Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/0868af-f2d7-4905-88d2-9db6665449cb/1/keaJnvIWYOuP_63pLet2U2x0rfc.roa
File: keaJnvIWYOuP_63pLet2U2x0rfc.roa (raw, json)
Hash identifier: llQt17cLaMbOYfolgbRd267w+aGZr8SyA6puo5xs/sg=
Subject key identifier: 91:E6:89:9E:F2:16:60:EB:8F:FF:AD:E9:2D:EB:76:53:6C:74:AD:F7
Certificate issuer: /CN=f3e23abae3cf0b351260d66f32339928fddf2ebb
Certificate serial: 018CC5DBFF7A7C03AB63414F0F024BDAFC64
Authority key identifier: F3:E2:3A:BA:E3:CF:0B:35:12:60:D6:6F:32:33:99:28:FD:DF:2E:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8-I6uuPPCzUSYNZvMjOZKP3fLrs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/0868af-f2d7-4905-88d2-9db6665449cb/1/keaJnvIWYOuP_63pLet2U2x0rfc.roa
Signing time: Mon 01 Jan 2024 16:29:38 +0000
ROA not before: Mon 01 Jan 2024 16:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49584
IP address blocks: 185.179.112.0/24 maxlen: 24
185.179.114.0/24 maxlen: 24
185.179.113.0/24 maxlen: 24
185.179.115.0/24 maxlen: 24
185.2.60.0/22 maxlen: 24
2a0e:1c40:2000::/48 maxlen: 48
2a0e:1c40:4000::/48 maxlen: 48
2a0e:1c40:1::/48 maxlen: 48
2a0e:1c40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/0868af-f2d7-4905-88d2-9db6665449cb/1/8-I6uuPPCzUSYNZvMjOZKP3fLrs.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/0868af-f2d7-4905-88d2-9db6665449cb/1/8-I6uuPPCzUSYNZvMjOZKP3fLrs.mft
rsync://rpki.ripe.net/repository/DEFAULT/8-I6uuPPCzUSYNZvMjOZKP3fLrs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:ff:7a:7c:03:ab:63:41:4f:0f:02:4b:da:fc:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3e23abae3cf0b351260d66f32339928fddf2ebb
Validity
Not Before: Jan 1 16:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91e6899ef21660eb8fffade92deb76536c74adf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:4d:04:16:14:58:14:90:60:b5:9f:f2:09:f4:
16:de:ef:09:a4:5f:1b:a1:aa:8b:01:56:75:bc:b2:
f1:c0:d6:a4:31:b3:b7:88:5b:cb:30:85:05:45:14:
04:4e:1e:f9:ed:e3:2b:d8:5e:97:22:9b:1c:83:b0:
6a:f9:fb:de:34:17:19:ae:e0:d3:b7:61:c8:ec:5a:
4e:b0:97:6a:21:35:f9:0d:67:40:a3:b1:fe:b0:e3:
c3:f5:17:e3:a3:53:6b:d0:f3:37:b6:32:d4:96:49:
53:82:2a:5f:92:b0:20:f1:7e:fe:8e:b2:de:e9:05:
7d:e3:0d:b9:63:66:63:08:e9:02:c0:06:1b:ee:19:
a8:94:0d:c4:69:e4:77:1e:ae:af:b0:d7:59:b0:0d:
85:d1:0f:76:74:41:9c:7f:9f:bf:04:a7:52:4d:8d:
d7:f5:34:76:6b:da:f8:ad:be:dc:e4:5e:61:22:da:
7d:30:cb:2a:e9:98:25:13:74:c3:bb:7c:7e:f1:f6:
cc:f9:43:65:8d:2f:8b:d9:90:48:50:93:c7:94:98:
01:50:fc:8f:60:ab:dd:68:fa:36:84:1b:32:cd:3f:
d0:ce:0d:90:6d:d5:88:88:28:26:34:3f:da:a7:3b:
27:4c:5c:ac:09:b2:29:5f:e3:cb:35:0b:40:c6:65:
b4:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:E6:89:9E:F2:16:60:EB:8F:FF:AD:E9:2D:EB:76:53:6C:74:AD:F7
X509v3 Authority Key Identifier:
keyid:F3:E2:3A:BA:E3:CF:0B:35:12:60:D6:6F:32:33:99:28:FD:DF:2E:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8-I6uuPPCzUSYNZvMjOZKP3fLrs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/0868af-f2d7-4905-88d2-9db6665449cb/1/keaJnvIWYOuP_63pLet2U2x0rfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/0868af-f2d7-4905-88d2-9db6665449cb/1/8-I6uuPPCzUSYNZvMjOZKP3fLrs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.60.0/22
185.179.112.0/22
IPv6:
2a0e:1c40::/29
Signature Algorithm: sha256WithRSAEncryption
8a:f3:25:32:3c:f0:3d:bd:53:80:83:4f:c3:6b:c8:0c:68:8a:
67:8a:97:79:d1:42:09:49:f4:12:9c:16:ad:23:2e:33:28:fd:
e9:84:96:fe:74:e3:81:5a:55:c5:47:73:2f:e5:b2:aa:a3:c7:
4a:b9:17:ad:dc:c2:c5:44:3c:bb:a2:68:2d:cf:d3:82:7a:f0:
59:40:a2:98:ba:62:8f:61:b3:20:bc:7f:25:cb:9a:f4:5f:32:
2a:67:f1:4a:60:42:06:4b:3d:90:c0:11:78:c7:f2:7a:5e:25:
60:6e:c6:fb:6f:b4:4a:f0:6a:5c:49:03:00:7a:9d:5b:25:3f:
2a:c3:fb:8d:8c:bd:f3:d4:a4:58:f8:fa:c2:10:37:9a:fc:2d:
ef:5c:5f:2c:55:0d:b4:a2:57:ef:3a:2f:e7:bb:6f:8c:f8:77:
60:05:df:30:5f:fa:1c:39:3c:21:99:ea:ac:09:59:cb:58:0e:
94:a6:80:c3:41:fa:8a:17:35:b1:1c:0f:55:4c:b6:a9:e7:76:
39:00:42:ea:b5:d9:e8:bf:2c:b9:ea:22:f0:d2:a2:f4:14:09:
42:9d:a5:73:05:da:3f:d2:bc:ab:e4:cc:13:30:95:34:a2:dd:
ef:ed:72:f5:28:3d:f5:11:b3:89:b4:7a:ca:6f:d8:76:49:3e:
b7:15:63:55
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzF2/96fAOrY0FPDwJL2vxkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzZTIzYWJhZTNjZjBiMzUxMjYwZDY2ZjMyMzM5OTI4ZmRk
ZjJlYmIwHhcNMjQwMTAxMTYyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWU2ODk5ZWYyMTY2MGViOGZmZmFkZTkyZGViNzY1MzZjNzRhZGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw00EFhRYFJBgtZ/yCfQW3u8JpF8b
oaqLAVZ1vLLxwNakMbO3iFvLMIUFRRQETh757eMr2F6XIpscg7Bq+fveNBcZruDT
t2HI7FpOsJdqITX5DWdAo7H+sOPD9Rfjo1Nr0PM3tjLUlklTgipfkrAg8X7+jrLe
6QV94w25Y2ZjCOkCwAYb7hmolA3EaeR3Hq6vsNdZsA2F0Q92dEGcf5+/BKdSTY3X
9TR2a9r4rb7c5F5hItp9MMsq6ZglE3TDu3x+8fbM+UNljS+L2ZBIUJPHlJgBUPyP
YKvdaPo2hBsyzT/Qzg2QbdWIiCgmND/apzsnTFysCbIpX+PLNQtAxmW0twIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJHmiZ7yFmDrj/+t6S3rdlNsdK33MB8GA1UdIwQY
MBaAFPPiOrrjzws1EmDWbzIzmSj93y67MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOC1JNnV1UFBDelVTWU5adk1qT1pLUDNmTHJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8wODY4YWYtZjJkNy00OTA1LTg4ZDIt
OWRiNjY2NTQ0OWNiLzEva2VhSm52SVdZT3VQXzYzcExldDJVMngwcmZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC8wODY4YWYtZjJkNy00OTA1LTg4ZDItOWRiNjY2NTQ0OWNi
LzEvOC1JNnV1UFBDelVTWU5adk1qT1pLUDNmTHJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuQI8AwQC
ubNwMA0EAgACMAcDBQMqDhxAMA0GCSqGSIb3DQEBCwUAA4IBAQCK8yUyPPA9vVOA
g0/Da8gMaIpnipd50UIJSfQSnBatIy4zKP3phJb+dOOBWlXFR3Mv5bKqo8dKuRet
3MLFRDy7omgtz9OCevBZQKKYumKPYbMgvH8ly5r0XzIqZ/FKYEIGSz2QwBF4x/J6
XiVgbsb7b7RK8GpcSQMAep1bJT8qw/uNjL3z1KRY+PrCEDea/C3vXF8sVQ20olfv
Oi/nu2+M+HdgBd8wX/ocOTwhmeqsCVnLWA6UpoDDQfqKFzWxHA9VTLap53Y5AELq
tdnovyy56iLw0qL0FAlCnaVzBdo/0ryr5MwTMJU0ot3v7XL1KD31EbOJtHrKb9h2
ST63FWNV
-----END CERTIFICATE-----
Generated at Mon May 20 05:17:25 2024 by rpki-client on console-fra.rpki-client.org