Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/2b7cd1-49b6-4921-a5e1-61f91ededf0a/1/56yQWQsPbv9m-vIMGbPpQ9r2alg.roa
File: 56yQWQsPbv9m-vIMGbPpQ9r2alg.roa (raw, json)
Hash identifier: HU55etSA5xV6SrmmKrYYDg0zqbbyoHb2XHA+4yZWcJQ=
Subject key identifier: E7:AC:90:59:0B:0F:6E:FF:66:FA:F2:0C:19:B3:E9:43:DA:F6:6A:58
Certificate issuer: /CN=6c890ef6a88ab33fa5a206760768dd3251c238af
Certificate serial: 018CC8DF05830095ED442B2B0B116DCD9358
Authority key identifier: 6C:89:0E:F6:A8:8A:B3:3F:A5:A2:06:76:07:68:DD:32:51:C2:38:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bIkO9qiKsz-logZ2B2jdMlHCOK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/2b7cd1-49b6-4921-a5e1-61f91ededf0a/1/56yQWQsPbv9m-vIMGbPpQ9r2alg.roa
Signing time: Tue 02 Jan 2024 06:31:48 +0000
ROA not before: Tue 02 Jan 2024 06:31:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41652
IP address blocks: 185.212.225.0/24 maxlen: 24
185.212.226.0/24 maxlen: 24
185.212.224.0/22 maxlen: 22
185.212.224.0/24 maxlen: 24
185.212.227.0/24 maxlen: 24
2a0b:7cc0:1::/48 maxlen: 48
2a0b:7cc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/2b7cd1-49b6-4921-a5e1-61f91ededf0a/1/bIkO9qiKsz-logZ2B2jdMlHCOK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/2b7cd1-49b6-4921-a5e1-61f91ededf0a/1/bIkO9qiKsz-logZ2B2jdMlHCOK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/bIkO9qiKsz-logZ2B2jdMlHCOK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:05:83:00:95:ed:44:2b:2b:0b:11:6d:cd:93:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c890ef6a88ab33fa5a206760768dd3251c238af
Validity
Not Before: Jan 2 06:31:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e7ac90590b0f6eff66faf20c19b3e943daf66a58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e2:d3:2b:29:05:46:e3:f3:f8:c5:47:a8:00:
ba:ea:28:9f:4d:81:6c:36:9e:3f:a9:ed:ba:21:b9:
d4:1f:df:80:7f:0a:ea:03:8e:a0:bc:df:97:61:42:
43:55:38:7a:19:ed:be:fb:96:41:61:0f:50:aa:bc:
80:61:71:d6:bf:17:9e:3a:a3:8b:ae:c6:c5:ab:74:
95:d7:76:5c:e5:31:d8:63:22:72:25:1b:5f:44:4c:
dc:8a:15:69:ea:5d:e4:e8:fb:30:72:48:7c:f8:3c:
75:8e:5f:11:f8:0c:33:ea:ed:02:78:70:c2:40:63:
84:25:e4:8d:26:cc:c0:40:38:78:c9:4b:b9:e2:6e:
17:95:04:30:c4:53:51:12:4e:bc:2e:07:d1:0c:96:
97:5b:06:b3:fd:d9:c8:53:2e:3c:52:e6:80:24:52:
53:08:13:d9:97:16:64:c1:6f:7e:e1:f3:01:0f:81:
0d:65:77:f5:e3:4f:b4:c8:72:e9:bd:6a:3b:14:3b:
f3:53:43:c5:b1:4c:49:66:ce:e6:6a:10:09:f4:75:
2f:d6:15:78:db:3f:20:b7:35:d3:a7:ce:d1:86:10:
26:48:e2:e2:6d:cf:9d:1b:bf:24:f7:42:23:3f:b2:
52:43:05:b5:69:57:b9:bd:9f:25:ca:60:e1:4a:31:
de:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:AC:90:59:0B:0F:6E:FF:66:FA:F2:0C:19:B3:E9:43:DA:F6:6A:58
X509v3 Authority Key Identifier:
keyid:6C:89:0E:F6:A8:8A:B3:3F:A5:A2:06:76:07:68:DD:32:51:C2:38:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bIkO9qiKsz-logZ2B2jdMlHCOK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/2b7cd1-49b6-4921-a5e1-61f91ededf0a/1/56yQWQsPbv9m-vIMGbPpQ9r2alg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/2b7cd1-49b6-4921-a5e1-61f91ededf0a/1/bIkO9qiKsz-logZ2B2jdMlHCOK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.212.224.0/22
IPv6:
2a0b:7cc0::/29
Signature Algorithm: sha256WithRSAEncryption
54:c8:1e:61:89:9b:f2:97:32:23:30:76:73:a6:8a:f6:93:dd:
a0:95:d0:c3:25:27:c8:1d:d2:24:b9:f5:36:dc:41:c1:4e:5f:
4e:a8:b2:66:ad:d3:06:fb:25:53:17:4e:2e:f6:ca:7d:50:07:
5c:84:58:cd:dc:9f:5b:fc:a0:6d:8c:f8:56:c5:7e:9f:66:da:
32:01:a0:82:24:a0:94:39:f5:ff:e0:c8:46:b1:82:86:a0:34:
63:79:e2:3e:a2:4f:81:05:73:5b:02:51:6d:de:3a:1e:e3:f4:
14:0a:8d:ee:35:74:97:e7:93:3d:2d:1b:c5:9f:04:0c:b1:b1:
0f:1e:d3:71:40:87:7b:12:21:3d:47:c6:6c:84:ca:b1:21:70:
9a:57:53:e8:fe:04:6d:78:f5:fd:3a:74:cb:9a:1c:66:e2:e2:
d3:92:51:0f:44:44:82:8e:da:55:86:72:06:e4:a8:d9:0e:99:
1f:5f:de:6e:32:4e:c3:b4:60:9e:e4:49:48:0e:c7:49:a1:d5:
d5:8d:f9:a5:49:5a:70:1c:4a:86:06:27:7e:4e:be:62:e9:90:
17:8e:03:c0:3f:01:59:6e:22:ee:30:4f:41:ca:f2:02:2a:ee:
3a:ed:31:ac:78:f5:1e:76:1e:9e:8d:09:7e:9b:b9:da:df:5e:
10:79:0b:ef
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzI3wWDAJXtRCsrCxFtzZNYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjODkwZWY2YTg4YWIzM2ZhNWEyMDY3NjA3NjhkZDMyNTFj
MjM4YWYwHhcNMjQwMTAyMDYzMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2FjOTA1OTBiMGY2ZWZmNjZmYWYyMGMxOWIzZTk0M2RhZjY2YTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+LTKykFRuPz+MVHqAC66iifTYFs
Np4/qe26IbnUH9+AfwrqA46gvN+XYUJDVTh6Ge2++5ZBYQ9QqryAYXHWvxeeOqOL
rsbFq3SV13Zc5THYYyJyJRtfREzcihVp6l3k6Pswckh8+Dx1jl8R+Awz6u0CeHDC
QGOEJeSNJszAQDh4yUu54m4XlQQwxFNREk68LgfRDJaXWwaz/dnIUy48UuaAJFJT
CBPZlxZkwW9+4fMBD4ENZXf140+0yHLpvWo7FDvzU0PFsUxJZs7mahAJ9HUv1hV4
2z8gtzXTp87RhhAmSOLibc+dG78k90IjP7JSQwW1aVe5vZ8lymDhSjHeFQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOeskFkLD27/ZvryDBmz6UPa9mpYMB8GA1UdIwQY
MBaAFGyJDvaoirM/paIGdgdo3TJRwjivMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklrTzlxaUtzei1sb2daMkIyamRNbEhDT0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8yYjdjZDEtNDliNi00OTIxLWE1ZTEt
NjFmOTFlZGVkZjBhLzEvNTZ5UVdRc1BidjltLXZJTUdiUHBROXIyYWxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8yYjdjZDEtNDliNi00OTIxLWE1ZTEtNjFmOTFlZGVkZjBh
LzEvYklrTzlxaUtzei1sb2daMkIyamRNbEhDT0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudTgMA0E
AgACMAcDBQMqC3zAMA0GCSqGSIb3DQEBCwUAA4IBAQBUyB5hiZvylzIjMHZzpor2
k92gldDDJSfIHdIkufU23EHBTl9OqLJmrdMG+yVTF04u9sp9UAdchFjN3J9b/KBt
jPhWxX6fZtoyAaCCJKCUOfX/4MhGsYKGoDRjeeI+ok+BBXNbAlFt3joe4/QUCo3u
NXSX55M9LRvFnwQMsbEPHtNxQId7EiE9R8ZshMqxIXCaV1Po/gRtePX9OnTLmhxm
4uLTklEPRESCjtpVhnIG5KjZDpkfX95uMk7DtGCe5ElIDsdJodXVjfmlSVpwHEqG
Bid+Tr5i6ZAXjgPAPwFZbiLuME9ByvICKu467TGsePUedh6ejQl+m7na314QeQvv
-----END CERTIFICATE-----
Generated at Sat Jun 1 18:45:39 2024 by rpki-client on console-fra.rpki-client.org