Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/VO8aSMMyE1Idk1H3CaNaJldXInk.roa
File: VO8aSMMyE1Idk1H3CaNaJldXInk.roa (raw, json)
Hash identifier: a/yC2ZWIDpsLnaqyGX27KmyFjwGhs1Y/l9dc8cJpoB4=
Subject key identifier: 54:EF:1A:48:C3:32:13:52:1D:93:51:F7:09:A3:5A:26:57:57:22:79
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018CC794D02BC0CA202A7E99906A89F606A0
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/VO8aSMMyE1Idk1H3CaNaJldXInk.roa
Signing time: Tue 02 Jan 2024 00:31:07 +0000
ROA not before: Tue 02 Jan 2024 00:31:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 150445
IP address blocks: 64.137.126.0/24 maxlen: 24
64.137.75.0/24 maxlen: 24
64.137.84.0/24 maxlen: 24
64.137.90.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:d0:2b:c0:ca:20:2a:7e:99:90:6a:89:f6:06:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 00:31:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=54ef1a48c33213521d9351f709a35a2657572279
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:02:45:0e:6c:76:b3:df:1b:77:04:b3:66:78:
61:5d:db:50:db:83:c2:fd:2b:e1:40:0d:7d:50:05:
a3:61:42:17:e0:f6:e3:ae:21:cf:67:ae:7e:55:97:
5b:83:81:fd:c1:81:6d:a3:fa:07:e2:f5:e6:d0:17:
14:02:b0:00:8c:d9:93:f8:38:b3:33:3d:88:c9:51:
be:d1:70:02:18:b8:09:8f:cd:9d:70:b8:3f:fa:d3:
01:64:7a:bc:2f:26:02:5f:23:65:bb:5d:89:d3:46:
e7:9f:98:04:96:62:64:67:c3:a1:3e:76:ec:ab:39:
ec:38:c7:09:6f:c1:ad:47:a1:cb:ed:7e:bd:fe:ab:
ad:df:1a:f0:fa:d9:21:e0:c1:a0:8e:ba:ed:61:d8:
db:bd:84:d8:3d:a3:fd:99:60:c1:a4:8e:dd:8c:9d:
24:f1:83:59:2d:58:1e:62:ee:fa:e0:44:7c:b9:2f:
9e:28:c9:a3:85:92:db:ea:4a:7a:53:c2:cc:cd:b9:
eb:c4:ab:4c:da:48:d4:d9:bc:4c:44:70:48:71:3f:
ff:82:30:74:8b:f6:ec:ea:a5:85:37:b0:88:e0:2c:
0c:bf:02:aa:e3:c8:f9:c1:50:97:74:6c:e5:2f:e0:
7c:3f:4c:12:e8:46:d2:14:6f:ee:cf:5d:89:a8:dd:
ab:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:EF:1A:48:C3:32:13:52:1D:93:51:F7:09:A3:5A:26:57:57:22:79
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/VO8aSMMyE1Idk1H3CaNaJldXInk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.75.0/24
64.137.84.0/24
64.137.90.0/24
64.137.126.0/24
Signature Algorithm: sha256WithRSAEncryption
51:ae:bb:60:1c:f7:ec:f3:ce:4a:33:d8:27:43:46:93:e6:9b:
f5:aa:15:22:14:8c:7c:0a:5b:b2:2f:0c:6a:13:78:55:40:ff:
cb:ee:b6:ae:2f:55:a9:ca:04:2c:9b:4c:42:90:fd:01:47:13:
88:30:2f:20:2c:9c:33:ea:e4:24:90:14:3a:2d:8e:0b:33:22:
22:54:57:36:ca:e5:39:f3:f3:f3:a4:ee:4b:08:2e:9e:a5:36:
4d:86:3c:d0:e3:29:9f:fb:8b:59:41:f0:3e:21:ba:c7:e4:ce:
bd:8e:98:f0:60:bd:f5:74:19:b0:c8:f4:92:a8:8a:76:88:7e:
61:98:33:66:92:2a:20:d2:da:9c:bb:20:b8:ac:26:9a:69:7b:
19:07:82:6a:3d:0a:18:fb:cb:70:7c:a1:52:0d:f7:42:d1:a4:
79:3b:8f:6b:0d:85:45:c5:58:2f:fd:1d:20:30:84:71:3a:9d:
a3:42:f6:30:1a:51:9b:6a:ac:cb:36:c4:5b:50:be:9a:e2:83:
42:44:fe:0f:95:ee:ae:7c:92:a3:b1:cc:64:70:88:f8:b6:38:
6f:fd:43:4d:b6:20:a8:1d:85:78:19:1f:da:ef:09:80:ff:2e:
83:a8:a0:4b:be:b3:a9:85:65:3b:87:a8:62:8e:d5:f1:a4:09:
4d:61:be:33
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzHlNArwMogKn6ZkGqJ9gagMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwMTAyMDAzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGVmMWE0OGMzMzIxMzUyMWQ5MzUxZjcwOWEzNWEyNjU3NTcyMjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgJFDmx2s98bdwSzZnhhXdtQ24PC
/SvhQA19UAWjYUIX4PbjriHPZ65+VZdbg4H9wYFto/oH4vXm0BcUArAAjNmT+Diz
Mz2IyVG+0XACGLgJj82dcLg/+tMBZHq8LyYCXyNlu12J00bnn5gElmJkZ8OhPnbs
qznsOMcJb8GtR6HL7X69/qut3xrw+tkh4MGgjrrtYdjbvYTYPaP9mWDBpI7djJ0k
8YNZLVgeYu764ER8uS+eKMmjhZLb6kp6U8LMzbnrxKtM2kjU2bxMRHBIcT//gjB0
i/bs6qWFN7CI4CwMvwKq48j5wVCXdGzlL+B8P0wS6EbSFG/uz12JqN2rJQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFTvGkjDMhNSHZNR9wmjWiZXVyJ5MB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvVk84YVNNTXlFMUlkazFIM0NhTmFKbGRYSW5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAQIlLAwQA
QIlUAwQAQIlaAwQAQIl+MA0GCSqGSIb3DQEBCwUAA4IBAQBRrrtgHPfs885KM9gn
Q0aT5pv1qhUiFIx8CluyLwxqE3hVQP/L7rauL1WpygQsm0xCkP0BRxOIMC8gLJwz
6uQkkBQ6LY4LMyIiVFc2yuU58/PzpO5LCC6epTZNhjzQ4ymf+4tZQfA+IbrH5M69
jpjwYL31dBmwyPSSqIp2iH5hmDNmkiog0tqcuyC4rCaaaXsZB4JqPQoY+8twfKFS
DfdC0aR5O49rDYVFxVgv/R0gMIRxOp2jQvYwGlGbaqzLNsRbUL6a4oNCRP4Ple6u
fJKjscxkcIj4tjhv/UNNtiCoHYV4GR/a7wmA/y6DqKBLvrOphWU7h6hijtXxpAlN
Yb4z
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:45:44 2024 by rpki-client on console-ams.rpki-client.org