Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/fS0r4RMWEnYJULjc_4DkFH7bkSY.roa
File: fS0r4RMWEnYJULjc_4DkFH7bkSY.roa (raw, json)
Hash identifier: kCl0nb+ItKnCkRmhx64MWNFmOk50Otn6y8jXG3hYVX0=
Subject key identifier: 7D:2D:2B:E1:13:16:12:76:09:50:B8:DC:FF:80:E4:14:7E:DB:91:26
Certificate issuer: /CN=46c98b2e4a3e060def45abc62c0e345faa80b5ec
Certificate serial: 018CC86F164517E123E5736878A0B6E79DBF
Authority key identifier: 46:C9:8B:2E:4A:3E:06:0D:EF:45:AB:C6:2C:0E:34:5F:AA:80:B5:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RsmLLko-Bg3vRavGLA40X6qAtew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/fS0r4RMWEnYJULjc_4DkFH7bkSY.roa
Signing time: Tue 02 Jan 2024 04:29:32 +0000
ROA not before: Tue 02 Jan 2024 04:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60033
IP address blocks: 185.61.136.0/24 maxlen: 24
185.61.137.0/24 maxlen: 24
185.61.138.0/24 maxlen: 24
185.61.139.0/24 maxlen: 24
2a02:7a60::/48 maxlen: 48
2a02:7a60::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/RsmLLko-Bg3vRavGLA40X6qAtew.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/RsmLLko-Bg3vRavGLA40X6qAtew.mft
rsync://rpki.ripe.net/repository/DEFAULT/RsmLLko-Bg3vRavGLA40X6qAtew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:16:45:17:e1:23:e5:73:68:78:a0:b6:e7:9d:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46c98b2e4a3e060def45abc62c0e345faa80b5ec
Validity
Not Before: Jan 2 04:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d2d2be1131612760950b8dcff80e4147edb9126
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:b2:71:08:22:a5:07:d9:b0:0a:95:1e:12:0e:
15:5d:13:d9:22:d1:1c:b9:c6:c4:a2:fb:60:fa:79:
76:dc:c2:22:ab:cb:c9:33:73:12:44:18:22:1c:93:
f8:33:d9:86:c8:20:21:d5:8c:db:10:82:8f:fa:23:
87:2f:ae:4d:85:64:87:f7:98:76:89:d7:7c:01:0a:
3f:a9:c5:49:13:b3:09:8d:6d:2e:13:76:22:94:8b:
c9:43:96:57:1a:a3:ee:44:fa:7c:0e:6b:f2:c2:ce:
21:40:17:8f:c0:d1:54:70:97:22:f7:bf:0d:fc:70:
1c:0d:61:ce:92:3b:31:89:00:25:de:3f:14:f2:3a:
46:cd:de:51:a2:0f:37:54:26:4a:ef:98:43:7f:13:
2f:78:ee:92:cd:45:f9:47:42:28:10:75:09:dd:dc:
2c:12:79:f8:7b:86:d9:40:d9:84:7c:44:ef:4c:b4:
31:dd:20:a1:7e:c4:1c:b3:3d:40:38:34:64:54:12:
2a:8d:37:a6:a3:8b:18:b3:75:e8:e2:10:a6:ab:0a:
ca:d8:11:9c:d5:4a:61:81:36:32:96:ad:01:7c:e7:
fb:5e:48:f5:61:e4:3f:3a:33:c4:40:14:09:34:d4:
1d:af:8d:cc:83:7d:ce:77:1d:1d:e6:5d:d8:d7:86:
cd:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:2D:2B:E1:13:16:12:76:09:50:B8:DC:FF:80:E4:14:7E:DB:91:26
X509v3 Authority Key Identifier:
keyid:46:C9:8B:2E:4A:3E:06:0D:EF:45:AB:C6:2C:0E:34:5F:AA:80:B5:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RsmLLko-Bg3vRavGLA40X6qAtew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/fS0r4RMWEnYJULjc_4DkFH7bkSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/RsmLLko-Bg3vRavGLA40X6qAtew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.61.136.0/22
IPv6:
2a02:7a60::/32
Signature Algorithm: sha256WithRSAEncryption
ba:84:e1:d7:28:6b:a7:b4:a4:bc:52:5d:e6:a5:80:36:d1:86:
6d:73:42:ab:6d:75:83:b2:b5:21:39:04:d7:24:b8:00:3b:76:
c9:3a:a9:63:5c:11:cf:4c:8a:b8:bb:96:9a:8c:83:9c:ea:05:
c9:a8:3f:63:83:47:ef:02:4e:4e:4f:6a:19:98:43:b8:2a:f5:
eb:cd:8f:01:ed:2b:76:6f:de:94:28:c4:f5:14:16:0b:87:11:
a4:ad:12:96:ee:12:2c:8f:36:fc:c3:78:dc:71:25:23:5a:8e:
d5:95:66:09:39:37:20:6e:f8:fc:c3:86:a6:f3:41:a4:ea:4f:
7e:1e:16:af:b0:a2:11:21:72:b1:57:6f:a6:b3:39:6e:f4:60:
9e:60:31:5c:20:00:16:76:04:7a:26:33:9f:a6:99:72:91:21:
3a:cb:85:b2:3c:b0:16:40:b9:66:71:f5:ea:08:b1:36:cb:8d:
bb:7b:ca:17:32:15:53:41:52:b8:4b:c6:b7:c9:1f:78:11:f0:
25:a1:08:50:f6:93:ea:f3:db:27:5c:6f:74:c9:40:b1:1e:84:
36:11:fb:a9:15:f6:28:05:0b:ce:25:7e:9e:ad:f5:b0:35:93:
58:58:0b:99:61:96:5c:a9:4e:23:d1:e6:28:cd:87:b5:ec:c5:
1e:56:29:51
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIbxZFF+Ej5XNoeKC2552/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2Yzk4YjJlNGEzZTA2MGRlZjQ1YWJjNjJjMGUzNDVmYWE4
MGI1ZWMwHhcNMjQwMTAyMDQyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDJkMmJlMTEzMTYxMjc2MDk1MGI4ZGNmZjgwZTQxNDdlZGI5MTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLJxCCKlB9mwCpUeEg4VXRPZItEc
ucbEovtg+nl23MIiq8vJM3MSRBgiHJP4M9mGyCAh1YzbEIKP+iOHL65NhWSH95h2
idd8AQo/qcVJE7MJjW0uE3YilIvJQ5ZXGqPuRPp8Dmvyws4hQBePwNFUcJci978N
/HAcDWHOkjsxiQAl3j8U8jpGzd5Rog83VCZK75hDfxMveO6SzUX5R0IoEHUJ3dws
Enn4e4bZQNmEfETvTLQx3SChfsQcsz1AODRkVBIqjTemo4sYs3Xo4hCmqwrK2BGc
1UphgTYylq0BfOf7Xkj1YeQ/OjPEQBQJNNQdr43Mg33Odx0d5l3Y14bN6wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFH0tK+ETFhJ2CVC43P+A5BR+25EmMB8GA1UdIwQY
MBaAFEbJiy5KPgYN70WrxiwONF+qgLXsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnNtTExrby1CZzN2UmF2R0xBNDBYNnFBdGV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8yYWE4ZDEtY2I3MS00OTA0LWE1OTEt
MzQ0OTUyMjcxMGU3LzEvZlMwcjRSTVdFbllKVUxqY180RGtGSDdia1NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8yYWE4ZDEtY2I3MS00OTA0LWE1OTEtMzQ0OTUyMjcxMGU3
LzEvUnNtTExrby1CZzN2UmF2R0xBNDBYNnFBdGV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuT2IMA0E
AgACMAcDBQAqAnpgMA0GCSqGSIb3DQEBCwUAA4IBAQC6hOHXKGuntKS8Ul3mpYA2
0YZtc0KrbXWDsrUhOQTXJLgAO3bJOqljXBHPTIq4u5aajIOc6gXJqD9jg0fvAk5O
T2oZmEO4KvXrzY8B7St2b96UKMT1FBYLhxGkrRKW7hIsjzb8w3jccSUjWo7VlWYJ
OTcgbvj8w4am80Gk6k9+HhavsKIRIXKxV2+mszlu9GCeYDFcIAAWdgR6JjOfpply
kSE6y4WyPLAWQLlmcfXqCLE2y427e8oXMhVTQVK4S8a3yR94EfAloQhQ9pPq89sn
XG90yUCxHoQ2EfupFfYoBQvOJX6erfWwNZNYWAuZYZZcqU4j0eYozYe17MUeVilR
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:02:25 2024 by rpki-client on console-ams.rpki-client.org