Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/RsUWnL5wDXE4XkDzTr1ZD1Erj4k.roa
File: RsUWnL5wDXE4XkDzTr1ZD1Erj4k.roa (raw, json)
Hash identifier: cfUPai0ZUyj4qPOsj0nQd++UAnFF37EjV+2rwCi7KAo=
Subject key identifier: 46:C5:16:9C:BE:70:0D:71:38:5E:40:F3:4E:BD:59:0F:51:2B:8F:89
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018EC248C53626040D9B857E0683168ED2B6
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/RsUWnL5wDXE4XkDzTr1ZD1Erj4k.roa
Signing time: Tue 09 Apr 2024 09:55:32 +0000
ROA not before: Tue 09 Apr 2024 09:55:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56443
IP address blocks: 104.233.10.0/24 maxlen: 24
104.233.11.0/24 maxlen: 24
104.233.22.0/24 maxlen: 24
104.233.23.0/24 maxlen: 24
104.233.27.0/24 maxlen: 24
104.233.28.0/24 maxlen: 24
104.233.29.0/24 maxlen: 24
104.233.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c2:48:c5:36:26:04:0d:9b:85:7e:06:83:16:8e:d2:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Apr 9 09:55:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46c5169cbe700d71385e40f34ebd590f512b8f89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ae:64:c1:10:6b:c0:ae:d0:e8:3d:29:4b:b7:
65:32:83:a3:30:d2:f4:ed:b7:fd:83:04:cb:57:fc:
73:b4:08:1a:07:97:bf:a4:41:32:5d:7f:d9:18:f0:
2d:90:43:d6:e9:76:3c:6c:61:9d:e4:6f:67:d7:9a:
f7:d3:71:b1:6f:5c:23:ea:19:69:a7:9e:ac:b4:08:
d9:a9:39:8e:3d:12:e1:62:7a:98:3c:ab:b2:9a:9c:
1e:9b:5e:1d:a6:d9:cb:62:75:2b:5b:e3:70:c0:b7:
68:6a:a4:99:ee:22:29:93:85:dc:00:d5:3e:91:69:
ab:74:0d:bd:18:8e:04:d8:0d:93:70:50:05:71:49:
73:39:92:01:9e:d5:5d:c6:c8:1a:22:00:fd:cd:64:
b5:f6:96:34:1e:2e:b4:d1:78:f4:ad:00:b1:e1:97:
95:5d:67:53:c5:80:7e:52:cb:75:c1:7c:b3:f2:31:
18:e4:e2:e9:d2:3a:07:a3:8e:19:70:78:88:e0:68:
e5:92:b2:dc:ed:4d:37:a1:8e:8b:56:9e:32:e0:cc:
4f:bd:89:b3:36:89:ca:f5:c9:f8:1b:62:72:b6:f0:
f5:33:d0:d2:52:2a:fc:13:b3:3e:d2:a3:3c:47:b0:
63:fe:0b:6b:49:aa:87:de:e2:ca:bb:7b:a4:fa:da:
93:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:C5:16:9C:BE:70:0D:71:38:5E:40:F3:4E:BD:59:0F:51:2B:8F:89
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/RsUWnL5wDXE4XkDzTr1ZD1Erj4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.233.10.0/23
104.233.22.0/23
104.233.27.0-104.233.30.255
Signature Algorithm: sha256WithRSAEncryption
66:c9:41:27:20:13:7c:22:3e:21:63:45:ae:b8:6e:d3:95:ba:
f7:e4:89:a6:71:68:54:53:b6:77:d0:3d:9c:b9:53:93:e9:40:
e9:1f:40:b5:b0:86:75:20:b0:39:c2:f6:2a:ef:9a:80:45:9e:
8f:d2:43:b3:43:d7:e0:ac:01:13:18:73:1a:38:24:0b:0f:7e:
35:44:6d:46:b5:66:5e:81:72:0f:20:c1:7a:b3:c8:1b:9d:d9:
eb:36:e1:aa:8c:65:d1:f8:07:f6:0e:4a:b6:9f:d5:fb:3f:ed:
02:4e:ea:ab:79:a0:62:4d:e4:15:9f:39:2d:20:84:3c:cd:80:
31:8d:42:11:ed:58:df:fe:a1:b9:29:10:f4:08:1e:df:0b:bf:
b2:2c:38:00:df:97:39:bc:9b:af:57:57:67:a6:81:4d:d6:bb:
7f:2a:f2:90:c1:5f:34:4b:5c:9d:90:11:f5:7b:57:a6:3e:24:
f7:f1:f0:a7:bc:6f:05:03:ea:a8:1d:61:32:3b:af:8b:0a:84:
92:09:18:e1:c2:6a:3d:8b:fc:47:58:ad:5d:d1:72:23:09:88:
b7:d1:2c:e1:a3:2a:0b:ed:00:c5:a9:62:be:71:ea:a5:5e:a2:
e2:55:a7:c6:41:95:c9:82:4d:34:89:23:f7:bd:12:6e:da:72:
e9:8c:2a:4d
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY7CSMU2JgQNm4V+BoMWjtK2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwNDA5MDk1NTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmM1MTY5Y2JlNzAwZDcxMzg1ZTQwZjM0ZWJkNTkwZjUxMmI4Zjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv65kwRBrwK7Q6D0pS7dlMoOjMNL0
7bf9gwTLV/xztAgaB5e/pEEyXX/ZGPAtkEPW6XY8bGGd5G9n15r303Gxb1wj6hlp
p56stAjZqTmOPRLhYnqYPKuympwem14dptnLYnUrW+NwwLdoaqSZ7iIpk4XcANU+
kWmrdA29GI4E2A2TcFAFcUlzOZIBntVdxsgaIgD9zWS19pY0Hi600Xj0rQCx4ZeV
XWdTxYB+Ust1wXyz8jEY5OLp0joHo44ZcHiI4GjlkrLc7U03oY6LVp4y4MxPvYmz
NonK9cn4G2JytvD1M9DSUir8E7M+0qM8R7Bj/gtrSaqH3uLKu3uk+tqTeQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEbFFpy+cA1xOF5A8069WQ9RK4+JMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvUnNVV25MNXdEWEU0WGtEelRyMVpEMUVyajRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBaOkKAwQB
aOkWMAwDBABo6RsDBABo6R4wDQYJKoZIhvcNAQELBQADggEBAGbJQScgE3wiPiFj
Ra64btOVuvfkiaZxaFRTtnfQPZy5U5PpQOkfQLWwhnUgsDnC9irvmoBFno/SQ7ND
1+CsARMYcxo4JAsPfjVEbUa1Zl6Bcg8gwXqzyBud2es24aqMZdH4B/YOSraf1fs/
7QJO6qt5oGJN5BWfOS0ghDzNgDGNQhHtWN/+obkpEPQIHt8Lv7IsOADflzm8m69X
V2emgU3Wu38q8pDBXzRLXJ2QEfV7V6Y+JPfx8Ke8bwUD6qgdYTI7r4sKhJIJGOHC
aj2L/EdYrV3RciMJiLfRLOGjKgvtAMWpYr5x6qVeouJVp8ZBlcmCTTSJI/e9Em7a
cumMKk0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:26:00 2024 by rpki-client on console-ams.rpki-client.org