Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/Yfa8Bx26eP6d0J9t44QLfg-JEEM.roa
File: Yfa8Bx26eP6d0J9t44QLfg-JEEM.roa (raw, json)
Hash identifier: +x4GnG2jg2YbfsWupYQ1v36vepvFYryFlEu+IZwkimM=
Subject key identifier: 61:F6:BC:07:1D:BA:78:FE:9D:D0:9F:6D:E3:84:0B:7E:0F:89:10:43
Certificate issuer: /CN=2995944e84dc37ba6a42d68bb1e2b9a4421e84a4
Certificate serial: 018CC5DCE9E2FC1C3357F55C55D19B2A5E8C
Authority key identifier: 29:95:94:4E:84:DC:37:BA:6A:42:D6:8B:B1:E2:B9:A4:42:1E:84:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KZWUToTcN7pqQtaLseK5pEIehKQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/Yfa8Bx26eP6d0J9t44QLfg-JEEM.roa
Signing time: Mon 01 Jan 2024 16:30:38 +0000
ROA not before: Mon 01 Jan 2024 16:30:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3549
IP address blocks: 185.114.187.0/24 maxlen: 24
185.114.186.0/24 maxlen: 24
185.114.185.0/24 maxlen: 24
185.114.184.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/KZWUToTcN7pqQtaLseK5pEIehKQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/KZWUToTcN7pqQtaLseK5pEIehKQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/KZWUToTcN7pqQtaLseK5pEIehKQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:e9:e2:fc:1c:33:57:f5:5c:55:d1:9b:2a:5e:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2995944e84dc37ba6a42d68bb1e2b9a4421e84a4
Validity
Not Before: Jan 1 16:30:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61f6bc071dba78fe9dd09f6de3840b7e0f891043
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:20:30:c8:8b:72:c9:9c:13:85:30:e0:5d:9d:
5e:6a:1b:c5:88:22:2d:6c:88:d5:d4:45:1b:61:a8:
ba:75:60:99:ae:4e:ef:e8:17:af:7c:a1:32:ec:c7:
a2:9d:62:0e:b8:a1:5e:de:e0:66:d4:2e:c4:be:48:
e6:cf:a1:a1:55:65:34:b2:9a:ad:d4:d5:c2:b8:dd:
5b:86:16:f8:22:22:fe:10:ec:0e:04:8d:ac:a1:15:
b9:e1:cc:e1:99:06:9d:ec:c7:ce:e7:f3:71:47:01:
06:1c:a5:25:a4:53:06:87:89:99:7c:ba:13:15:3d:
bc:53:a6:d7:45:fb:c9:b6:35:08:85:c7:dd:59:67:
db:5b:d4:62:50:cc:af:96:f3:2f:17:1b:95:cf:4e:
a3:84:59:4d:7b:f5:5a:aa:6d:48:dd:07:17:69:7c:
5c:84:1a:7d:7f:15:14:f4:d5:49:22:e9:1d:63:5e:
d2:4f:fe:5b:d1:59:08:49:a3:1f:3c:35:5d:b6:20:
32:03:01:a3:87:13:30:ab:93:5a:b2:4c:11:98:3d:
84:47:5c:a3:25:2c:81:4c:6c:97:97:17:ce:c5:5b:
4c:c9:e4:15:b3:f5:9e:06:5b:3d:32:c7:18:cb:c2:
c3:a9:0d:bc:cb:e5:e6:87:1d:d0:9a:8b:78:6e:d7:
64:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:F6:BC:07:1D:BA:78:FE:9D:D0:9F:6D:E3:84:0B:7E:0F:89:10:43
X509v3 Authority Key Identifier:
keyid:29:95:94:4E:84:DC:37:BA:6A:42:D6:8B:B1:E2:B9:A4:42:1E:84:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KZWUToTcN7pqQtaLseK5pEIehKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/Yfa8Bx26eP6d0J9t44QLfg-JEEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/KZWUToTcN7pqQtaLseK5pEIehKQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.114.184.0/22
Signature Algorithm: sha256WithRSAEncryption
63:87:13:37:c0:6d:7f:19:66:6f:6d:d6:71:72:8c:e5:c9:fe:
9c:50:bc:d8:ef:75:ed:db:4c:d7:7f:9b:db:ca:52:b2:0b:fe:
4c:74:92:f1:59:7e:d3:e0:0c:da:5d:83:12:b4:eb:87:e5:a8:
28:3a:5f:09:78:97:ff:3c:3b:86:46:99:ed:65:60:aa:2e:7a:
3f:6e:a7:67:d1:4f:4a:27:ec:9c:d3:85:8a:c9:33:22:1d:8b:
7e:49:44:45:78:64:f6:4f:ba:43:23:19:1f:40:85:02:83:a8:
18:6f:4b:9d:09:1a:1d:17:e4:e0:93:0a:b9:91:ad:12:46:3c:
83:02:48:33:10:01:60:30:e2:22:13:89:fc:41:a9:83:80:d5:
88:96:6e:ab:fe:d7:f6:91:8b:18:b6:56:43:b2:dd:a5:aa:39:
8c:b3:35:1e:5e:e8:9b:64:dc:b5:87:33:96:8c:ff:1c:d6:32:
f0:64:9e:3c:ab:5f:0b:80:76:9a:23:1b:2c:ed:d7:e1:ae:2b:
01:3a:69:b5:1e:ac:13:7c:27:d2:c7:6e:65:b7:91:3d:94:d0:
87:1b:84:5c:48:df:1a:d7:54:8a:7a:48:39:1f:7c:a7:6e:42:
09:11:5a:aa:07:40:1b:2c:d6:df:e8:60:7c:39:43:3c:a6:1a:
29:55:63:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3Oni/BwzV/VcVdGbKl6MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OTU5NDRlODRkYzM3YmE2YTQyZDY4YmIxZTJiOWE0NDIx
ZTg0YTQwHhcNMjQwMTAxMTYzMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWY2YmMwNzFkYmE3OGZlOWRkMDlmNmRlMzg0MGI3ZTBmODkxMDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyAwyItyyZwThTDgXZ1eahvFiCIt
bIjV1EUbYai6dWCZrk7v6BevfKEy7MeinWIOuKFe3uBm1C7Evkjmz6GhVWU0spqt
1NXCuN1bhhb4IiL+EOwOBI2soRW54czhmQad7MfO5/NxRwEGHKUlpFMGh4mZfLoT
FT28U6bXRfvJtjUIhcfdWWfbW9RiUMyvlvMvFxuVz06jhFlNe/Vaqm1I3QcXaXxc
hBp9fxUU9NVJIukdY17ST/5b0VkISaMfPDVdtiAyAwGjhxMwq5NaskwRmD2ER1yj
JSyBTGyXlxfOxVtMyeQVs/WeBls9MscYy8LDqQ28y+Xmhx3Qmot4btdkuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGH2vAcdunj+ndCfbeOEC34PiRBDMB8GA1UdIwQY
MBaAFCmVlE6E3De6akLWi7HiuaRCHoSkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1pXVVRvVGNON3BxUXRhTHNlSzVwRUllaEtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hMTIwNjktYTA2MS00NDJlLTliZmIt
MzM4YmRkNDM5ZWUxLzEvWWZhOEJ4MjZlUDZkMEo5dDQ0UUxmZy1KRUVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hMTIwNjktYTA2MS00NDJlLTliZmItMzM4YmRkNDM5ZWUx
LzEvS1pXVVRvVGNON3BxUXRhTHNlSzVwRUllaEtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXK4MA0G
CSqGSIb3DQEBCwUAA4IBAQBjhxM3wG1/GWZvbdZxcozlyf6cULzY73Xt20zXf5vb
ylKyC/5MdJLxWX7T4AzaXYMStOuH5agoOl8JeJf/PDuGRpntZWCqLno/bqdn0U9K
J+yc04WKyTMiHYt+SURFeGT2T7pDIxkfQIUCg6gYb0udCRodF+Tgkwq5ka0SRjyD
AkgzEAFgMOIiE4n8QamDgNWIlm6r/tf2kYsYtlZDst2lqjmMszUeXuibZNy1hzOW
jP8c1jLwZJ48q18LgHaaIxss7dfhrisBOmm1HqwTfCfSx25lt5E9lNCHG4RcSN8a
11SKekg5H3ynbkIJEVqqB0AbLNbf6GB8OUM8phopVWOZ
-----END CERTIFICATE-----
Generated at Sun Nov 24 22:40:43 2024 by rpki-client on console-fra.rpki-client.org