAD5B753
Authority key identifier: 6B:A2:6B:56:CE:E9:7F:60:20:94:1B:B1:7C:6A:7C:6C:EA:0F:81:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a6JrVs7pf2AglBuxfGp8bOoPgUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/b903e9-6d09-4e20-b926-3692f96e33a9/1/htoUImNCz31G2mZqhleZunkR17Y.roa
Signing time: Fri 02 Feb 2024 22:49:16 +0000
ROA not before: Fri 02 Feb 2024 22:49:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33185
IP address blocks: 217.13.109.0/24 maxlen: 24
2a0d:c740:4c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/b903e9-6d09-4e20-b926-3692f96e33a9/1/a6JrVs7pf2AglBuxfGp8bOoPgUo.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/b903e9-6d09-4e20-b926-3692f96e33a9/1/a6JrVs7pf2AglBuxfGp8bOoPgUo.mft
rsync://rpki.ripe.net/repository/DEFAULT/a6JrVs7pf2AglBuxfGp8bOoPgUo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 13:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6c:03:10:0a:d8:d2:28:73:3e:9a:36:79:fa:d5:b7:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ba26b56cee97f6020941bb17c6a7c6cea0f814a
Validity
Not Before: Feb 2 22:49:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86da14226342cf7d46da666a865799ba7911d7b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:16:8c:6f:fd:72:c5:04:95:6d:a3:42:c2:39:
9b:04:a0:5e:5d:b7:d7:2b:59:bd:f4:4e:91:bb:4b:
77:54:b7:5a:7b:d7:36:f2:c1:a4:4a:1c:ec:3c:fe:
05:36:05:49:df:fd:d2:84:02:e6:12:21:1e:e8:dd:
e4:3a:7d:80:52:17:06:12:1e:9c:77:16:6d:14:23:
e6:41:e6:61:5b:34:55:b8:09:31:31:84:b5:79:a2:
2f:32:1a:d1:6d:67:d7:cf:aa:3b:0c:6a:8c:42:c5:
c0:f1:38:22:4d:6f:f7:b1:b9:78:c3:76:10:bf:f1:
e0:0c:44:f0:47:fc:95:e3:ed:89:3e:2a:0c:6e:0e:
6c:15:83:e8:10:da:e7:e2:4c:24:8e:e1:d1:4c:3d:
a2:84:52:f0:d9:0c:5a:17:e9:dc:8c:87:ad:59:56:
56:46:af:b8:dc:51:6c:a3:e1:6e:00:a6:6a:3c:61:
72:6c:bb:ae:3b:a9:f0:fc:a5:21:46:43:ea:25:7b:
b7:d6:1e:49:43:00:67:41:3f:29:b5:32:0f:83:fd:
2a:a3:e4:74:b6:1d:6f:81:7c:27:2d:38:ff:70:46:
4f:0a:e7:6f:2e:0c:b9:12:00:a3:a5:dd:22:a3:bf:
79:d7:ba:59:ab:fe:6f:2b:d3:7e:a7:a2:71:d1:ea:
35:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:DA:14:22:63:42:CF:7D:46:DA:66:6A:86:57:99:BA:79:11:D7:B6
X509v3 Authority Key Identifier:
keyid:6B:A2:6B:56:CE:E9:7F:60:20:94:1B:B1:7C:6A:7C:6C:EA:0F:81:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6JrVs7pf2AglBuxfGp8bOoPgUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b903e9-6d09-4e20-b926-3692f96e33a9/1/htoUImNCz31G2mZqhleZunkR17Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b903e9-6d09-4e20-b926-3692f96e33a9/1/a6JrVs7pf2AglBuxfGp8bOoPgUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.13.109.0/24
IPv6:
2a0d:c740:4c::/48
Signature Algorithm: sha256WithRSAEncryption
c5:0f:86:80:d2:65:23:17:7a:bc:8d:04:b8:d3:9c:ec:73:27:
06:15:a2:c5:70:62:d7:3e:40:f6:7d:a0:fa:23:35:5d:96:2c:
c2:78:2f:16:cd:cc:16:ac:ba:af:fc:f2:77:cb:a3:fa:3e:7d:
2e:59:e6:93:7d:fd:08:fd:2b:ff:83:bf:1e:d5:e3:00:cc:6a:
b1:54:4a:52:9f:56:f3:3a:45:b8:6e:60:ab:eb:a9:8e:87:82:
8b:3c:7c:68:52:4b:16:97:70:f0:13:2e:dd:4c:26:96:31:7b:
68:37:4e:27:f3:ba:85:c5:dc:55:5b:cc:a8:88:8f:dc:ca:bc:
7e:5d:71:ef:bb:b4:14:98:95:b0:ef:84:4e:1c:04:e1:71:e2:
80:46:8b:a9:57:c4:d7:51:a9:12:c7:56:e2:23:ef:1e:11:62:
26:0d:8b:1b:4b:7b:dd:79:d5:eb:94:d2:91:f8:b5:88:a0:5a:
34:c8:68:36:ad:27:26:cc:da:a7:9b:ce:93:12:33:7f:a4:39:
28:99:3b:b3:df:8b:14:4a:bf:1e:6a:08:1a:42:c7:1b:df:b8:
a6:db:f5:f6:c0:ab:9c:3f:c9:bb:da:3d:95:80:fc:19:d8:f1:
e0:16:35:c9:d5:a6:e0:0e:c7:2b:01:71:b1:b7:ca:21:00:4b:
26:e6:23:e7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1sAxAK2NIocz6aNnn61bdTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYTI2YjU2Y2VlOTdmNjAyMDk0MWJiMTdjNmE3YzZjZWEw
ZjgxNGEwHhcNMjQwMjAyMjI0OTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmRhMTQyMjYzNDJjZjdkNDZkYTY2NmE4NjU3OTliYTc5MTFkN2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhaMb/1yxQSVbaNCwjmbBKBeXbfX
K1m99E6Ru0t3VLdae9c28sGkShzsPP4FNgVJ3/3ShALmEiEe6N3kOn2AUhcGEh6c
dxZtFCPmQeZhWzRVuAkxMYS1eaIvMhrRbWfXz6o7DGqMQsXA8TgiTW/3sbl4w3YQ
v/HgDETwR/yV4+2JPioMbg5sFYPoENrn4kwkjuHRTD2ihFLw2QxaF+ncjIetWVZW
Rq+43FFso+FuAKZqPGFybLuuO6nw/KUhRkPqJXu31h5JQwBnQT8ptTIPg/0qo+R0
th1vgXwnLTj/cEZPCudvLgy5EgCjpd0io79517pZq/5vK9N+p6Jx0eo1IwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIbaFCJjQs99RtpmaoZXmbp5Ede2MB8GA1UdIwQY
MBaAFGuia1bO6X9gIJQbsXxqfGzqD4FKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTZKclZzN3BmMkFnbEJ1eGZHcDhiT29QZ1VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9iOTAzZTktNmQwOS00ZTIwLWI5MjYt
MzY5MmY5NmUzM2E5LzEvaHRvVUltTkN6MzFHMm1acWhsZVp1bmtSMTdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9iOTAzZTktNmQwOS00ZTIwLWI5MjYtMzY5MmY5NmUzM2E5
LzEvYTZKclZzN3BmMkFnbEJ1eGZHcDhiT29QZ1VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQA2Q1tMA8E
AgACMAkDBwAqDcdAAEwwDQYJKoZIhvcNAQELBQADggEBAMUPhoDSZSMXeryNBLjT
nOxzJwYVosVwYtc+QPZ9oPojNV2WLMJ4LxbNzBasuq/88nfLo/o+fS5Z5pN9/Qj9
K/+Dvx7V4wDMarFUSlKfVvM6RbhuYKvrqY6Hgos8fGhSSxaXcPATLt1MJpYxe2g3
TifzuoXF3FVbzKiIj9zKvH5dce+7tBSYlbDvhE4cBOFx4oBGi6lXxNdRqRLHVuIj
7x4RYiYNixtLe9151euU0pH4tYigWjTIaDatJybM2qebzpMSM3+kOSiZO7PfixRK
vx5qCBpCxxvfuKbb9fbAq5w/ybvaPZWA/BnY8eAWNcnVpuAOxysBcbG3yiEASybm
I+c=
-----END CERTIFICATE-----
Generated at Sat Jun 1 21:15:12 2024 by rpki-client on console-fra.rpki-client.org