Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/861f32-81f4-4d64-8610-54de7a6cb3b1/1/66qxvTKppnR7nMMt06gX4pIhC5U.roa
File: 66qxvTKppnR7nMMt06gX4pIhC5U.roa (raw, json)
Hash identifier: p/qmh9vL/tX7TEns3NpkyeKml4MhuJkiUZWnmMfUH2A=
Subject key identifier: EB:AA:B1:BD:32:A9:A6:74:7B:9C:C3:2D:D3:A8:17:E2:92:21:0B:95
Certificate issuer: /CN=83f8294469fb7aec2601bb03772d0156f470b74d
Certificate serial: 018CCA2A3289A43CB11F47E8841A5B99EE0E
Authority key identifier: 83:F8:29:44:69:FB:7A:EC:26:01:BB:03:77:2D:01:56:F4:70:B7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g_gpRGn7euwmAbsDdy0BVvRwt00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/861f32-81f4-4d64-8610-54de7a6cb3b1/1/66qxvTKppnR7nMMt06gX4pIhC5U.roa
Signing time: Tue 02 Jan 2024 12:33:32 +0000
ROA not before: Tue 02 Jan 2024 12:33:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59884
IP address blocks: 185.67.213.0/24 maxlen: 24
185.67.212.0/24 maxlen: 24
185.67.212.0/22 maxlen: 22
185.67.214.0/24 maxlen: 24
185.67.215.0/24 maxlen: 24
2a05:1340::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/861f32-81f4-4d64-8610-54de7a6cb3b1/1/g_gpRGn7euwmAbsDdy0BVvRwt00.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/861f32-81f4-4d64-8610-54de7a6cb3b1/1/g_gpRGn7euwmAbsDdy0BVvRwt00.mft
rsync://rpki.ripe.net/repository/DEFAULT/g_gpRGn7euwmAbsDdy0BVvRwt00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:32:89:a4:3c:b1:1f:47:e8:84:1a:5b:99:ee:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83f8294469fb7aec2601bb03772d0156f470b74d
Validity
Not Before: Jan 2 12:33:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ebaab1bd32a9a6747b9cc32dd3a817e292210b95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4f:a0:4d:23:a9:b3:99:57:57:ce:a9:5e:27:
7f:43:db:9d:02:cc:a8:cb:d2:b2:30:ad:4c:d4:cc:
90:72:7c:4a:07:2e:28:01:ac:88:2e:00:97:f2:0c:
60:9a:f3:de:47:31:66:9a:20:e5:30:a0:a8:38:20:
66:2f:0b:dc:bd:c1:31:30:df:ce:5e:30:97:1a:0b:
af:b8:5b:32:cd:9b:ba:34:b8:20:73:87:35:8b:fe:
78:67:c6:7c:98:70:2a:e0:8d:34:84:27:84:85:67:
e6:7d:bf:d4:b6:9a:24:46:7e:d2:0b:bb:07:c7:28:
30:76:a5:26:8e:72:81:42:78:52:5c:44:b9:d2:d3:
d8:38:13:45:5b:a8:3f:56:ba:d9:fc:4d:44:90:a3:
62:e4:0b:47:55:80:4d:cc:99:32:84:1e:5c:3f:49:
fe:54:bc:0c:2f:5f:5c:bf:cf:97:f8:73:8b:83:77:
61:73:7d:c6:b9:f6:0a:18:95:c3:1f:33:03:7a:5f:
ad:15:48:dc:b1:41:99:58:30:b6:26:e0:4f:3f:60:
70:4b:8d:0d:60:36:c6:8a:72:6b:a9:47:4e:7e:50:
d3:37:bf:82:72:54:70:2e:97:3d:f9:53:4c:02:e9:
ed:e1:05:87:4f:66:fd:c1:bc:cd:46:00:42:97:9a:
b9:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:AA:B1:BD:32:A9:A6:74:7B:9C:C3:2D:D3:A8:17:E2:92:21:0B:95
X509v3 Authority Key Identifier:
keyid:83:F8:29:44:69:FB:7A:EC:26:01:BB:03:77:2D:01:56:F4:70:B7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g_gpRGn7euwmAbsDdy0BVvRwt00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/861f32-81f4-4d64-8610-54de7a6cb3b1/1/66qxvTKppnR7nMMt06gX4pIhC5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/861f32-81f4-4d64-8610-54de7a6cb3b1/1/g_gpRGn7euwmAbsDdy0BVvRwt00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.212.0/22
IPv6:
2a05:1340::/29
Signature Algorithm: sha256WithRSAEncryption
bc:ae:54:95:7c:81:e9:ac:48:85:9f:a5:74:28:e2:2e:c3:2d:
60:da:69:a0:57:ae:e3:aa:3b:e0:c7:97:31:94:7c:7b:1d:9a:
fe:5b:38:f4:4f:10:4d:92:cf:96:9f:e6:64:30:8c:e9:96:12:
98:a2:b8:96:f7:3a:e7:67:f3:25:30:af:c8:76:17:41:b7:5c:
62:7c:e5:0d:19:e4:4f:15:88:1c:9b:27:b7:99:46:62:25:da:
ac:a6:fe:2b:0e:f9:c4:cd:9f:4f:fd:7c:59:4b:67:bd:46:cf:
be:0c:b4:a6:60:56:48:b4:d7:dc:b5:5b:cf:9a:c7:02:a3:5f:
60:b5:a2:10:d7:13:54:0b:4d:94:89:cc:83:50:25:6d:6f:5c:
ba:d3:0f:47:ac:c3:5c:16:92:f5:92:89:0b:70:33:53:13:2b:
fc:24:8f:0d:1f:b4:d9:c5:1d:66:c9:84:bb:40:2b:8f:1c:ab:
a8:fa:65:07:d1:d6:63:e3:47:18:de:20:0f:7a:ec:63:d4:89:
0b:77:86:56:7d:d3:44:c0:32:75:51:29:77:9a:11:b2:fe:4c:
cd:78:3e:d6:cd:f9:05:9d:3b:de:12:26:2b:2a:03:37:b5:49:
d3:4d:83:bd:0d:d6:1b:d5:ab:dd:d2:47:71:ec:02:b1:da:c4:
1b:5d:ea:19
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKKjKJpDyxH0fohBpbme4OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzZjgyOTQ0NjlmYjdhZWMyNjAxYmIwMzc3MmQwMTU2ZjQ3
MGI3NGQwHhcNMjQwMTAyMTIzMzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmFhYjFiZDMyYTlhNjc0N2I5Y2MzMmRkM2E4MTdlMjkyMjEwYjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqk+gTSOps5lXV86pXid/Q9udAsyo
y9KyMK1M1MyQcnxKBy4oAayILgCX8gxgmvPeRzFmmiDlMKCoOCBmLwvcvcExMN/O
XjCXGguvuFsyzZu6NLggc4c1i/54Z8Z8mHAq4I00hCeEhWfmfb/UtpokRn7SC7sH
xygwdqUmjnKBQnhSXES50tPYOBNFW6g/VrrZ/E1EkKNi5AtHVYBNzJkyhB5cP0n+
VLwML19cv8+X+HOLg3dhc33GufYKGJXDHzMDel+tFUjcsUGZWDC2JuBPP2BwS40N
YDbGinJrqUdOflDTN7+CclRwLpc9+VNMAunt4QWHT2b9wbzNRgBCl5q5dQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOuqsb0yqaZ0e5zDLdOoF+KSIQuVMB8GA1UdIwQY
MBaAFIP4KURp+3rsJgG7A3ctAVb0cLdNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ19ncFJHbjdldXdtQWJzRGR5MEJWdlJ3dDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My84NjFmMzItODFmNC00ZDY0LTg2MTAt
NTRkZTdhNmNiM2IxLzEvNjZxeHZUS3BwblI3bk1NdDA2Z1g0cEloQzVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My84NjFmMzItODFmNC00ZDY0LTg2MTAtNTRkZTdhNmNiM2Ix
LzEvZ19ncFJHbjdldXdtQWJzRGR5MEJWdlJ3dDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUPUMA0E
AgACMAcDBQMqBRNAMA0GCSqGSIb3DQEBCwUAA4IBAQC8rlSVfIHprEiFn6V0KOIu
wy1g2mmgV67jqjvgx5cxlHx7HZr+Wzj0TxBNks+Wn+ZkMIzplhKYoriW9zrnZ/Ml
MK/IdhdBt1xifOUNGeRPFYgcmye3mUZiJdqspv4rDvnEzZ9P/XxZS2e9Rs++DLSm
YFZItNfctVvPmscCo19gtaIQ1xNUC02UicyDUCVtb1y60w9HrMNcFpL1kokLcDNT
Eyv8JI8NH7TZxR1myYS7QCuPHKuo+mUH0dZj40cY3iAPeuxj1IkLd4ZWfdNEwDJ1
USl3mhGy/kzNeD7WzfkFnTveEiYrKgM3tUnTTYO9DdYb1avd0kdx7AKx2sQbXeoZ
-----END CERTIFICATE-----
Generated at Sat Jun 8 05:17:04 2024 by rpki-client on console-fra.rpki-client.org