Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/FF4YZklL_bkcAkxf0IWaB2CN7Jg.roa
File: FF4YZklL_bkcAkxf0IWaB2CN7Jg.roa (raw, json)
Hash identifier: Uf5oZUWiJ4OrU5GuVq5M7O6tjO0+iJsfcrUk4y2FatE=
Subject key identifier: 14:5E:18:66:49:4B:FD:B9:1C:02:4C:5F:D0:85:9A:07:60:8D:EC:98
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018CC794D1374B631A162DF02F6FB2CF062D
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/FF4YZklL_bkcAkxf0IWaB2CN7Jg.roa
Signing time: Tue 02 Jan 2024 00:31:08 +0000
ROA not before: Tue 02 Jan 2024 00:31:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202492
IP address blocks: 64.137.120.0/24 maxlen: 24
64.137.69.0/24 maxlen: 24
64.137.67.0/24 maxlen: 24
64.137.76.0/24 maxlen: 24
64.137.102.0/24 maxlen: 24
64.137.113.0/24 maxlen: 24
64.137.117.0/24 maxlen: 24
64.137.115.0/24 maxlen: 24
64.137.23.0/24 maxlen: 24
64.137.22.0/24 maxlen: 24
64.137.32.0/24 maxlen: 24
64.137.33.0/24 maxlen: 24
64.137.50.0/23 maxlen: 23
64.137.47.0/24 maxlen: 24
64.137.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 20:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:d1:37:4b:63:1a:16:2d:f0:2f:6f:b2:cf:06:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 00:31:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=145e1866494bfdb91c024c5fd0859a07608dec98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:61:e0:00:02:00:cf:36:cf:99:dd:20:7b:a6:
44:0f:76:d9:34:0e:ca:13:50:d2:14:28:e1:26:3d:
c8:28:bb:69:3f:c7:7c:c9:fa:da:18:63:53:ca:e4:
84:df:02:be:96:9b:4c:d9:48:9f:f5:a1:ed:4f:45:
c9:6e:0e:ca:e2:f7:26:5c:51:1c:d9:77:be:85:58:
04:3d:c8:3a:67:21:d9:be:7f:a2:37:6a:c2:4e:38:
43:7e:d1:19:bd:0b:32:3f:b1:be:05:e4:45:e6:96:
e1:f0:92:a5:ee:e1:84:d0:4a:1c:fb:95:1a:8b:4b:
30:97:2f:15:f5:d1:c5:da:4b:81:52:8b:fc:b9:5f:
ea:8d:c1:34:c5:8f:39:60:44:b4:e7:e8:d6:30:c0:
60:df:85:58:83:62:2f:44:75:17:e1:c3:c0:55:34:
cc:e5:85:85:db:be:16:e8:2e:32:0e:7e:25:53:f5:
79:62:de:70:13:72:e6:c1:87:8a:07:ad:71:65:2e:
d9:62:ce:12:d8:b9:aa:8f:18:ac:4e:35:74:bc:b7:
b3:7f:9b:5f:76:45:06:b7:f9:14:b0:4a:71:b2:e0:
21:90:49:0a:77:a9:08:8e:c8:21:5a:17:f4:43:f3:
fa:36:ea:41:45:16:61:27:39:40:3c:a6:bd:e8:5e:
78:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:5E:18:66:49:4B:FD:B9:1C:02:4C:5F:D0:85:9A:07:60:8D:EC:98
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/FF4YZklL_bkcAkxf0IWaB2CN7Jg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.22.0/23
64.137.32.0/23
64.137.47.0/24
64.137.50.0/23
64.137.55.0/24
64.137.67.0/24
64.137.69.0/24
64.137.76.0/24
64.137.102.0/24
64.137.113.0/24
64.137.115.0/24
64.137.117.0/24
64.137.120.0/24
Signature Algorithm: sha256WithRSAEncryption
99:4e:39:90:b0:36:56:34:a4:79:ad:3d:8b:8d:fc:a3:b5:af:
d5:19:1c:1a:c3:b0:d5:41:2b:56:36:da:a1:68:d5:aa:bb:16:
bf:50:55:17:67:ba:98:a3:ec:0d:7f:19:79:12:71:c5:10:23:
07:87:04:da:3d:5b:55:2e:55:33:3c:21:bc:6c:fe:4c:9b:03:
ca:76:97:fd:a3:be:ae:f6:63:0c:90:d5:2a:53:07:af:09:4c:
16:e9:97:16:66:23:75:01:4f:9e:5d:b9:7d:af:68:e4:82:65:
d8:cd:1e:66:76:90:d7:fa:58:0b:7a:32:cd:b9:de:bb:dc:bb:
3f:3f:a6:49:84:a8:45:3f:1e:cb:f3:35:12:00:77:6f:f1:62:
4d:4b:25:e4:fd:72:ce:1d:dd:3c:c3:ae:32:82:3c:28:39:d9:
21:88:8f:50:49:ff:4c:f3:5b:3e:85:8f:91:13:28:80:45:95:
2e:55:93:f4:77:05:0f:e7:4d:72:fc:20:1d:72:7b:4a:15:f9:
0f:ab:9d:fc:f8:d6:32:3e:16:27:ce:74:55:dd:c6:32:ed:3f:
b2:b7:a8:69:2f:34:cd:8f:b4:a9:b4:55:1c:07:17:f5:5f:3e:
53:4d:96:4d:b1:ba:30:28:70:93:83:1d:43:3e:92:cd:d9:1b:
09:23:eb:48
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYzHlNE3S2MaFi3wL2+yzwYtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwMTAyMDAzMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDVlMTg2NjQ5NGJmZGI5MWMwMjRjNWZkMDg1OWEwNzYwOGRlYzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGHgAAIAzzbPmd0ge6ZED3bZNA7K
E1DSFCjhJj3IKLtpP8d8yfraGGNTyuSE3wK+lptM2Uif9aHtT0XJbg7K4vcmXFEc
2Xe+hVgEPcg6ZyHZvn+iN2rCTjhDftEZvQsyP7G+BeRF5pbh8JKl7uGE0Eoc+5Ua
i0swly8V9dHF2kuBUov8uV/qjcE0xY85YES05+jWMMBg34VYg2IvRHUX4cPAVTTM
5YWF274W6C4yDn4lU/V5Yt5wE3LmwYeKB61xZS7ZYs4S2LmqjxisTjV0vLezf5tf
dkUGt/kUsEpxsuAhkEkKd6kIjsghWhf0Q/P6NupBRRZhJzlAPKa96F54xwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFBReGGZJS/25HAJMX9CFmgdgjeyYMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvRkY0WVprbExfYmtjQWt4ZjBJV2FCMkNON0pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQBQIkWAwQB
QIkgAwQAQIkvAwQBQIkyAwQAQIk3AwQAQIlDAwQAQIlFAwQAQIlMAwQAQIlmAwQA
QIlxAwQAQIlzAwQAQIl1AwQAQIl4MA0GCSqGSIb3DQEBCwUAA4IBAQCZTjmQsDZW
NKR5rT2Ljfyjta/VGRwaw7DVQStWNtqhaNWquxa/UFUXZ7qYo+wNfxl5EnHFECMH
hwTaPVtVLlUzPCG8bP5MmwPKdpf9o76u9mMMkNUqUwevCUwW6ZcWZiN1AU+eXbl9
r2jkgmXYzR5mdpDX+lgLejLNud673Ls/P6ZJhKhFPx7L8zUSAHdv8WJNSyXk/XLO
Hd08w64ygjwoOdkhiI9QSf9M81s+hY+REyiARZUuVZP0dwUP501y/CAdcntKFfkP
q538+NYyPhYnznRV3cYy7T+yt6hpLzTNj7SptFUcBxf1Xz5TTZZNsbowKHCTgx1D
PpLN2RsJI+tI
-----END CERTIFICATE-----
Generated at Sun Apr 28 03:45:14 2024 by rpki-client on console-ams.rpki-client.org