Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/c0d281-d40d-40e0-93ea-5bae375cf85a/1/6mZN1nCwm8ztW4MUejUbgIoIwi4.roa
File: 6mZN1nCwm8ztW4MUejUbgIoIwi4.roa (raw, json)
Hash identifier: eYDq7UXOQYWpnl0vNtD+VB+Bex+20xRyFgvsZQpHSHM=
Subject key identifier: EA:66:4D:D6:70:B0:9B:CC:ED:5B:83:14:7A:35:1B:80:8A:08:C2:2E
Certificate issuer: /CN=73635ae36f2df4f68d3e572a313e1a18aa20b757
Certificate serial: 018CC348BD278AA529DCBD0615B2F249E291
Authority key identifier: 73:63:5A:E3:6F:2D:F4:F6:8D:3E:57:2A:31:3E:1A:18:AA:20:B7:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c2Na428t9PaNPlcqMT4aGKogt1c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/c0d281-d40d-40e0-93ea-5bae375cf85a/1/6mZN1nCwm8ztW4MUejUbgIoIwi4.roa
Signing time: Mon 01 Jan 2024 04:29:33 +0000
ROA not before: Mon 01 Jan 2024 04:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49278
IP address blocks: 158.112.71.0/24 maxlen: 24
158.112.66.0/23 maxlen: 23
158.112.64.0/18 maxlen: 18
158.112.84.0/22 maxlen: 22
158.112.88.0/24 maxlen: 24
158.112.93.0/24 maxlen: 24
158.112.96.0/21 maxlen: 21
158.112.0.0/18 maxlen: 18
158.112.0.0/16 maxlen: 16
158.112.20.0/22 maxlen: 22
158.112.24.0/21 maxlen: 21
158.112.32.0/22 maxlen: 22
144.84.0.0/18 maxlen: 18
158.112.164.0/23 maxlen: 23
144.84.0.0/16 maxlen: 16
158.112.192.0/18 maxlen: 18
158.112.208.0/23 maxlen: 23
158.112.128.0/18 maxlen: 18
144.84.128.0/18 maxlen: 18
185.155.24.0/23 maxlen: 23
158.112.255.0/24 maxlen: 24
185.155.26.0/23 maxlen: 23
144.84.192.0/18 maxlen: 18
2a02:27b8:1112::/48 maxlen: 48
2a02:27ba:4000::/34 maxlen: 34
2a02:27b8:2003::/48 maxlen: 48
2a02:27b8:1::/48 maxlen: 48
2a02:27b8:2004::/48 maxlen: 48
2a02:27b8:2002::/48 maxlen: 48
2a02:27b8:1111::/48 maxlen: 48
2a02:27b8:2000::/48 maxlen: 48
2a02:27b8:4000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/c0d281-d40d-40e0-93ea-5bae375cf85a/1/c2Na428t9PaNPlcqMT4aGKogt1c.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/c0d281-d40d-40e0-93ea-5bae375cf85a/1/c2Na428t9PaNPlcqMT4aGKogt1c.mft
rsync://rpki.ripe.net/repository/DEFAULT/c2Na428t9PaNPlcqMT4aGKogt1c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:bd:27:8a:a5:29:dc:bd:06:15:b2:f2:49:e2:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73635ae36f2df4f68d3e572a313e1a18aa20b757
Validity
Not Before: Jan 1 04:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea664dd670b09bcced5b83147a351b808a08c22e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:8b:a1:b4:1f:96:40:64:c5:84:3d:80:08:77:
67:f4:b6:25:2c:af:ed:7b:63:41:2d:84:23:58:fb:
73:90:79:ee:da:f8:fe:87:50:71:c3:da:b5:e6:2d:
c7:83:ce:73:80:af:b5:d2:49:af:77:1c:fe:a2:57:
bc:c2:cd:d1:05:69:7b:9c:c6:ff:4c:18:35:68:18:
cf:56:58:ff:08:bb:ff:b3:0e:f3:4b:a0:43:03:dd:
5d:19:e3:23:16:8b:31:4b:07:b3:7f:cd:4f:db:a1:
a9:b3:fc:9b:72:42:30:ca:94:d2:d4:52:7b:71:40:
61:50:44:f1:72:b7:bc:70:b0:df:59:ea:09:32:15:
6f:be:86:a2:4a:90:28:c8:19:ec:2b:40:be:20:69:
f7:62:47:c8:f1:17:ba:a8:de:89:a9:7a:d9:de:d5:
0f:07:e4:7c:44:3f:be:f0:e6:a4:85:e0:5b:bb:40:
e5:22:97:5a:9f:ef:24:ab:99:8f:4d:bf:46:f3:2b:
67:07:de:bc:87:71:c1:d1:ce:0e:88:28:6c:b2:88:
46:83:28:18:00:8d:b6:e9:a8:78:28:aa:a3:15:a0:
54:f8:ad:3d:ce:55:d3:dd:9b:26:7d:5b:68:9e:28:
08:ee:2d:12:05:f6:da:8e:be:37:dd:2e:98:e4:57:
0e:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:66:4D:D6:70:B0:9B:CC:ED:5B:83:14:7A:35:1B:80:8A:08:C2:2E
X509v3 Authority Key Identifier:
keyid:73:63:5A:E3:6F:2D:F4:F6:8D:3E:57:2A:31:3E:1A:18:AA:20:B7:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2Na428t9PaNPlcqMT4aGKogt1c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/c0d281-d40d-40e0-93ea-5bae375cf85a/1/6mZN1nCwm8ztW4MUejUbgIoIwi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/c0d281-d40d-40e0-93ea-5bae375cf85a/1/c2Na428t9PaNPlcqMT4aGKogt1c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.84.0.0/16
158.112.0.0/16
185.155.24.0/22
IPv6:
2a02:27b8:1::/48
2a02:27b8:1111::-2a02:27b8:1112:ffff:ffff:ffff:ffff:ffff
2a02:27b8:2000::/48
2a02:27b8:2002::-2a02:27b8:2004:ffff:ffff:ffff:ffff:ffff
2a02:27b8:4000::/48
2a02:27ba:4000::/34
Signature Algorithm: sha256WithRSAEncryption
14:5c:91:6c:d9:ae:4b:32:fa:86:ec:22:b1:24:59:32:21:d5:
e1:78:4d:ea:ec:e1:7e:64:1a:ba:ff:67:91:4c:28:f2:ed:b2:
90:69:39:8b:33:e8:ac:d8:34:ab:37:79:e7:a3:e9:1f:9b:ac:
3b:2b:92:cb:0b:5e:73:f2:08:d9:b7:cc:2c:f4:41:1f:fc:19:
94:0e:0d:eb:a1:66:49:58:71:8f:74:64:e0:12:b6:22:a0:c7:
5c:cb:7d:17:26:b4:0c:43:f2:24:be:a9:46:93:3e:3b:7a:76:
78:b8:49:8e:97:c6:ee:bc:79:b5:f6:d3:0b:50:ec:2b:2e:ff:
8a:57:c8:c6:3a:e4:27:98:a7:31:ee:e7:19:cd:53:0b:85:a4:
cc:46:be:34:d4:97:65:c7:50:f8:84:3d:9f:d7:84:7b:61:d5:
25:8b:35:46:90:30:94:21:ba:6a:b3:37:0a:fd:1c:4f:e9:9e:
bf:f9:4a:0c:24:e0:34:09:30:fc:5d:9c:99:b4:95:de:3a:f3:
27:85:dc:ea:e3:60:45:12:00:12:f3:99:7d:22:94:9d:36:53:
9c:57:f8:d5:57:ca:71:64:a8:95:a5:3a:0d:df:03:f9:29:7e:
cc:c8:25:43:c2:51:c2:ff:bb:b3:a3:f7:d0:87:84:a5:fe:08:
35:4b:e2:07
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAYzDSL0niqUp3L0GFbLySeKRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczNjM1YWUzNmYyZGY0ZjY4ZDNlNTcyYTMxM2UxYTE4YWEy
MGI3NTcwHhcNMjQwMTAxMDQyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTY2NGRkNjcwYjA5YmNjZWQ1YjgzMTQ3YTM1MWI4MDhhMDhjMjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYuhtB+WQGTFhD2ACHdn9LYlLK/t
e2NBLYQjWPtzkHnu2vj+h1Bxw9q15i3Hg85zgK+10kmvdxz+ole8ws3RBWl7nMb/
TBg1aBjPVlj/CLv/sw7zS6BDA91dGeMjFosxSwezf81P26Gps/ybckIwypTS1FJ7
cUBhUETxcre8cLDfWeoJMhVvvoaiSpAoyBnsK0C+IGn3YkfI8Re6qN6JqXrZ3tUP
B+R8RD++8OakheBbu0DlIpdan+8kq5mPTb9G8ytnB968h3HB0c4OiChssohGgygY
AI226ah4KKqjFaBU+K09zlXT3ZsmfVtonigI7i0SBfbajr433S6Y5FcOKQIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFOpmTdZwsJvM7VuDFHo1G4CKCMIuMB8GA1UdIwQY
MBaAFHNjWuNvLfT2jT5XKjE+GhiqILdXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzJOYTQyOHQ5UGFOUGxjcU1UNGFHS29ndDFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9jMGQyODEtZDQwZC00MGUwLTkzZWEt
NWJhZTM3NWNmODVhLzEvNm1aTjFuQ3dtOHp0VzRNVWVqVWJnSW9Jd2k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9jMGQyODEtZDQwZC00MGUwLTkzZWEtNWJhZTM3NWNmODVh
LzEvYzJOYTQyOHQ5UGFOUGxjcU1UNGFHS29ndDFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazAWBAIAATAQAwMAkFQDAwCe
cAMEArmbGDBRBAIAAjBLAwcAKgInuAABMBIDBwAqAie4EREDBwAqAie4ERIDBwAq
Aie4IAAwEgMHASoCJ7ggAgMHACoCJ7ggBAMHACoCJ7hAAAMGBioCJ7pAMA0GCSqG
SIb3DQEBCwUAA4IBAQAUXJFs2a5LMvqG7CKxJFkyIdXheE3q7OF+ZBq6/2eRTCjy
7bKQaTmLM+is2DSrN3nno+kfm6w7K5LLC15z8gjZt8ws9EEf/BmUDg3roWZJWHGP
dGTgErYioMdcy30XJrQMQ/IkvqlGkz47enZ4uEmOl8buvHm19tMLUOwrLv+KV8jG
OuQnmKcx7ucZzVMLhaTMRr401Jdlx1D4hD2f14R7YdUlizVGkDCUIbpqszcK/RxP
6Z6/+UoMJOA0CTD8XZyZtJXeOvMnhdzq42BFEgAS85l9IpSdNlOcV/jVV8pxZKiV
pToN3wP5KX7MyCVDwlHC/7uzo/fQh4Sl/gg1S+IH
-----END CERTIFICATE-----
Generated at Sat Jun 1 21:43:30 2024 by rpki-client on console-ams.rpki-client.org