Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/1d5ee1-accf-474f-a589-cd1fa484411b/1/aH9Z1J8GhsMijE1yVKkrmPIfRnw.roa
File: aH9Z1J8GhsMijE1yVKkrmPIfRnw.roa (raw, json)
Hash identifier: XHSBLCuqM9qgjVvOyzTyOdLhEbOWgOx2zKOzi1Z92kU=
Subject key identifier: 68:7F:59:D4:9F:06:86:C3:22:8C:4D:72:54:A9:2B:98:F2:1F:46:7C
Certificate issuer: /CN=b869ee66164d3cb41dbd2df5417817c32f4cea05
Certificate serial: 018CC3496706FCC0DCA9B11D57E8247B039E
Authority key identifier: B8:69:EE:66:16:4D:3C:B4:1D:BD:2D:F5:41:78:17:C3:2F:4C:EA:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uGnuZhZNPLQdvS31QXgXwy9M6gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/1d5ee1-accf-474f-a589-cd1fa484411b/1/aH9Z1J8GhsMijE1yVKkrmPIfRnw.roa
Signing time: Mon 01 Jan 2024 04:30:16 +0000
ROA not before: Mon 01 Jan 2024 04:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199366
IP address blocks: 185.114.192.0/24 maxlen: 24
185.114.194.0/24 maxlen: 24
185.114.193.0/24 maxlen: 24
185.114.195.0/24 maxlen: 24
185.19.94.0/24 maxlen: 24
185.19.93.0/24 maxlen: 24
185.19.95.0/24 maxlen: 24
185.19.92.0/24 maxlen: 24
185.59.31.0/24 maxlen: 24
185.59.28.0/24 maxlen: 24
185.59.30.0/24 maxlen: 24
185.59.29.0/24 maxlen: 24
2.56.62.0/24 maxlen: 24
2.56.63.0/24 maxlen: 24
2.56.61.0/24 maxlen: 24
2.56.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/1d5ee1-accf-474f-a589-cd1fa484411b/1/uGnuZhZNPLQdvS31QXgXwy9M6gU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/1d5ee1-accf-474f-a589-cd1fa484411b/1/uGnuZhZNPLQdvS31QXgXwy9M6gU.mft
rsync://rpki.ripe.net/repository/DEFAULT/uGnuZhZNPLQdvS31QXgXwy9M6gU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:67:06:fc:c0:dc:a9:b1:1d:57:e8:24:7b:03:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b869ee66164d3cb41dbd2df5417817c32f4cea05
Validity
Not Before: Jan 1 04:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=687f59d49f0686c3228c4d7254a92b98f21f467c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:9e:9a:39:82:a5:86:e7:60:86:9c:83:b1:bb:
77:49:ed:8a:b1:f8:2e:35:8b:21:c6:4d:ab:78:1d:
24:30:54:5b:15:c5:61:ab:ae:d6:d4:07:6d:6c:3b:
ec:2b:7c:37:01:38:62:d6:4f:85:e9:22:59:7e:2e:
0b:44:1e:c8:71:bf:56:14:be:53:ea:ed:9f:3c:ed:
9b:eb:92:8f:ed:25:74:3e:ef:6c:1e:1f:d3:f1:fa:
8e:78:42:ce:82:ce:68:72:3f:f9:97:67:5a:05:23:
dd:b8:4f:0b:56:c7:74:c9:20:ef:9e:40:93:23:0d:
7a:d7:51:19:27:09:95:b5:ab:3e:03:27:30:da:77:
39:07:f2:22:6a:1a:56:6d:e5:e1:19:d8:08:14:69:
ca:df:51:f4:d4:da:13:6d:e2:27:0e:1a:58:c9:2e:
2d:d5:8c:f4:01:43:82:99:35:eb:d6:12:d5:4c:d9:
93:f4:08:27:05:68:b1:64:54:15:0d:ce:1e:54:40:
3e:e1:fa:bf:49:75:2b:51:6d:e4:0b:cb:0f:f0:13:
7d:4a:53:5e:20:24:ab:a8:3b:a0:94:c1:a2:e6:18:
33:e5:bc:1c:f7:e2:6d:0d:c3:89:19:9a:c8:d1:1d:
bb:62:83:29:10:8f:20:56:13:9c:40:7c:a7:7e:d8:
4f:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:7F:59:D4:9F:06:86:C3:22:8C:4D:72:54:A9:2B:98:F2:1F:46:7C
X509v3 Authority Key Identifier:
keyid:B8:69:EE:66:16:4D:3C:B4:1D:BD:2D:F5:41:78:17:C3:2F:4C:EA:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uGnuZhZNPLQdvS31QXgXwy9M6gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/1d5ee1-accf-474f-a589-cd1fa484411b/1/aH9Z1J8GhsMijE1yVKkrmPIfRnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/1d5ee1-accf-474f-a589-cd1fa484411b/1/uGnuZhZNPLQdvS31QXgXwy9M6gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.60.0/22
185.19.92.0/22
185.59.28.0/22
185.114.192.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:d5:5f:79:5e:dd:b2:d4:98:d2:7a:bc:74:8e:13:1d:c9:0c:
9f:7d:57:43:62:06:98:0f:8d:e3:be:14:65:60:71:69:23:72:
36:39:58:e1:4e:97:79:db:5b:c9:23:17:f0:82:5c:c2:92:c0:
41:66:7b:41:df:f6:fb:d5:5d:46:62:6a:0f:5a:d7:2e:88:2c:
96:b3:2f:7d:4b:b3:8b:14:c3:f2:11:59:b9:98:c7:22:d5:59:
83:9c:ed:84:8f:83:23:b7:83:9c:1f:2e:d4:c5:fb:11:74:0a:
67:36:da:46:a5:58:08:3b:8e:27:f6:60:64:4c:36:d4:b1:8b:
f4:f5:96:5a:d3:23:50:75:b6:33:82:98:23:27:15:1e:de:40:
36:4e:62:b3:7e:f0:01:4e:ae:fa:d2:2e:0e:5c:3d:00:d4:dd:
22:f7:14:e5:ff:37:75:ab:e2:8c:46:cf:a8:95:e3:86:9e:86:
a5:f1:f4:c1:af:58:40:19:60:2e:d2:90:3a:e8:b2:e0:bd:c8:
a3:1c:c7:19:82:6f:df:3c:4e:b0:14:f5:07:75:5c:96:4a:44:
55:29:74:f3:68:c6:02:17:5f:59:8f:a1:c2:70:0d:52:0d:2f:
87:06:ce:ff:43:69:d4:12:e2:a7:99:bd:e2:8c:ab:ef:57:e3:
6e:dd:9b:20
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzDSWcG/MDcqbEdV+gkewOeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4NjllZTY2MTY0ZDNjYjQxZGJkMmRmNTQxNzgxN2MzMmY0
Y2VhMDUwHhcNMjQwMTAxMDQzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODdmNTlkNDlmMDY4NmMzMjI4YzRkNzI1NGE5MmI5OGYyMWY0NjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA556aOYKlhudghpyDsbt3Se2Ksfgu
NYshxk2reB0kMFRbFcVhq67W1AdtbDvsK3w3AThi1k+F6SJZfi4LRB7Icb9WFL5T
6u2fPO2b65KP7SV0Pu9sHh/T8fqOeELOgs5ocj/5l2daBSPduE8LVsd0ySDvnkCT
Iw1611EZJwmVtas+Aycw2nc5B/IiahpWbeXhGdgIFGnK31H01NoTbeInDhpYyS4t
1Yz0AUOCmTXr1hLVTNmT9AgnBWixZFQVDc4eVEA+4fq/SXUrUW3kC8sP8BN9SlNe
ICSrqDuglMGi5hgz5bwc9+JtDcOJGZrI0R27YoMpEI8gVhOcQHynfthPzQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGh/WdSfBobDIoxNclSpK5jyH0Z8MB8GA1UdIwQY
MBaAFLhp7mYWTTy0Hb0t9UF4F8MvTOoFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUdudVpoWk5QTFFkdlMzMVFYZ1h3eTlNNmdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8xZDVlZTEtYWNjZi00NzRmLWE1ODkt
Y2QxZmE0ODQ0MTFiLzEvYUg5WjFKOEdoc01pakUxeVZLa3JtUElmUm53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8xZDVlZTEtYWNjZi00NzRmLWE1ODktY2QxZmE0ODQ0MTFi
LzEvdUdudVpoWk5QTFFkdlMzMVFYZ1h3eTlNNmdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCAjg8AwQC
uRNcAwQCuTscAwQCuXLAMA0GCSqGSIb3DQEBCwUAA4IBAQB+1V95Xt2y1JjSerx0
jhMdyQyffVdDYgaYD43jvhRlYHFpI3I2OVjhTpd521vJIxfwglzCksBBZntB3/b7
1V1GYmoPWtcuiCyWsy99S7OLFMPyEVm5mMci1VmDnO2Ej4Mjt4OcHy7UxfsRdApn
NtpGpVgIO44n9mBkTDbUsYv09ZZa0yNQdbYzgpgjJxUe3kA2TmKzfvABTq760i4O
XD0A1N0i9xTl/zd1q+KMRs+oleOGnoal8fTBr1hAGWAu0pA66LLgvcijHMcZgm/f
PE6wFPUHdVyWSkRVKXTzaMYCF19Zj6HCcA1SDS+HBs7/Q2nUEuKnmb3ijKvvV+Nu
3Zsg
-----END CERTIFICATE-----
Generated at Sun Jun 16 11:52:20 2024 by rpki-client on console-fra.rpki-client.org