Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/JHhys7x4KUZI1kO4J7gw9Jd40og.roa
File: JHhys7x4KUZI1kO4J7gw9Jd40og.roa (raw, json)
Hash identifier: poqk7Deqya23jexLwISc0UserD/fN4/WISbryoxdqxA=
Subject key identifier: 24:78:72:B3:BC:78:29:46:48:D6:43:B8:27:B8:30:F4:97:78:D2:88
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018FE3F753368B627F24864DCC5699DE11A8
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/JHhys7x4KUZI1kO4J7gw9Jd40og.roa
Signing time: Tue 04 Jun 2024 15:56:27 +0000
ROA not before: Tue 04 Jun 2024 15:56:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 64.137.29.0/24 maxlen: 24
64.137.34.0/23 maxlen: 23
64.137.40.0/23 maxlen: 23
64.137.114.0/24 maxlen: 24
64.137.119.0/24 maxlen: 24
64.137.125.0/24 maxlen: 24
64.137.127.0/24 maxlen: 24
84.246.108.0/24 maxlen: 24
204.52.112.0/20 maxlen: 24
204.52.120.0/24 maxlen: 24
204.52.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e3:f7:53:36:8b:62:7f:24:86:4d:cc:56:99:de:11:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jun 4 15:56:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=247872b3bc78294648d643b827b830f49778d288
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:89:43:da:bc:49:57:ee:5d:0e:1f:42:2a:92:
ef:86:80:1e:ab:d8:63:1d:6b:d7:f4:47:5b:4b:02:
58:34:ab:6e:a2:b1:52:d6:21:d9:e3:2c:2d:6b:3f:
c2:8a:a0:dd:7f:50:8e:45:16:60:fe:de:c2:d4:a0:
8f:27:38:b6:bf:c7:6a:8f:d3:97:59:62:29:5b:36:
ba:ac:3a:50:3f:24:44:41:98:06:02:bd:66:1e:3d:
99:2b:2b:46:ec:d8:87:f3:86:07:b8:98:43:bf:08:
b7:b5:85:eb:e9:18:42:48:46:b8:4d:5c:1e:29:0e:
a7:a0:7f:2f:14:b0:d2:b5:9b:50:be:fc:2e:94:35:
66:69:15:15:05:31:f6:4e:65:eb:a8:77:39:af:88:
d5:4c:37:1e:68:f2:0a:30:bc:94:84:90:c9:f1:3d:
ab:d3:db:d2:2d:3b:eb:ba:2e:1d:04:c5:38:ae:4b:
c7:9c:e0:eb:a0:00:14:2c:aa:1f:09:ae:a7:0d:d6:
8e:26:b7:ab:c5:c0:b1:fd:0d:7a:f0:33:5e:fa:56:
d0:7c:9e:16:b6:b8:21:23:37:d3:93:78:30:0e:1d:
e2:49:08:02:f8:a0:3e:e7:59:a4:c6:2f:7b:b9:be:
72:90:21:99:65:89:43:ee:61:7e:9b:08:ae:8d:2e:
d9:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:78:72:B3:BC:78:29:46:48:D6:43:B8:27:B8:30:F4:97:78:D2:88
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/JHhys7x4KUZI1kO4J7gw9Jd40og.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.29.0/24
64.137.34.0/23
64.137.40.0/23
64.137.114.0/24
64.137.119.0/24
64.137.125.0/24
64.137.127.0/24
84.246.108.0/24
204.52.112.0/20
Signature Algorithm: sha256WithRSAEncryption
7b:8e:32:54:2d:51:fc:ee:de:99:29:8f:af:27:f3:55:54:27:
91:e0:f5:eb:da:69:76:04:d1:a4:4b:db:90:62:50:fc:03:19:
7e:e0:69:1e:4a:28:fc:e1:5d:e8:d2:2e:e0:a0:0d:d6:de:e3:
0e:26:b1:ad:31:59:dd:7b:e1:59:8f:4b:44:35:2b:28:dd:f6:
66:6e:4a:bc:01:c4:95:ce:b2:9d:f5:24:d4:34:5b:b2:bb:7f:
99:45:9c:6a:f9:83:f4:46:0d:91:b7:72:26:8f:8b:1e:2a:6b:
1e:56:b5:ce:ff:7d:0f:db:3f:e3:a0:c0:37:99:b2:b4:92:85:
c1:ec:0f:26:66:47:6b:42:cb:4a:fa:86:4f:9c:ca:cb:e9:45:
c0:fe:20:95:2e:d9:67:83:5e:0e:6d:ba:54:b2:4a:77:fa:f4:
67:ed:49:d6:82:59:be:5d:36:56:97:db:24:60:c3:4d:8a:e2:
b7:ba:ad:1e:68:5d:9b:6d:38:a4:cb:a3:1f:5e:7f:1f:78:11:
b3:d9:22:fa:bc:a9:21:b6:12:d7:63:47:b6:9d:58:af:6a:d7:
2f:dd:e1:73:49:7e:3b:c5:e8:6f:8a:8c:b6:95:95:0a:9a:70:
05:de:74:9f:75:ce:70:6b:2d:35:97:26:10:75:f7:59:0c:87:
62:c8:46:be
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY/j91M2i2J/JIZNzFaZ3hGoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwNjA0MTU1NjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDc4NzJiM2JjNzgyOTQ2NDhkNjQzYjgyN2I4MzBmNDk3NzhkMjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzIlD2rxJV+5dDh9CKpLvhoAeq9hj
HWvX9EdbSwJYNKtuorFS1iHZ4ywtaz/CiqDdf1CORRZg/t7C1KCPJzi2v8dqj9OX
WWIpWza6rDpQPyREQZgGAr1mHj2ZKytG7NiH84YHuJhDvwi3tYXr6RhCSEa4TVwe
KQ6noH8vFLDStZtQvvwulDVmaRUVBTH2TmXrqHc5r4jVTDceaPIKMLyUhJDJ8T2r
09vSLTvrui4dBMU4rkvHnODroAAULKofCa6nDdaOJrerxcCx/Q168DNe+lbQfJ4W
trghIzfTk3gwDh3iSQgC+KA+51mkxi97ub5ykCGZZYlD7mF+mwiujS7ZzwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFCR4crO8eClGSNZDuCe4MPSXeNKIMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvSkhoeXM3eDRLVVpJMWtPNEo3Z3c5SmQ0MG9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAQIkdAwQB
QIkiAwQBQIkoAwQAQIlyAwQAQIl3AwQAQIl9AwQAQIl/AwQAVPZsAwQEzDRwMA0G
CSqGSIb3DQEBCwUAA4IBAQB7jjJULVH87t6ZKY+vJ/NVVCeR4PXr2ml2BNGkS9uQ
YlD8Axl+4GkeSij84V3o0i7goA3W3uMOJrGtMVnde+FZj0tENSso3fZmbkq8AcSV
zrKd9STUNFuyu3+ZRZxq+YP0Rg2Rt3Imj4seKmseVrXO/30P2z/joMA3mbK0koXB
7A8mZkdrQstK+oZPnMrL6UXA/iCVLtlng14ObbpUskp3+vRn7UnWglm+XTZWl9sk
YMNNiuK3uq0eaF2bbTiky6MfXn8feBGz2SL6vKkhthLXY0e2nVivatcv3eFzSX47
xehvioy2lZUKmnAF3nSfdc5way01lyYQdfdZDIdiyEa+
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:26:00 2024 by rpki-client on console-ams.rpki-client.org