Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/01ebc2-84d0-4ae3-a2c2-a3b6be4a9e9b/1/H1BFYx0g74l05YaH5_MhH5o1dHk.roa
File: H1BFYx0g74l05YaH5_MhH5o1dHk.roa (raw, json)
Hash identifier: Xc/TLepaQ6jIw9s9emzJ/mDuy05rFQ6dJk1TONjnEO4=
Subject key identifier: 1F:50:45:63:1D:20:EF:89:74:E5:86:87:E7:F3:21:1F:9A:35:74:79
Certificate issuer: /CN=c0fbd5876613edc56e0f5de468cce5eb2885ff29
Certificate serial: 01934E6C23A19F3FDF2A2BD50A9A4B5BAE27
Authority key identifier: C0:FB:D5:87:66:13:ED:C5:6E:0F:5D:E4:68:CC:E5:EB:28:85:FF:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wPvVh2YT7cVuD13kaMzl6yiF_yk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/01ebc2-84d0-4ae3-a2c2-a3b6be4a9e9b/1/H1BFYx0g74l05YaH5_MhH5o1dHk.roa
Signing time: Thu 21 Nov 2024 11:12:09 +0000
ROA not before: Thu 21 Nov 2024 11:12:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203724
IP address blocks: 185.125.224.0/24 maxlen: 24
185.125.225.0/24 maxlen: 24
185.125.226.0/24 maxlen: 24
185.125.227.0/24 maxlen: 24
185.212.105.0/24 maxlen: 24
185.212.106.0/24 maxlen: 24
185.212.107.0/24 maxlen: 24
185.221.68.0/24 maxlen: 24
185.221.69.0/24 maxlen: 24
185.221.70.0/24 maxlen: 24
185.221.71.0/24 maxlen: 24
2a06:bcc0:1::/48 maxlen: 48
2a06:bcc0:2::/48 maxlen: 48
2a06:bcc0:3::/48 maxlen: 48
2a06:bcc0:4::/48 maxlen: 48
2a06:bcc0:5::/48 maxlen: 48
2a06:bcc0:9::/48 maxlen: 48
2a06:bcc0:11::/48 maxlen: 48
2a06:bcc7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/01ebc2-84d0-4ae3-a2c2-a3b6be4a9e9b/1/wPvVh2YT7cVuD13kaMzl6yiF_yk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/01ebc2-84d0-4ae3-a2c2-a3b6be4a9e9b/1/wPvVh2YT7cVuD13kaMzl6yiF_yk.mft
rsync://rpki.ripe.net/repository/DEFAULT/wPvVh2YT7cVuD13kaMzl6yiF_yk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4e:6c:23:a1:9f:3f:df:2a:2b:d5:0a:9a:4b:5b:ae:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0fbd5876613edc56e0f5de468cce5eb2885ff29
Validity
Not Before: Nov 21 11:12:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f5045631d20ef8974e58687e7f3211f9a357479
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:96:04:07:78:a0:9a:4c:04:e1:f7:f9:62:8b:
aa:20:fa:a0:e4:fb:8e:cb:7f:57:6f:72:3b:44:2e:
26:93:4d:65:c0:79:b7:04:6d:c2:f4:07:10:8d:55:
6e:4d:b9:a5:d0:af:c2:51:60:44:6b:21:50:4c:12:
9c:d6:ae:7b:c7:1e:e5:e8:a9:5c:84:43:d7:59:12:
76:d5:99:6f:fd:cb:3f:41:5d:0d:4a:01:b7:cd:dc:
34:44:8e:59:85:8a:ff:84:bf:36:a1:9b:d5:46:11:
ba:66:7f:5e:cd:a2:54:ec:2d:e5:86:80:06:b1:4c:
5c:b6:b4:a7:d4:e2:08:21:73:5e:2f:38:9a:0e:bd:
c1:16:d5:62:7a:44:f8:84:9f:7c:12:30:ba:f5:93:
fc:79:91:09:29:ed:a3:02:d9:a4:32:3b:b6:46:fa:
f2:ad:a7:aa:53:91:cf:ff:e4:92:dd:f9:c3:37:3d:
fa:d3:1a:98:7b:bb:69:56:bb:d8:65:42:c4:a9:db:
27:e1:61:f9:fe:90:47:67:67:71:85:83:81:48:6b:
21:25:dc:66:70:cd:1c:3a:b9:04:cf:50:d7:5a:20:
5b:7e:a6:08:c2:dc:4d:3e:b2:dd:d8:8d:43:87:c8:
ce:b6:cc:43:fd:fc:99:38:61:29:48:d9:d0:f3:e3:
db:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:50:45:63:1D:20:EF:89:74:E5:86:87:E7:F3:21:1F:9A:35:74:79
X509v3 Authority Key Identifier:
keyid:C0:FB:D5:87:66:13:ED:C5:6E:0F:5D:E4:68:CC:E5:EB:28:85:FF:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wPvVh2YT7cVuD13kaMzl6yiF_yk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/01ebc2-84d0-4ae3-a2c2-a3b6be4a9e9b/1/H1BFYx0g74l05YaH5_MhH5o1dHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/01ebc2-84d0-4ae3-a2c2-a3b6be4a9e9b/1/wPvVh2YT7cVuD13kaMzl6yiF_yk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.125.224.0/22
185.212.105.0-185.212.107.255
185.221.68.0/22
IPv6:
2a06:bcc0:1::-2a06:bcc0:5:ffff:ffff:ffff:ffff:ffff
2a06:bcc0:9::/48
2a06:bcc0:11::/48
2a06:bcc7::/48
Signature Algorithm: sha256WithRSAEncryption
17:f2:94:4e:14:81:14:cf:51:72:24:9d:ca:2f:49:5f:63:f3:
b5:65:5b:d4:cc:14:cc:f8:c4:55:6c:e8:4b:9d:d0:a1:5e:ea:
e1:4b:25:ed:8d:86:14:7d:36:96:30:1e:88:25:7a:e0:c2:c7:
e9:34:e5:87:17:6d:47:c2:b7:33:60:da:d4:88:3f:6f:d3:41:
07:79:60:e9:0b:32:ef:f7:cd:3b:04:87:3b:a6:0e:d9:f9:ee:
bb:bb:af:cf:de:5d:97:78:9a:5e:6f:95:6c:1c:56:72:1e:2b:
e4:e3:58:40:09:19:d1:86:43:a0:54:5f:46:59:91:4e:16:6e:
d3:5d:bb:91:df:89:77:ef:60:b0:76:c3:1b:f1:66:5d:9f:53:
be:fc:b7:04:09:45:7a:06:ac:e1:26:ac:8a:d9:22:aa:dd:b6:
04:93:be:d6:40:ef:11:0f:89:e5:15:7b:41:c3:17:dd:d1:48:
4b:62:74:59:2f:bb:5c:0c:28:ee:e3:da:5c:5b:a3:cc:79:bd:
5f:bf:4e:f4:0c:93:be:bf:4d:94:62:03:e7:f3:90:ce:3d:f0:
53:6d:17:cb:02:b8:67:7b:05:85:12:32:4e:ae:94:a0:d3:bb:
5c:e3:d4:ef:65:55:38:53:4e:36:8b:05:ef:cc:33:be:cc:6c:
64:c3:27:15
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAZNObCOhnz/fKivVCppLW64nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZmJkNTg3NjYxM2VkYzU2ZTBmNWRlNDY4Y2NlNWViMjg4
NWZmMjkwHhcNMjQxMTIxMTExMjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjUwNDU2MzFkMjBlZjg5NzRlNTg2ODdlN2YzMjExZjlhMzU3NDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA35YEB3igmkwE4ff5YouqIPqg5PuO
y39Xb3I7RC4mk01lwHm3BG3C9AcQjVVuTbml0K/CUWBEayFQTBKc1q57xx7l6Klc
hEPXWRJ21Zlv/cs/QV0NSgG3zdw0RI5ZhYr/hL82oZvVRhG6Zn9ezaJU7C3lhoAG
sUxctrSn1OIIIXNeLziaDr3BFtViekT4hJ98EjC69ZP8eZEJKe2jAtmkMju2Rvry
raeqU5HP/+SS3fnDNz360xqYe7tpVrvYZULEqdsn4WH5/pBHZ2dxhYOBSGshJdxm
cM0cOrkEz1DXWiBbfqYIwtxNPrLd2I1Dh8jOtsxD/fyZOGEpSNnQ8+PbLQIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFB9QRWMdIO+JdOWGh+fzIR+aNXR5MB8GA1UdIwQY
MBaAFMD71YdmE+3Fbg9d5GjM5esohf8pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1B2VmgyWVQ3Y1Z1RDEza2FNemw2eWlGX3lrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8wMWViYzItODRkMC00YWUzLWEyYzIt
YTNiNmJlNGE5ZTliLzEvSDFCRll4MGc3NGwwNVlhSDVfTWhINW8xZEhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8wMWViYzItODRkMC00YWUzLWEyYzItYTNiNmJlNGE5ZTli
LzEvd1B2VmgyWVQ3Y1Z1RDEza2FNemw2eWlGX3lrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTAgBAIAATAaAwQCuX3gMAwD
BAC51GkDBAK51GgDBAK53UQwNQQCAAIwLzASAwcAKga8wAABAwcBKga8wAAEAwcA
Kga8wAAJAwcAKga8wAARAwcAKga8xwAAMA0GCSqGSIb3DQEBCwUAA4IBAQAX8pRO
FIEUz1FyJJ3KL0lfY/O1ZVvUzBTM+MRVbOhLndChXurhSyXtjYYUfTaWMB6IJXrg
wsfpNOWHF21HwrczYNrUiD9v00EHeWDpCzLv9807BIc7pg7Z+e67u6/P3l2XeJpe
b5VsHFZyHivk41hACRnRhkOgVF9GWZFOFm7TXbuR34l372CwdsMb8WZdn1O+/LcE
CUV6BqzhJqyK2SKq3bYEk77WQO8RD4nlFXtBwxfd0UhLYnRZL7tcDCju49pcW6PM
eb1fv070DJO+v02UYgPn85DOPfBTbRfLArhnewWFEjJOrpSg07tc49TvZVU4U042
iwXvzDO+zGxkwycV
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:24:20 2024 by rpki-client on console-ams.rpki-client.org