Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/4hvKKQwWQhwSBMCcdI9MVzO9dhY.roa
File: 4hvKKQwWQhwSBMCcdI9MVzO9dhY.roa (raw, json)
Hash identifier: Ucqi9q0b6PX/FE1OxZlfC8z3gcxMlfzZKbAOwzbqiE4=
Subject key identifier: E2:1B:CA:29:0C:16:42:1C:12:04:C0:9C:74:8F:4C:57:33:BD:76:16
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018CC794CA801C5561E0218B3E6C06940B00
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/4hvKKQwWQhwSBMCcdI9MVzO9dhY.roa
Signing time: Tue 02 Jan 2024 00:31:06 +0000
ROA not before: Tue 02 Jan 2024 00:31:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8100
IP address blocks: 64.137.54.0/24 maxlen: 24
64.137.109.0/24 maxlen: 24
64.137.110.0/23 maxlen: 23
64.137.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 20:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:ca:80:1c:55:61:e0:21:8b:3e:6c:06:94:0b:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 00:31:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e21bca290c16421c1204c09c748f4c5733bd7616
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:1c:0e:40:df:79:df:43:b6:c0:61:9f:21:e2:
d8:cc:27:a4:56:14:bc:fd:1c:1c:75:7a:1e:04:ca:
29:2b:1c:a0:ae:16:35:c2:e6:a2:ec:2f:73:54:83:
be:41:8a:b8:31:ad:03:78:66:cc:d1:e7:82:84:98:
86:17:59:df:7c:7c:bc:e3:6e:92:98:4c:88:d2:ac:
a5:7c:0b:c2:30:cd:52:1d:f4:5c:16:51:98:69:bb:
18:25:4f:fd:19:45:22:a5:91:3d:3d:3d:e2:83:6a:
b0:5f:e1:06:46:72:3c:84:dc:39:de:bd:05:04:97:
82:66:da:11:ad:50:aa:a6:02:83:9d:36:eb:31:68:
d0:60:53:97:db:7f:60:dd:1a:2f:60:ed:79:06:c5:
0e:5e:27:4a:02:9b:b2:3d:2f:fe:0a:d0:68:e6:39:
df:be:3c:a9:ee:73:46:86:3d:1d:1f:6d:41:89:ef:
d6:53:8e:65:18:e4:45:69:82:64:e1:d4:d3:f4:b0:
4f:a0:fc:32:70:65:c0:30:02:c1:a5:94:41:12:98:
5e:91:d0:a1:1c:c3:49:66:82:76:c8:ae:89:f7:61:
19:cc:57:44:8f:6a:a8:5c:63:01:16:91:02:3b:3a:
f3:ad:5d:32:dc:75:ec:2b:c8:4a:99:00:b8:73:3c:
92:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:1B:CA:29:0C:16:42:1C:12:04:C0:9C:74:8F:4C:57:33:BD:76:16
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/4hvKKQwWQhwSBMCcdI9MVzO9dhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.9.0/24
64.137.54.0/24
64.137.109.0-64.137.111.255
Signature Algorithm: sha256WithRSAEncryption
82:16:39:08:1b:1a:1e:b9:22:96:5b:38:34:a3:f1:c4:48:55:
59:ce:db:4e:60:0d:26:ff:76:36:97:f7:69:68:af:cb:0f:5a:
f6:86:a7:d7:7e:2c:b5:c3:f5:2c:7f:1c:da:69:a8:e0:ce:f5:
b2:d1:5d:6e:48:c2:e2:a5:b1:28:f5:d7:4b:8e:be:1e:9f:cb:
7b:10:39:80:87:79:fd:2f:d5:d2:47:5d:0c:ea:7f:c1:2a:66:
c6:a6:d1:37:de:af:2f:68:7c:22:89:86:df:04:a1:59:7f:f7:
7b:5b:85:1e:28:76:1b:14:a0:ad:bc:50:67:36:19:08:46:8d:
37:c7:7a:f8:18:b7:80:c8:f0:12:61:19:12:43:f4:dd:6f:4c:
a2:a2:87:33:61:6a:9e:0b:bc:da:5b:9b:46:df:11:56:f3:c1:
55:db:61:c3:52:0d:16:88:c6:6a:44:3c:ff:d6:18:40:b0:be:
e0:47:42:5f:ea:f0:4e:e1:2f:85:70:5f:cd:33:61:18:29:13:
33:63:11:03:f6:bd:24:1a:4e:65:44:95:1f:38:c6:7c:f4:74:
05:d7:9d:95:f3:64:74:6a:ac:f3:0c:30:c2:04:75:c2:80:81:
9a:cc:b4:21:ad:06:ad:a0:63:b9:bb:c8:e8:39:92:a9:c6:9a:
72:bc:45:ea
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzHlMqAHFVh4CGLPmwGlAsAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwMTAyMDAzMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjFiY2EyOTBjMTY0MjFjMTIwNGMwOWM3NDhmNGM1NzMzYmQ3NjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhwOQN9530O2wGGfIeLYzCekVhS8
/RwcdXoeBMopKxygrhY1wuai7C9zVIO+QYq4Ma0DeGbM0eeChJiGF1nffHy8426S
mEyI0qylfAvCMM1SHfRcFlGYabsYJU/9GUUipZE9PT3ig2qwX+EGRnI8hNw53r0F
BJeCZtoRrVCqpgKDnTbrMWjQYFOX239g3RovYO15BsUOXidKApuyPS/+CtBo5jnf
vjyp7nNGhj0dH21Bie/WU45lGORFaYJk4dTT9LBPoPwycGXAMALBpZRBEphekdCh
HMNJZoJ2yK6J92EZzFdEj2qoXGMBFpECOzrzrV0y3HXsK8hKmQC4czyS1QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOIbyikMFkIcEgTAnHSPTFczvXYWMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvNGh2S0tRd1dRaHdTQk1DY2RJOU1Wek85ZGhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAQIkJAwQA
QIk2MAwDBABAiW0DBARAiWAwDQYJKoZIhvcNAQELBQADggEBAIIWOQgbGh65IpZb
ODSj8cRIVVnO205gDSb/djaX92lor8sPWvaGp9d+LLXD9Sx/HNppqODO9bLRXW5I
wuKlsSj110uOvh6fy3sQOYCHef0v1dJHXQzqf8EqZsam0Tfery9ofCKJht8EoVl/
93tbhR4odhsUoK28UGc2GQhGjTfHevgYt4DI8BJhGRJD9N1vTKKihzNhap4LvNpb
m0bfEVbzwVXbYcNSDRaIxmpEPP/WGECwvuBHQl/q8E7hL4VwX80zYRgpEzNjEQP2
vSQaTmVElR84xnz0dAXXnZXzZHRqrPMMMMIEdcKAgZrMtCGtBq2gY7m7yOg5kqnG
mnK8Reo=
-----END CERTIFICATE-----
Generated at Sun Apr 28 03:45:14 2024 by rpki-client on console-ams.rpki-client.org