Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/bb6f38-2369-446f-88f2-0b4575b69c57/1/JEtMnXTQyawMAG38SDyDKdZ4GFw.roa
File: JEtMnXTQyawMAG38SDyDKdZ4GFw.roa (raw, json)
Hash identifier: KuFdXklgfowkNZXKzZPerXC9wRU61TsLmL+mTJJQ04w=
Subject key identifier: 24:4B:4C:9D:74:D0:C9:AC:0C:00:6D:FC:48:3C:83:29:D6:78:18:5C
Certificate issuer: /CN=614c9585889f98e0c77f9b6cd80361aa02bdd68e
Certificate serial: 018CC5013FB30F6918F8BCD662F38730AA85
Authority key identifier: 61:4C:95:85:88:9F:98:E0:C7:7F:9B:6C:D8:03:61:AA:02:BD:D6:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YUyVhYifmODHf5ts2ANhqgK91o4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/bb6f38-2369-446f-88f2-0b4575b69c57/1/JEtMnXTQyawMAG38SDyDKdZ4GFw.roa
Signing time: Mon 01 Jan 2024 12:30:42 +0000
ROA not before: Mon 01 Jan 2024 12:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51790
IP address blocks: 185.92.228.0/24 maxlen: 24
185.57.145.0/24 maxlen: 24
185.57.144.0/23 maxlen: 23
185.57.146.0/24 maxlen: 24
185.97.52.0/22 maxlen: 24
217.61.252.0/24 maxlen: 24
46.19.10.0/23 maxlen: 24
46.19.8.0/23 maxlen: 24
46.19.14.0/23 maxlen: 24
46.19.12.0/23 maxlen: 24
209.16.152.0/22 maxlen: 23
2a02:28b0::/32 maxlen: 32
2a02:28b2::/32 maxlen: 32
2a02:28b1::/32 maxlen: 32
2a02:28b7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/bb6f38-2369-446f-88f2-0b4575b69c57/1/YUyVhYifmODHf5ts2ANhqgK91o4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/bb6f38-2369-446f-88f2-0b4575b69c57/1/YUyVhYifmODHf5ts2ANhqgK91o4.mft
rsync://rpki.ripe.net/repository/DEFAULT/YUyVhYifmODHf5ts2ANhqgK91o4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:3f:b3:0f:69:18:f8:bc:d6:62:f3:87:30:aa:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=614c9585889f98e0c77f9b6cd80361aa02bdd68e
Validity
Not Before: Jan 1 12:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=244b4c9d74d0c9ac0c006dfc483c8329d678185c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:92:61:9a:19:27:e3:7a:38:74:2b:43:94:99:
1a:fe:7f:b5:85:d2:58:67:6c:6c:6c:25:6e:9b:63:
31:84:a6:36:88:37:34:eb:35:77:ed:bc:c9:70:37:
d4:d1:2f:97:81:71:94:7a:2a:ba:5c:29:c4:45:94:
90:aa:8c:a5:17:91:11:5f:63:4a:b4:27:52:2b:7b:
ed:97:d3:47:65:a1:c2:99:c8:d8:8d:98:98:d6:4f:
7e:1f:ef:85:6a:8d:4e:95:84:a1:22:5c:76:4a:27:
4e:d1:0b:26:d5:5f:58:c2:be:31:ca:8f:04:80:34:
84:f0:fd:39:1a:e7:4c:cf:df:bd:2a:42:e0:fb:0f:
6c:0c:56:57:22:25:44:42:b6:46:fd:3c:df:80:38:
01:fb:24:0c:ec:9b:ff:3e:f6:e3:0a:aa:cf:ff:de:
8f:bf:ab:c3:b9:d6:a5:ef:70:58:45:4d:ab:5c:ed:
d0:74:b4:a0:8c:e7:5c:cc:5b:cb:61:c5:dc:30:ba:
81:72:32:9a:84:db:94:b3:6e:ef:6d:e1:37:72:d7:
fb:e0:04:98:16:1a:16:da:ff:6b:52:be:cc:b4:7a:
4c:bf:39:2c:b5:21:0b:88:57:90:3a:bd:a2:5f:82:
de:4b:1c:4b:c8:bb:ee:0b:a0:0e:37:6f:66:be:31:
04:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:4B:4C:9D:74:D0:C9:AC:0C:00:6D:FC:48:3C:83:29:D6:78:18:5C
X509v3 Authority Key Identifier:
keyid:61:4C:95:85:88:9F:98:E0:C7:7F:9B:6C:D8:03:61:AA:02:BD:D6:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YUyVhYifmODHf5ts2ANhqgK91o4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/bb6f38-2369-446f-88f2-0b4575b69c57/1/JEtMnXTQyawMAG38SDyDKdZ4GFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/bb6f38-2369-446f-88f2-0b4575b69c57/1/YUyVhYifmODHf5ts2ANhqgK91o4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.8.0/21
185.57.144.0-185.57.146.255
185.92.228.0/24
185.97.52.0/22
209.16.152.0/22
217.61.252.0/24
IPv6:
2a02:28b0::-2a02:28b2:ffff:ffff:ffff:ffff:ffff:ffff
2a02:28b7::/32
Signature Algorithm: sha256WithRSAEncryption
50:b0:16:1a:d6:99:e1:4a:fb:f3:0c:fe:cb:d6:dc:67:ca:4d:
97:44:a7:6e:3e:2c:d6:10:91:00:3e:00:f7:97:80:d4:d9:6c:
a1:02:5c:41:bb:d3:0b:7c:d1:1a:ed:55:8e:20:42:d7:fd:e9:
fd:2d:88:69:18:06:aa:55:cb:a9:6c:6d:08:29:22:37:e2:30:
cc:79:de:1c:b1:82:ee:5a:31:82:cc:b6:bf:07:9f:6f:e5:ad:
43:66:53:42:e5:72:80:2f:ea:aa:c5:e0:8c:e7:98:f0:80:1f:
0a:6d:8a:33:a2:b8:14:2f:6f:06:8b:9e:b9:f5:45:4d:73:0b:
99:94:e6:1e:b8:e7:7b:0b:cc:75:bb:31:7c:17:67:50:78:b2:
ee:12:9b:56:d4:b8:8d:e8:8c:6d:ce:ee:53:92:bd:62:15:30:
5b:58:a5:4f:ac:b3:53:c2:ea:8b:9f:29:b8:5f:24:fd:11:24:
e1:3c:12:7a:db:7a:f0:ec:ec:f1:3c:96:d9:f0:42:8c:11:ca:
83:b5:a9:03:0c:5b:6f:01:a7:26:18:49:5f:57:66:3e:f3:34:
b2:49:a8:a0:2d:99:27:a6:e5:fa:95:2e:ae:65:a8:da:c9:c3:
4e:28:99:17:b6:9f:bc:10:5b:41:8d:df:a4:cd:ac:2f:41:3d:
7a:c8:40:6f
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYzFAT+zD2kY+LzWYvOHMKqFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNGM5NTg1ODg5Zjk4ZTBjNzdmOWI2Y2Q4MDM2MWFhMDJi
ZGQ2OGUwHhcNMjQwMTAxMTIzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDRiNGM5ZDc0ZDBjOWFjMGMwMDZkZmM0ODNjODMyOWQ2NzgxODVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJJhmhkn43o4dCtDlJka/n+1hdJY
Z2xsbCVum2MxhKY2iDc06zV37bzJcDfU0S+XgXGUeiq6XCnERZSQqoylF5ERX2NK
tCdSK3vtl9NHZaHCmcjYjZiY1k9+H++Fao1OlYShIlx2SidO0Qsm1V9Ywr4xyo8E
gDSE8P05GudMz9+9KkLg+w9sDFZXIiVEQrZG/TzfgDgB+yQM7Jv/PvbjCqrP/96P
v6vDudal73BYRU2rXO3QdLSgjOdczFvLYcXcMLqBcjKahNuUs27vbeE3ctf74ASY
FhoW2v9rUr7MtHpMvzkstSELiFeQOr2iX4LeSxxLyLvuC6AON29mvjEEGQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFCRLTJ100MmsDABt/Eg8gynWeBhcMB8GA1UdIwQY
MBaAFGFMlYWIn5jgx3+bbNgDYaoCvdaOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVV5VmhZaWZtT0RIZjV0czJBTmhxZ0s5MW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9iYjZmMzgtMjM2OS00NDZmLTg4ZjIt
MGI0NTc1YjY5YzU3LzEvSkV0TW5YVFF5YXdNQUczOFNEeURLZFo0R0Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9iYjZmMzgtMjM2OS00NDZmLTg4ZjItMGI0NTc1YjY5YzU3
LzEvWVV5VmhZaWZtT0RIZjV0czJBTmhxZ0s5MW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzAyBAIAATAsAwQDLhMIMAwD
BAS5OZADBAC5OZIDBAC5XOQDBAK5YTQDBALREJgDBADZPfwwHQQCAAIwFzAOAwUE
KgIosAMFACoCKLIDBQAqAii3MA0GCSqGSIb3DQEBCwUAA4IBAQBQsBYa1pnhSvvz
DP7L1txnyk2XRKduPizWEJEAPgD3l4DU2WyhAlxBu9MLfNEa7VWOIELX/en9LYhp
GAaqVcupbG0IKSI34jDMed4csYLuWjGCzLa/B59v5a1DZlNC5XKAL+qqxeCM55jw
gB8KbYozorgUL28Gi5659UVNcwuZlOYeuOd7C8x1uzF8F2dQeLLuEptW1LiN6Ixt
zu5Tkr1iFTBbWKVPrLNTwuqLnym4XyT9ESThPBJ623rw7OzxPJbZ8EKMEcqDtakD
DFtvAacmGElfV2Y+8zSySaigLZknpuX6lS6uZajaycNOKJkXtp+8EFtBjd+kzawv
QT16yEBv
-----END CERTIFICATE-----
Generated at Wed Jun 26 09:45:23 2024 by rpki-client on console-ams.rpki-client.org