Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/l7GDPKdB66TOBAktW0viKbLqoJc.roa
File: l7GDPKdB66TOBAktW0viKbLqoJc.roa (raw, json)
Hash identifier: sCr0Hiy5ctuXtTb9BSdPPbjRTY7O1difObgdBh3wQ1I=
Subject key identifier: 97:B1:83:3C:A7:41:EB:A4:CE:04:09:2D:5B:4B:E2:29:B2:EA:A0:97
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 018CC4938861065A68202861970934C889A4
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/l7GDPKdB66TOBAktW0viKbLqoJc.roa
Signing time: Mon 01 Jan 2024 10:30:52 +0000
ROA not before: Mon 01 Jan 2024 10:30:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206150
IP address blocks: 185.76.63.0/24 maxlen: 24
185.76.61.0/24 maxlen: 24
188.119.182.0/24 maxlen: 24
188.119.182.0/23 maxlen: 24
188.119.183.0/24 maxlen: 24
188.119.180.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:88:61:06:5a:68:20:28:61:97:09:34:c8:89:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Jan 1 10:30:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97b1833ca741eba4ce04092d5b4be229b2eaa097
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:42:40:f7:e8:32:e1:2a:0c:0f:8f:11:c3:bc:
79:2c:ff:6a:1c:bc:d4:5d:5d:65:d5:77:dc:d1:a7:
3c:fe:30:32:2d:fe:53:95:b4:68:be:97:ce:cc:f7:
7b:e8:ae:62:f4:94:ab:b4:c3:05:fa:46:d0:9c:77:
f2:c0:96:1e:33:5d:f2:09:db:e4:2d:a0:a7:30:d2:
56:f7:6d:a7:ec:d4:a6:02:84:53:6c:04:00:08:01:
f0:55:1f:14:cb:b3:10:2a:a8:f5:94:5a:99:65:44:
96:c9:d8:0a:c6:2f:67:e3:6d:0c:48:28:a7:a7:a1:
a8:2c:f4:57:62:99:2c:ea:00:0a:0a:df:f6:5d:4d:
ef:db:26:4c:c4:0e:94:38:15:a0:0e:97:7b:88:a4:
a9:96:52:8a:d5:a4:1e:b5:04:99:c4:93:03:f9:13:
73:50:8d:16:50:b9:07:58:b6:5b:33:11:76:06:13:
30:83:93:9b:e3:14:c4:a0:dc:85:53:6c:6a:2a:bf:
b5:ae:49:5f:cf:3e:c9:d6:bd:76:eb:d2:85:dc:7b:
9a:a0:59:08:bc:74:4d:08:34:99:62:76:c3:d0:9e:
0d:88:8c:63:fe:58:3c:ba:50:81:c8:44:1b:6f:b2:
58:63:f9:1e:bf:63:f0:ef:25:cb:48:dd:a4:6b:74:
3b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:B1:83:3C:A7:41:EB:A4:CE:04:09:2D:5B:4B:E2:29:B2:EA:A0:97
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/l7GDPKdB66TOBAktW0viKbLqoJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.76.61.0/24
185.76.63.0/24
188.119.180.0/24
188.119.182.0/23
Signature Algorithm: sha256WithRSAEncryption
54:a1:6a:42:fd:e5:b8:dd:f3:f0:e0:1d:b7:28:07:ba:94:8d:
35:04:7f:65:21:53:d3:75:e0:25:72:4a:8b:4a:0a:7e:dc:04:
e7:40:ed:a5:8f:56:29:17:7f:5d:9c:de:22:bb:4d:14:be:a7:
fa:9b:bd:e7:1c:2f:1d:6d:a2:44:91:cb:e2:9d:32:92:ba:b0:
fe:bd:0c:65:b2:52:d7:c6:cb:45:a6:c9:22:18:3c:41:2c:e5:
a2:6b:97:4e:ff:ab:7f:30:99:d7:16:f1:5f:0f:01:40:8f:db:
86:fb:7b:44:48:1e:bb:7f:aa:8f:03:37:3d:73:31:30:80:df:
4b:b7:ad:65:c8:d4:76:02:90:b8:76:56:4a:6d:e6:7c:1c:6c:
7f:67:96:9a:f3:13:ff:2e:27:b2:47:96:40:f0:2c:d9:96:4d:
db:07:46:b5:35:da:35:a9:b0:df:a4:ab:09:61:f2:b4:0e:20:
2e:6b:c3:23:0d:f1:c3:24:f6:44:49:d7:30:df:46:60:0e:33:
c2:09:90:6d:40:27:25:52:bb:2d:98:ee:2f:67:35:07:7d:d9:
ab:7b:ee:25:4c:56:ab:4e:75:46:f1:45:82:55:12:62:dd:27:
93:39:12:cb:b3:29:11:8a:a0:d1:e8:4f:c6:ae:f3:21:cc:c1:
4b:e8:58:85
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEk4hhBlpoIChhlwk0yImkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjQwMTAxMTAzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2IxODMzY2E3NDFlYmE0Y2UwNDA5MmQ1YjRiZTIyOWIyZWFhMDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgEJA9+gy4SoMD48Rw7x5LP9qHLzU
XV1l1Xfc0ac8/jAyLf5TlbRovpfOzPd76K5i9JSrtMMF+kbQnHfywJYeM13yCdvk
LaCnMNJW922n7NSmAoRTbAQACAHwVR8Uy7MQKqj1lFqZZUSWydgKxi9n420MSCin
p6GoLPRXYpks6gAKCt/2XU3v2yZMxA6UOBWgDpd7iKSpllKK1aQetQSZxJMD+RNz
UI0WULkHWLZbMxF2BhMwg5Ob4xTEoNyFU2xqKr+1rklfzz7J1r1269KF3HuaoFkI
vHRNCDSZYnbD0J4NiIxj/lg8ulCByEQbb7JYY/kev2Pw7yXLSN2ka3Q7BwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJexgzynQeukzgQJLVtL4imy6qCXMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvbDdHRFBLZEI2NlRPQkFrdFcwdmlLYkxxb0pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuUw9AwQA
uUw/AwQAvHe0AwQBvHe2MA0GCSqGSIb3DQEBCwUAA4IBAQBUoWpC/eW43fPw4B23
KAe6lI01BH9lIVPTdeAlckqLSgp+3ATnQO2lj1YpF39dnN4iu00Uvqf6m73nHC8d
baJEkcvinTKSurD+vQxlslLXxstFpskiGDxBLOWia5dO/6t/MJnXFvFfDwFAj9uG
+3tESB67f6qPAzc9czEwgN9Lt61lyNR2ApC4dlZKbeZ8HGx/Z5aa8xP/LieyR5ZA
8CzZlk3bB0a1Ndo1qbDfpKsJYfK0DiAua8MjDfHDJPZESdcw30ZgDjPCCZBtQCcl
UrstmO4vZzUHfdmre+4lTFarTnVG8UWCVRJi3SeTORLLsykRiqDR6E/GrvMhzMFL
6FiF
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:54:59 2024 by rpki-client on console-ams.rpki-client.org