Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/a560d0-0368-49c3-9b88-eb1139a33d0a/1/u8RPjxX7pqVFldBzt8bfXlcUylo.roa
File: u8RPjxX7pqVFldBzt8bfXlcUylo.roa (raw, json)
Hash identifier: Az+8w6THoKzQ+l7neMiRf1fhFbpTkTZmNPOknFlBvY4=
Subject key identifier: BB:C4:4F:8F:15:FB:A6:A5:45:95:D0:73:B7:C6:DF:5E:57:14:CA:5A
Certificate issuer: /CN=e920237e725cf0a53ef43a74b5569551aff74e04
Certificate serial: 018CC26D82B78A6B62B4535355C9F8C49ADD
Authority key identifier: E9:20:23:7E:72:5C:F0:A5:3E:F4:3A:74:B5:56:95:51:AF:F7:4E:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6SAjfnJc8KU-9Dp0tVaVUa_3TgQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/a560d0-0368-49c3-9b88-eb1139a33d0a/1/u8RPjxX7pqVFldBzt8bfXlcUylo.roa
Signing time: Mon 01 Jan 2024 00:30:05 +0000
ROA not before: Mon 01 Jan 2024 00:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61999
IP address blocks: 185.52.107.0/24 maxlen: 24
185.52.106.0/23 maxlen: 23
185.52.106.0/24 maxlen: 24
185.52.104.0/24 maxlen: 24
185.52.104.0/23 maxlen: 23
185.52.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/a560d0-0368-49c3-9b88-eb1139a33d0a/1/6SAjfnJc8KU-9Dp0tVaVUa_3TgQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/a560d0-0368-49c3-9b88-eb1139a33d0a/1/6SAjfnJc8KU-9Dp0tVaVUa_3TgQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/6SAjfnJc8KU-9Dp0tVaVUa_3TgQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:82:b7:8a:6b:62:b4:53:53:55:c9:f8:c4:9a:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e920237e725cf0a53ef43a74b5569551aff74e04
Validity
Not Before: Jan 1 00:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bbc44f8f15fba6a54595d073b7c6df5e5714ca5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:57:c6:bd:1d:11:38:27:81:68:3e:a7:e0:97:
6d:ad:fd:2c:a5:9d:a3:a1:a1:6a:23:78:a4:4d:ee:
1e:f1:a2:ae:f1:b1:5a:29:c9:00:e9:d7:1a:e1:77:
30:49:3e:f8:f4:07:57:d0:26:70:94:6d:8e:5d:51:
3d:a7:ee:09:06:44:a5:7f:f7:13:40:61:bb:87:21:
7b:dc:5e:3b:3c:1c:e9:d7:43:db:ad:bc:1c:c2:ab:
52:d4:ed:ed:34:5b:3e:f7:e1:c9:81:bf:b1:1a:93:
f6:4d:13:c3:3c:0c:04:6e:99:6b:48:63:d3:70:f5:
c8:85:a6:6b:da:5a:d9:a1:8e:7c:44:f1:5a:a2:7f:
c0:23:69:96:c5:95:94:46:5a:e3:4a:6f:fc:be:8a:
70:05:33:12:50:be:a3:9d:e6:1f:ac:b6:71:2d:f4:
db:4a:f3:f1:bf:8d:92:4e:52:37:c6:61:e0:35:1e:
27:51:08:e1:d9:2c:df:e6:c7:94:90:b5:22:e8:af:
eb:c3:1c:9e:1b:0d:12:ea:00:5a:37:63:46:84:4b:
2f:63:d5:dd:45:82:15:12:23:91:7a:26:18:60:c5:
67:ec:9c:1e:c2:74:9d:67:49:f4:9c:ea:81:8f:a6:
09:21:d3:ce:71:d8:46:b0:34:c9:a3:14:53:3c:91:
0f:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:C4:4F:8F:15:FB:A6:A5:45:95:D0:73:B7:C6:DF:5E:57:14:CA:5A
X509v3 Authority Key Identifier:
keyid:E9:20:23:7E:72:5C:F0:A5:3E:F4:3A:74:B5:56:95:51:AF:F7:4E:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6SAjfnJc8KU-9Dp0tVaVUa_3TgQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/a560d0-0368-49c3-9b88-eb1139a33d0a/1/u8RPjxX7pqVFldBzt8bfXlcUylo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/a560d0-0368-49c3-9b88-eb1139a33d0a/1/6SAjfnJc8KU-9Dp0tVaVUa_3TgQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.52.104.0/22
Signature Algorithm: sha256WithRSAEncryption
47:72:04:12:15:da:57:2b:a6:31:ec:e1:d9:a1:3e:a0:20:d0:
ed:7c:23:d1:de:65:e3:b6:31:ef:c1:39:0e:c5:84:4e:2c:cd:
d9:09:5c:28:13:e6:b4:87:8a:57:34:3f:5e:b2:36:17:41:33:
09:84:ad:78:0d:3c:fe:d7:bd:84:22:9f:90:f4:2b:6d:33:49:
4a:f0:68:35:b5:80:aa:45:ad:7f:fb:a2:41:4e:c8:93:b3:c3:
4e:3f:af:ab:c9:44:4d:04:61:83:b7:76:c8:02:b6:b5:46:5a:
20:4e:c9:a0:2b:30:f5:80:d3:64:f8:dc:7e:08:da:b4:d1:cf:
6c:f7:8e:3a:fc:c1:50:66:8c:6a:c4:1b:5a:29:6e:82:41:c9:
63:86:8c:8a:fc:d4:d3:87:52:e6:4d:2c:81:05:24:82:43:5b:
2e:fd:96:1c:15:07:3a:5e:00:bf:69:a2:16:75:dc:58:bb:e7:
60:8a:bd:08:70:4a:5f:c8:e8:5b:45:24:b3:92:c4:57:72:68:
2d:3b:16:bf:9b:54:b9:a0:6e:22:e3:92:81:9a:f0:05:a4:03:
00:a5:8f:ff:30:0d:38:36:5e:0a:ec:ab:67:99:a4:74:38:26:
04:fd:1e:dc:76:80:20:10:31:53:94:cc:ea:65:69:3e:db:23:
81:e5:84:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbYK3imtitFNTVcn4xJrdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MjAyMzdlNzI1Y2YwYTUzZWY0M2E3NGI1NTY5NTUxYWZm
NzRlMDQwHhcNMjQwMTAxMDAzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmM0NGY4ZjE1ZmJhNmE1NDU5NWQwNzNiN2M2ZGY1ZTU3MTRjYTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1fGvR0ROCeBaD6n4Jdtrf0spZ2j
oaFqI3ikTe4e8aKu8bFaKckA6dca4XcwST749AdX0CZwlG2OXVE9p+4JBkSlf/cT
QGG7hyF73F47PBzp10PbrbwcwqtS1O3tNFs+9+HJgb+xGpP2TRPDPAwEbplrSGPT
cPXIhaZr2lrZoY58RPFaon/AI2mWxZWURlrjSm/8vopwBTMSUL6jneYfrLZxLfTb
SvPxv42STlI3xmHgNR4nUQjh2Szf5seUkLUi6K/rwxyeGw0S6gBaN2NGhEsvY9Xd
RYIVEiOReiYYYMVn7JwewnSdZ0n0nOqBj6YJIdPOcdhGsDTJoxRTPJEPowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLvET48V+6alRZXQc7fG315XFMpaMB8GA1UdIwQY
MBaAFOkgI35yXPClPvQ6dLVWlVGv904EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlNBamZuSmM4S1UtOURwMHRWYVZVYV8zVGdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9hNTYwZDAtMDM2OC00OWMzLTliODgt
ZWIxMTM5YTMzZDBhLzEvdThSUGp4WDdwcVZGbGRCenQ4YmZYbGNVeWxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9hNTYwZDAtMDM2OC00OWMzLTliODgtZWIxMTM5YTMzZDBh
LzEvNlNBamZuSmM4S1UtOURwMHRWYVZVYV8zVGdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTRoMA0G
CSqGSIb3DQEBCwUAA4IBAQBHcgQSFdpXK6Yx7OHZoT6gINDtfCPR3mXjtjHvwTkO
xYROLM3ZCVwoE+a0h4pXND9esjYXQTMJhK14DTz+172EIp+Q9CttM0lK8Gg1tYCq
Ra1/+6JBTsiTs8NOP6+ryURNBGGDt3bIAra1RlogTsmgKzD1gNNk+Nx+CNq00c9s
9446/MFQZoxqxBtaKW6CQcljhoyK/NTTh1LmTSyBBSSCQ1su/ZYcFQc6XgC/aaIW
ddxYu+dgir0IcEpfyOhbRSSzksRXcmgtOxa/m1S5oG4i45KBmvAFpAMApY//MA04
Nl4K7KtnmaR0OCYE/R7cdoAgEDFTlMzqZWk+2yOB5YTu
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:12:12 2024 by rpki-client on console-ams.rpki-client.org