Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS6939.roa
File: AS6939.roa (raw, json)
Hash identifier: uwdOfRgniBjtcTBrtXRlur7xu4ayMO+ob/AEv5zN/Gw=
Subject key identifier: 2E:10:13:C2:3F:31:B2:11:88:E1:5A:63:FE:D1:EC:E1:4B:45:B7:63
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 673C8752C5B21A1BE3A1101E58B59E8769158478
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS6939.roa
Signing time: Thu 21 Nov 2024 12:35:22 +0000
ROA not before: Thu 21 Nov 2024 12:30:22 +0000
ROA not after: Thu 20 Nov 2025 12:35:22 +0000
asID: 6939
IP address blocks: 96.62.134.0/23 maxlen: 24
96.62.148.0/23 maxlen: 24
96.62.164.0/23 maxlen: 24
96.62.166.0/23 maxlen: 24
96.62.244.0/23 maxlen: 24
96.62.252.0/23 maxlen: 24
145.223.68.0/23 maxlen: 24
145.223.70.0/23 maxlen: 24
150.241.146.0/23 maxlen: 24
150.241.148.0/23 maxlen: 24
150.241.150.0/23 maxlen: 24
150.241.152.0/23 maxlen: 24
150.241.154.0/23 maxlen: 24
150.241.156.0/23 maxlen: 24
150.241.158.0/23 maxlen: 24
150.241.160.0/23 maxlen: 24
150.241.162.0/23 maxlen: 24
150.241.164.0/23 maxlen: 24
150.241.166.0/23 maxlen: 24
150.241.168.0/23 maxlen: 24
150.241.170.0/23 maxlen: 24
150.241.172.0/23 maxlen: 24
150.241.174.0/23 maxlen: 24
150.241.176.0/23 maxlen: 24
150.241.178.0/23 maxlen: 24
150.241.180.0/23 maxlen: 24
150.241.182.0/23 maxlen: 24
150.241.184.0/23 maxlen: 24
150.241.186.0/23 maxlen: 24
150.241.188.0/23 maxlen: 24
150.241.190.0/23 maxlen: 24
150.241.192.0/23 maxlen: 24
150.241.194.0/23 maxlen: 24
150.241.196.0/23 maxlen: 24
150.241.198.0/23 maxlen: 24
150.241.200.0/23 maxlen: 24
150.241.202.0/23 maxlen: 24
150.241.204.0/23 maxlen: 24
150.241.206.0/23 maxlen: 24
150.241.208.0/23 maxlen: 24
150.241.210.0/23 maxlen: 24
150.241.212.0/23 maxlen: 24
150.241.214.0/23 maxlen: 24
150.241.216.0/23 maxlen: 24
150.241.218.0/23 maxlen: 24
150.241.220.0/23 maxlen: 24
150.241.222.0/23 maxlen: 24
150.241.224.0/23 maxlen: 24
150.241.226.0/23 maxlen: 24
150.241.228.0/23 maxlen: 24
150.241.230.0/23 maxlen: 24
150.241.232.0/23 maxlen: 24
150.241.234.0/23 maxlen: 24
150.241.236.0/23 maxlen: 24
150.241.238.0/23 maxlen: 24
150.241.240.0/23 maxlen: 24
150.241.242.0/23 maxlen: 24
150.241.244.0/23 maxlen: 24
150.241.246.0/23 maxlen: 24
150.241.248.0/23 maxlen: 24
150.241.250.0/23 maxlen: 24
150.241.252.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:3c:87:52:c5:b2:1a:1b:e3:a1:10:1e:58:b5:9e:87:69:15:84:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Nov 21 12:30:22 2024 GMT
Not After : Nov 20 12:35:22 2025 GMT
Subject: CN=2E1013C23F31B21188E15A63FED1ECE14B45B763
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:30:3f:fa:2c:d8:7b:99:8b:28:24:ef:b0:6c:
7a:05:42:3e:54:41:cd:af:02:43:a7:af:11:ee:35:
dd:af:58:d9:b3:7e:e9:0c:3a:aa:4e:91:c0:23:13:
31:95:d0:65:5f:e8:4d:b7:8a:97:e3:78:eb:0d:71:
67:dd:10:81:37:73:96:17:d4:51:20:74:c7:b5:8a:
06:1a:58:20:f1:6a:44:a6:ad:45:4c:79:74:e6:f7:
ca:9d:04:c1:16:4f:fe:b4:ed:52:7a:e6:9c:44:e9:
c7:3a:a3:43:bc:68:1e:9e:cc:cb:cb:36:63:7b:e1:
5b:7a:65:02:e0:b9:68:8a:b0:5e:cd:aa:59:63:99:
69:2e:60:f8:16:e3:06:6c:f7:c4:b8:cc:03:5e:38:
bb:e7:7f:dc:33:ca:1d:71:75:61:26:1d:c8:f2:c3:
2f:bf:8f:ce:0d:b3:e8:b2:c2:88:6b:66:98:2f:87:
32:09:07:07:10:dc:98:e4:10:7e:ef:b6:44:05:62:
06:ea:bd:75:3d:71:93:73:96:e5:47:36:62:9d:7a:
9e:b3:0b:b6:bd:a1:cc:ca:8d:8f:4b:a5:bf:af:bb:
32:0c:9f:f7:e1:ce:6a:b8:94:f4:0d:c9:e8:8c:2c:
d4:77:de:b4:e0:b2:bc:a8:54:5b:76:52:73:7b:5f:
9d:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:10:13:C2:3F:31:B2:11:88:E1:5A:63:FE:D1:EC:E1:4B:45:B7:63
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS6939.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.134.0/23
96.62.148.0/23
96.62.164.0/22
96.62.244.0/23
96.62.252.0/23
145.223.68.0/22
150.241.146.0-150.241.253.255
Signature Algorithm: sha256WithRSAEncryption
20:fa:fa:36:aa:7d:2a:5f:9b:36:26:16:bf:25:21:83:02:f3:
7e:15:60:fc:f1:75:2d:5f:d5:14:35:dc:46:ab:f5:df:b4:41:
85:c5:2e:88:30:a6:76:23:31:0e:f8:18:ad:f5:ee:e4:c0:4b:
70:85:9a:79:45:f1:47:6f:4d:cf:e6:82:c9:49:4b:fa:a9:c2:
f0:56:10:e0:5b:a9:d2:3c:a5:1a:f3:fb:a6:48:da:86:67:82:
e0:fd:ee:89:c0:5f:26:34:c9:3f:5d:a7:a8:12:ee:db:72:7d:
df:ea:ef:d5:17:90:29:1a:d5:c8:5e:24:e7:b5:2b:be:a2:b2:
6c:49:d8:07:18:a8:a4:37:50:6a:4a:37:e1:dc:18:5c:65:2b:
14:a1:91:fc:d7:dd:70:d6:5d:14:c5:02:c3:e3:a6:dd:4d:21:
75:5d:14:ed:25:26:50:0a:fe:1d:3a:32:cf:df:66:77:cf:50:
71:ca:80:b2:74:bc:9d:de:f3:18:94:e4:66:8d:c2:0a:82:9f:
c1:01:97:24:f2:4f:17:fc:46:f0:de:29:ab:ed:40:1c:9f:2a:
d0:fa:96:07:64:89:d8:36:85:a9:92:07:27:d2:c9:00:61:fc:
21:b4:f6:98:dd:06:49:3c:c4:69:78:91:36:ee:73:e3:fb:35:
63:38:f3:a8
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUZzyHUsWyGhvjoRAeWLWeh2kVhHgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDExMjExMjMwMjJaFw0yNTExMjAxMjM1MjJaMDMxMTAvBgNV
BAMTKDJFMTAxM0MyM0YzMUIyMTE4OEUxNUE2M0ZFRDFFQ0UxNEI0NUI3NjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5MD/6LNh7mYsoJO+wbHoFQj5U
Qc2vAkOnrxHuNd2vWNmzfukMOqpOkcAjEzGV0GVf6E23ipfjeOsNcWfdEIE3c5YX
1FEgdMe1igYaWCDxakSmrUVMeXTm98qdBMEWT/607VJ65pxE6cc6o0O8aB6ezMvL
NmN74Vt6ZQLguWiKsF7NqlljmWkuYPgW4wZs98S4zANeOLvnf9wzyh1xdWEmHcjy
wy+/j84Ns+iywohrZpgvhzIJBwcQ3JjkEH7vtkQFYgbqvXU9cZNzluVHNmKdep6z
C7a9oczKjY9Lpb+vuzIMn/fhzmq4lPQNyeiMLNR33rTgsryoVFt2UnN7X50tAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQULhATwj8xshGI4Vpj/tHs4UtFt2MwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNjkzOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBLBggrBgEFBQcBBwEB/wQ8MDowOAQCAAEwMgMEAWA+hgME
AWA+lAMEAmA+pAMEAWA+9AMEAWA+/AMEApHfRDAMAwQBlvGSAwQBlvH8MA0GCSqG
SIb3DQEBCwUAA4IBAQAg+vo2qn0qX5s2Jha/JSGDAvN+FWD88XUtX9UUNdxGq/Xf
tEGFxS6IMKZ2IzEO+Bit9e7kwEtwhZp5RfFHb03P5oLJSUv6qcLwVhDgW6nSPKUa
8/umSNqGZ4Lg/e6JwF8mNMk/XaeoEu7bcn3f6u/VF5ApGtXIXiTntSu+orJsSdgH
GKikN1BqSjfh3BhcZSsUoZH8191w1l0UxQLD46bdTSF1XRTtJSZQCv4dOjLP32Z3
z1BxyoCydLyd3vMYlORmjcIKgp/BAZck8k8X/Ebw3imr7UAcnyrQ+pYHZInYNoWp
kgcn0skAYfwhtPaY3QZJPMRpeJE27nPj+zVjOPOo
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:14:19 2024 by rpki-client on console-ams.rpki-client.org