Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS6939.roa
File: AS6939.roa (raw, json)
Hash identifier: T9xb5pS1HTLs3kix+HS5FpQKZ8aNVNiPrWiNwPwRXgA=
Subject key identifier: BA:E5:2E:DE:FC:CF:BC:42:11:DF:0B:1D:7A:0F:AD:A3:64:A5:99:AA
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 2CEF53FECD769BB77AAC48CFA71CB3EE2CA13DD9
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS6939.roa
Signing time: Wed 15 Jan 2025 16:37:18 +0000
ROA not before: Wed 15 Jan 2025 16:32:18 +0000
ROA not after: Wed 14 Jan 2026 16:37:18 +0000
asID: 6939
IP address blocks: 83.171.244.0/22 maxlen: 22
85.8.144.0/22 maxlen: 22
139.28.212.0/22 maxlen: 22
212.87.196.0/22 maxlen: 22
212.115.100.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:ef:53:fe:cd:76:9b:b7:7a:ac:48:cf:a7:1c:b3:ee:2c:a1:3d:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Jan 15 16:32:18 2025 GMT
Not After : Jan 14 16:37:18 2026 GMT
Subject: CN=BAE52EDEFCCFBC4211DF0B1D7A0FADA364A599AA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:30:fb:23:61:64:75:83:e0:fb:68:f6:05:68:
64:3a:fc:c8:3d:f9:f6:92:27:f6:15:b7:6a:2d:55:
79:ba:5b:65:99:e8:f8:bc:3e:f1:3c:b0:4d:04:75:
6e:df:96:a3:29:e5:84:92:72:72:f8:9a:d4:10:eb:
ea:5f:a5:9c:ba:b1:1b:ab:f2:40:38:5d:10:bb:5e:
23:d3:75:a7:92:3a:d4:b8:d3:c5:69:a2:c0:42:60:
18:51:21:95:58:99:71:1e:9b:60:19:5f:ce:f1:08:
87:9f:4a:05:60:bd:02:d5:98:32:f0:cb:6b:05:92:
ce:1f:74:c0:dc:09:b3:39:e2:c3:69:cb:1c:a7:26:
9d:ca:e3:d3:a8:75:de:f9:aa:ec:ca:6c:82:44:79:
ec:f5:5f:25:6a:4c:8e:b2:08:b1:f0:e4:71:ea:11:
38:80:52:b6:f1:fd:85:0c:af:2d:ec:dc:43:4a:96:
5d:ea:84:cc:b4:aa:c5:f0:b1:f7:b6:5a:73:20:e7:
c2:1b:81:2d:a5:d9:b0:4a:e6:cb:fe:cb:5b:f6:28:
c1:ff:67:87:89:cb:d7:a0:b7:22:4a:ab:8d:b0:96:
7f:cc:2b:78:08:ed:0a:eb:0a:a0:5b:22:b6:e9:2e:
8c:08:5a:bf:31:b0:5a:6a:11:0a:ce:9b:6f:ee:91:
53:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:E5:2E:DE:FC:CF:BC:42:11:DF:0B:1D:7A:0F:AD:A3:64:A5:99:AA
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS6939.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.171.244.0/22
85.8.144.0/22
139.28.212.0/22
212.87.196.0/22
212.115.100.0/22
Signature Algorithm: sha256WithRSAEncryption
91:9d:24:37:92:4d:b6:d1:ae:4c:b0:6d:9c:72:87:c0:c7:7d:
c6:9c:70:24:9b:47:94:d8:39:e6:65:66:ee:93:ee:e5:18:df:
f1:ad:57:9d:db:06:70:aa:96:00:e9:ef:7c:b4:9d:b0:a5:6d:
24:8d:bc:55:c5:89:bf:fd:18:2a:fc:e8:18:e6:28:bb:22:ca:
b7:9e:06:f4:98:17:92:63:57:f7:b1:fc:da:72:3a:8c:b0:ea:
62:f7:f5:be:06:b0:48:e2:94:eb:1e:dd:d6:5b:0e:bf:e0:ee:
d9:a7:21:82:42:67:1a:9c:76:7f:67:cd:14:c1:fa:31:b4:25:
dc:7d:92:ac:36:ea:14:d2:81:9a:c3:38:84:2c:1e:64:32:bd:
1a:6d:0c:28:0f:b3:e4:7c:ae:a2:5d:43:63:3d:c4:9a:42:9c:
bf:ae:8d:79:a6:1b:d6:6f:8e:6d:01:4e:df:81:79:49:33:38:
2e:2a:f7:d5:90:0e:09:09:9f:af:f5:e6:4f:68:68:59:b3:17:
3e:72:8d:7c:46:88:5d:e9:5d:bc:03:ac:55:5d:5a:b8:25:92:
d8:af:16:5b:b5:8a:f8:d7:aa:c5:f0:76:1e:1f:82:f2:fe:23:
4d:3d:3b:36:ad:53:71:c0:c1:5d:9b:74:a2:a0:44:a6:10:a8:
03:8f:d5:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIULO9T/s12m7d6rEjPpxyz7iyhPdkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTAxMTUxNjMyMThaFw0yNjAxMTQxNjM3MThaMDMxMTAvBgNV
BAMTKEJBRTUyRURFRkNDRkJDNDIxMURGMEIxRDdBMEZBREEzNjRBNTk5QUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwMPsjYWR1g+D7aPYFaGQ6/Mg9
+faSJ/YVt2otVXm6W2WZ6Pi8PvE8sE0EdW7flqMp5YSScnL4mtQQ6+pfpZy6sRur
8kA4XRC7XiPTdaeSOtS408VposBCYBhRIZVYmXEem2AZX87xCIefSgVgvQLVmDLw
y2sFks4fdMDcCbM54sNpyxynJp3K49Oodd75quzKbIJEeez1XyVqTI6yCLHw5HHq
ETiAUrbx/YUMry3s3ENKll3qhMy0qsXwsfe2WnMg58IbgS2l2bBK5sv+y1v2KMH/
Z4eJy9egtyJKq42wln/MK3gI7QrrCqBbIrbpLowIWr8xsFpqEQrOm2/ukVMRAgMB
AAGjggIgMIICHDAdBgNVHQ4EFgQUuuUu3vzPvEIR3wsdeg+to2SlmaowHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTNjkzOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAlOr9AME
AlUIkAMEAosc1AMEAtRXxAMEAtRzZDANBgkqhkiG9w0BAQsFAAOCAQEAkZ0kN5JN
ttGuTLBtnHKHwMd9xpxwJJtHlNg55mVm7pPu5Rjf8a1XndsGcKqWAOnvfLSdsKVt
JI28VcWJv/0YKvzoGOYouyLKt54G9JgXkmNX97H82nI6jLDqYvf1vgawSOKU6x7d
1lsOv+Du2achgkJnGpx2f2fNFMH6MbQl3H2SrDbqFNKBmsM4hCweZDK9Gm0MKA+z
5Hyuol1DYz3EmkKcv66NeaYb1m+ObQFO34F5STM4Lir31ZAOCQmfr/XmT2hoWbMX
PnKNfEaIXeldvAOsVV1auCWS2K8WW7WK+NeqxfB2Hh+C8v4jTT07Nq1TccDBXZt0
oqBEphCoA4/VjA==
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:50:24 2025 by rpki-client