Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/9dac9c-85c6-4572-ad60-14512e7e59ef/1/AfhbSVc2XacTAYdSAZcAyA5tJcg.roa
File: AfhbSVc2XacTAYdSAZcAyA5tJcg.roa (raw, json)
Hash identifier: H5MnEFZ6untaif7RXtjmLfPGYVKGFeQCz51ox8ExeEA=
Subject key identifier: 01:F8:5B:49:57:36:5D:A7:13:01:87:52:01:97:00:C8:0E:6D:25:C8
Certificate issuer: /CN=6e3ec972f9760b855f1d4390bc375b3fa3d411b6
Certificate serial: 018CC94E57ECB60C2FE3C5DB2F7EDAFC0154
Authority key identifier: 6E:3E:C9:72:F9:76:0B:85:5F:1D:43:90:BC:37:5B:3F:A3:D4:11:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bj7Jcvl2C4VfHUOQvDdbP6PUEbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/9dac9c-85c6-4572-ad60-14512e7e59ef/1/AfhbSVc2XacTAYdSAZcAyA5tJcg.roa
Signing time: Tue 02 Jan 2024 08:33:23 +0000
ROA not before: Tue 02 Jan 2024 08:33:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201367
IP address blocks: 185.76.58.0/24 maxlen: 24
185.76.57.0/24 maxlen: 24
185.76.56.0/24 maxlen: 24
185.76.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/9dac9c-85c6-4572-ad60-14512e7e59ef/1/bj7Jcvl2C4VfHUOQvDdbP6PUEbY.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/9dac9c-85c6-4572-ad60-14512e7e59ef/1/bj7Jcvl2C4VfHUOQvDdbP6PUEbY.mft
rsync://rpki.ripe.net/repository/DEFAULT/bj7Jcvl2C4VfHUOQvDdbP6PUEbY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:57:ec:b6:0c:2f:e3:c5:db:2f:7e:da:fc:01:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e3ec972f9760b855f1d4390bc375b3fa3d411b6
Validity
Not Before: Jan 2 08:33:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01f85b4957365da713018752019700c80e6d25c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:0b:55:49:b2:23:e5:ba:d9:a2:d4:db:b4:39:
db:f0:d5:7f:92:b3:9a:72:a1:92:aa:a2:93:c4:91:
90:0c:5c:c3:01:0d:cb:23:b4:9c:4a:18:8b:b5:1c:
3b:49:d2:54:d3:82:d6:9f:52:49:6c:fd:16:1e:42:
31:e9:c6:6f:e2:36:5c:02:2d:7c:6a:ae:f6:47:bd:
e3:31:ca:e0:9b:0f:7b:80:fc:5a:59:1b:20:6a:03:
a8:35:53:ac:0e:f7:8c:46:d8:35:6c:13:0c:ba:64:
57:55:75:79:8a:67:f0:ae:44:bf:2f:a7:2a:83:db:
16:4a:ff:2b:64:ff:dd:7e:43:21:d6:37:69:c5:5f:
1c:e2:5b:be:cf:53:67:1f:67:d3:30:e9:3f:dd:c4:
15:1c:95:96:ac:88:97:53:4e:e4:7f:18:45:8c:9f:
60:c2:68:8d:96:83:68:25:ac:78:6b:37:74:67:8d:
ba:ef:be:08:8e:4f:e2:05:01:41:c1:23:f3:3c:71:
17:f3:b6:03:b7:bb:95:53:84:04:be:c6:f7:24:d1:
94:4a:92:47:a5:b1:28:51:20:2b:8f:2c:33:2e:b8:
89:6b:b1:72:05:35:d2:ae:9e:7b:45:50:be:91:e8:
57:a7:f4:a4:b1:ec:6e:52:91:0c:25:00:c9:4b:38:
06:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:F8:5B:49:57:36:5D:A7:13:01:87:52:01:97:00:C8:0E:6D:25:C8
X509v3 Authority Key Identifier:
keyid:6E:3E:C9:72:F9:76:0B:85:5F:1D:43:90:BC:37:5B:3F:A3:D4:11:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bj7Jcvl2C4VfHUOQvDdbP6PUEbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/9dac9c-85c6-4572-ad60-14512e7e59ef/1/AfhbSVc2XacTAYdSAZcAyA5tJcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/9dac9c-85c6-4572-ad60-14512e7e59ef/1/bj7Jcvl2C4VfHUOQvDdbP6PUEbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.76.56.0/22
Signature Algorithm: sha256WithRSAEncryption
55:25:dc:cb:0e:c0:b2:cc:8c:6a:a7:15:a8:d7:6f:b5:bf:1a:
00:b1:3d:a6:e9:91:c3:ca:47:72:9a:df:fc:d9:a4:a5:b5:bf:
70:be:3f:f4:ea:e2:f7:91:ae:25:46:5e:7f:22:32:20:77:e1:
2f:a9:44:5c:98:39:f8:b2:f7:d7:1d:89:72:42:ad:db:01:d6:
cf:d2:28:16:be:38:98:8c:6b:ee:2f:d6:c9:ef:9f:73:3b:02:
c5:dc:84:75:f5:71:3f:56:5a:95:a0:da:bd:a2:43:48:7b:d7:
28:7d:57:a8:0b:ee:ce:56:d2:c6:0b:6e:6a:11:cd:14:5a:5d:
74:d1:65:c1:94:52:e8:32:d9:22:0a:42:cf:7a:36:4d:0c:ea:
24:5a:9e:9b:95:47:05:6f:5e:de:ff:47:9f:6a:82:83:c3:13:
28:7f:6d:38:23:77:ec:28:0c:3d:af:69:22:0f:12:7c:27:3f:
d4:70:4f:6f:6d:a2:77:96:48:26:18:9f:de:0d:24:d0:0f:1d:
29:99:77:dc:ef:50:4a:76:7b:23:2d:0e:57:4b:a6:20:40:71:
33:95:85:7c:34:ca:8b:55:3c:19:18:af:42:59:a9:00:88:75:
4c:b6:75:59:65:4e:46:e2:04:50:5b:e5:14:6d:98:95:74:e4:
f0:e1:7f:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTlfstgwv48XbL37a/AFUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlM2VjOTcyZjk3NjBiODU1ZjFkNDM5MGJjMzc1YjNmYTNk
NDExYjYwHhcNMjQwMTAyMDgzMzIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWY4NWI0OTU3MzY1ZGE3MTMwMTg3NTIwMTk3MDBjODBlNmQyNWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgtVSbIj5brZotTbtDnb8NV/krOa
cqGSqqKTxJGQDFzDAQ3LI7ScShiLtRw7SdJU04LWn1JJbP0WHkIx6cZv4jZcAi18
aq72R73jMcrgmw97gPxaWRsgagOoNVOsDveMRtg1bBMMumRXVXV5imfwrkS/L6cq
g9sWSv8rZP/dfkMh1jdpxV8c4lu+z1NnH2fTMOk/3cQVHJWWrIiXU07kfxhFjJ9g
wmiNloNoJax4azd0Z426774Ijk/iBQFBwSPzPHEX87YDt7uVU4QEvsb3JNGUSpJH
pbEoUSArjywzLriJa7FyBTXSrp57RVC+kehXp/SksexuUpEMJQDJSzgG8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAH4W0lXNl2nEwGHUgGXAMgObSXIMB8GA1UdIwQY
MBaAFG4+yXL5dguFXx1DkLw3Wz+j1BG2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmo3SmN2bDJDNFZmSFVPUXZEZGJQNlBVRWJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS85ZGFjOWMtODVjNi00NTcyLWFkNjAt
MTQ1MTJlN2U1OWVmLzEvQWZoYlNWYzJYYWNUQVlkU0FaY0F5QTV0SmNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS85ZGFjOWMtODVjNi00NTcyLWFkNjAtMTQ1MTJlN2U1OWVm
LzEvYmo3SmN2bDJDNFZmSFVPUXZEZGJQNlBVRWJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUw4MA0G
CSqGSIb3DQEBCwUAA4IBAQBVJdzLDsCyzIxqpxWo12+1vxoAsT2m6ZHDykdymt/8
2aSltb9wvj/06uL3ka4lRl5/IjIgd+EvqURcmDn4svfXHYlyQq3bAdbP0igWvjiY
jGvuL9bJ759zOwLF3IR19XE/VlqVoNq9okNIe9cofVeoC+7OVtLGC25qEc0UWl10
0WXBlFLoMtkiCkLPejZNDOokWp6blUcFb17e/0efaoKDwxMof204I3fsKAw9r2ki
DxJ8Jz/UcE9vbaJ3lkgmGJ/eDSTQDx0pmXfc71BKdnsjLQ5XS6YgQHEzlYV8NMqL
VTwZGK9CWakAiHVMtnVZZU5G4gRQW+UUbZiVdOTw4X9Q
-----END CERTIFICATE-----
Generated at Sat Jun 1 16:47:23 2024 by rpki-client on console-ams.rpki-client.org