Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/1hFvZi6C-UgUdw17nh-v0VxCKuE.roa
File: 1hFvZi6C-UgUdw17nh-v0VxCKuE.roa (raw, json)
Hash identifier: uxUSuyP/9LsDye89whx4kt423bTb2MPfvF1BxN2piDQ=
Subject key identifier: D6:11:6F:66:2E:82:F9:48:14:77:0D:7B:9E:1F:AF:D1:5C:42:2A:E1
Certificate issuer: /CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Certificate serial: 0190222D06E245858C67D6D824A881CA543E
Authority key identifier: 2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/1hFvZi6C-UgUdw17nh-v0VxCKuE.roa
Signing time: Sun 16 Jun 2024 17:51:34 +0000
ROA not before: Sun 16 Jun 2024 17:51:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34465
IP address blocks: 185.188.28.0/24 maxlen: 24
2a12:8fc6::/32 maxlen: 32
2a12:8fc6:5ee::/48 maxlen: 48
2a12:8fc6:a051::/48 maxlen: 48
2a12:8fc6:a1c3::/48 maxlen: 48
2a12:8fc6:a517::/48 maxlen: 48
2a12:8fc6:aa00::/48 maxlen: 48
2a12:8fc6:ace1::/48 maxlen: 48
2a12:8fc6:ace2::/48 maxlen: 48
2a12:8fc6:ace3::/48 maxlen: 48
2a12:8fc6:ae00::/48 maxlen: 48
2a12:8fc6:ae44::/48 maxlen: 48
2a12:8fc6:bab0::/48 maxlen: 48
2a12:8fc6:bdee::/48 maxlen: 48
2a12:8fc6:be01::/48 maxlen: 48
2a12:8fc6:c31a::/48 maxlen: 48
2a12:8fc6:c31e::/48 maxlen: 48
2a12:8fc6:c341::/48 maxlen: 48
2a12:8fc6:ca00::/48 maxlen: 48
2a12:8fc6:ca1c::/48 maxlen: 48
2a12:8fc6:caa0::/48 maxlen: 48
2a12:8fc6:cae1::/48 maxlen: 48
2a12:8fc6:cc00::/48 maxlen: 48
2a12:8fc6:cc21::/48 maxlen: 48
2a12:8fc6:cd00::/48 maxlen: 48
2a12:8fc6:cd01::/48 maxlen: 48
2a12:8fc6:cd02::/48 maxlen: 48
2a12:8fc6:cd04::/48 maxlen: 48
2a12:8fc6:ce00::/48 maxlen: 48
2a12:8fc6:ce01::/48 maxlen: 48
2a12:8fc6:ceca::/48 maxlen: 48
2a12:8fc6:daa0::/48 maxlen: 48
2a12:8fc6:dae0::/48 maxlen: 48
2a12:8fc6:db00::/48 maxlen: 48
2a12:8fc6:dbaa::/48 maxlen: 48
2a12:8fc6:eaca::/48 maxlen: 48
2a12:8fc6:ee01::/48 maxlen: 48
2a12:8fc6:efdf::/48 maxlen: 48
2a12:8fc6:faa0::/48 maxlen: 48
2a12:8fc6:fae0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.mft
rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:22:2d:06:e2:45:85:8c:67:d6:d8:24:a8:81:ca:54:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Validity
Not Before: Jun 16 17:51:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d6116f662e82f94814770d7b9e1fafd15c422ae1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:66:16:60:72:9d:c4:79:e8:37:d3:b9:44:a3:
52:f2:dc:8b:b6:b0:e5:ec:56:fc:a1:3a:71:58:fd:
bf:2f:fb:52:14:75:d1:a6:d8:f6:60:2d:70:ff:2f:
e6:97:41:9b:ab:6b:a6:83:07:89:19:8e:e2:a0:1d:
54:0c:32:98:14:2c:f7:cc:05:dc:b3:2a:89:a9:5f:
ca:0f:98:8c:e8:a3:60:33:d8:ad:e1:42:42:08:29:
7e:71:07:cb:5f:38:8a:70:e9:2a:1e:93:88:c0:c2:
f4:2d:7c:5b:46:ac:39:b3:10:5e:75:26:cf:ab:92:
ce:3d:d8:fc:56:12:0b:c9:0c:d2:db:83:6e:2e:73:
a1:56:de:d3:40:13:a3:45:41:cc:5e:a2:1a:8c:fb:
1a:92:93:b2:b1:65:ab:38:d2:56:43:22:bb:fe:62:
49:fc:b4:3f:bf:e5:b4:0f:24:e6:dd:b0:2b:c3:b2:
e2:30:27:ee:be:85:2c:71:b0:12:0e:0b:95:14:7a:
71:3b:26:57:ef:9a:0b:8b:7d:17:44:a2:c2:56:b9:
c8:86:46:74:4d:4f:56:83:26:fd:18:28:62:18:42:
63:34:2c:a2:fa:54:4b:3a:b0:64:ab:88:2f:66:b5:
e2:6b:3e:06:77:88:2e:65:85:3d:d9:c4:d9:24:a6:
9a:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:11:6F:66:2E:82:F9:48:14:77:0D:7B:9E:1F:AF:D1:5C:42:2A:E1
X509v3 Authority Key Identifier:
keyid:2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/1hFvZi6C-UgUdw17nh-v0VxCKuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.188.28.0/24
IPv6:
2a12:8fc6::/32
Signature Algorithm: sha256WithRSAEncryption
65:fb:6e:47:a3:f2:f9:71:b8:18:a6:1c:a3:fe:ec:2a:5d:20:
c8:3b:43:95:8c:9b:2b:92:61:68:58:76:e7:fa:01:a9:86:f6:
58:87:55:6d:18:de:bb:01:72:4e:0f:e9:d0:e7:f6:48:d4:e4:
6d:0b:a1:de:0c:2b:f2:b6:a5:d1:ce:66:fd:38:70:3e:30:48:
6c:93:e0:f4:fe:84:1a:da:fa:01:db:a2:6b:98:b1:19:8a:41:
14:bd:0f:77:ce:f7:43:26:55:50:b8:88:19:f7:9b:60:a6:d8:
37:81:b0:9f:4e:1f:d8:e5:99:0c:81:ff:15:7d:35:1e:4f:81:
8d:1f:8a:7e:e5:7e:ec:77:61:13:a5:a3:a8:55:d4:bc:62:19:
30:0b:5f:c5:1b:b5:94:99:61:50:08:f2:71:01:16:c4:5d:fc:
d8:f1:b0:f6:eb:be:ad:84:29:9c:2d:dc:6c:84:9f:4e:09:55:
e4:79:db:9c:d4:06:bb:8e:11:f2:98:11:01:d3:a2:7e:af:ee:
b1:1a:0d:36:7f:39:67:a5:55:d1:5d:98:07:99:20:02:33:8b:
ca:93:13:31:b2:ea:bb:40:ec:f4:1c:fe:54:3c:03:03:c2:44:
a6:b6:de:81:36:87:af:db:4f:74:3e:00:82:ae:b4:93:45:3e:
46:6b:35:fb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZAiLQbiRYWMZ9bYJKiBylQ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTY3ZTc3MmNjNzI5ODMwNWExMWZmYTY1ZGQxODVmNmE1
ODkxMGIwHhcNMjQwNjE2MTc1MTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjExNmY2NjJlODJmOTQ4MTQ3NzBkN2I5ZTFmYWZkMTVjNDIyYWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA52YWYHKdxHnoN9O5RKNS8tyLtrDl
7Fb8oTpxWP2/L/tSFHXRptj2YC1w/y/ml0Gbq2umgweJGY7ioB1UDDKYFCz3zAXc
syqJqV/KD5iM6KNgM9it4UJCCCl+cQfLXziKcOkqHpOIwML0LXxbRqw5sxBedSbP
q5LOPdj8VhILyQzS24NuLnOhVt7TQBOjRUHMXqIajPsakpOysWWrONJWQyK7/mJJ
/LQ/v+W0DyTm3bArw7LiMCfuvoUscbASDguVFHpxOyZX75oLi30XRKLCVrnIhkZ0
TU9Wgyb9GChiGEJjNCyi+lRLOrBkq4gvZrXiaz4Gd4guZYU92cTZJKaa6wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNYRb2YugvlIFHcNe54fr9FcQirhMB8GA1UdIwQY
MBaAFCuWfncsxymDBaEf+mXdGF9qWJELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEt
NThjOTZkNjZmMGExLzEvMWhGdlppNkMtVWdVZHcxN25oLXYwVnhDS3VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEtNThjOTZkNjZmMGEx
LzEvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAubwcMA0E
AgACMAcDBQAqEo/GMA0GCSqGSIb3DQEBCwUAA4IBAQBl+25Ho/L5cbgYphyj/uwq
XSDIO0OVjJsrkmFoWHbn+gGphvZYh1VtGN67AXJOD+nQ5/ZI1ORtC6HeDCvytqXR
zmb9OHA+MEhsk+D0/oQa2voB26JrmLEZikEUvQ93zvdDJlVQuIgZ95tgptg3gbCf
Th/Y5ZkMgf8VfTUeT4GNH4p+5X7sd2ETpaOoVdS8YhkwC1/FG7WUmWFQCPJxARbE
XfzY8bD2676thCmcLdxshJ9OCVXkeduc1Aa7jhHymBEB06J+r+6xGg02fzlnpVXR
XZgHmSACM4vKkxMxsuq7QOz0HP5UPAMDwkSmtt6BNoev2090PgCCrrSTRT5GazX7
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:24:15 2024 by rpki-client on console-ams.rpki-client.org