Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/bd4e5c-4147-4131-8750-33a82ab5f513/1/ZxtXtElSlqOUE5YnXgAdnCYaboM.roa
File: ZxtXtElSlqOUE5YnXgAdnCYaboM.roa (raw, json)
Hash identifier: +5Pb6OOUPOb5qveOZKaL5RMvDT4yUUMv0Lcv1SVIqZo=
Subject key identifier: 67:1B:57:B4:49:52:96:A3:94:13:96:27:5E:00:1D:9C:26:1A:6E:83
Certificate issuer: /CN=d1c4913094a21268c73a67653a3738d73e5c59a7
Certificate serial: 018CC794941A1B5CD4BA8C42B99D225F82F3
Authority key identifier: D1:C4:91:30:94:A2:12:68:C7:3A:67:65:3A:37:38:D7:3E:5C:59:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0cSRMJSiEmjHOmdlOjc41z5cWac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/bd4e5c-4147-4131-8750-33a82ab5f513/1/ZxtXtElSlqOUE5YnXgAdnCYaboM.roa
Signing time: Tue 02 Jan 2024 00:30:52 +0000
ROA not before: Tue 02 Jan 2024 00:30:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204176
IP address blocks: 185.112.63.0/24 maxlen: 24
185.112.62.0/24 maxlen: 24
185.112.61.0/24 maxlen: 24
185.112.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/bd4e5c-4147-4131-8750-33a82ab5f513/1/0cSRMJSiEmjHOmdlOjc41z5cWac.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/bd4e5c-4147-4131-8750-33a82ab5f513/1/0cSRMJSiEmjHOmdlOjc41z5cWac.mft
rsync://rpki.ripe.net/repository/DEFAULT/0cSRMJSiEmjHOmdlOjc41z5cWac.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:94:1a:1b:5c:d4:ba:8c:42:b9:9d:22:5f:82:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1c4913094a21268c73a67653a3738d73e5c59a7
Validity
Not Before: Jan 2 00:30:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=671b57b4495296a3941396275e001d9c261a6e83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:db:79:15:66:5c:a8:f0:55:93:11:8b:64:76:
35:84:a9:85:60:54:0c:9d:af:83:49:6a:55:e3:c9:
30:e1:e1:a0:51:18:48:ce:ed:f6:c6:b3:71:ed:4d:
56:c6:db:e7:ad:f6:00:6a:64:e3:48:45:ec:21:9e:
25:81:78:93:8c:e1:8d:06:99:9e:7f:65:ab:f9:48:
af:7c:94:e2:1c:f0:69:38:d8:dc:fe:0d:2e:3d:db:
a7:47:3b:2f:72:e3:e8:a8:87:12:47:27:68:20:1b:
fb:87:ff:0f:5a:91:fa:5c:12:2f:e4:86:2f:d2:8b:
66:8d:26:80:a0:7f:0f:7b:ee:f1:d7:6f:f2:8a:ad:
59:d0:61:f5:e4:22:94:99:55:70:ba:12:a3:30:1f:
79:7a:e8:76:7e:ee:68:9e:60:fb:99:15:db:03:ad:
d2:02:25:ae:6a:80:90:ce:4a:2a:d1:f2:db:ae:f4:
3f:ce:98:3f:4d:7a:4d:42:00:3c:08:54:5f:99:95:
0c:c7:a6:d9:02:55:d3:ca:ba:1c:30:33:b6:2c:15:
5a:91:b8:dd:93:85:03:cd:c6:07:4d:16:0f:cb:30:
57:4d:7c:64:ff:9b:01:f1:08:b7:5f:e9:05:31:5b:
1c:81:37:9a:fb:54:40:e2:84:09:32:5b:f6:e2:e7:
ad:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:1B:57:B4:49:52:96:A3:94:13:96:27:5E:00:1D:9C:26:1A:6E:83
X509v3 Authority Key Identifier:
keyid:D1:C4:91:30:94:A2:12:68:C7:3A:67:65:3A:37:38:D7:3E:5C:59:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0cSRMJSiEmjHOmdlOjc41z5cWac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bd4e5c-4147-4131-8750-33a82ab5f513/1/ZxtXtElSlqOUE5YnXgAdnCYaboM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/bd4e5c-4147-4131-8750-33a82ab5f513/1/0cSRMJSiEmjHOmdlOjc41z5cWac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.112.60.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:da:52:57:86:f4:a3:af:68:7a:bf:3c:73:21:3b:46:23:b3:
06:fd:fe:a5:2f:71:9f:08:fb:eb:25:df:4d:af:c5:35:79:61:
d5:79:e9:68:5d:85:32:38:9a:d2:dd:ad:79:2d:ef:89:c3:ab:
b3:d7:39:48:20:51:eb:6f:bc:a0:f5:ab:eb:a5:4b:38:0a:bb:
85:95:29:67:f3:a4:78:63:72:62:49:ac:99:17:e1:31:5b:88:
85:ac:7a:c5:97:3f:e4:b4:88:44:d8:80:c7:1c:ee:ee:5f:49:
bc:b6:dd:bc:4f:c8:c8:70:5a:5e:8e:a0:9d:ea:e6:f5:d5:6a:
ea:95:c4:ad:3a:55:22:db:ad:21:4b:5a:33:20:4b:d3:b0:77:
38:c7:77:95:77:7b:d7:d0:22:e2:32:7d:0f:b7:14:98:31:51:
09:b5:e7:ee:c9:7d:ff:cc:2d:4c:52:1f:5b:17:04:af:c8:d3:
a8:76:a7:fb:2d:f2:c0:b2:c1:d0:f5:f5:89:f1:39:9f:13:a6:
a5:23:8f:66:e6:7e:65:09:f8:c8:fc:d8:79:3f:2a:5b:1d:a8:
18:cd:13:e5:ab:65:16:b9:cc:8f:70:5e:a1:33:eb:0a:77:69:
c3:1e:e9:f1:af:3e:23:b9:79:66:3c:ce:92:09:8a:59:0e:c7:
44:15:79:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlJQaG1zUuoxCuZ0iX4LzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxYzQ5MTMwOTRhMjEyNjhjNzNhNjc2NTNhMzczOGQ3M2U1
YzU5YTcwHhcNMjQwMTAyMDAzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzFiNTdiNDQ5NTI5NmEzOTQxMzk2Mjc1ZTAwMWQ5YzI2MWE2ZTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdt5FWZcqPBVkxGLZHY1hKmFYFQM
na+DSWpV48kw4eGgURhIzu32xrNx7U1WxtvnrfYAamTjSEXsIZ4lgXiTjOGNBpme
f2Wr+UivfJTiHPBpONjc/g0uPdunRzsvcuPoqIcSRydoIBv7h/8PWpH6XBIv5IYv
0otmjSaAoH8Pe+7x12/yiq1Z0GH15CKUmVVwuhKjMB95euh2fu5onmD7mRXbA63S
AiWuaoCQzkoq0fLbrvQ/zpg/TXpNQgA8CFRfmZUMx6bZAlXTyrocMDO2LBVakbjd
k4UDzcYHTRYPyzBXTXxk/5sB8Qi3X+kFMVscgTea+1RA4oQJMlv24uet4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGcbV7RJUpajlBOWJ14AHZwmGm6DMB8GA1UdIwQY
MBaAFNHEkTCUohJoxzpnZTo3ONc+XFmnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGNTUk1KU2lFbWpIT21kbE9qYzQxejVjV2FjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9iZDRlNWMtNDE0Ny00MTMxLTg3NTAt
MzNhODJhYjVmNTEzLzEvWnh0WHRFbFNscU9VRTVZblhnQWRuQ1lhYm9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9iZDRlNWMtNDE0Ny00MTMxLTg3NTAtMzNhODJhYjVmNTEz
LzEvMGNTUk1KU2lFbWpIT21kbE9qYzQxejVjV2FjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXA8MA0G
CSqGSIb3DQEBCwUAA4IBAQAO2lJXhvSjr2h6vzxzITtGI7MG/f6lL3GfCPvrJd9N
r8U1eWHVeeloXYUyOJrS3a15Le+Jw6uz1zlIIFHrb7yg9avrpUs4CruFlSln86R4
Y3JiSayZF+ExW4iFrHrFlz/ktIhE2IDHHO7uX0m8tt28T8jIcFpejqCd6ub11Wrq
lcStOlUi260hS1ozIEvTsHc4x3eVd3vX0CLiMn0PtxSYMVEJtefuyX3/zC1MUh9b
FwSvyNOodqf7LfLAssHQ9fWJ8TmfE6alI49m5n5lCfjI/Nh5PypbHagYzRPlq2UW
ucyPcF6hM+sKd2nDHunxrz4juXlmPM6SCYpZDsdEFXmr
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:30:55 2024 by rpki-client on console-ams.rpki-client.org