Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/HCUsN8ijvRpE6W0SYz1D3kKTkmE.roa
File: HCUsN8ijvRpE6W0SYz1D3kKTkmE.roa (raw, json)
Hash identifier: Ob0Pz6utJjglaoB0GTLYLY+/Hgba1RWM9ZjIw/P4KpQ=
Subject key identifier: 1C:25:2C:37:C8:A3:BD:1A:44:E9:6D:12:63:3D:43:DE:42:93:92:61
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018CC794C8E64D4A20598C0DAF2FA09F64AE
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/HCUsN8ijvRpE6W0SYz1D3kKTkmE.roa
Signing time: Tue 02 Jan 2024 00:31:05 +0000
ROA not before: Tue 02 Jan 2024 00:31:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3356
IP address blocks: 104.239.94.0/24 maxlen: 24
104.239.30.0/23 maxlen: 23
104.238.4.0/24 maxlen: 24
104.238.8.0/24 maxlen: 24
104.238.9.0/24 maxlen: 24
104.238.5.0/24 maxlen: 24
138.128.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 02:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:c8:e6:4d:4a:20:59:8c:0d:af:2f:a0:9f:64:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 00:31:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c252c37c8a3bd1a44e96d12633d43de42939261
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:45:1a:39:8f:3d:6a:69:b8:cd:c0:21:4b:5e:
71:59:64:0d:00:6f:55:23:a3:10:8d:e5:79:c5:f1:
2c:b8:9c:42:07:c9:34:b9:7b:10:67:23:83:4f:dc:
1c:1e:23:a9:35:fa:c3:28:11:c7:71:bf:51:52:dc:
bb:35:34:7e:7f:7f:7f:52:22:ab:78:7a:11:aa:c9:
d2:8b:b0:ca:69:ca:70:68:40:95:1d:29:f3:bd:2a:
43:73:c7:de:20:58:9f:87:85:59:63:a0:87:39:74:
02:92:61:40:14:ab:5d:e6:40:2d:59:db:3f:a8:30:
46:03:7c:de:3f:f2:52:9c:17:db:d4:ea:24:c2:df:
27:e9:e2:4f:3f:6b:23:a6:89:64:67:b1:ca:50:ba:
6a:7f:d2:e0:36:d1:4d:4a:cc:61:83:21:70:85:ce:
ce:5d:d4:7a:52:f5:6a:ab:bc:eb:3a:12:ef:0c:78:
91:63:04:14:2b:0e:ff:a8:b0:3a:2d:92:0e:f1:ba:
1e:ad:a4:58:3b:81:5e:a7:37:ac:2b:07:83:08:01:
82:d1:65:ab:9a:b6:1a:04:0a:3d:57:ef:36:4c:7a:
c4:2d:7b:64:27:13:99:25:1a:0f:1a:84:01:91:8a:
2e:6e:95:ea:8c:f6:6b:95:39:7f:56:f3:16:ee:29:
6c:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:25:2C:37:C8:A3:BD:1A:44:E9:6D:12:63:3D:43:DE:42:93:92:61
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/HCUsN8ijvRpE6W0SYz1D3kKTkmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.238.4.0/23
104.238.8.0/23
104.239.30.0/23
104.239.94.0/24
138.128.157.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:54:07:13:02:6e:74:a5:91:e8:bb:e2:65:3c:de:14:d7:c6:
bc:23:28:36:be:7d:1b:f2:47:61:37:01:b6:92:78:69:ac:ca:
e2:85:24:88:45:7e:a5:8e:d5:c2:67:8d:13:54:80:73:91:14:
2e:41:ba:17:66:04:4e:b6:a5:7c:27:f6:03:b7:8d:25:38:11:
f2:bd:db:6e:2b:f5:c3:a2:2a:26:4f:7b:26:2e:64:49:e1:e1:
93:2b:d9:8f:20:7a:14:ce:bb:0e:98:f8:3f:e3:3b:e5:9b:6c:
4f:76:e1:5f:63:59:3e:09:c2:a9:a9:58:3c:28:58:a7:f4:e8:
29:0a:77:68:49:de:0d:1e:c6:4f:06:e6:fc:7b:f7:5e:66:91:
03:cf:d3:7f:12:8e:54:c3:1b:5b:52:cc:14:33:00:57:14:c7:
35:d8:24:20:7d:ce:94:88:fd:58:a3:c4:9c:5c:85:ba:b2:7e:
95:d9:0f:5d:4c:6c:0b:da:fa:4e:df:f9:36:74:ff:e4:21:c3:
72:e4:01:ba:08:19:41:69:25:9b:ab:a6:b7:74:85:f9:ac:ce:
04:03:96:f7:97:b6:73:2b:bf:26:35:77:08:6d:b0:c4:71:0e:
57:ad:86:69:e1:f4:31:cf:f5:40:17:9d:ce:ff:fb:42:31:f3:
8e:e3:3b:f0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzHlMjmTUogWYwNry+gn2SuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwMTAyMDAzMTA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzI1MmMzN2M4YTNiZDFhNDRlOTZkMTI2MzNkNDNkZTQyOTM5MjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkUaOY89amm4zcAhS15xWWQNAG9V
I6MQjeV5xfEsuJxCB8k0uXsQZyODT9wcHiOpNfrDKBHHcb9RUty7NTR+f39/UiKr
eHoRqsnSi7DKacpwaECVHSnzvSpDc8feIFifh4VZY6CHOXQCkmFAFKtd5kAtWds/
qDBGA3zeP/JSnBfb1Ookwt8n6eJPP2sjpolkZ7HKULpqf9LgNtFNSsxhgyFwhc7O
XdR6UvVqq7zrOhLvDHiRYwQUKw7/qLA6LZIO8boeraRYO4FepzesKweDCAGC0WWr
mrYaBAo9V+82THrELXtkJxOZJRoPGoQBkYoubpXqjPZrlTl/VvMW7ilsowIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBwlLDfIo70aROltEmM9Q95Ck5JhMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvSENVc044aWp2UnBFNlcwU1l6MUQza0tUa21FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBaO4EAwQB
aO4IAwQBaO8eAwQAaO9eAwQAioCdMA0GCSqGSIb3DQEBCwUAA4IBAQCKVAcTAm50
pZHou+JlPN4U18a8Iyg2vn0b8kdhNwG2knhprMrihSSIRX6ljtXCZ40TVIBzkRQu
QboXZgROtqV8J/YDt40lOBHyvdtuK/XDoiomT3smLmRJ4eGTK9mPIHoUzrsOmPg/
4zvlm2xPduFfY1k+CcKpqVg8KFin9OgpCndoSd4NHsZPBub8e/deZpEDz9N/Eo5U
wxtbUswUMwBXFMc12CQgfc6UiP1Yo8ScXIW6sn6V2Q9dTGwL2vpO3/k2dP/kIcNy
5AG6CBlBaSWbq6a3dIX5rM4EA5b3l7ZzK78mNXcIbbDEcQ5XrYZp4fQxz/VAF53O
//tCMfOO4zvw
-----END CERTIFICATE-----
Generated at Sat Apr 27 11:03:36 2024 by rpki-client on console-ams.rpki-client.org