Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/v7zLIYUSWwOYyqVWA2y_f6m2mAo.roa
File: v7zLIYUSWwOYyqVWA2y_f6m2mAo.roa (raw, json)
Hash identifier: EN24B3E4yTdeauOBtTLRoOVxe5fxY3jlaiyu75rCDsQ=
Subject key identifier: BF:BC:CB:21:85:12:5B:03:98:CA:A5:56:03:6C:BF:7F:A9:B6:98:0A
Certificate issuer: /CN=c42708df93954aac601aef1835bd5d69245fb02f
Certificate serial: 018CC2DAED5D22E6D301F4F50C9849314E87
Authority key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/v7zLIYUSWwOYyqVWA2y_f6m2mAo.roa
Signing time: Mon 01 Jan 2024 02:29:36 +0000
ROA not before: Mon 01 Jan 2024 02:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29423
IP address blocks: 185.211.60.0/24 maxlen: 24
185.207.229.0/24 maxlen: 24
2a0b:6340::/32 maxlen: 32
2a0b:2a40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.mft
rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:ed:5d:22:e6:d3:01:f4:f5:0c:98:49:31:4e:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42708df93954aac601aef1835bd5d69245fb02f
Validity
Not Before: Jan 1 02:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bfbccb2185125b0398caa556036cbf7fa9b6980a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:78:8a:02:e3:b6:06:0b:5a:bb:f2:bf:c1:b7:
de:aa:51:7a:d6:11:bb:c5:11:03:73:11:65:14:e1:
32:53:a0:3a:3f:29:86:d5:4a:23:45:15:7d:53:e8:
27:23:96:61:28:d0:71:48:9d:8a:ef:8f:12:af:d2:
52:2a:8f:b0:e9:41:d6:ef:90:0c:08:15:40:66:54:
b1:e1:04:71:d6:a7:db:95:7f:d3:35:a7:df:da:6d:
d2:82:99:df:cd:c9:dc:84:b0:28:64:73:51:45:82:
93:b7:e2:d8:d1:64:13:7e:e3:e8:32:a9:1d:16:91:
7c:e9:8b:ad:c7:d2:e6:7c:84:e7:da:02:2e:5e:c4:
12:61:2a:15:d1:7c:5a:0c:2e:6c:ef:b3:72:2c:4b:
87:83:78:3a:c0:a5:be:ec:fa:a9:f4:1a:39:a1:af:
3e:d6:7b:5b:6a:ee:d7:55:ba:25:4f:ec:7e:4c:3b:
66:19:57:18:c8:80:40:98:59:59:bb:10:23:61:48:
1b:6e:d3:72:6f:df:59:80:57:2e:cd:46:e7:a5:b2:
94:43:e9:b7:ae:39:27:d2:2a:6f:ee:fd:e0:f7:a1:
c9:9f:6a:74:e0:4b:9c:43:27:d7:60:7b:f7:67:40:
00:2d:7a:77:95:b8:27:68:a4:b1:ce:2a:db:db:53:
9b:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:BC:CB:21:85:12:5B:03:98:CA:A5:56:03:6C:BF:7F:A9:B6:98:0A
X509v3 Authority Key Identifier:
keyid:C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/v7zLIYUSWwOYyqVWA2y_f6m2mAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.207.229.0/24
185.211.60.0/24
IPv6:
2a0b:2a40::/32
2a0b:6340::/32
Signature Algorithm: sha256WithRSAEncryption
56:45:d6:ac:8e:02:ca:8c:55:ba:73:34:7b:43:40:ca:3a:34:
df:c7:7f:c7:54:b8:2a:75:ba:47:f5:31:eb:c8:88:66:d1:85:
56:ae:57:8d:d3:71:7f:c6:d2:13:15:4e:7d:25:77:77:42:c6:
27:73:d2:49:6a:76:d2:ff:91:2c:f7:d5:77:33:28:6d:c3:06:
22:f5:01:50:d2:04:b6:06:56:08:2b:bb:4b:6c:38:ae:33:db:
40:af:cc:77:5f:46:56:78:bf:31:f3:57:b7:4f:ab:2f:45:7d:
e0:f2:e8:1e:0d:fb:71:42:e6:82:89:52:e9:a8:8e:1f:ec:cc:
58:a0:3f:98:9e:11:2a:6b:db:f7:39:93:7f:87:c1:12:18:ff:
a0:64:dd:bf:25:af:63:c4:32:35:ff:a5:06:07:9b:66:e6:29:
89:1e:51:80:8d:fe:d8:c8:ed:68:d9:56:1c:51:ab:cf:f5:64:
e5:66:36:05:ad:8c:3d:42:42:a4:aa:1e:3f:cf:69:ba:9b:50:
e9:98:4b:32:03:ea:3c:61:78:63:d9:92:38:4a:72:cd:b7:34:
f1:30:3d:05:56:d3:c8:1f:2c:cd:77:72:d1:d0:18:d4:a2:1e:
49:2b:ce:67:87:39:09:5d:4c:9a:77:53:19:6a:9d:6a:2b:e9:
81:2a:17:d3
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzC2u1dIubTAfT1DJhJMU6HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MjcwOGRmOTM5NTRhYWM2MDFhZWYxODM1YmQ1ZDY5MjQ1
ZmIwMmYwHhcNMjQwMTAxMDIyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmJjY2IyMTg1MTI1YjAzOThjYWE1NTYwMzZjYmY3ZmE5YjY5ODBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3iKAuO2Bgtau/K/wbfeqlF61hG7
xREDcxFlFOEyU6A6PymG1UojRRV9U+gnI5ZhKNBxSJ2K748Sr9JSKo+w6UHW75AM
CBVAZlSx4QRx1qfblX/TNaff2m3SgpnfzcnchLAoZHNRRYKTt+LY0WQTfuPoMqkd
FpF86Yutx9LmfITn2gIuXsQSYSoV0XxaDC5s77NyLEuHg3g6wKW+7Pqp9Bo5oa8+
1ntbau7XVbolT+x+TDtmGVcYyIBAmFlZuxAjYUgbbtNyb99ZgFcuzUbnpbKUQ+m3
rjkn0ipv7v3g96HJn2p04EucQyfXYHv3Z0AALXp3lbgnaKSxzirb21ObTQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFL+8yyGFElsDmMqlVgNsv3+ptpgKMB8GA1UdIwQY
MBaAFMQnCN+TlUqsYBrvGDW9XWkkX7AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYt
NzQxYzFkOGRlYTJiLzEvdjd6TElZVVNXd09ZeXFWV0EyeV9mNm0ybUFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYtNzQxYzFkOGRlYTJi
LzEveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQAuc/lAwQA
udM8MBQEAgACMA4DBQAqCypAAwUAKgtjQDANBgkqhkiG9w0BAQsFAAOCAQEAVkXW
rI4CyoxVunM0e0NAyjo038d/x1S4KnW6R/Ux68iIZtGFVq5XjdNxf8bSExVOfSV3
d0LGJ3PSSWp20v+RLPfVdzMobcMGIvUBUNIEtgZWCCu7S2w4rjPbQK/Md19GVni/
MfNXt0+rL0V94PLoHg37cULmgolS6aiOH+zMWKA/mJ4RKmvb9zmTf4fBEhj/oGTd
vyWvY8QyNf+lBgebZuYpiR5RgI3+2MjtaNlWHFGrz/Vk5WY2Ba2MPUJCpKoeP89p
uptQ6ZhLMgPqPGF4Y9mSOEpyzbc08TA9BVbTyB8szXdy0dAY1KIeSSvOZ4c5CV1M
mndTGWqdaivpgSoX0w==
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:33:48 2024 by rpki-client on console-ams.rpki-client.org