Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/60htSXVdIE64_r55gTnuS6cHuTM.roa
File: 60htSXVdIE64_r55gTnuS6cHuTM.roa (raw, json)
Hash identifier: E7gTtgGFynRqE4aX/zmVDHVtG88DD62+2778VGcacOE=
Subject key identifier: EB:48:6D:49:75:5D:20:4E:B8:FE:BE:79:81:39:EE:4B:A7:07:B9:33
Certificate issuer: /CN=b0c20ae1dacca31815b274702927c1a5a9dbc7b3
Certificate serial: 018CC49355AB15FE73D4C32C09C2B1B19BEE
Authority key identifier: B0:C2:0A:E1:DA:CC:A3:18:15:B2:74:70:29:27:C1:A5:A9:DB:C7:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/60htSXVdIE64_r55gTnuS6cHuTM.roa
Signing time: Mon 01 Jan 2024 10:30:39 +0000
ROA not before: Mon 01 Jan 2024 10:30:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6718
IP address blocks: 91.208.75.0/24 maxlen: 24
195.206.164.0/24 maxlen: 24
193.93.142.0/23 maxlen: 23
128.0.34.0/24 maxlen: 24
128.0.36.0/24 maxlen: 24
91.239.230.0/24 maxlen: 24
185.36.252.0/24 maxlen: 24
5.154.224.0/24 maxlen: 24
5.154.171.0/24 maxlen: 24
2a05:1c04::/32 maxlen: 32
2a05:1c00::/32 maxlen: 32
2a05:1c02::/32 maxlen: 32
2a00:ece0::/32 maxlen: 32
2a05:1c03::/32 maxlen: 32
2a04:6c80::/48 maxlen: 48
2a05:1c01::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/sMIK4drMoxgVsnRwKSfBpanbx7M.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/sMIK4drMoxgVsnRwKSfBpanbx7M.mft
rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:55:ab:15:fe:73:d4:c3:2c:09:c2:b1:b1:9b:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0c20ae1dacca31815b274702927c1a5a9dbc7b3
Validity
Not Before: Jan 1 10:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eb486d49755d204eb8febe798139ee4ba707b933
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:17:9e:13:24:c2:c4:41:27:b3:35:45:8d:2d:
48:17:a1:64:83:90:66:88:5c:6c:40:b4:26:63:c1:
1d:9d:94:62:89:f7:fd:3e:80:66:c2:81:39:6b:78:
f1:60:fc:74:d8:63:6e:b2:a8:76:b0:2c:85:06:8e:
33:46:e5:31:67:80:b3:47:69:ab:0d:ef:e5:f4:ce:
8c:6f:91:00:20:ca:b2:c5:bb:9a:51:b9:d5:4e:ad:
bd:31:5c:59:c1:3f:c8:95:df:07:53:da:34:d9:c8:
cd:26:9e:23:97:72:d5:41:ec:07:79:f3:39:89:6b:
1f:9c:98:75:2c:22:b8:48:c5:8a:f9:cd:2b:38:bf:
6d:88:5c:66:23:dc:93:04:16:4b:03:5e:d7:ee:21:
7b:d2:12:bc:c8:5c:0d:ee:c4:5f:64:0e:7b:0d:c5:
00:31:e7:be:94:d8:c4:bb:bc:01:80:ee:95:07:dd:
53:96:2b:17:c4:65:b8:ca:b0:cc:f6:41:1e:3a:a8:
b1:59:df:1a:c4:ed:58:a1:75:95:04:fe:fe:e6:85:
33:c3:68:e7:d4:7c:64:89:b0:57:1b:82:df:6d:0e:
3e:eb:00:ef:23:35:1e:b0:ed:4f:f4:cc:f7:8f:a5:
31:ec:64:03:dd:bf:1f:a8:51:56:c2:11:ea:0a:fd:
a4:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:48:6D:49:75:5D:20:4E:B8:FE:BE:79:81:39:EE:4B:A7:07:B9:33
X509v3 Authority Key Identifier:
keyid:B0:C2:0A:E1:DA:CC:A3:18:15:B2:74:70:29:27:C1:A5:A9:DB:C7:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/60htSXVdIE64_r55gTnuS6cHuTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/sMIK4drMoxgVsnRwKSfBpanbx7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.171.0/24
5.154.224.0/24
91.208.75.0/24
91.239.230.0/24
128.0.34.0/24
128.0.36.0/24
185.36.252.0/24
193.93.142.0/23
195.206.164.0/24
IPv6:
2a00:ece0::/32
2a04:6c80::/48
2a05:1c00::-2a05:1c04:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
33:10:40:10:21:d2:0d:3c:ed:35:2c:8c:5f:99:57:ae:e6:2c:
39:6e:f6:9c:c5:11:d2:40:0f:30:37:05:bc:fb:18:4a:a7:cd:
34:89:5f:bc:7e:2b:42:2e:eb:a9:46:d6:40:e9:cb:0a:93:49:
09:55:ea:f7:e9:d0:82:9b:29:72:06:48:aa:93:f9:1c:d8:cb:
72:c5:96:46:f0:e6:80:cb:1d:14:7a:99:17:25:e7:c2:86:c6:
e4:8a:7b:4e:24:e6:2e:29:a5:67:ed:0f:02:a5:e3:c6:df:60:
38:84:1e:fd:5b:03:07:46:14:ce:58:8f:42:70:bb:a6:ba:d6:
0a:28:6e:f3:51:40:43:46:95:79:db:a7:df:80:b7:02:e5:9e:
97:c4:a4:32:ce:58:a8:db:69:a6:4d:ae:17:5a:d9:ab:b0:38:
a7:3f:fa:45:7e:30:3b:ab:ae:9a:73:54:55:bc:d6:e0:cd:cb:
11:8d:fc:bb:03:18:21:69:ce:60:2b:ca:91:92:62:4a:50:c4:
6e:be:6c:28:c7:00:ab:2c:4c:2f:75:a2:84:42:1f:76:69:36:
78:e2:59:9a:01:ac:ad:22:5c:b9:41:65:ca:51:02:84:5d:f5:
03:e4:96:82:d2:96:80:13:4f:1f:6b:ce:15:b2:d7:a5:07:2b:
61:42:f5:f3
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAYzEk1WrFf5z1MMsCcKxsZvuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYzIwYWUxZGFjY2EzMTgxNWIyNzQ3MDI5MjdjMWE1YTlk
YmM3YjMwHhcNMjQwMTAxMTAzMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjQ4NmQ0OTc1NWQyMDRlYjhmZWJlNzk4MTM5ZWU0YmE3MDdiOTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxeeEyTCxEEnszVFjS1IF6Fkg5Bm
iFxsQLQmY8EdnZRiiff9PoBmwoE5a3jxYPx02GNusqh2sCyFBo4zRuUxZ4CzR2mr
De/l9M6Mb5EAIMqyxbuaUbnVTq29MVxZwT/Ild8HU9o02cjNJp4jl3LVQewHefM5
iWsfnJh1LCK4SMWK+c0rOL9tiFxmI9yTBBZLA17X7iF70hK8yFwN7sRfZA57DcUA
Mee+lNjEu7wBgO6VB91TlisXxGW4yrDM9kEeOqixWd8axO1YoXWVBP7+5oUzw2jn
1HxkibBXG4LfbQ4+6wDvIzUesO1P9Mz3j6Ux7GQD3b8fqFFWwhHqCv2kYQIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFOtIbUl1XSBOuP6+eYE57kunB7kzMB8GA1UdIwQY
MBaAFLDCCuHazKMYFbJ0cCknwaWp28ezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc01JSzRkck1veGdWc25Sd0tTZkJwYW5ieDdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ODg4NjktN2E2NS00MTViLWI2OGYt
NTQ4NDQwMmNlYjdhLzEvNjBodFNYVmRJRTY0X3I1NWdUbnVTNmNIdVRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ODg4NjktN2E2NS00MTViLWI2OGYtNTQ4NDQwMmNlYjdh
LzEvc01JSzRkck1veGdWc25Sd0tTZkJwYW5ieDdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTA8BAIAATA2AwQABZqrAwQA
BZrgAwQAW9BLAwQAW+/mAwQAgAAiAwQAgAAkAwQAuST8AwQBwV2OAwQAw86kMCUE
AgACMB8DBQAqAOzgAwcAKgRsgAAAMA0DBAIqBRwDBQAqBRwEMA0GCSqGSIb3DQEB
CwUAA4IBAQAzEEAQIdINPO01LIxfmVeu5iw5bvacxRHSQA8wNwW8+xhKp800iV+8
fitCLuupRtZA6csKk0kJVer36dCCmylyBkiqk/kc2MtyxZZG8OaAyx0UepkXJefC
hsbkintOJOYuKaVn7Q8CpePG32A4hB79WwMHRhTOWI9CcLumutYKKG7zUUBDRpV5
26ffgLcC5Z6XxKQyzlio22mmTa4XWtmrsDinP/pFfjA7q66ac1RVvNbgzcsRjfy7
Axghac5gK8qRkmJKUMRuvmwoxwCrLEwvdaKEQh92aTZ44lmaAaytIly5QWXKUQKE
XfUD5JaC0paAE08fa84VstelBythQvXz
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:25:49 2024 by rpki-client on console-ams.rpki-client.org