Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/cZUD51CHqsQn1UPp84zHrugIJWw.roa
File: cZUD51CHqsQn1UPp84zHrugIJWw.roa (raw, json)
Hash identifier: 7KPwaObmJO7IoeNMJpn2AxqB+8q0pzt5J4OjPKhxazQ=
Subject key identifier: 71:95:03:E7:50:87:AA:C4:27:D5:43:E9:F3:8C:C7:AE:E8:08:25:6C
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018CC794D1C7AE666CB7D5EBCB5AB8D34A42
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/cZUD51CHqsQn1UPp84zHrugIJWw.roa
Signing time: Tue 02 Jan 2024 00:31:08 +0000
ROA not before: Tue 02 Jan 2024 00:31:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202496
IP address blocks: 216.173.78.0/23 maxlen: 23
104.249.30.0/23 maxlen: 23
45.43.176.0/23 maxlen: 23
45.43.176.0/20 maxlen: 20
45.43.178.0/23 maxlen: 23
45.43.180.0/23 maxlen: 23
45.43.182.0/23 maxlen: 23
45.43.186.0/23 maxlen: 23
45.43.184.0/23 maxlen: 23
104.143.235.0/24 maxlen: 24
45.43.190.0/23 maxlen: 23
45.43.188.0/23 maxlen: 23
104.249.60.0/23 maxlen: 23
104.238.4.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:d1:c7:ae:66:6c:b7:d5:eb:cb:5a:b8:d3:4a:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 00:31:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=719503e75087aac427d543e9f38cc7aee808256c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:80:30:5a:af:72:b4:64:c9:3a:cd:9d:0e:4a:
b9:88:5c:a1:87:dd:1c:12:8c:ee:69:1f:cf:6c:db:
2c:91:d4:23:ca:b7:54:90:19:b7:a8:38:3c:f6:45:
5e:4e:f6:d6:b5:70:af:7c:84:e2:fc:9b:fc:43:7c:
e2:ab:ed:5e:fe:50:57:95:7a:2d:b8:74:c0:76:1e:
9a:d1:6b:82:55:9f:27:b6:5f:d7:d1:7a:81:98:8b:
dc:ff:b3:09:31:ee:6d:26:5f:6a:38:62:e5:37:60:
0a:53:8b:49:60:da:05:63:20:f3:3d:58:43:83:e2:
9e:df:8c:89:57:a6:50:a9:14:dc:15:44:e9:f6:89:
32:7b:8d:24:fa:05:51:b3:49:8a:9d:1c:e4:fa:c4:
52:33:f7:b5:9a:84:e7:e3:c2:39:75:9e:a6:39:cb:
36:d3:4d:9c:3c:6a:81:11:3b:47:ef:9c:e8:fe:88:
00:f5:cc:a2:df:78:9e:8f:8f:33:75:6d:26:57:8e:
2b:4c:b2:9a:47:10:e9:32:d1:23:9f:ab:7e:cb:5a:
9c:d6:d7:c9:5b:8d:68:a1:c3:c9:27:70:18:88:e1:
d6:5b:be:f1:94:ad:4d:8b:70:a4:da:22:ab:30:ed:
91:f2:99:fd:2d:2b:17:54:1f:7d:14:6e:f6:a9:6a:
31:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:95:03:E7:50:87:AA:C4:27:D5:43:E9:F3:8C:C7:AE:E8:08:25:6C
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/cZUD51CHqsQn1UPp84zHrugIJWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.176.0/20
104.143.235.0/24
104.238.4.0/23
104.249.30.0/23
104.249.60.0/23
216.173.78.0/23
Signature Algorithm: sha256WithRSAEncryption
20:e8:34:fe:81:b0:8e:17:e2:24:02:36:e9:0f:1a:90:16:4d:
24:31:58:c1:ec:ee:b4:d0:c8:65:87:4c:0e:23:44:b8:1d:04:
1c:1e:22:2e:c0:8c:69:85:51:47:27:2d:82:39:fb:5f:7c:8e:
85:d4:3c:51:f6:c3:ba:42:00:08:92:26:2d:17:25:87:ad:4b:
d1:57:82:c3:de:34:71:25:fd:eb:4b:22:6a:0d:25:ce:3a:3a:
77:90:e2:ab:e0:61:93:42:52:a8:32:64:1a:e8:95:a0:b5:14:
1d:cc:c8:cb:31:9c:5a:9a:63:58:02:15:4b:51:4c:d9:15:da:
e8:ab:6c:47:2d:30:8e:57:06:e3:ac:b2:41:79:3c:a6:9b:a7:
83:fe:99:64:0b:17:c3:9c:2f:b5:6e:4a:89:11:ad:07:dd:a7:
46:f6:95:e2:95:b2:2b:25:26:bc:91:b9:5b:dd:21:10:d6:e4:
5f:79:ce:69:df:0e:4d:61:93:c8:9e:97:c0:36:92:d6:9f:c5:
bb:94:71:50:1b:96:d1:b6:3b:24:f2:f8:2b:cf:e9:f4:29:3d:
d7:9d:3f:1e:9a:08:13:f6:42:af:a2:c8:b9:79:62:a7:4e:d9:
be:cd:2b:a8:d4:83:eb:31:f8:08:c1:de:1f:61:f1:db:f9:b4:
10:4b:ca:20
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzHlNHHrmZst9Xry1q400pCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwMTAyMDAzMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTk1MDNlNzUwODdhYWM0MjdkNTQzZTlmMzhjYzdhZWU4MDgyNTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIAwWq9ytGTJOs2dDkq5iFyhh90c
EozuaR/PbNsskdQjyrdUkBm3qDg89kVeTvbWtXCvfITi/Jv8Q3ziq+1e/lBXlXot
uHTAdh6a0WuCVZ8ntl/X0XqBmIvc/7MJMe5tJl9qOGLlN2AKU4tJYNoFYyDzPVhD
g+Ke34yJV6ZQqRTcFUTp9okye40k+gVRs0mKnRzk+sRSM/e1moTn48I5dZ6mOcs2
002cPGqBETtH75zo/ogA9cyi33iej48zdW0mV44rTLKaRxDpMtEjn6t+y1qc1tfJ
W41oocPJJ3AYiOHWW77xlK1Ni3Ck2iKrMO2R8pn9LSsXVB99FG72qWox1wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHGVA+dQh6rEJ9VD6fOMx67oCCVsMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvY1pVRDUxQ0hxc1FuMVVQcDg0ekhydWdJSld3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQELSuwAwQA
aI/rAwQBaO4EAwQBaPkeAwQBaPk8AwQB2K1OMA0GCSqGSIb3DQEBCwUAA4IBAQAg
6DT+gbCOF+IkAjbpDxqQFk0kMVjB7O600Mhlh0wOI0S4HQQcHiIuwIxphVFHJy2C
OftffI6F1DxR9sO6QgAIkiYtFyWHrUvRV4LD3jRxJf3rSyJqDSXOOjp3kOKr4GGT
QlKoMmQa6JWgtRQdzMjLMZxammNYAhVLUUzZFdroq2xHLTCOVwbjrLJBeTymm6eD
/plkCxfDnC+1bkqJEa0H3adG9pXilbIrJSa8kblb3SEQ1uRfec5p3w5NYZPInpfA
NpLWn8W7lHFQG5bRtjsk8vgrz+n0KT3XnT8emggT9kKvosi5eWKnTtm+zSuo1IPr
MfgIwd4fYfHb+bQQS8og
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:45:44 2024 by rpki-client on console-ams.rpki-client.org