Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/4ef4a9-6d96-4989-9c81-d92e68dfffe4/1/J6am81ugRYDcGUk08I145PVvlIY.roa
File: J6am81ugRYDcGUk08I145PVvlIY.roa (raw, json)
Hash identifier: hXrpUsLyAupdPZv7FtOjOrI3fXE5YGvliTDGPQnQVbg=
Subject key identifier: 27:A6:A6:F3:5B:A0:45:80:DC:19:49:34:F0:8D:78:E4:F5:6F:94:86
Certificate issuer: /CN=61b866e323382caea961e7d2423e53cab5099131
Certificate serial: 018F80C7260C1004809DC4F02EA34C897888
Authority key identifier: 61:B8:66:E3:23:38:2C:AE:A9:61:E7:D2:42:3E:53:CA:B5:09:91:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ybhm4yM4LK6pYefSQj5TyrUJkTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/4ef4a9-6d96-4989-9c81-d92e68dfffe4/1/J6am81ugRYDcGUk08I145PVvlIY.roa
Signing time: Thu 16 May 2024 09:41:25 +0000
ROA not before: Thu 16 May 2024 09:41:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 185.111.52.0/24 maxlen: 24
185.111.53.0/24 maxlen: 24
185.111.54.0/24 maxlen: 24
185.111.55.0/24 maxlen: 24
185.111.56.0/24 maxlen: 24
185.111.57.0/24 maxlen: 24
185.111.58.0/24 maxlen: 24
185.111.59.0/24 maxlen: 24
185.112.16.0/24 maxlen: 24
185.112.17.0/24 maxlen: 24
185.112.18.0/24 maxlen: 24
185.112.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/4ef4a9-6d96-4989-9c81-d92e68dfffe4/1/Ybhm4yM4LK6pYefSQj5TyrUJkTE.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/4ef4a9-6d96-4989-9c81-d92e68dfffe4/1/Ybhm4yM4LK6pYefSQj5TyrUJkTE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ybhm4yM4LK6pYefSQj5TyrUJkTE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 21:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:80:c7:26:0c:10:04:80:9d:c4:f0:2e:a3:4c:89:78:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b866e323382caea961e7d2423e53cab5099131
Validity
Not Before: May 16 09:41:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=27a6a6f35ba04580dc194934f08d78e4f56f9486
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:fa:70:87:8d:19:f0:5a:71:21:9f:2d:01:c2:
5b:d7:ec:37:b7:70:c7:fd:66:b5:e0:dd:f9:fd:a8:
fc:64:73:d7:29:40:1f:4d:94:91:2d:0f:b1:eb:83:
9f:cb:c0:e5:20:04:46:c4:d8:a4:03:8c:e1:e0:83:
8a:53:ca:c4:b8:54:06:30:88:16:43:f5:1c:1e:29:
d2:6a:b9:bb:7f:69:9b:9a:57:34:40:7f:d2:9b:24:
cd:80:4f:6c:39:b8:57:bf:c4:b9:a2:96:5f:93:68:
a7:c4:a2:76:51:e9:78:ca:2b:1e:e0:47:db:46:04:
28:11:54:4b:ec:2e:cb:28:5a:fb:53:46:91:83:20:
54:0b:32:3a:0c:95:0c:a5:27:9d:c0:cb:d2:99:7c:
f7:49:40:0a:92:37:79:67:f6:aa:0e:93:9b:1c:e7:
fe:43:05:a1:8b:f7:30:f5:16:d7:b2:05:b9:68:80:
e7:34:69:d9:13:e6:64:22:de:02:43:13:eb:b5:65:
53:ae:c4:33:98:dd:b5:91:ad:51:f2:0b:52:6a:b5:
2e:f6:5f:a3:13:bf:f2:31:33:6e:6c:81:b3:49:62:
48:bc:14:1c:21:90:38:8c:01:f9:51:ac:08:ad:40:
1c:db:6d:ce:3b:11:36:82:07:73:bc:13:46:fe:55:
bd:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:A6:A6:F3:5B:A0:45:80:DC:19:49:34:F0:8D:78:E4:F5:6F:94:86
X509v3 Authority Key Identifier:
keyid:61:B8:66:E3:23:38:2C:AE:A9:61:E7:D2:42:3E:53:CA:B5:09:91:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ybhm4yM4LK6pYefSQj5TyrUJkTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/4ef4a9-6d96-4989-9c81-d92e68dfffe4/1/J6am81ugRYDcGUk08I145PVvlIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/4ef4a9-6d96-4989-9c81-d92e68dfffe4/1/Ybhm4yM4LK6pYefSQj5TyrUJkTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.52.0-185.111.59.255
185.112.16.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:29:76:ce:75:5f:02:9a:a1:5b:2f:fa:34:e9:08:61:2a:de:
f1:d8:09:bf:f5:e3:cc:98:b5:58:98:cf:02:22:20:ee:21:0e:
6d:14:8d:f9:f6:fa:9e:27:cf:37:10:65:1f:d5:a9:40:d5:d5:
fa:36:81:00:13:4d:ab:5a:fc:e1:39:5e:d4:cb:d7:fb:d8:d1:
c8:f6:9a:e4:d0:1a:3f:4a:85:ed:66:fc:0e:9f:8e:89:5d:a9:
f3:b4:7a:60:ae:f8:5e:84:1f:fe:a9:be:15:c5:e5:59:88:0e:
d9:2d:4b:45:c7:1c:86:9c:35:23:1b:76:2e:45:a7:c2:62:e6:
76:1f:c1:d5:c6:d1:10:9c:91:dd:ad:63:b9:ac:30:d4:c6:5f:
29:b3:7a:6b:fd:50:13:ec:07:33:5d:ad:77:e9:af:62:bb:37:
79:0d:72:45:ac:05:cd:6f:20:09:8f:01:1e:0b:4e:20:75:fc:
65:f6:14:ab:43:38:2d:b0:3f:ce:de:9e:a3:87:e1:6e:48:03:
b3:f1:bc:2b:f5:8e:22:6b:c5:b9:c5:00:84:37:b7:0e:77:a4:
55:65:3c:c6:03:b6:9e:8d:cb:93:c5:7b:ed:9e:87:7a:f0:25:
8d:5f:93:58:58:7c:b9:7c:11:06:3e:39:9a:7c:5f:12:56:9b:
f3:e8:ca:f1
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY+AxyYMEASAncTwLqNMiXiIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYjg2NmUzMjMzODJjYWVhOTYxZTdkMjQyM2U1M2NhYjUw
OTkxMzEwHhcNMjQwNTE2MDk0MTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2E2YTZmMzViYTA0NTgwZGMxOTQ5MzRmMDhkNzhlNGY1NmY5NDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvpwh40Z8FpxIZ8tAcJb1+w3t3DH
/Wa14N35/aj8ZHPXKUAfTZSRLQ+x64Ofy8DlIARGxNikA4zh4IOKU8rEuFQGMIgW
Q/UcHinSarm7f2mbmlc0QH/SmyTNgE9sObhXv8S5opZfk2inxKJ2Uel4yise4Efb
RgQoEVRL7C7LKFr7U0aRgyBUCzI6DJUMpSedwMvSmXz3SUAKkjd5Z/aqDpObHOf+
QwWhi/cw9RbXsgW5aIDnNGnZE+ZkIt4CQxPrtWVTrsQzmN21ka1R8gtSarUu9l+j
E7/yMTNubIGzSWJIvBQcIZA4jAH5UawIrUAc223OOxE2ggdzvBNG/lW9lQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCempvNboEWA3BlJNPCNeOT1b5SGMB8GA1UdIwQY
MBaAFGG4ZuMjOCyuqWHn0kI+U8q1CZExMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWJobTR5TTRMSzZwWWVmU1FqNVR5clVKa1RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS80ZWY0YTktNmQ5Ni00OTg5LTljODEt
ZDkyZTY4ZGZmZmU0LzEvSjZhbTgxdWdSWURjR1VrMDhJMTQ1UFZ2bElZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS80ZWY0YTktNmQ5Ni00OTg5LTljODEtZDkyZTY4ZGZmZmU0
LzEvWWJobTR5TTRMSzZwWWVmU1FqNVR5clVKa1RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAK5bzQD
BAK5bzgDBAK5cBAwDQYJKoZIhvcNAQELBQADggEBACopds51XwKaoVsv+jTpCGEq
3vHYCb/148yYtViYzwIiIO4hDm0Ujfn2+p4nzzcQZR/VqUDV1fo2gQATTata/OE5
XtTL1/vY0cj2muTQGj9Khe1m/A6fjoldqfO0emCu+F6EH/6pvhXF5VmIDtktS0XH
HIacNSMbdi5Fp8Ji5nYfwdXG0RCckd2tY7msMNTGXymzemv9UBPsBzNdrXfpr2K7
N3kNckWsBc1vIAmPAR4LTiB1/GX2FKtDOC2wP87enqOH4W5IA7PxvCv1jiJrxbnF
AIQ3tw53pFVlPMYDtp6Ny5PFe+2eh3rwJY1fk1hYfLl8EQY+OZp8XxJWm/PoyvE=
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:43:49 2024 by rpki-client on console-ams.rpki-client.org