Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/b585ac-8618-415a-87ec-d1d8db148ec2/1/UdCc7kqo29njuIQ7gYyTnAhe9Fc.roa
File: UdCc7kqo29njuIQ7gYyTnAhe9Fc.roa (raw, json)
Hash identifier: qAVAjWqQ9V9IkN73vNnGWW5+JUkbJk5I+Pkk1ImV/m4=
Subject key identifier: 51:D0:9C:EE:4A:A8:DB:D9:E3:B8:84:3B:81:8C:93:9C:08:5E:F4:57
Certificate issuer: /CN=7178700f1619ec1cd34d9700392153ec4b6231fc
Certificate serial: 018CC5DC17F68B21C854536DD029058F26DC
Authority key identifier: 71:78:70:0F:16:19:EC:1C:D3:4D:97:00:39:21:53:EC:4B:62:31:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cXhwDxYZ7BzTTZcAOSFT7EtiMfw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/b585ac-8618-415a-87ec-d1d8db148ec2/1/UdCc7kqo29njuIQ7gYyTnAhe9Fc.roa
Signing time: Mon 01 Jan 2024 16:29:44 +0000
ROA not before: Mon 01 Jan 2024 16:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60129
IP address blocks: 185.249.240.0/22 maxlen: 22
185.56.24.0/22 maxlen: 22
2a0b:4780::/29 maxlen: 29
2a02:4fe0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/b585ac-8618-415a-87ec-d1d8db148ec2/1/cXhwDxYZ7BzTTZcAOSFT7EtiMfw.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/b585ac-8618-415a-87ec-d1d8db148ec2/1/cXhwDxYZ7BzTTZcAOSFT7EtiMfw.mft
rsync://rpki.ripe.net/repository/DEFAULT/cXhwDxYZ7BzTTZcAOSFT7EtiMfw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 13:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:17:f6:8b:21:c8:54:53:6d:d0:29:05:8f:26:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7178700f1619ec1cd34d9700392153ec4b6231fc
Validity
Not Before: Jan 1 16:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=51d09cee4aa8dbd9e3b8843b818c939c085ef457
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:a3:1d:2c:f1:7d:81:2c:56:91:c4:4d:c0:25:
2d:93:42:7c:a0:e5:cd:e6:70:de:6a:f6:dd:e6:0e:
f3:fa:88:43:79:9c:d3:a3:fc:d9:91:b2:39:9c:67:
9d:fe:0a:79:ff:d4:74:ed:e2:4f:0e:69:ab:3a:8a:
f2:b6:6a:47:39:96:ea:cf:c3:c4:c1:47:87:b5:10:
8e:84:aa:69:8d:7c:7b:85:57:9e:e3:e1:7b:f4:78:
e0:5f:93:99:0f:41:40:5d:33:32:13:d7:61:2e:03:
8e:67:64:d5:0e:31:a5:60:49:50:ff:e3:47:ca:b9:
9a:74:e1:e2:08:6e:b6:49:84:0c:de:87:31:91:a0:
73:e1:8d:b0:6f:5b:f1:2f:ce:d6:fc:a3:8b:85:42:
98:7a:71:7f:b7:d7:7c:4b:b2:ad:56:cf:08:94:b6:
c0:60:87:27:a1:18:91:c8:32:c7:a8:16:89:13:d5:
10:58:3c:09:c1:76:c8:65:29:5f:e4:df:77:d8:4b:
34:1f:be:c8:19:b8:f6:ee:f3:d7:6b:21:dc:1c:7a:
0a:5d:13:e8:47:8f:ea:a6:2a:97:7b:a2:c3:c9:21:
f5:60:13:16:4a:2e:fb:66:03:5f:1a:42:ad:17:d4:
59:7c:b0:70:52:32:8e:b0:49:b8:83:1a:5f:67:0e:
bd:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:D0:9C:EE:4A:A8:DB:D9:E3:B8:84:3B:81:8C:93:9C:08:5E:F4:57
X509v3 Authority Key Identifier:
keyid:71:78:70:0F:16:19:EC:1C:D3:4D:97:00:39:21:53:EC:4B:62:31:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cXhwDxYZ7BzTTZcAOSFT7EtiMfw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b585ac-8618-415a-87ec-d1d8db148ec2/1/UdCc7kqo29njuIQ7gYyTnAhe9Fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b585ac-8618-415a-87ec-d1d8db148ec2/1/cXhwDxYZ7BzTTZcAOSFT7EtiMfw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.56.24.0/22
185.249.240.0/22
IPv6:
2a02:4fe0::/32
2a0b:4780::/29
Signature Algorithm: sha256WithRSAEncryption
06:d9:83:04:41:55:1b:fe:1d:95:63:84:5c:26:2f:ca:52:c2:
9f:70:34:92:a9:04:b1:00:f7:69:15:d0:14:a0:49:8a:24:cc:
e4:cb:d5:ed:5c:97:78:ea:a1:c9:5e:f8:21:7a:88:1d:49:88:
ef:df:7c:11:18:09:0b:28:a8:9f:26:e6:0d:03:c4:31:db:be:
cd:c4:e4:e9:24:10:9e:3f:e3:82:d8:60:09:3e:2f:6f:44:c2:
3d:0b:18:3a:7b:32:17:06:eb:89:ad:24:02:cc:56:95:e5:bb:
ee:e3:f1:52:27:68:24:ef:93:ac:0a:ff:43:8e:da:c9:0c:7c:
12:80:5c:1a:3c:0e:3f:28:6c:22:88:89:bf:a2:ce:39:4c:8d:
dd:3d:d2:e1:cb:6e:87:1a:5f:19:a7:cb:48:1b:61:c4:c3:42:
7f:e2:d0:85:f8:07:c2:3e:a9:cc:10:fe:39:46:0f:ca:2a:46:
94:cf:14:ad:aa:de:b7:39:79:89:d0:a2:1d:87:13:07:15:35:
94:1a:27:72:d2:9f:d4:ae:38:fd:05:b8:3e:e3:fc:89:87:1d:
b7:2e:59:5e:a7:c9:fd:a9:93:76:3b:4e:cf:1f:58:61:64:bc:
5c:b7:01:c9:e0:0d:f7:19:15:47:76:39:05:20:f5:37:84:c2:
79:6a:60:4b
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzF3Bf2iyHIVFNt0CkFjybcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNzg3MDBmMTYxOWVjMWNkMzRkOTcwMDM5MjE1M2VjNGI2
MjMxZmMwHhcNMjQwMTAxMTYyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWQwOWNlZTRhYThkYmQ5ZTNiODg0M2I4MThjOTM5YzA4NWVmNDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjaMdLPF9gSxWkcRNwCUtk0J8oOXN
5nDeavbd5g7z+ohDeZzTo/zZkbI5nGed/gp5/9R07eJPDmmrOorytmpHOZbqz8PE
wUeHtRCOhKppjXx7hVee4+F79HjgX5OZD0FAXTMyE9dhLgOOZ2TVDjGlYElQ/+NH
yrmadOHiCG62SYQM3ocxkaBz4Y2wb1vxL87W/KOLhUKYenF/t9d8S7KtVs8IlLbA
YIcnoRiRyDLHqBaJE9UQWDwJwXbIZSlf5N932Es0H77IGbj27vPXayHcHHoKXRPo
R4/qpiqXe6LDySH1YBMWSi77ZgNfGkKtF9RZfLBwUjKOsEm4gxpfZw69IwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFFHQnO5KqNvZ47iEO4GMk5wIXvRXMB8GA1UdIwQY
MBaAFHF4cA8WGewc002XADkhU+xLYjH8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1hod0R4WVo3QnpUVFpjQU9TRlQ3RXRpTWZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iNTg1YWMtODYxOC00MTVhLTg3ZWMt
ZDFkOGRiMTQ4ZWMyLzEvVWRDYzdrcW8yOW5qdUlRN2dZeVRuQWhlOUZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iNTg1YWMtODYxOC00MTVhLTg3ZWMtZDFkOGRiMTQ4ZWMy
LzEvY1hod0R4WVo3QnpUVFpjQU9TRlQ3RXRpTWZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuTgYAwQC
ufnwMBQEAgACMA4DBQAqAk/gAwUDKgtHgDANBgkqhkiG9w0BAQsFAAOCAQEABtmD
BEFVG/4dlWOEXCYvylLCn3A0kqkEsQD3aRXQFKBJiiTM5MvV7VyXeOqhyV74IXqI
HUmI7998ERgJCyionybmDQPEMdu+zcTk6SQQnj/jgthgCT4vb0TCPQsYOnsyFwbr
ia0kAsxWleW77uPxUidoJO+TrAr/Q47ayQx8EoBcGjwOPyhsIoiJv6LOOUyN3T3S
4ctuhxpfGafLSBthxMNCf+LQhfgHwj6pzBD+OUYPyipGlM8Uraretzl5idCiHYcT
BxU1lBonctKf1K44/QW4PuP8iYcdty5ZXqfJ/amTdjtOzx9YYWS8XLcByeAN9xkV
R3Y5BSD1N4TCeWpgSw==
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:19:33 2024 by rpki-client on console-ams.rpki-client.org