Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/7oB6DOUA9G1FvkyITzxv4cX5OMo.roa
File: 7oB6DOUA9G1FvkyITzxv4cX5OMo.roa (raw, json)
Hash identifier: xvzqPLQfjJ5axjpWFOk7rZmuP+2V/0+uAMhF/k5BYNw=
Subject key identifier: EE:80:7A:0C:E5:00:F4:6D:45:BE:4C:88:4F:3C:6F:E1:C5:F9:38:CA
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018CC794C7C9DD7C5D68505B6F5E34DAB46C
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/7oB6DOUA9G1FvkyITzxv4cX5OMo.roa
Signing time: Tue 02 Jan 2024 00:31:05 +0000
ROA not before: Tue 02 Jan 2024 00:31:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1239
IP address blocks: 104.239.94.0/24 maxlen: 24
104.167.10.0/24 maxlen: 24
104.239.30.0/23 maxlen: 23
104.238.4.0/24 maxlen: 24
104.238.5.0/24 maxlen: 24
104.238.8.0/24 maxlen: 24
104.238.9.0/24 maxlen: 24
138.128.148.0/24 maxlen: 24
138.128.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 20:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:c7:c9:dd:7c:5d:68:50:5b:6f:5e:34:da:b4:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 00:31:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee807a0ce500f46d45be4c884f3c6fe1c5f938ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a6:67:1e:bb:de:50:10:e3:17:ef:1b:15:b1:
f9:55:11:c8:2f:d2:35:65:07:bc:9e:1d:03:31:29:
6a:4f:e7:cb:d0:99:6a:6a:a9:85:07:43:23:52:1d:
33:fe:43:3d:ef:86:8c:f1:64:e7:fa:3a:bb:c2:57:
1f:64:00:0e:95:1e:3c:8c:f2:9c:7f:8a:9b:d4:95:
09:1f:7a:66:3d:f2:c1:c1:da:4f:3e:45:fd:c1:94:
3f:e0:4b:48:f4:dc:96:21:40:e5:c6:5f:d8:e2:d5:
9e:6b:23:d8:2e:f5:7c:c6:d5:ac:a4:af:f9:58:59:
93:d6:f0:ab:dd:54:04:7f:85:03:8a:50:99:a0:9b:
c6:ce:9a:db:d6:71:14:8a:fb:27:35:62:21:87:3e:
de:3e:04:b7:3d:f0:f7:dc:c9:45:2e:cb:84:98:01:
06:2b:9d:48:d2:f2:2c:b0:05:db:f0:4d:26:e1:ef:
ba:b9:fc:e1:05:00:ec:a4:51:b8:fa:2f:80:2a:77:
2a:10:71:87:15:14:24:79:af:41:68:8c:2b:3f:b9:
77:ec:db:db:5b:4f:30:15:91:6e:46:91:17:0f:c7:
0b:00:52:56:43:e4:a6:23:49:f8:26:3c:4f:6a:ff:
ec:6f:83:06:e0:10:92:92:61:21:d8:2c:45:99:36:
b3:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:80:7A:0C:E5:00:F4:6D:45:BE:4C:88:4F:3C:6F:E1:C5:F9:38:CA
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/7oB6DOUA9G1FvkyITzxv4cX5OMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.167.10.0/24
104.238.4.0/23
104.238.8.0/23
104.239.30.0/23
104.239.94.0/24
138.128.148.0/24
138.128.157.0/24
Signature Algorithm: sha256WithRSAEncryption
48:a8:83:29:36:e7:52:bc:50:08:8e:72:b8:66:ea:f2:96:bd:
38:f4:d9:c9:ef:83:fc:c2:de:39:97:db:2c:cb:da:c8:58:71:
64:92:6c:04:c3:15:75:a4:5b:02:f1:e6:e1:9e:03:db:7d:27:
7f:f8:02:20:c7:04:40:19:d7:fb:ed:9f:3d:56:0c:9b:51:f0:
85:bc:e5:22:3a:10:f5:7d:0d:fa:10:bc:f0:76:0f:78:93:71:
76:ea:ed:f4:13:1a:38:dd:17:c8:32:38:d8:63:ba:06:bb:34:
92:d3:46:91:4a:35:6f:d3:ca:a4:40:1a:7f:f9:16:28:43:9d:
d8:48:d1:ab:83:a0:6d:3d:5e:b0:d5:ad:d9:3e:30:c6:5a:b8:
33:c1:83:dd:e9:72:94:a2:ba:5f:8d:d0:b3:b7:4a:d7:77:86:
a7:71:60:b7:00:b4:ed:9c:d3:a0:77:2d:49:3c:36:e9:0b:62:
dc:31:35:3a:72:3a:d5:f6:d3:14:bb:dc:d9:43:7b:e6:77:45:
3d:f5:6f:7b:74:ac:57:4a:91:b5:06:e4:d1:c9:9e:b2:9a:f9:
6e:e9:3f:46:7a:68:db:ec:20:4c:34:1c:45:c7:61:ce:4c:9d:
40:d9:12:a5:65:56:3b:78:b7:7e:10:2a:ae:2a:c4:7b:c1:77:
50:cb:47:26
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzHlMfJ3XxdaFBbb1402rRsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwMTAyMDAzMTA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTgwN2EwY2U1MDBmNDZkNDViZTRjODg0ZjNjNmZlMWM1ZjkzOGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6ZnHrveUBDjF+8bFbH5VRHIL9I1
ZQe8nh0DMSlqT+fL0JlqaqmFB0MjUh0z/kM974aM8WTn+jq7wlcfZAAOlR48jPKc
f4qb1JUJH3pmPfLBwdpPPkX9wZQ/4EtI9NyWIUDlxl/Y4tWeayPYLvV8xtWspK/5
WFmT1vCr3VQEf4UDilCZoJvGzprb1nEUivsnNWIhhz7ePgS3PfD33MlFLsuEmAEG
K51I0vIssAXb8E0m4e+6ufzhBQDspFG4+i+AKncqEHGHFRQkea9BaIwrP7l37Nvb
W08wFZFuRpEXD8cLAFJWQ+SmI0n4JjxPav/sb4MG4BCSkmEh2CxFmTaztQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFO6AegzlAPRtRb5MiE88b+HF+TjKMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvN29CNkRPVUE5RzFGdmt5SVR6eHY0Y1g1T01vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAaKcKAwQB
aO4EAwQBaO4IAwQBaO8eAwQAaO9eAwQAioCUAwQAioCdMA0GCSqGSIb3DQEBCwUA
A4IBAQBIqIMpNudSvFAIjnK4Zurylr049NnJ74P8wt45l9ssy9rIWHFkkmwEwxV1
pFsC8ebhngPbfSd/+AIgxwRAGdf77Z89VgybUfCFvOUiOhD1fQ36ELzwdg94k3F2
6u30Exo43RfIMjjYY7oGuzSS00aRSjVv08qkQBp/+RYoQ53YSNGrg6BtPV6w1a3Z
PjDGWrgzwYPd6XKUorpfjdCzt0rXd4ancWC3ALTtnNOgdy1JPDbpC2LcMTU6cjrV
9tMUu9zZQ3vmd0U99W97dKxXSpG1BuTRyZ6ymvlu6T9Gemjb7CBMNBxFx2HOTJ1A
2RKlZVY7eLd+ECquKsR7wXdQy0cm
-----END CERTIFICATE-----
Generated at Sun Apr 28 03:45:14 2024 by rpki-client on console-ams.rpki-client.org