Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/amNJceS9RA1i7xLcKD_-pfWbmi4.roa
File: amNJceS9RA1i7xLcKD_-pfWbmi4.roa (raw, json)
Hash identifier: m/LfSJTN5kR2Lr2fL2RXjYW3sBAa5XbSgprSB39VH88=
Subject key identifier: 6A:63:49:71:E4:BD:44:0D:62:EF:12:DC:28:3F:FE:A5:F5:9B:9A:2E
Certificate issuer: /CN=959efe6ef97728a4282ae2c7b05a240506571f1c
Certificate serial: 018CC64B672B652CED341C8A41E20A11A0F4
Authority key identifier: 95:9E:FE:6E:F9:77:28:A4:28:2A:E2:C7:B0:5A:24:05:06:57:1F:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lZ7-bvl3KKQoKuLHsFokBQZXHxw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/amNJceS9RA1i7xLcKD_-pfWbmi4.roa
Signing time: Mon 01 Jan 2024 18:31:19 +0000
ROA not before: Mon 01 Jan 2024 18:31:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212889
IP address blocks: 185.164.24.0/24 maxlen: 24
185.164.29.0/24 maxlen: 24
185.164.30.0/24 maxlen: 24
185.164.27.0/24 maxlen: 24
185.164.28.0/24 maxlen: 24
185.164.31.0/24 maxlen: 24
185.164.25.0/24 maxlen: 24
185.164.26.0/24 maxlen: 24
185.203.108.0/24 maxlen: 24
185.203.111.0/24 maxlen: 24
185.203.109.0/24 maxlen: 24
185.203.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/lZ7-bvl3KKQoKuLHsFokBQZXHxw.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/lZ7-bvl3KKQoKuLHsFokBQZXHxw.mft
rsync://rpki.ripe.net/repository/DEFAULT/lZ7-bvl3KKQoKuLHsFokBQZXHxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 04:02:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:67:2b:65:2c:ed:34:1c:8a:41:e2:0a:11:a0:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=959efe6ef97728a4282ae2c7b05a240506571f1c
Validity
Not Before: Jan 1 18:31:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a634971e4bd440d62ef12dc283ffea5f59b9a2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:5d:d0:1c:f2:58:61:97:68:01:2b:6f:eb:0d:
50:f3:9d:fd:eb:d0:b6:eb:b3:91:7c:08:6b:c0:77:
9b:11:2a:31:5a:cb:d2:ca:b2:93:94:54:a3:e0:50:
e3:80:e1:81:fc:56:61:a9:e3:35:f6:e0:ce:71:5c:
c8:a8:56:ee:f1:39:15:57:a6:df:af:27:94:e7:df:
bf:72:31:d0:42:fa:fa:c4:8d:79:2e:80:85:ba:18:
a5:90:cf:01:7f:e2:d9:8e:4d:9e:ab:4d:97:36:85:
d8:a9:cb:30:14:03:d0:84:f0:17:8b:4f:c6:20:05:
0c:fc:95:bb:5d:b1:72:da:a7:e4:5c:d6:d6:e9:30:
c2:d5:6d:5e:21:ba:80:94:e2:d5:71:2d:c8:8f:97:
56:84:3b:b3:06:2c:f4:f6:fe:58:52:3b:ef:15:7d:
af:c6:56:55:e8:a9:fa:69:3b:ca:d8:e8:41:77:84:
42:55:3a:3c:d7:2f:f6:da:e3:97:cd:21:d2:4f:7d:
db:dc:2d:69:33:2e:46:b3:e2:e3:d2:26:b7:af:14:
d4:89:17:7b:70:10:cf:c0:cf:ba:ad:ed:65:81:ef:
4e:36:72:b6:75:09:47:0c:76:1a:e8:cf:8d:b0:4c:
33:6a:0a:bb:1f:33:30:98:50:7c:af:e4:06:7c:02:
db:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:63:49:71:E4:BD:44:0D:62:EF:12:DC:28:3F:FE:A5:F5:9B:9A:2E
X509v3 Authority Key Identifier:
keyid:95:9E:FE:6E:F9:77:28:A4:28:2A:E2:C7:B0:5A:24:05:06:57:1F:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lZ7-bvl3KKQoKuLHsFokBQZXHxw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/amNJceS9RA1i7xLcKD_-pfWbmi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/lZ7-bvl3KKQoKuLHsFokBQZXHxw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.164.24.0/21
185.203.108.0/22
Signature Algorithm: sha256WithRSAEncryption
af:88:84:2e:14:90:61:bf:3b:ff:cb:39:83:b7:11:0a:a8:62:
0b:9a:34:2b:b2:52:d8:14:02:62:7d:02:0e:1f:fd:b9:d3:6f:
37:4a:c6:32:f9:33:f7:d3:4d:4c:6d:d6:53:c3:ee:78:05:75:
b6:2b:aa:d4:2e:95:c9:4a:84:5c:1f:ce:57:e0:07:23:87:7b:
d6:2b:73:93:c4:74:36:ed:7e:cd:a8:8a:13:33:e9:cb:fe:c0:
cf:91:dc:5d:65:6a:e9:e3:a8:6a:05:cc:1d:97:45:55:be:d9:
75:69:e3:2b:3f:58:95:f0:45:8a:fb:65:05:a3:e8:23:9e:bb:
25:a1:97:78:57:76:26:2d:ca:6c:f5:e5:1f:f1:78:54:76:63:
3d:18:aa:ef:82:41:a0:33:bf:79:d4:aa:6a:5d:06:53:b1:8e:
3c:f4:d6:59:35:8d:c8:32:f4:49:6e:18:92:0a:5c:62:31:01:
1e:29:db:69:fb:0b:dc:8a:38:96:c9:c8:30:7e:5b:7f:c8:1e:
a1:e0:a1:d1:05:90:9d:a6:57:55:72:16:65:f0:43:4e:c0:3e:
05:ed:63:66:cc:5e:9b:56:3f:26:3e:2c:2f:4e:6d:74:56:44:
95:66:c1:b8:23:85:2a:b8:84:60:e0:7c:00:f8:37:4a:7e:7e:
8e:cb:68:20
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGS2crZSztNByKQeIKEaD0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1OWVmZTZlZjk3NzI4YTQyODJhZTJjN2IwNWEyNDA1MDY1
NzFmMWMwHhcNMjQwMTAxMTgzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTYzNDk3MWU0YmQ0NDBkNjJlZjEyZGMyODNmZmVhNWY1OWI5YTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArF3QHPJYYZdoAStv6w1Q853969C2
67ORfAhrwHebESoxWsvSyrKTlFSj4FDjgOGB/FZhqeM19uDOcVzIqFbu8TkVV6bf
ryeU59+/cjHQQvr6xI15LoCFuhilkM8Bf+LZjk2eq02XNoXYqcswFAPQhPAXi0/G
IAUM/JW7XbFy2qfkXNbW6TDC1W1eIbqAlOLVcS3Ij5dWhDuzBiz09v5YUjvvFX2v
xlZV6Kn6aTvK2OhBd4RCVTo81y/22uOXzSHST33b3C1pMy5Gs+Lj0ia3rxTUiRd7
cBDPwM+6re1lge9ONnK2dQlHDHYa6M+NsEwzagq7HzMwmFB8r+QGfALbvwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGpjSXHkvUQNYu8S3Cg//qX1m5ouMB8GA1UdIwQY
MBaAFJWe/m75dyikKCrix7BaJAUGVx8cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFo3LWJ2bDNLS1FvS3VMSHNGb2tCUVpYSHh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84YzFlNDktN2RkMS00NDhkLTg4MTUt
YTA5MjY2YmI0ZDhjLzEvYW1OSmNlUzlSQTFpN3hMY0tEXy1wZldibWk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84YzFlNDktN2RkMS00NDhkLTg4MTUtYTA5MjY2YmI0ZDhj
LzEvbFo3LWJ2bDNLS1FvS3VMSHNGb2tCUVpYSHh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDuaQYAwQC
uctsMA0GCSqGSIb3DQEBCwUAA4IBAQCviIQuFJBhvzv/yzmDtxEKqGILmjQrslLY
FAJifQIOH/250283SsYy+TP3001MbdZTw+54BXW2K6rULpXJSoRcH85X4Acjh3vW
K3OTxHQ27X7NqIoTM+nL/sDPkdxdZWrp46hqBcwdl0VVvtl1aeMrP1iV8EWK+2UF
o+gjnrsloZd4V3YmLcps9eUf8XhUdmM9GKrvgkGgM7951KpqXQZTsY489NZZNY3I
MvRJbhiSClxiMQEeKdtp+wvcijiWycgwflt/yB6h4KHRBZCdpldVchZl8ENOwD4F
7WNmzF6bVj8mPiwvTm10VkSVZsG4I4UquIRg4HwA+DdKfn6Oy2gg
-----END CERTIFICATE-----
Generated at Sat Jun 15 10:49:24 2024 by rpki-client on console-ams.rpki-client.org