Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/4c5c3d-21b0-4058-89fd-6c1b4471f7ee/1/eJz_w6SWHqgLNn4ulwGV0UOoL28.roa
File: eJz_w6SWHqgLNn4ulwGV0UOoL28.roa (raw, json)
Hash identifier: iy7fjemr2ZhoWQmb9pff9bCJ+GRVAv7cSYXTtJNkF3E=
Subject key identifier: 78:9C:FF:C3:A4:96:1E:A8:0B:36:7E:2E:97:01:95:D1:43:A8:2F:6F
Certificate issuer: /CN=c784128505f7f99c7570442980adeb8af90cc270
Certificate serial: 018CC9BB9F546F1B66DBD734E09BA83EC16D
Authority key identifier: C7:84:12:85:05:F7:F9:9C:75:70:44:29:80:AD:EB:8A:F9:0C:C2:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x4QShQX3-Zx1cEQpgK3rivkMwnA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/4c5c3d-21b0-4058-89fd-6c1b4471f7ee/1/eJz_w6SWHqgLNn4ulwGV0UOoL28.roa
Signing time: Tue 02 Jan 2024 10:32:45 +0000
ROA not before: Tue 02 Jan 2024 10:32:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61273
IP address blocks: 185.151.204.0/24 maxlen: 24
185.151.205.0/24 maxlen: 24
185.151.206.0/24 maxlen: 24
185.151.207.0/24 maxlen: 24
185.230.39.0/24 maxlen: 24
185.255.24.0/22 maxlen: 24
2a0b:14c0:2::/48 maxlen: 48
2a0b:14c0:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/4c5c3d-21b0-4058-89fd-6c1b4471f7ee/1/x4QShQX3-Zx1cEQpgK3rivkMwnA.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/4c5c3d-21b0-4058-89fd-6c1b4471f7ee/1/x4QShQX3-Zx1cEQpgK3rivkMwnA.mft
rsync://rpki.ripe.net/repository/DEFAULT/x4QShQX3-Zx1cEQpgK3rivkMwnA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:9f:54:6f:1b:66:db:d7:34:e0:9b:a8:3e:c1:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c784128505f7f99c7570442980adeb8af90cc270
Validity
Not Before: Jan 2 10:32:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=789cffc3a4961ea80b367e2e970195d143a82f6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:18:dc:73:94:da:a2:87:eb:40:28:d6:55:2c:
6b:35:27:c0:55:07:f1:0c:bd:c7:d9:bf:63:38:48:
7f:26:4e:b3:18:7b:0f:7b:e2:b2:da:f0:da:e1:a7:
80:f9:d7:24:89:bc:84:dd:3f:d3:b4:6c:6a:d6:14:
52:f9:07:70:10:49:d3:83:2c:d3:7b:a8:bb:99:df:
fe:a5:9c:c3:57:87:84:3b:7f:4e:59:f8:78:ad:a7:
73:f9:df:a1:3a:be:8b:83:39:f6:c5:66:a4:a8:44:
8a:08:da:ac:0b:46:9a:62:32:2d:b3:8d:aa:66:02:
b4:08:3b:22:36:04:3e:74:e7:96:ce:69:52:97:8b:
22:8a:15:c8:f9:2a:87:7a:b8:3e:43:dd:56:a0:71:
13:79:bf:fd:f7:44:07:6c:e3:ff:fc:8d:35:19:8c:
72:4f:50:d9:7a:44:14:f9:97:f9:93:10:91:84:01:
39:cc:eb:48:14:5a:7d:d8:07:7c:d5:24:1b:24:bb:
d6:84:f0:0d:17:80:78:db:fb:08:be:dd:b3:92:fc:
94:fe:72:71:8e:55:ac:7b:1d:3f:96:02:dc:85:53:
f0:14:a8:3a:95:73:74:d3:44:7c:e0:e1:88:80:65:
81:25:d0:15:0a:63:8a:2f:22:f6:ed:8a:a9:11:56:
91:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:9C:FF:C3:A4:96:1E:A8:0B:36:7E:2E:97:01:95:D1:43:A8:2F:6F
X509v3 Authority Key Identifier:
keyid:C7:84:12:85:05:F7:F9:9C:75:70:44:29:80:AD:EB:8A:F9:0C:C2:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x4QShQX3-Zx1cEQpgK3rivkMwnA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/4c5c3d-21b0-4058-89fd-6c1b4471f7ee/1/eJz_w6SWHqgLNn4ulwGV0UOoL28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/4c5c3d-21b0-4058-89fd-6c1b4471f7ee/1/x4QShQX3-Zx1cEQpgK3rivkMwnA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.151.204.0/22
185.230.39.0/24
185.255.24.0/22
IPv6:
2a0b:14c0:2::/48
2a0b:14c0:4::/48
Signature Algorithm: sha256WithRSAEncryption
1e:7b:c6:25:46:76:5d:e9:78:76:42:f6:98:19:37:39:07:fb:
49:32:13:62:07:b3:b1:54:2f:7e:d5:dc:f9:1e:54:06:ee:0b:
1d:c6:2e:e5:0e:e5:97:ec:67:b5:95:79:ea:04:d0:f3:1a:a7:
12:4f:91:7c:37:f5:4d:b3:f5:37:41:53:e8:ff:67:93:72:31:
c4:e6:97:49:3f:69:a3:f3:e7:ba:72:40:90:00:0d:f4:e8:5e:
63:31:cf:4f:d4:f6:84:1c:0a:9e:d0:6b:da:1a:34:bf:48:ef:
3f:d6:07:6e:ea:24:d9:bb:91:74:16:7c:f0:91:1e:c5:37:c9:
10:ad:3d:49:1b:a4:f6:6e:62:40:54:a0:09:63:71:79:c9:da:
2a:99:ba:1e:85:3b:86:c3:0e:41:91:7a:0a:2b:74:f9:0c:19:
17:69:a0:f2:bc:e5:27:de:6c:f9:5a:42:a7:04:fd:b4:59:2b:
d6:1a:24:ad:c8:8a:a8:5a:b0:de:ec:b9:d9:d3:fd:12:48:a4:
80:a6:f0:e1:47:62:a6:c4:dc:0e:f5:c2:f7:6a:e8:58:6f:52:
45:3b:dd:31:9c:12:bf:94:63:0b:f8:d9:7f:ba:bb:c7:9b:66:
7e:9b:af:56:07:5e:f8:c0:3d:a0:a0:dc:76:99:8c:06:ec:f3:
16:38:56:57
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzJu59Ubxtm29c04JuoPsFtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3ODQxMjg1MDVmN2Y5OWM3NTcwNDQyOTgwYWRlYjhhZjkw
Y2MyNzAwHhcNMjQwMTAyMTAzMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODljZmZjM2E0OTYxZWE4MGIzNjdlMmU5NzAxOTVkMTQzYTgyZjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhjcc5TaoofrQCjWVSxrNSfAVQfx
DL3H2b9jOEh/Jk6zGHsPe+Ky2vDa4aeA+dckibyE3T/TtGxq1hRS+QdwEEnTgyzT
e6i7md/+pZzDV4eEO39OWfh4radz+d+hOr6Lgzn2xWakqESKCNqsC0aaYjIts42q
ZgK0CDsiNgQ+dOeWzmlSl4siihXI+SqHerg+Q91WoHETeb/990QHbOP//I01GYxy
T1DZekQU+Zf5kxCRhAE5zOtIFFp92Ad81SQbJLvWhPANF4B42/sIvt2zkvyU/nJx
jlWsex0/lgLchVPwFKg6lXN000R84OGIgGWBJdAVCmOKLyL27YqpEVaRWQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFHic/8Oklh6oCzZ+LpcBldFDqC9vMB8GA1UdIwQY
MBaAFMeEEoUF9/mcdXBEKYCt64r5DMJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDRRU2hRWDMtWngxY0VRcGdLM3JpdmtNd25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC80YzVjM2QtMjFiMC00MDU4LTg5ZmQt
NmMxYjQ0NzFmN2VlLzEvZUp6X3c2U1dIcWdMTm40dWx3R1YwVU9vTDI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC80YzVjM2QtMjFiMC00MDU4LTg5ZmQtNmMxYjQ0NzFmN2Vl
LzEveDRRU2hRWDMtWngxY0VRcGdLM3JpdmtNd25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQCuZfMAwQA
ueYnAwQCuf8YMBgEAgACMBIDBwAqCxTAAAIDBwAqCxTAAAQwDQYJKoZIhvcNAQEL
BQADggEBAB57xiVGdl3peHZC9pgZNzkH+0kyE2IHs7FUL37V3PkeVAbuCx3GLuUO
5ZfsZ7WVeeoE0PMapxJPkXw39U2z9TdBU+j/Z5NyMcTml0k/aaPz57pyQJAADfTo
XmMxz0/U9oQcCp7Qa9oaNL9I7z/WB27qJNm7kXQWfPCRHsU3yRCtPUkbpPZuYkBU
oAljcXnJ2iqZuh6FO4bDDkGRegordPkMGRdpoPK85SfebPlaQqcE/bRZK9YaJK3I
iqhasN7sudnT/RJIpICm8OFHYqbE3A71wvdq6FhvUkU73TGcEr+UYwv42X+6u8eb
Zn6br1YHXvjAPaCg3HaZjAbs8xY4Vlc=
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:40:17 2024 by rpki-client on console-ams.rpki-client.org