Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/dDsZwnQTUqzVefhnoXaaxCrQBxA.roa
File: dDsZwnQTUqzVefhnoXaaxCrQBxA.roa (raw, json)
Hash identifier: DuuDZDSsyaEGaHMu6D+xNna9Z9WpRBtYhE0s5W29PAw=
Subject key identifier: 74:3B:19:C2:74:13:52:AC:D5:79:F8:67:A1:76:9A:C4:2A:D0:07:10
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 019058F4D64E3983ECE15A715492C611AFBA
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/dDsZwnQTUqzVefhnoXaaxCrQBxA.roa
Signing time: Thu 27 Jun 2024 09:09:18 +0000
ROA not before: Thu 27 Jun 2024 09:09:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40676
IP address blocks: 104.222.160.0/24 maxlen: 24
104.222.163.0/24 maxlen: 24
104.222.164.0/24 maxlen: 24
104.222.165.0/24 maxlen: 24
104.222.166.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:58:f4:d6:4e:39:83:ec:e1:5a:71:54:92:c6:11:af:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jun 27 09:09:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=743b19c2741352acd579f867a1769ac42ad00710
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:b0:0d:3e:d4:9b:6b:5d:b5:2f:62:13:b8:65:
9c:6c:74:18:4d:56:55:2f:19:f6:f2:76:43:ac:63:
ea:4b:6f:a6:8e:c9:3d:3d:72:93:38:8f:5c:55:33:
ac:c3:6a:95:12:bc:20:fb:75:c5:88:17:ac:d2:e7:
aa:03:30:b4:ae:66:18:af:7b:c0:fc:59:37:0d:82:
7a:f3:c1:f4:40:77:76:bf:45:15:8f:b5:da:d9:2a:
14:51:26:aa:7e:87:0e:9d:e9:17:41:82:65:8b:5b:
e0:73:79:9a:33:3c:36:ed:2b:c8:f9:ce:e5:02:0c:
97:1c:a0:82:88:08:e3:a7:39:cb:7b:90:2f:f5:22:
6b:10:e6:1d:58:21:0e:e9:3c:4e:a7:45:cf:4f:50:
6f:fe:a7:5d:27:f5:ac:7f:03:4d:50:e0:8f:70:fc:
f7:d4:be:49:88:c4:48:e1:05:a5:0f:46:7e:91:25:
50:ef:69:23:bb:dc:4d:6a:6b:50:0d:ce:b7:3e:c1:
0b:74:8a:fe:71:41:18:b9:66:d8:d0:7c:cc:fc:00:
e6:e6:45:59:03:bb:78:dd:95:af:a3:85:41:5f:5e:
92:96:e2:12:0f:0c:ff:7e:37:62:63:c6:23:86:97:
b4:d8:ee:92:69:dd:dc:9b:14:13:9b:03:65:cc:80:
c7:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:3B:19:C2:74:13:52:AC:D5:79:F8:67:A1:76:9A:C4:2A:D0:07:10
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/dDsZwnQTUqzVefhnoXaaxCrQBxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.222.160.0/24
104.222.163.0-104.222.166.255
Signature Algorithm: sha256WithRSAEncryption
84:1a:53:aa:c3:e9:94:31:f7:d6:2e:d3:9e:f1:1b:8b:e2:0c:
ee:13:22:ef:3b:69:20:72:e2:69:30:d6:4c:a4:35:16:64:c2:
00:8f:e7:cb:da:be:74:79:83:ea:58:a3:36:0d:3a:55:41:30:
26:99:17:7a:f8:25:1a:0a:6b:89:22:c2:23:cc:9c:94:85:5c:
ae:8a:e9:aa:31:45:dd:5a:81:97:2d:ce:9d:e9:6f:e8:93:28:
03:70:83:47:fb:78:51:3a:7a:3b:71:04:7a:7a:8a:91:71:9d:
a9:de:d5:2b:4f:a3:eb:fc:84:be:5b:f8:18:97:53:a2:2e:c6:
4f:c7:8d:5e:d7:ba:e3:4c:a4:0f:59:3e:58:92:08:c1:97:8f:
2b:c2:de:d7:1b:d2:69:6b:c1:36:87:87:9e:59:5a:aa:2b:e7:
b3:93:c4:79:0b:af:49:96:03:e4:68:a0:20:bc:64:a3:91:9e:
93:22:3f:a4:a0:1d:55:c9:b8:a9:2f:f8:c3:45:25:92:60:1b:
d5:7c:99:69:61:44:b2:25:c3:66:fd:79:87:94:b4:89:9c:10:
b5:6e:7b:d6:69:04:71:0f:8c:80:90:12:9f:d7:82:52:3a:c6:
3f:a2:5e:cc:bc:14:fa:7f:a6:8a:d6:34:dc:21:0a:d2:1d:98:
ea:89:4e:f0
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZBY9NZOOYPs4VpxVJLGEa+6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQwNjI3MDkwOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDNiMTljMjc0MTM1MmFjZDU3OWY4NjdhMTc2OWFjNDJhZDAwNzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrANPtSba121L2ITuGWcbHQYTVZV
Lxn28nZDrGPqS2+mjsk9PXKTOI9cVTOsw2qVErwg+3XFiBes0ueqAzC0rmYYr3vA
/Fk3DYJ688H0QHd2v0UVj7Xa2SoUUSaqfocOnekXQYJli1vgc3maMzw27SvI+c7l
AgyXHKCCiAjjpznLe5Av9SJrEOYdWCEO6TxOp0XPT1Bv/qddJ/WsfwNNUOCPcPz3
1L5JiMRI4QWlD0Z+kSVQ72kju9xNamtQDc63PsELdIr+cUEYuWbY0HzM/ADm5kVZ
A7t43ZWvo4VBX16SluISDwz/fjdiY8Yjhpe02O6Sad3cmxQTmwNlzIDHOwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFHQ7GcJ0E1Ks1Xn4Z6F2msQq0AcQMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvZERzWnduUVRVcXpWZWZobm9YYWF4Q3JRQnhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAaN6gMAwD
BABo3qMDBABo3qYwDQYJKoZIhvcNAQELBQADggEBAIQaU6rD6ZQx99Yu057xG4vi
DO4TIu87aSBy4mkw1kykNRZkwgCP58vavnR5g+pYozYNOlVBMCaZF3r4JRoKa4ki
wiPMnJSFXK6K6aoxRd1agZctzp3pb+iTKANwg0f7eFE6ejtxBHp6ipFxnane1StP
o+v8hL5b+BiXU6Iuxk/HjV7XuuNMpA9ZPliSCMGXjyvC3tcb0mlrwTaHh55ZWqor
57OTxHkLr0mWA+RooCC8ZKORnpMiP6SgHVXJuKkv+MNFJZJgG9V8mWlhRLIlw2b9
eYeUtImcELVue9ZpBHEPjICQEp/XglI6xj+iXsy8FPp/porWNNwhCtIdmOqJTvA=
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:33:36 2024 by rpki-client on console-fra.rpki-client.org