Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/b903e9-6d09-4e20-b926-3692f96e33a9/1/tsZt-ajldIwoJ2-5-42B8hK87qE.roa
File: tsZt-ajldIwoJ2-5-42B8hK87qE.roa (raw, json)
Hash identifier: HoavjBUfMeFcv6pW5ApuOQVABypI+MHbiJeMidu44Zo=
Subject key identifier: B6:C6:6D:F9:A8:E5:74:8C:28:27:6F:B9:FB:8D:81:F2:12:BC:EE:A1
Certificate issuer: /CN=6ba26b56cee97f6020941bb17c6a7c6cea0f814a
Certificate serial: 018CC8DF77B1CE4C76D467C973164FE59306
Authority key identifier: 6B:A2:6B:56:CE:E9:7F:60:20:94:1B:B1:7C:6A:7C:6C:EA:0F:81:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a6JrVs7pf2AglBuxfGp8bOoPgUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/b903e9-6d09-4e20-b926-3692f96e33a9/1/tsZt-ajldIwoJ2-5-42B8hK87qE.roa
Signing time: Tue 02 Jan 2024 06:32:17 +0000
ROA not before: Tue 02 Jan 2024 06:32:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49367
IP address blocks: 176.105.252.0/24 maxlen: 24
176.105.254.0/24 maxlen: 24
2a0d:c740:1c::/48 maxlen: 48
2a0d:c740:1a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/b903e9-6d09-4e20-b926-3692f96e33a9/1/a6JrVs7pf2AglBuxfGp8bOoPgUo.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/b903e9-6d09-4e20-b926-3692f96e33a9/1/a6JrVs7pf2AglBuxfGp8bOoPgUo.mft
rsync://rpki.ripe.net/repository/DEFAULT/a6JrVs7pf2AglBuxfGp8bOoPgUo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:77:b1:ce:4c:76:d4:67:c9:73:16:4f:e5:93:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ba26b56cee97f6020941bb17c6a7c6cea0f814a
Validity
Not Before: Jan 2 06:32:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6c66df9a8e5748c28276fb9fb8d81f212bceea1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b6:94:f0:fc:29:1b:85:10:f5:61:ca:47:8a:
4b:0f:a8:9a:d8:63:68:10:9f:f8:30:93:ea:1f:7e:
3b:4d:f0:1d:14:54:8d:0c:b3:26:1e:27:2c:16:b8:
ed:e8:95:e3:03:63:e9:58:41:ab:52:21:ae:3a:70:
e0:4c:db:f1:68:8a:89:92:bb:ae:e4:1e:71:9d:ba:
d9:e0:2a:7c:7d:3f:ca:3b:f2:b9:56:90:cb:8e:b8:
40:ae:85:c4:3c:4b:5d:e8:07:67:ad:79:64:63:ce:
3d:05:c2:47:e3:7d:e0:9b:67:06:10:cd:77:31:3c:
51:b6:bf:30:2c:8d:ae:b5:67:78:74:19:d8:40:2c:
2a:f6:4c:d0:d1:89:22:45:d1:93:69:a3:bc:3b:d1:
72:6a:9a:35:a8:47:8e:84:3d:b5:eb:ed:f4:57:b2:
ba:97:59:22:68:5f:31:c9:43:17:a3:c4:54:06:ba:
4f:45:79:61:5a:5c:4e:5c:87:d4:7b:b9:50:3c:4b:
ba:6c:f2:0c:7c:f8:fb:c2:0e:b0:0f:2c:54:7f:c4:
df:6c:5f:ae:c3:b3:e4:38:06:20:ae:b7:72:bd:6a:
d1:84:cd:67:59:fd:14:16:ea:b3:eb:62:e2:e5:97:
19:37:0f:43:25:80:3d:a3:14:11:42:0f:b3:c3:06:
9f:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:C6:6D:F9:A8:E5:74:8C:28:27:6F:B9:FB:8D:81:F2:12:BC:EE:A1
X509v3 Authority Key Identifier:
keyid:6B:A2:6B:56:CE:E9:7F:60:20:94:1B:B1:7C:6A:7C:6C:EA:0F:81:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6JrVs7pf2AglBuxfGp8bOoPgUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b903e9-6d09-4e20-b926-3692f96e33a9/1/tsZt-ajldIwoJ2-5-42B8hK87qE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b903e9-6d09-4e20-b926-3692f96e33a9/1/a6JrVs7pf2AglBuxfGp8bOoPgUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.105.252.0/24
176.105.254.0/24
IPv6:
2a0d:c740:1a::/48
2a0d:c740:1c::/48
Signature Algorithm: sha256WithRSAEncryption
d8:36:89:38:b6:88:93:ba:df:40:af:cd:11:02:13:79:9f:0f:
06:0d:24:48:0e:a5:4d:6f:b6:3e:11:46:e5:67:d2:5c:c6:9f:
8c:c1:7e:47:1d:d0:bb:dc:a8:3d:ae:9d:01:66:4d:b4:b2:5d:
e9:15:34:8c:e6:18:72:55:cb:5f:c3:c3:6a:7a:93:f1:82:89:
48:db:5f:bd:b5:6b:36:b0:62:04:57:a7:bb:1f:29:2e:ec:bd:
ac:42:1a:fd:13:4c:85:e7:68:2a:ef:c5:1d:62:be:ba:7b:b6:
97:1a:60:0f:a4:8e:75:f4:16:d3:73:76:1a:9f:6b:aa:59:d8:
20:81:c5:a1:bf:fe:c0:17:f6:3e:65:b7:23:e1:e1:eb:c3:07:
42:15:63:57:a0:02:df:9a:46:3f:e3:36:f9:be:a4:8d:8c:1e:
74:1e:dc:78:98:a3:58:a6:17:0a:16:cc:05:f1:40:13:09:2d:
c6:cb:34:b7:11:19:7b:09:42:58:ad:5d:40:d5:9c:95:b2:d1:
cc:35:c4:bb:fb:0e:e7:ff:30:02:f2:58:5e:c0:58:22:25:58:
6e:f4:2e:cd:6d:b1:03:49:88:f5:f3:95:0e:03:e0:2b:2b:11:
69:f0:2f:2b:5b:1e:e4:f0:8c:35:89:bf:fe:a1:67:db:f5:43:
80:ec:28:66
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzI33exzkx21GfJcxZP5ZMGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYTI2YjU2Y2VlOTdmNjAyMDk0MWJiMTdjNmE3YzZjZWEw
ZjgxNGEwHhcNMjQwMTAyMDYzMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmM2NmRmOWE4ZTU3NDhjMjgyNzZmYjlmYjhkODFmMjEyYmNlZWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLaU8PwpG4UQ9WHKR4pLD6ia2GNo
EJ/4MJPqH347TfAdFFSNDLMmHicsFrjt6JXjA2PpWEGrUiGuOnDgTNvxaIqJkruu
5B5xnbrZ4Cp8fT/KO/K5VpDLjrhAroXEPEtd6AdnrXlkY849BcJH433gm2cGEM13
MTxRtr8wLI2utWd4dBnYQCwq9kzQ0YkiRdGTaaO8O9Fyapo1qEeOhD216+30V7K6
l1kiaF8xyUMXo8RUBrpPRXlhWlxOXIfUe7lQPEu6bPIMfPj7wg6wDyxUf8TfbF+u
w7PkOAYgrrdyvWrRhM1nWf0UFuqz62Li5ZcZNw9DJYA9oxQRQg+zwwafXQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLbGbfmo5XSMKCdvufuNgfISvO6hMB8GA1UdIwQY
MBaAFGuia1bO6X9gIJQbsXxqfGzqD4FKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTZKclZzN3BmMkFnbEJ1eGZHcDhiT29QZ1VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9iOTAzZTktNmQwOS00ZTIwLWI5MjYt
MzY5MmY5NmUzM2E5LzEvdHNadC1hamxkSXdvSjItNS00MkI4aEs4N3FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9iOTAzZTktNmQwOS00ZTIwLWI5MjYtMzY5MmY5NmUzM2E5
LzEvYTZKclZzN3BmMkFnbEJ1eGZHcDhiT29QZ1VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAsGn8AwQA
sGn+MBgEAgACMBIDBwAqDcdAABoDBwAqDcdAABwwDQYJKoZIhvcNAQELBQADggEB
ANg2iTi2iJO630CvzRECE3mfDwYNJEgOpU1vtj4RRuVn0lzGn4zBfkcd0LvcqD2u
nQFmTbSyXekVNIzmGHJVy1/Dw2p6k/GCiUjbX721azawYgRXp7sfKS7svaxCGv0T
TIXnaCrvxR1ivrp7tpcaYA+kjnX0FtNzdhqfa6pZ2CCBxaG//sAX9j5ltyPh4evD
B0IVY1egAt+aRj/jNvm+pI2MHnQe3HiYo1imFwoWzAXxQBMJLcbLNLcRGXsJQlit
XUDVnJWy0cw1xLv7Duf/MALyWF7AWCIlWG70Ls1tsQNJiPXzlQ4D4CsrEWnwLytb
HuTwjDWJv/6hZ9v1Q4DsKGY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:01:55 2024 by rpki-client on console-fra.rpki-client.org