Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/c93aNeFuIBq67DLTDtzGrbYVmws.roa
File: c93aNeFuIBq67DLTDtzGrbYVmws.roa (raw, json)
Hash identifier: sOrFOFGdSscumi0ANhVQjRfll3emtq1pkCkfbQrvgCA=
Subject key identifier: 73:DD:DA:35:E1:6E:20:1A:BA:EC:32:D3:0E:DC:C6:AD:B6:15:9B:0B
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018CC794D24DCC0014B3817D2D8C3701DE85
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/c93aNeFuIBq67DLTDtzGrbYVmws.roa
Signing time: Tue 02 Jan 2024 00:31:08 +0000
ROA not before: Tue 02 Jan 2024 00:31:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205659
IP address blocks: 216.173.76.0/24 maxlen: 24
216.173.82.0/24 maxlen: 24
45.43.167.0/24 maxlen: 24
104.239.10.0/23 maxlen: 23
216.173.96.0/22 maxlen: 22
216.173.102.0/24 maxlen: 24
216.173.106.0/24 maxlen: 24
216.173.110.0/24 maxlen: 24
216.173.107.0/24 maxlen: 24
104.239.105.0/24 maxlen: 24
104.239.104.0/24 maxlen: 24
104.239.106.0/24 maxlen: 24
104.239.107.0/24 maxlen: 24
104.239.111.0/24 maxlen: 24
104.239.124.0/23 maxlen: 23
104.239.126.0/24 maxlen: 24
216.173.120.0/24 maxlen: 24
104.239.75.0/24 maxlen: 24
104.239.78.0/24 maxlen: 24
104.239.76.0/23 maxlen: 23
104.239.80.0/23 maxlen: 23
104.233.12.0/22 maxlen: 22
104.233.24.0/23 maxlen: 23
104.233.26.0/24 maxlen: 24
104.238.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 20:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:d2:4d:cc:00:14:b3:81:7d:2d:8c:37:01:de:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 00:31:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=73ddda35e16e201abaec32d30edcc6adb6159b0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:dc:58:37:92:58:20:7a:d7:58:88:d2:7a:82:
50:07:15:81:c8:69:1e:ba:83:d4:02:2b:2f:4a:ea:
d4:d6:c9:35:19:88:77:2d:79:cf:92:23:6c:ed:6e:
1a:80:56:24:97:ec:2f:27:cb:b6:4a:ec:fa:ff:9e:
dd:df:25:67:92:ee:e3:28:ca:a5:9b:c3:0c:d4:e4:
cc:f6:8c:3f:fb:8c:26:7f:36:1d:fb:4b:c0:aa:7f:
b9:1c:98:67:4e:1c:bd:51:f7:9e:7d:22:15:64:2d:
5a:9e:93:a4:bd:a4:3f:d9:ec:15:03:57:21:93:af:
ac:11:b5:47:ad:2f:91:52:a2:74:86:1f:be:3b:9b:
fe:77:f1:55:69:31:0c:18:fe:18:17:29:4a:74:09:
f2:6f:0f:7a:21:ef:8d:7c:e0:7d:59:8d:54:fa:b5:
95:e0:50:e8:92:95:a0:c3:db:67:54:16:ed:e6:a3:
fb:4d:93:72:9b:df:e3:55:34:4b:64:6b:07:2b:fb:
e6:8f:78:08:6d:a0:e6:51:89:1d:c2:06:d4:88:c7:
90:4c:4f:ad:98:a4:18:2b:ac:f3:3d:76:a0:39:30:
40:c2:d3:4e:cb:92:10:1a:b2:0f:8f:66:65:9f:e9:
00:ff:fa:99:fe:7c:2f:a3:2f:3d:47:1e:a6:9f:31:
ca:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:DD:DA:35:E1:6E:20:1A:BA:EC:32:D3:0E:DC:C6:AD:B6:15:9B:0B
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/c93aNeFuIBq67DLTDtzGrbYVmws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.167.0/24
104.233.12.0/22
104.233.24.0-104.233.26.255
104.238.10.0/24
104.239.10.0/23
104.239.75.0-104.239.78.255
104.239.80.0/23
104.239.104.0/22
104.239.111.0/24
104.239.124.0-104.239.126.255
216.173.76.0/24
216.173.82.0/24
216.173.96.0/22
216.173.102.0/24
216.173.106.0/23
216.173.110.0/24
216.173.120.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:ef:80:cb:70:5d:ff:d8:1a:fb:23:c0:fa:f8:50:d8:9e:a4:
cb:79:4e:22:60:0d:7d:c2:aa:e3:e2:d5:4e:b5:c8:15:b1:9a:
29:26:06:54:e7:e2:62:46:13:e7:c8:99:67:26:27:63:1e:50:
b7:1d:c4:cd:2b:e2:7d:b1:36:52:21:38:fe:cb:42:ce:a9:7c:
4e:bf:94:ae:dd:58:26:d3:9e:41:4f:9e:20:e9:ec:16:84:99:
44:b3:f1:f7:f6:c1:50:31:aa:0e:33:73:ef:cb:49:7c:86:aa:
ec:2c:ab:4b:43:ea:d2:fa:d2:d5:25:33:c8:e2:4e:5d:21:91:
b2:6c:22:8b:6e:05:9c:e1:a1:19:47:a4:f2:48:0c:69:a7:af:
c2:ce:b9:07:35:4d:47:69:d4:65:8c:70:96:70:3f:be:a2:3c:
e8:87:19:b1:e3:93:97:f0:9e:57:1b:e7:85:a5:5f:1b:2e:38:
e0:f0:23:1b:b0:c5:99:34:56:5c:61:fd:aa:93:37:d4:84:28:
a5:95:ed:47:f2:1a:d1:6f:0d:f8:6c:cc:6f:8c:16:0c:dd:de:
38:58:59:ab:25:ab:59:af:40:37:23:5e:ea:23:d3:57:85:f6:
0c:cc:b7:8d:83:57:b6:82:39:b3:ed:88:3d:d4:51:98:a5:36:
8c:dc:6d:a9
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYzHlNJNzAAUs4F9LYw3Ad6FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwMTAyMDAzMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2RkZGEzNWUxNmUyMDFhYmFlYzMyZDMwZWRjYzZhZGI2MTU5YjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdxYN5JYIHrXWIjSeoJQBxWByGke
uoPUAisvSurU1sk1GYh3LXnPkiNs7W4agFYkl+wvJ8u2Suz6/57d3yVnku7jKMql
m8MM1OTM9ow/+4wmfzYd+0vAqn+5HJhnThy9UfeefSIVZC1anpOkvaQ/2ewVA1ch
k6+sEbVHrS+RUqJ0hh++O5v+d/FVaTEMGP4YFylKdAnybw96Ie+NfOB9WY1U+rWV
4FDokpWgw9tnVBbt5qP7TZNym9/jVTRLZGsHK/vmj3gIbaDmUYkdwgbUiMeQTE+t
mKQYK6zzPXagOTBAwtNOy5IQGrIPj2Zln+kA//qZ/nwvoy89Rx6mnzHKQQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFHPd2jXhbiAauuwy0w7cxq22FZsLMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvYzkzYU5lRnVJQnE2N0RMVER0ekdyYllWbXdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAC0r
pwMEAmjpDDAMAwQDaOkYAwQAaOkaAwQAaO4KAwQBaO8KMAwDBABo70sDBABo704D
BAFo71ADBAJo72gDBABo728wDAMEAmjvfAMEAGjvfgMEANitTAMEANitUgMEAtit
YAMEANitZgMEAditagMEANitbgMEANiteDANBgkqhkiG9w0BAQsFAAOCAQEAbO+A
y3Bd/9ga+yPA+vhQ2J6ky3lOImANfcKq4+LVTrXIFbGaKSYGVOfiYkYT58iZZyYn
Yx5Qtx3EzSvifbE2UiE4/stCzql8Tr+Urt1YJtOeQU+eIOnsFoSZRLPx9/bBUDGq
DjNz78tJfIaq7CyrS0Pq0vrS1SUzyOJOXSGRsmwii24FnOGhGUek8kgMaaevws65
BzVNR2nUZYxwlnA/vqI86IcZseOTl/CeVxvnhaVfGy444PAjG7DFmTRWXGH9qpM3
1IQopZXtR/Ia0W8N+GzMb4wWDN3eOFhZqyWrWa9ANyNe6iPTV4X2DMy3jYNXtoI5
s+2IPdRRmKU2jNxtqQ==
-----END CERTIFICATE-----
Generated at Sun Apr 28 03:45:14 2024 by rpki-client on console-ams.rpki-client.org