Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/N8ulU-vFTgu3VsvgelydQBAMiQ4.roa
File: N8ulU-vFTgu3VsvgelydQBAMiQ4.roa (raw, json)
Hash identifier: lfRJniN1LNPAMoObejC1geAvhZI8YKAgbklp6Mfau24=
Subject key identifier: 37:CB:A5:53:EB:C5:4E:0B:B7:56:CB:E0:7A:5C:9D:40:10:0C:89:0E
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018CC794D3B22C555FB4D8751F5920A7B899
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/N8ulU-vFTgu3VsvgelydQBAMiQ4.roa
Signing time: Tue 02 Jan 2024 00:31:08 +0000
ROA not before: Tue 02 Jan 2024 00:31:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397373
IP address blocks: 104.249.24.0/24 maxlen: 24
216.173.83.0/24 maxlen: 24
104.249.28.0/24 maxlen: 24
104.249.27.0/24 maxlen: 24
104.249.26.0/24 maxlen: 24
104.143.228.0/24 maxlen: 24
216.173.101.0/24 maxlen: 24
104.249.56.0/22 maxlen: 22
104.249.57.0/24 maxlen: 24
216.173.118.0/24 maxlen: 24
104.249.59.0/24 maxlen: 24
104.143.253.0/24 maxlen: 24
45.43.128.0/21 maxlen: 21
45.43.128.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 29 Apr 2024 05:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:d3:b2:2c:55:5f:b4:d8:75:1f:59:20:a7:b8:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 00:31:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=37cba553ebc54e0bb756cbe07a5c9d40100c890e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:cd:1a:c6:ff:2e:62:f6:ff:4f:79:c2:ad:01:
20:98:7b:2b:7a:cd:82:57:89:f5:7f:28:4b:ee:70:
9d:d6:09:14:ec:7f:8a:fe:4a:7b:72:cd:02:54:d0:
db:a1:c5:0a:00:08:1f:76:8c:bb:30:83:a8:93:33:
5f:e7:50:97:c0:de:2c:eb:48:78:fa:c3:a3:c8:d5:
70:b9:c9:fd:99:47:4a:65:63:d5:4e:54:83:c5:66:
70:c5:61:13:a8:0e:35:ce:98:b2:8e:c2:cc:f2:16:
df:1c:22:98:93:e3:f7:ce:c9:ca:f1:58:24:7a:50:
2e:f2:d5:35:7a:f2:26:f9:c1:7f:17:c1:62:22:f7:
89:9c:3f:ef:71:59:33:33:44:c4:46:b1:30:26:b5:
16:0d:c5:f7:44:32:6c:05:72:e1:b2:f6:36:17:22:
90:71:49:6b:c7:11:3e:99:d4:cd:76:d2:e4:0e:ae:
6c:7d:56:a6:3d:44:0b:2b:ab:f3:52:f2:e6:73:84:
d4:ad:dc:1b:9d:df:4c:5a:26:d1:b2:fa:40:df:c9:
70:69:fe:71:df:7d:35:af:2a:64:d0:32:ae:6a:4c:
e5:8a:1e:cd:1e:5b:c0:da:3b:e0:a0:4c:24:bf:88:
18:53:e5:cc:88:e6:d5:32:7b:c0:28:64:24:59:5a:
09:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:CB:A5:53:EB:C5:4E:0B:B7:56:CB:E0:7A:5C:9D:40:10:0C:89:0E
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/N8ulU-vFTgu3VsvgelydQBAMiQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.128.0/21
104.143.228.0/24
104.143.253.0/24
104.249.24.0/24
104.249.26.0-104.249.28.255
104.249.56.0/22
216.173.83.0/24
216.173.101.0/24
216.173.118.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:b8:e9:8a:d3:35:89:bc:4e:f6:12:27:f7:af:ab:32:79:73:
63:06:94:42:de:fe:57:47:c9:93:c1:87:3c:3d:3f:10:cc:d7:
6b:14:30:77:4f:f3:20:83:d4:60:ff:ab:7a:76:50:ad:74:66:
92:3c:24:b3:84:45:69:2a:75:06:99:b7:09:3d:ee:50:4f:51:
55:65:86:06:71:b4:ff:1c:1c:24:a2:74:95:d1:b2:77:75:ad:
0e:d4:c4:93:64:b2:39:72:2a:67:7f:4d:fd:08:c8:14:cf:b4:
20:47:00:72:c8:af:04:f9:52:fc:b6:ed:bc:e5:16:7d:e8:e6:
c9:73:59:7b:3f:29:07:6d:d7:ae:e5:4f:38:53:4b:9a:c2:f0:
11:ef:a7:de:6b:b7:b4:98:28:85:a0:fd:77:8b:51:56:37:90:
b2:db:43:0a:94:aa:80:e8:db:a8:e8:bc:44:09:3f:a7:0b:95:
3f:ef:4c:cd:eb:fb:8a:94:b5:38:22:2f:92:5e:c8:fc:7d:66:
c0:89:c0:c2:3b:77:0c:37:9c:94:23:8f:52:94:8a:1e:85:28:
c8:3c:c2:0b:a2:6e:96:c5:d0:7e:d7:64:f9:c7:6e:79:d5:e4:
6d:45:0d:85:3c:04:8b:a3:98:c7:c3:64:98:8e:93:dc:29:46:
11:d6:2d:2b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYzHlNOyLFVftNh1H1kgp7iZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwMTAyMDAzMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2NiYTU1M2ViYzU0ZTBiYjc1NmNiZTA3YTVjOWQ0MDEwMGM4OTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhM0axv8uYvb/T3nCrQEgmHsres2C
V4n1fyhL7nCd1gkU7H+K/kp7cs0CVNDbocUKAAgfdoy7MIOokzNf51CXwN4s60h4
+sOjyNVwucn9mUdKZWPVTlSDxWZwxWETqA41zpiyjsLM8hbfHCKYk+P3zsnK8Vgk
elAu8tU1evIm+cF/F8FiIveJnD/vcVkzM0TERrEwJrUWDcX3RDJsBXLhsvY2FyKQ
cUlrxxE+mdTNdtLkDq5sfVamPUQLK6vzUvLmc4TUrdwbnd9MWibRsvpA38lwaf5x
3301rypk0DKuakzlih7NHlvA2jvgoEwkv4gYU+XMiObVMnvAKGQkWVoJmwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFDfLpVPrxU4Lt1bL4HpcnUAQDIkOMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvTjh1bFUtdkZUZ3UzVnN2Z2VseWRRQkFNaVE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQDLSuAAwQA
aI/kAwQAaI/9AwQAaPkYMAwDBAFo+RoDBABo+RwDBAJo+TgDBADYrVMDBADYrWUD
BADYrXYwDQYJKoZIhvcNAQELBQADggEBACq46YrTNYm8TvYSJ/evqzJ5c2MGlELe
/ldHyZPBhzw9PxDM12sUMHdP8yCD1GD/q3p2UK10ZpI8JLOERWkqdQaZtwk97lBP
UVVlhgZxtP8cHCSidJXRsnd1rQ7UxJNksjlyKmd/Tf0IyBTPtCBHAHLIrwT5Uvy2
7bzlFn3o5slzWXs/KQdt167lTzhTS5rC8BHvp95rt7SYKIWg/XeLUVY3kLLbQwqU
qoDo26jovEQJP6cLlT/vTM3r+4qUtTgiL5JeyPx9ZsCJwMI7dww3nJQjj1KUih6F
KMg8wguibpbF0H7XZPnHbnnV5G1FDYU8BIujmMfDZJiOk9wpRhHWLSs=
-----END CERTIFICATE-----
Generated at Sun Apr 28 14:54:40 2024 by rpki-client on console-ams.rpki-client.org