Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/A6MxQG6USdUk1YplcQZxkdZVGaY.roa
File: A6MxQG6USdUk1YplcQZxkdZVGaY.roa (raw, json)
Hash identifier: Xmjcj9REXPTax0fBnA+Pj70zsuBWJznWEPG9mSnMyA8=
Subject key identifier: 03:A3:31:40:6E:94:49:D5:24:D5:8A:65:71:06:71:91:D6:55:19:A6
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 018FDD5935CE680ED7FE36A081A33BB59278
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/A6MxQG6USdUk1YplcQZxkdZVGaY.roa
Signing time: Mon 03 Jun 2024 09:06:02 +0000
ROA not before: Mon 03 Jun 2024 09:06:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215211
IP address blocks: 151.247.207.0/24 maxlen: 24
2a0e:5:a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.mft
rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:dd:59:35:ce:68:0e:d7:fe:36:a0:81:a3:3b:b5:92:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Jun 3 09:06:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03a331406e9449d524d58a6571067191d65519a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:26:54:8c:8a:43:69:fa:be:f2:ba:4f:97:cb:
98:4e:59:4d:48:2c:74:cb:82:ad:62:22:d0:89:77:
16:48:2d:f4:50:63:ab:56:04:a7:ed:1b:c2:02:a7:
b3:e6:d2:c2:fa:bd:05:0c:e8:c6:a3:46:1f:21:80:
96:c5:d7:96:d3:4e:d6:02:a6:ec:de:88:d3:77:35:
f3:04:54:73:91:a9:d9:ec:1a:2d:9d:89:f8:c2:ff:
fd:7f:71:fc:39:6f:ac:09:1c:78:3e:d5:9f:8c:2d:
e5:46:41:3e:89:a9:bf:65:9f:53:7c:1e:b9:da:b3:
37:ed:51:15:b1:56:db:3a:06:71:4a:f8:8d:b2:cb:
1c:d0:21:3a:09:56:eb:77:99:b3:64:05:36:09:f8:
d1:c8:01:cd:4b:0c:1b:c8:de:9e:b3:40:52:61:fc:
5d:10:eb:bc:09:d0:5c:7d:ce:45:79:11:dd:c3:be:
39:b4:c5:b2:c4:4f:1e:8a:ff:4a:5c:01:bb:0b:c4:
91:bb:36:c0:2b:38:20:a5:7e:fc:9c:b4:83:5b:18:
ca:e1:39:3c:61:9c:97:8c:8b:f2:15:fa:6f:6f:ca:
0e:fc:6a:e7:b8:94:a8:a2:41:1e:5c:1b:4d:fa:12:
a7:2c:17:05:68:89:0c:15:a9:95:3d:08:96:79:c5:
be:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:A3:31:40:6E:94:49:D5:24:D5:8A:65:71:06:71:91:D6:55:19:A6
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/A6MxQG6USdUk1YplcQZxkdZVGaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.247.207.0/24
IPv6:
2a0e:5:a::/48
Signature Algorithm: sha256WithRSAEncryption
0e:6a:89:b2:2d:d2:d5:47:be:af:1e:35:39:6d:4f:d1:e1:99:
8b:f7:2f:b3:fc:2a:1a:40:1d:4b:2b:ca:30:48:5a:05:0d:eb:
4b:de:7d:b0:a5:f1:63:bf:82:d2:aa:c5:c8:9c:50:0d:77:90:
c4:0a:c0:33:0b:55:27:54:5d:d0:86:48:38:9c:f8:bc:d5:66:
76:4c:ef:c9:a9:26:63:27:47:04:de:06:42:ec:07:14:37:2d:
43:4f:41:2f:41:c4:b6:0d:33:65:14:0c:30:f1:d2:c4:92:b0:
c2:e4:e0:5b:43:90:c4:ab:4a:47:e7:a3:e5:03:3a:42:f2:84:
ca:e0:ee:95:96:96:65:29:7b:6d:76:aa:5e:3d:55:a3:6e:3a:
fc:80:e7:d3:c8:13:e5:87:59:ae:b1:f9:63:48:6f:43:ee:02:
c2:c3:02:50:9c:fb:f0:20:48:4a:86:cd:f5:e0:76:99:99:a3:
41:9e:ab:b4:67:2a:6b:b7:e9:bd:b5:30:2f:a9:9e:45:70:b3:
46:f4:97:b6:62:05:bd:76:d2:ed:01:a7:a5:3b:9c:cd:b2:b4:
41:72:a6:f0:87:5c:bc:af:fb:26:10:11:44:5e:d1:e6:43:fc:
46:4c:13:c3:d2:b3:68:f5:6b:07:28:b2:9e:ed:64:48:d9:77:
39:98:2b:10
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/dWTXOaA7X/jaggaM7tZJ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjQwNjAzMDkwNjAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2EzMzE0MDZlOTQ0OWQ1MjRkNThhNjU3MTA2NzE5MWQ2NTUxOWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiZUjIpDafq+8rpPl8uYTllNSCx0
y4KtYiLQiXcWSC30UGOrVgSn7RvCAqez5tLC+r0FDOjGo0YfIYCWxdeW007WAqbs
3ojTdzXzBFRzkanZ7BotnYn4wv/9f3H8OW+sCRx4PtWfjC3lRkE+iam/ZZ9TfB65
2rM37VEVsVbbOgZxSviNsssc0CE6CVbrd5mzZAU2CfjRyAHNSwwbyN6es0BSYfxd
EOu8CdBcfc5FeRHdw745tMWyxE8eiv9KXAG7C8SRuzbAKzggpX78nLSDWxjK4Tk8
YZyXjIvyFfpvb8oO/GrnuJSookEeXBtN+hKnLBcFaIkMFamVPQiWecW+4wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAOjMUBulEnVJNWKZXEGcZHWVRmmMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvQTZNeFFHNlVTZFVrMVlwbGNRWnhrZFpWR2FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAl/fPMA8E
AgACMAkDBwAqDgAFAAowDQYJKoZIhvcNAQELBQADggEBAA5qibIt0tVHvq8eNTlt
T9HhmYv3L7P8KhpAHUsryjBIWgUN60vefbCl8WO/gtKqxcicUA13kMQKwDMLVSdU
XdCGSDic+LzVZnZM78mpJmMnRwTeBkLsBxQ3LUNPQS9BxLYNM2UUDDDx0sSSsMLk
4FtDkMSrSkfno+UDOkLyhMrg7pWWlmUpe212ql49VaNuOvyA59PIE+WHWa6x+WNI
b0PuAsLDAlCc+/AgSEqGzfXgdpmZo0Geq7RnKmu36b21MC+pnkVws0b0l7ZiBb12
0u0Bp6U7nM2ytEFypvCHXLyv+yYQEURe0eZD/EZME8PSs2j1awcosp7tZEjZdzmY
KxA=
-----END CERTIFICATE-----
Generated at Tue Jun 18 08:33:52 2024 by rpki-client on console.sobornost.net