Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/97be50-2ce6-4e2b-a3e7-1a6ac98ac6f9/1/aL61e945waotkdYjQaB0t4d51zI.roa
File: aL61e945waotkdYjQaB0t4d51zI.roa (raw, json)
Hash identifier: ucWUFdJV8tH4n4i/ccgnWGuEWGkeeKphp+wzhtuv7SI=
Subject key identifier: 68:BE:B5:7B:DE:39:C1:AA:2D:91:D6:23:41:A0:74:B7:87:79:D7:32
Certificate issuer: /CN=be3364bc38f75b18d6f6eef203209f71c2768d85
Certificate serial: 018CC8014E25099E84CCE4A38686C6D489DB
Authority key identifier: BE:33:64:BC:38:F7:5B:18:D6:F6:EE:F2:03:20:9F:71:C2:76:8D:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vjNkvDj3WxjW9u7yAyCfccJ2jYU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/97be50-2ce6-4e2b-a3e7-1a6ac98ac6f9/1/aL61e945waotkdYjQaB0t4d51zI.roa
Signing time: Tue 02 Jan 2024 02:29:37 +0000
ROA not before: Tue 02 Jan 2024 02:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203203
IP address blocks: 185.179.84.0/22 maxlen: 22
185.179.85.0/24 maxlen: 24
185.179.84.0/24 maxlen: 24
185.179.86.0/24 maxlen: 24
2a0a:7e80::/48 maxlen: 48
2a0a:7e80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/97be50-2ce6-4e2b-a3e7-1a6ac98ac6f9/1/vjNkvDj3WxjW9u7yAyCfccJ2jYU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/97be50-2ce6-4e2b-a3e7-1a6ac98ac6f9/1/vjNkvDj3WxjW9u7yAyCfccJ2jYU.mft
rsync://rpki.ripe.net/repository/DEFAULT/vjNkvDj3WxjW9u7yAyCfccJ2jYU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:01:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:4e:25:09:9e:84:cc:e4:a3:86:86:c6:d4:89:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be3364bc38f75b18d6f6eef203209f71c2768d85
Validity
Not Before: Jan 2 02:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68beb57bde39c1aa2d91d62341a074b78779d732
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:77:a6:4e:f0:f4:7c:24:96:33:be:53:68:72:
69:98:ba:ce:51:2b:d1:84:93:2d:30:af:46:21:8c:
d4:90:0f:b6:cd:ce:7d:ae:de:da:b3:b5:5b:a2:ae:
8e:8e:8b:aa:5e:af:d8:b7:a6:95:78:d6:15:b6:fd:
93:50:33:32:46:c3:08:39:29:99:30:3a:0a:c8:cf:
fa:48:17:e8:c9:8f:a4:18:a0:52:ee:ad:22:69:df:
47:cb:79:a2:36:30:5d:f6:92:b6:70:e8:8a:91:9b:
5a:1f:28:a8:f9:3d:b1:d8:5e:7b:d0:bb:65:6f:9c:
b8:ed:d4:b9:d6:3f:65:01:49:e2:3a:34:26:e9:09:
d4:84:e9:60:e2:35:da:65:11:78:dd:be:53:5c:8a:
8d:de:fb:77:67:9f:57:ab:29:88:bc:ed:9d:20:c1:
28:b5:16:17:26:64:f8:40:c8:c4:b6:a9:c2:85:7c:
89:56:5c:cb:44:e2:85:1e:ad:e6:d7:f5:02:f6:c9:
13:e6:78:e7:6f:f2:97:9f:8a:5c:e7:bb:56:2e:36:
d3:ee:b0:3b:1d:80:2c:44:0a:b3:7a:1f:29:59:8f:
90:da:ed:70:10:92:86:64:ae:45:d5:4d:9d:45:b2:
67:d2:c2:73:f1:9b:53:f2:59:af:29:61:e6:1b:bf:
58:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:BE:B5:7B:DE:39:C1:AA:2D:91:D6:23:41:A0:74:B7:87:79:D7:32
X509v3 Authority Key Identifier:
keyid:BE:33:64:BC:38:F7:5B:18:D6:F6:EE:F2:03:20:9F:71:C2:76:8D:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vjNkvDj3WxjW9u7yAyCfccJ2jYU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/97be50-2ce6-4e2b-a3e7-1a6ac98ac6f9/1/aL61e945waotkdYjQaB0t4d51zI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/97be50-2ce6-4e2b-a3e7-1a6ac98ac6f9/1/vjNkvDj3WxjW9u7yAyCfccJ2jYU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.179.84.0/22
IPv6:
2a0a:7e80::/29
Signature Algorithm: sha256WithRSAEncryption
4b:3b:6b:ee:1b:d8:d8:5a:21:bf:f1:52:3f:5d:9c:0e:55:dc:
0a:c1:0d:4c:39:c8:05:33:36:4c:6f:28:07:77:2a:a8:50:c7:
23:8b:30:6b:58:43:b9:e9:f6:05:20:b0:17:4b:62:35:9f:ef:
ae:43:00:8b:51:72:3e:d4:01:9b:ca:8a:72:3e:a1:75:95:ed:
91:f1:e3:b4:f2:ee:b8:ce:e0:d0:cf:b1:c7:21:06:cc:14:e0:
2e:67:18:25:46:c4:1c:c0:02:59:94:a7:ea:af:2b:83:47:80:
03:d6:55:a4:43:cc:97:af:36:75:1f:07:50:3f:00:63:e0:b2:
64:7c:78:67:ab:da:0a:0e:56:3a:de:cd:98:91:cd:bf:86:57:
8f:5b:28:e9:2e:9c:5d:8f:57:0a:c1:84:82:51:32:8d:b8:1a:
19:34:75:2f:e4:5a:9a:17:6b:dd:57:3e:a9:e4:67:11:fa:f9:
c5:7c:49:ca:91:57:2f:37:0a:0a:10:f9:10:2f:5e:c5:d0:5a:
56:55:71:14:a5:47:7f:02:4d:33:0a:46:10:ac:73:7c:5a:91:
a6:4e:fe:2d:86:96:fa:ec:2b:af:19:92:51:1e:36:dc:ba:19:
d9:86:b1:63:36:b5:36:28:62:7a:e1:c9:33:93:e0:6b:d4:5c:
22:4f:5b:06
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIAU4lCZ6EzOSjhobG1InbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlMzM2NGJjMzhmNzViMThkNmY2ZWVmMjAzMjA5ZjcxYzI3
NjhkODUwHhcNMjQwMTAyMDIyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGJlYjU3YmRlMzljMWFhMmQ5MWQ2MjM0MWEwNzRiNzg3NzlkNzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2HemTvD0fCSWM75TaHJpmLrOUSvR
hJMtMK9GIYzUkA+2zc59rt7as7Vboq6OjouqXq/Yt6aVeNYVtv2TUDMyRsMIOSmZ
MDoKyM/6SBfoyY+kGKBS7q0iad9Hy3miNjBd9pK2cOiKkZtaHyio+T2x2F570Ltl
b5y47dS51j9lAUniOjQm6QnUhOlg4jXaZRF43b5TXIqN3vt3Z59XqymIvO2dIMEo
tRYXJmT4QMjEtqnChXyJVlzLROKFHq3m1/UC9skT5njnb/KXn4pc57tWLjbT7rA7
HYAsRAqzeh8pWY+Q2u1wEJKGZK5F1U2dRbJn0sJz8ZtT8lmvKWHmG79Y5QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGi+tXveOcGqLZHWI0GgdLeHedcyMB8GA1UdIwQY
MBaAFL4zZLw491sY1vbu8gMgn3HCdo2FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmpOa3ZEajNXeGpXOXU3eUF5Q2ZjY0oyallVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy85N2JlNTAtMmNlNi00ZTJiLWEzZTct
MWE2YWM5OGFjNmY5LzEvYUw2MWU5NDV3YW90a2RZalFhQjB0NGQ1MXpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy85N2JlNTAtMmNlNi00ZTJiLWEzZTctMWE2YWM5OGFjNmY5
LzEvdmpOa3ZEajNXeGpXOXU3eUF5Q2ZjY0oyallVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubNUMA0E
AgACMAcDBQMqCn6AMA0GCSqGSIb3DQEBCwUAA4IBAQBLO2vuG9jYWiG/8VI/XZwO
VdwKwQ1MOcgFMzZMbygHdyqoUMcjizBrWEO56fYFILAXS2I1n++uQwCLUXI+1AGb
yopyPqF1le2R8eO08u64zuDQz7HHIQbMFOAuZxglRsQcwAJZlKfqryuDR4AD1lWk
Q8yXrzZ1HwdQPwBj4LJkfHhnq9oKDlY63s2Ykc2/hlePWyjpLpxdj1cKwYSCUTKN
uBoZNHUv5FqaF2vdVz6p5GcR+vnFfEnKkVcvNwoKEPkQL17F0FpWVXEUpUd/Ak0z
CkYQrHN8WpGmTv4thpb67CuvGZJRHjbcuhnZhrFjNrU2KGJ64ckzk+Br1FwiT1sG
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:58:55 2024 by rpki-client on console-fra.rpki-client.org