Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8631f5-54a2-486f-b9a5-081a1ae6ebd6/1/0uwDZFzeU_bJsjjhrqn-_JohGIw.roa
File: 0uwDZFzeU_bJsjjhrqn-_JohGIw.roa (raw, json)
Hash identifier: FFwKJEdeQu/A3L2teKCB2gyRmVauRJi9ooT5EpthoS4=
Subject key identifier: D2:EC:03:64:5C:DE:53:F6:C9:B2:38:E1:AE:A9:FE:FC:9A:21:18:8C
Certificate issuer: /CN=b6fbc63ef5614a7ef95a106188e3d78755c687b9
Certificate serial: 018CC4244B218FAA263DB84322E4D905308B
Authority key identifier: B6:FB:C6:3E:F5:61:4A:7E:F9:5A:10:61:88:E3:D7:87:55:C6:87:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tvvGPvVhSn75WhBhiOPXh1XGh7k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8631f5-54a2-486f-b9a5-081a1ae6ebd6/1/0uwDZFzeU_bJsjjhrqn-_JohGIw.roa
Signing time: Mon 01 Jan 2024 08:29:22 +0000
ROA not before: Mon 01 Jan 2024 08:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206828
IP address blocks: 185.175.60.0/24 maxlen: 24
185.175.61.0/24 maxlen: 24
185.175.62.0/24 maxlen: 24
2a0b:d100::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/8631f5-54a2-486f-b9a5-081a1ae6ebd6/1/tvvGPvVhSn75WhBhiOPXh1XGh7k.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/8631f5-54a2-486f-b9a5-081a1ae6ebd6/1/tvvGPvVhSn75WhBhiOPXh1XGh7k.mft
rsync://rpki.ripe.net/repository/DEFAULT/tvvGPvVhSn75WhBhiOPXh1XGh7k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:4b:21:8f:aa:26:3d:b8:43:22:e4:d9:05:30:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6fbc63ef5614a7ef95a106188e3d78755c687b9
Validity
Not Before: Jan 1 08:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2ec03645cde53f6c9b238e1aea9fefc9a21188c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1a:05:cb:ba:af:88:30:a3:5c:2f:7d:e9:67:
e2:76:cb:af:fd:5c:1e:b5:4a:65:cc:fd:30:b0:ba:
80:7b:72:c1:8a:55:a1:16:91:9f:51:1e:b9:33:6a:
cb:a5:05:0e:8c:86:00:4e:6d:a7:26:e4:2a:88:cd:
b0:12:57:a8:ba:59:0f:e4:e4:07:a2:59:79:7e:1c:
e9:4f:7e:7e:50:e2:88:e8:51:45:21:58:4b:12:f5:
56:26:6b:42:a3:a8:8d:f0:28:b3:4f:f4:70:01:65:
f1:f0:fa:2a:03:21:e3:d4:2f:e3:26:a3:80:4c:de:
1c:ea:66:c1:4e:91:da:c0:88:00:91:85:90:f3:b9:
69:0a:f6:3d:b0:62:a5:1a:a0:c1:71:45:31:3c:1a:
6c:54:23:73:42:f9:e3:6e:a9:6d:9d:e5:99:86:0d:
6d:31:54:46:ab:dc:13:b1:96:9a:cb:4c:2b:af:95:
30:9a:e8:12:e1:c9:4c:14:60:b4:33:94:54:d9:e5:
25:75:6c:ee:5d:dc:be:d8:0d:8d:e3:f1:d1:21:2d:
ca:aa:c0:9e:b2:cc:2b:e7:4b:70:c3:73:37:37:80:
68:c7:b3:97:44:7b:b9:e7:c8:66:02:25:19:62:fa:
7d:d7:9e:a5:e1:58:e3:7f:cc:c4:ad:65:8b:62:43:
ed:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:EC:03:64:5C:DE:53:F6:C9:B2:38:E1:AE:A9:FE:FC:9A:21:18:8C
X509v3 Authority Key Identifier:
keyid:B6:FB:C6:3E:F5:61:4A:7E:F9:5A:10:61:88:E3:D7:87:55:C6:87:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tvvGPvVhSn75WhBhiOPXh1XGh7k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8631f5-54a2-486f-b9a5-081a1ae6ebd6/1/0uwDZFzeU_bJsjjhrqn-_JohGIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8631f5-54a2-486f-b9a5-081a1ae6ebd6/1/tvvGPvVhSn75WhBhiOPXh1XGh7k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.175.60.0-185.175.62.255
IPv6:
2a0b:d100::/29
Signature Algorithm: sha256WithRSAEncryption
5c:57:83:e9:fa:4d:a1:f5:ec:1e:96:5b:51:37:98:12:64:ff:
90:00:22:8f:03:a7:0c:46:76:92:28:94:e6:67:8d:22:9b:08:
54:d3:d0:2b:8d:13:9b:58:a0:ad:7a:07:e7:4c:06:df:26:be:
4f:4d:b4:63:bf:b3:27:2a:e9:e0:a0:ed:2c:95:31:b3:21:ac:
04:de:04:cb:f5:61:11:9d:e3:0d:d1:b4:43:b6:77:96:de:94:
72:1e:d3:6f:9e:b3:c7:78:9f:b7:5a:e0:53:79:04:f3:e4:db:
33:ee:bc:25:5d:8a:d7:55:8f:3b:03:c9:c0:7a:1f:56:3e:d4:
c5:72:6c:74:0c:de:25:3f:0a:4f:1a:be:84:1d:67:f1:c4:78:
2a:30:e9:e8:c9:55:f4:af:4c:0b:05:98:8a:63:33:eb:37:aa:
e7:af:a9:2c:2b:0f:f7:c1:d8:40:f5:c0:08:33:99:0c:b7:a2:
3c:93:56:95:38:b8:81:c6:9b:bf:b3:07:5e:62:14:03:2f:a5:
fd:c9:a5:cd:79:00:cf:48:fa:b4:7e:e5:21:c9:31:3e:69:81:
b8:67:5f:dc:a0:2a:34:0a:b6:a4:03:9c:1b:de:fd:b5:e6:d4:
42:35:d5:1b:e6:8e:0c:18:8f:f7:2d:a5:d6:2b:36:84:2b:fe:
69:9a:0d:9e
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzEJEshj6omPbhDIuTZBTCLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZmJjNjNlZjU2MTRhN2VmOTVhMTA2MTg4ZTNkNzg3NTVj
Njg3YjkwHhcNMjQwMTAxMDgyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmVjMDM2NDVjZGU1M2Y2YzliMjM4ZTFhZWE5ZmVmYzlhMjExODhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthoFy7qviDCjXC996Wfidsuv/Vwe
tUplzP0wsLqAe3LBilWhFpGfUR65M2rLpQUOjIYATm2nJuQqiM2wEleoulkP5OQH
oll5fhzpT35+UOKI6FFFIVhLEvVWJmtCo6iN8CizT/RwAWXx8PoqAyHj1C/jJqOA
TN4c6mbBTpHawIgAkYWQ87lpCvY9sGKlGqDBcUUxPBpsVCNzQvnjbqltneWZhg1t
MVRGq9wTsZaay0wrr5UwmugS4clMFGC0M5RU2eUldWzuXdy+2A2N4/HRIS3KqsCe
sswr50tww3M3N4Box7OXRHu558hmAiUZYvp9156l4Vjjf8zErWWLYkPtAQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFNLsA2Rc3lP2ybI44a6p/vyaIRiMMB8GA1UdIwQY
MBaAFLb7xj71YUp++VoQYYjj14dVxoe5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHZ2R1B2VmhTbjc1V2hCaGlPUFhoMVhHaDdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS84NjMxZjUtNTRhMi00ODZmLWI5YTUt
MDgxYTFhZTZlYmQ2LzEvMHV3RFpGemVVX2JKc2pqaHJxbi1fSm9oR0l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS84NjMxZjUtNTRhMi00ODZmLWI5YTUtMDgxYTFhZTZlYmQ2
LzEvdHZ2R1B2VmhTbjc1V2hCaGlPUFhoMVhHaDdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAK5rzwD
BAC5rz4wDQQCAAIwBwMFAyoL0QAwDQYJKoZIhvcNAQELBQADggEBAFxXg+n6TaH1
7B6WW1E3mBJk/5AAIo8DpwxGdpIolOZnjSKbCFTT0CuNE5tYoK16B+dMBt8mvk9N
tGO/sycq6eCg7SyVMbMhrATeBMv1YRGd4w3RtEO2d5belHIe02+es8d4n7da4FN5
BPPk2zPuvCVditdVjzsDycB6H1Y+1MVybHQM3iU/Ck8avoQdZ/HEeCow6ejJVfSv
TAsFmIpjM+s3quevqSwrD/fB2ED1wAgzmQy3ojyTVpU4uIHGm7+zB15iFAMvpf3J
pc15AM9I+rR+5SHJMT5pgbhnX9ygKjQKtqQDnBve/bXm1EI11RvmjgwYj/ctpdYr
NoQr/mmaDZ4=
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:26:38 2024 by rpki-client on console-ams.rpki-client.org