Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ee04d8-49dc-409f-92fc-dd5623048ea2/1/5hck9muLHU-9Jo-K-FLKem8BIdM.roa
File: 5hck9muLHU-9Jo-K-FLKem8BIdM.roa (raw, json)
Hash identifier: 3kdZZA5t/Qb/d0t5ZRKshxaZiL6DveequpSlYcSjOyo=
Subject key identifier: E6:17:24:F6:6B:8B:1D:4F:BD:26:8F:8A:F8:52:CA:7A:6F:01:21:D3
Certificate issuer: /CN=7a0cfd5a51013e5fd6caf809878047a605ee9d6d
Certificate serial: 018CCA2A441F5BBC826F934497C3895A3660
Authority key identifier: 7A:0C:FD:5A:51:01:3E:5F:D6:CA:F8:09:87:80:47:A6:05:EE:9D:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/egz9WlEBPl_WyvgJh4BHpgXunW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ee04d8-49dc-409f-92fc-dd5623048ea2/1/5hck9muLHU-9Jo-K-FLKem8BIdM.roa
Signing time: Tue 02 Jan 2024 12:33:36 +0000
ROA not before: Tue 02 Jan 2024 12:33:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198551
IP address blocks: 185.76.0.0/22 maxlen: 24
185.208.60.0/22 maxlen: 24
185.226.16.0/22 maxlen: 24
212.84.56.0/21 maxlen: 24
185.218.32.0/22 maxlen: 24
185.206.116.0/22 maxlen: 24
185.204.204.0/22 maxlen: 24
185.204.208.0/22 maxlen: 24
185.234.140.0/22 maxlen: 24
185.171.112.0/22 maxlen: 24
2a0a:d100::/29 maxlen: 32
2a00:dfc0::/29 maxlen: 29
2a00:dfc2::/32 maxlen: 32
2a00:dfc1::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/ee04d8-49dc-409f-92fc-dd5623048ea2/1/egz9WlEBPl_WyvgJh4BHpgXunW0.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/ee04d8-49dc-409f-92fc-dd5623048ea2/1/egz9WlEBPl_WyvgJh4BHpgXunW0.mft
rsync://rpki.ripe.net/repository/DEFAULT/egz9WlEBPl_WyvgJh4BHpgXunW0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:44:1f:5b:bc:82:6f:93:44:97:c3:89:5a:36:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a0cfd5a51013e5fd6caf809878047a605ee9d6d
Validity
Not Before: Jan 2 12:33:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e61724f66b8b1d4fbd268f8af852ca7a6f0121d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:de:ee:5f:c7:d7:ac:ec:ff:3b:73:35:b3:40:
c0:f6:31:95:d6:8c:80:15:64:e5:41:56:8e:7f:e4:
3c:75:85:fb:d5:0c:a1:83:f1:c0:95:d5:0c:d2:47:
4f:e6:2c:f9:00:3e:bd:63:fd:ee:85:76:a7:5b:a5:
1b:df:f7:6d:ff:5d:3d:f2:b1:45:59:85:28:83:d5:
60:7b:c8:79:65:4a:9e:ff:c0:c8:9c:2d:72:24:a7:
76:85:4b:05:11:12:bb:7b:8a:47:16:17:89:d3:d4:
62:c6:8f:0a:67:5e:3b:7c:c2:e6:4b:dd:5b:18:af:
9e:24:36:4d:a1:94:6c:31:47:9e:d3:05:16:b7:1f:
b5:7f:a1:2f:c5:2d:21:10:65:af:c0:03:f2:75:af:
c3:be:57:7c:7f:a0:e2:7e:c3:c4:76:59:6e:27:72:
bd:0d:95:59:49:7d:8b:49:97:37:e7:8b:1c:df:05:
53:63:ce:22:72:52:39:42:bb:3c:51:63:1c:b7:ef:
e2:ea:48:50:6f:bb:f2:5d:8e:de:38:bf:b9:01:f8:
28:2a:5d:ae:51:f2:18:87:31:be:70:da:4e:40:35:
68:81:62:74:c6:ef:72:9a:11:74:cd:c3:01:4f:64:
81:3d:bb:6e:13:33:22:b4:11:28:de:b8:e1:58:f4:
f9:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:17:24:F6:6B:8B:1D:4F:BD:26:8F:8A:F8:52:CA:7A:6F:01:21:D3
X509v3 Authority Key Identifier:
keyid:7A:0C:FD:5A:51:01:3E:5F:D6:CA:F8:09:87:80:47:A6:05:EE:9D:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/egz9WlEBPl_WyvgJh4BHpgXunW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ee04d8-49dc-409f-92fc-dd5623048ea2/1/5hck9muLHU-9Jo-K-FLKem8BIdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ee04d8-49dc-409f-92fc-dd5623048ea2/1/egz9WlEBPl_WyvgJh4BHpgXunW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.76.0.0/22
185.171.112.0/22
185.204.204.0-185.204.211.255
185.206.116.0/22
185.208.60.0/22
185.218.32.0/22
185.226.16.0/22
185.234.140.0/22
212.84.56.0/21
IPv6:
2a00:dfc0::/29
2a0a:d100::/29
Signature Algorithm: sha256WithRSAEncryption
af:88:9b:1e:29:88:cf:ec:67:66:00:6f:8c:1c:ee:77:a6:2b:
fc:4d:f7:cb:1e:b1:82:1e:28:77:76:33:2a:94:e5:ba:37:4d:
3b:41:5f:2d:f5:b5:4b:31:2b:ca:a5:b1:db:ce:b9:cf:d1:c7:
41:a5:30:2d:14:2a:86:7d:f3:ea:98:18:09:9c:62:25:03:b8:
61:70:58:0c:86:11:45:92:af:ca:1e:6a:d5:1d:0f:25:f7:90:
5d:79:52:28:2c:7c:41:f2:c4:35:35:8e:41:f3:25:8a:8d:34:
2c:4a:cc:b1:ed:c0:84:a6:18:e3:81:db:0b:74:38:b7:dd:aa:
ff:3d:92:08:ac:62:db:ed:d7:e0:97:6c:51:4b:0e:4e:6f:64:
9e:c4:0f:6c:69:13:4f:a5:45:02:ea:7a:6d:8e:e0:b5:a6:94:
83:c0:57:1b:49:e2:1b:82:56:97:de:25:ec:45:3e:a9:5f:b0:
38:1b:cd:dc:14:11:f9:b4:af:7d:f4:5b:7e:73:86:90:c8:1d:
41:ab:51:e3:13:2a:07:c7:a6:8a:6d:54:6b:81:99:21:19:e8:
a1:01:6c:72:c6:2c:bd:8b:19:eb:8a:70:69:b8:6b:70:4c:67:
51:bf:2e:b2:cd:bf:ce:ed:52:71:b4:ba:c0:d5:eb:7d:bc:98:
58:18:d6:26
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYzKKkQfW7yCb5NEl8OJWjZgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMGNmZDVhNTEwMTNlNWZkNmNhZjgwOTg3ODA0N2E2MDVl
ZTlkNmQwHhcNMjQwMTAyMTIzMzM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjE3MjRmNjZiOGIxZDRmYmQyNjhmOGFmODUyY2E3YTZmMDEyMWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm97uX8fXrOz/O3M1s0DA9jGV1oyA
FWTlQVaOf+Q8dYX71Qyhg/HAldUM0kdP5iz5AD69Y/3uhXanW6Ub3/dt/1098rFF
WYUog9Vge8h5ZUqe/8DInC1yJKd2hUsFERK7e4pHFheJ09Rixo8KZ147fMLmS91b
GK+eJDZNoZRsMUee0wUWtx+1f6EvxS0hEGWvwAPyda/Dvld8f6DifsPEdlluJ3K9
DZVZSX2LSZc354sc3wVTY84iclI5Qrs8UWMct+/i6khQb7vyXY7eOL+5AfgoKl2u
UfIYhzG+cNpOQDVogWJ0xu9ymhF0zcMBT2SBPbtuEzMitBEo3rjhWPT5PQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFOYXJPZrix1PvSaPivhSynpvASHTMB8GA1UdIwQY
MBaAFHoM/VpRAT5f1sr4CYeAR6YF7p1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWd6OVdsRUJQbF9XeXZnSmg0QkhwZ1h1blcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lZTA0ZDgtNDlkYy00MDlmLTkyZmMt
ZGQ1NjIzMDQ4ZWEyLzEvNWhjazltdUxIVS05Sm8tSy1GTEtlbThCSWRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lZTA0ZDgtNDlkYy00MDlmLTkyZmMtZGQ1NjIzMDQ4ZWEy
LzEvZWd6OVdsRUJQbF9XeXZnSmg0QkhwZ1h1blcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBEBAIAATA+AwQCuUwAAwQC
uatwMAwDBAK5zMwDBAK5zNADBAK5znQDBAK50DwDBAK52iADBAK54hADBAK56owD
BAPUVDgwFAQCAAIwDgMFAyoA38ADBQMqCtEAMA0GCSqGSIb3DQEBCwUAA4IBAQCv
iJseKYjP7GdmAG+MHO53piv8TffLHrGCHih3djMqlOW6N007QV8t9bVLMSvKpbHb
zrnP0cdBpTAtFCqGffPqmBgJnGIlA7hhcFgMhhFFkq/KHmrVHQ8l95BdeVIoLHxB
8sQ1NY5B8yWKjTQsSsyx7cCEphjjgdsLdDi33ar/PZIIrGLb7dfgl2xRSw5Ob2Se
xA9saRNPpUUC6nptjuC1ppSDwFcbSeIbglaX3iXsRT6pX7A4G83cFBH5tK999Ft+
c4aQyB1Bq1HjEyoHx6aKbVRrgZkhGeihAWxyxiy9ixnrinBpuGtwTGdRvy6yzb/O
7VJxtLrA1et9vJhYGNYm
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:32:09 2024 by rpki-client on console-ams.rpki-client.org