Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/yAoShkDCQMMO4x_u0wTrSIXf7oA.roa
File: yAoShkDCQMMO4x_u0wTrSIXf7oA.roa (raw, json)
Hash identifier: QoIIRPWGlygJlkwm3EwxD1k4aCUDW5rPCs56+XoEPfA=
Subject key identifier: C8:0A:12:86:40:C2:40:C3:0E:E3:1F:EE:D3:04:EB:48:85:DF:EE:80
Certificate issuer: /CN=e138ec242a43e9c9d4ceb25dc90e5453373d3f46
Certificate serial: 018CC2DB1A2AFBCE56122FE78F58FF0906A0
Authority key identifier: E1:38:EC:24:2A:43:E9:C9:D4:CE:B2:5D:C9:0E:54:53:37:3D:3F:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/yAoShkDCQMMO4x_u0wTrSIXf7oA.roa
Signing time: Mon 01 Jan 2024 02:29:48 +0000
ROA not before: Mon 01 Jan 2024 02:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60117
IP address blocks: 185.183.96.0/24 maxlen: 24
185.117.74.0/24 maxlen: 24
185.117.75.0/24 maxlen: 24
185.82.201.0/24 maxlen: 24
185.82.203.0/24 maxlen: 24
185.45.193.0/24 maxlen: 24
185.198.57.0/24 maxlen: 24
185.106.121.0/24 maxlen: 24
185.244.150.0/24 maxlen: 24
194.36.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:02:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:1a:2a:fb:ce:56:12:2f:e7:8f:58:ff:09:06:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e138ec242a43e9c9d4ceb25dc90e5453373d3f46
Validity
Not Before: Jan 1 02:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c80a128640c240c30ee31feed304eb4885dfee80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:61:61:a8:1f:7f:0c:d0:e2:21:8a:06:02:78:
39:53:28:06:ad:46:8b:9b:8f:c0:dc:27:f4:ff:5c:
fc:c7:5c:1e:9d:f1:0a:6d:12:b3:3b:dc:bc:55:4b:
c9:47:1a:ff:ad:b6:e6:ac:cb:9d:08:0c:2f:5d:97:
01:f4:2d:f8:a4:a4:d3:2b:5c:1a:8e:95:de:ae:15:
53:f3:69:90:81:e6:a5:83:63:18:03:6c:dd:14:67:
2a:66:ce:a6:75:ac:05:61:70:46:41:99:28:78:99:
b0:eb:a8:6a:25:7b:b5:3d:89:03:dc:8d:23:72:f5:
86:84:e7:9c:2a:c5:29:24:fa:4e:b9:f6:6e:56:6b:
10:92:fa:de:35:3d:4c:d6:f7:17:19:61:0a:82:c3:
20:c5:a9:86:a3:69:66:5d:78:4c:43:4e:7e:f6:c6:
df:d0:98:14:aa:ff:db:63:60:49:ed:6d:b2:24:21:
69:b9:6c:82:d9:2d:9e:15:35:14:35:79:4f:8d:80:
ed:67:df:28:ff:36:29:75:e5:92:c4:f6:10:3d:ce:
64:45:10:5f:42:3a:bc:c1:a8:d9:bb:20:ec:39:fc:
78:6b:75:79:05:db:ca:0c:02:44:a3:4e:84:df:35:
71:99:fa:0a:ab:3a:18:58:1d:26:0b:55:2a:b6:0c:
db:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:0A:12:86:40:C2:40:C3:0E:E3:1F:EE:D3:04:EB:48:85:DF:EE:80
X509v3 Authority Key Identifier:
keyid:E1:38:EC:24:2A:43:E9:C9:D4:CE:B2:5D:C9:0E:54:53:37:3D:3F:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/yAoShkDCQMMO4x_u0wTrSIXf7oA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.45.193.0/24
185.82.201.0/24
185.82.203.0/24
185.106.121.0/24
185.117.74.0/23
185.183.96.0/24
185.198.57.0/24
185.244.150.0/24
194.36.189.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:fb:ef:fa:16:f0:85:48:1d:0d:d3:47:80:71:f3:eb:0e:b0:
b5:55:56:1e:36:0f:80:c2:e6:6b:ee:e7:8b:56:21:4f:b8:fb:
8f:2d:fc:7b:5e:6d:bf:ec:16:cd:37:8f:32:5d:35:ee:22:8e:
9f:45:57:58:64:ed:2e:b6:c6:2e:5e:a2:76:21:8e:7f:cb:37:
0f:1b:4e:41:6a:f4:6e:64:82:92:05:d2:eb:04:5c:b1:a7:41:
34:b4:5c:71:3f:de:ae:1c:a2:ec:f4:19:9f:bb:ca:1a:56:42:
f6:91:0b:c8:ff:1a:00:11:ee:d6:3a:08:17:ab:29:dd:10:a0:
0b:7a:f8:d1:7b:c8:1f:9d:55:ee:73:c5:68:f5:9e:ec:93:2f:
5a:1c:ba:e9:d6:f9:20:00:89:73:16:b9:c0:bb:53:b0:9d:90:
cb:44:e9:29:01:77:4d:8d:f8:f1:20:78:6e:d9:6c:60:26:af:
12:d5:69:21:b7:4a:14:51:11:cc:88:63:a9:3f:58:95:00:7a:
8e:62:d8:01:73:55:09:a8:e8:34:a6:5d:f3:10:2e:5b:a4:f9:
9c:25:06:b5:3c:20:c5:a4:b4:f7:92:5e:05:1a:08:5e:95:35:
5b:08:39:b9:04:8d:ff:1c:67:8b:d4:ed:ba:90:e2:d4:a4:6c:
b2:82:69:79
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYzC2xoq+85WEi/nj1j/CQagMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMzhlYzI0MmE0M2U5YzlkNGNlYjI1ZGM5MGU1NDUzMzcz
ZDNmNDYwHhcNMjQwMTAxMDIyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODBhMTI4NjQwYzI0MGMzMGVlMzFmZWVkMzA0ZWI0ODg1ZGZlZTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2FhqB9/DNDiIYoGAng5UygGrUaL
m4/A3Cf0/1z8x1wenfEKbRKzO9y8VUvJRxr/rbbmrMudCAwvXZcB9C34pKTTK1wa
jpXerhVT82mQgealg2MYA2zdFGcqZs6mdawFYXBGQZkoeJmw66hqJXu1PYkD3I0j
cvWGhOecKsUpJPpOufZuVmsQkvreNT1M1vcXGWEKgsMgxamGo2lmXXhMQ05+9sbf
0JgUqv/bY2BJ7W2yJCFpuWyC2S2eFTUUNXlPjYDtZ98o/zYpdeWSxPYQPc5kRRBf
Qjq8wajZuyDsOfx4a3V5BdvKDAJEo06E3zVxmfoKqzoYWB0mC1UqtgzbRwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFMgKEoZAwkDDDuMf7tME60iF3+6AMB8GA1UdIwQY
MBaAFOE47CQqQ+nJ1M6yXckOVFM3PT9GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFRqc0pDcEQ2Y25VenJKZHlRNVVVemM5UDBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8wYjdmZDMtOTBmMC00NWQxLThhNTgt
Njc4NWNkNDU2ODcxLzEveUFvU2hrRENRTU1PNHhfdTB3VHJTSVhmN29BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8wYjdmZDMtOTBmMC00NWQxLThhNTgtNjc4NWNkNDU2ODcx
LzEvNFRqc0pDcEQ2Y25VenJKZHlRNVVVemM5UDBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAuS3BAwQA
uVLJAwQAuVLLAwQAuWp5AwQBuXVKAwQAubdgAwQAucY5AwQAufSWAwQAwiS9MA0G
CSqGSIb3DQEBCwUAA4IBAQC/++/6FvCFSB0N00eAcfPrDrC1VVYeNg+AwuZr7ueL
ViFPuPuPLfx7Xm2/7BbNN48yXTXuIo6fRVdYZO0utsYuXqJ2IY5/yzcPG05BavRu
ZIKSBdLrBFyxp0E0tFxxP96uHKLs9Bmfu8oaVkL2kQvI/xoAEe7WOggXqyndEKAL
evjRe8gfnVXuc8Vo9Z7sky9aHLrp1vkgAIlzFrnAu1OwnZDLROkpAXdNjfjxIHhu
2WxgJq8S1Wkht0oUURHMiGOpP1iVAHqOYtgBc1UJqOg0pl3zEC5bpPmcJQa1PCDF
pLT3kl4FGghelTVbCDm5BI3/HGeL1O26kOLUpGyygml5
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:23:04 2024 by rpki-client on console-ams.rpki-client.org