Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/844fd9-fef1-44d9-a6c9-14fab0244948/1/RU8vqclw2CmRy1BNfdwspWe7dA4.roa
File: RU8vqclw2CmRy1BNfdwspWe7dA4.roa (raw, json)
Hash identifier: kaVVt4eqQGNQKeABpdNiJXeFVrBcafz15UaKDbs0PQU=
Subject key identifier: 45:4F:2F:A9:C9:70:D8:29:91:CB:50:4D:7D:DC:2C:A5:67:BB:74:0E
Certificate issuer: /CN=6b84f4a296bce14d6deed25116aa70b60bcce4a4
Certificate serial: 018CC3495D1A5FCE97DD64B0D48A0B0BB72F
Authority key identifier: 6B:84:F4:A2:96:BC:E1:4D:6D:EE:D2:51:16:AA:70:B6:0B:CC:E4:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a4T0opa84U1t7tJRFqpwtgvM5KQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/844fd9-fef1-44d9-a6c9-14fab0244948/1/RU8vqclw2CmRy1BNfdwspWe7dA4.roa
Signing time: Mon 01 Jan 2024 04:30:14 +0000
ROA not before: Mon 01 Jan 2024 04:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206641
IP address blocks: 185.180.60.0/22 maxlen: 22
185.180.61.0/24 maxlen: 24
185.180.62.0/24 maxlen: 24
185.180.63.0/24 maxlen: 24
185.180.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/844fd9-fef1-44d9-a6c9-14fab0244948/1/a4T0opa84U1t7tJRFqpwtgvM5KQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/844fd9-fef1-44d9-a6c9-14fab0244948/1/a4T0opa84U1t7tJRFqpwtgvM5KQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/a4T0opa84U1t7tJRFqpwtgvM5KQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 21:03:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:5d:1a:5f:ce:97:dd:64:b0:d4:8a:0b:0b:b7:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b84f4a296bce14d6deed25116aa70b60bcce4a4
Validity
Not Before: Jan 1 04:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=454f2fa9c970d82991cb504d7ddc2ca567bb740e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:cb:5a:29:38:71:0c:06:b0:c1:28:7e:2f:04:
9a:c7:fb:de:1a:71:55:26:63:fd:39:34:58:06:0c:
65:d0:ab:e2:54:05:55:13:bb:88:ba:ad:ab:33:67:
e5:2a:76:e5:99:9f:44:ef:8a:c7:cb:c8:6c:1a:e4:
94:a4:02:34:de:fc:48:d5:15:ac:cf:d3:bd:4a:8a:
5a:11:f9:a2:a7:01:57:c9:ad:a8:92:8a:76:d7:65:
9f:90:0c:27:35:60:68:26:97:0f:8b:85:1b:82:e1:
f7:f3:36:fe:66:6b:39:00:b6:0f:08:e6:b6:da:13:
ed:ef:32:e8:61:cf:57:38:8a:09:cc:3a:6c:9f:8a:
f9:c1:fa:88:49:c6:e8:ce:20:64:1e:7a:91:f9:2d:
b0:10:65:2e:1d:ba:5c:76:c9:d6:40:d1:62:1c:e3:
ec:25:f6:05:35:f5:4a:61:08:94:2e:bc:82:e9:a7:
95:9d:e1:c0:72:fa:09:46:41:42:3b:e1:55:d4:88:
00:63:f5:df:65:3a:ac:c7:ee:a6:24:a4:17:04:46:
bc:87:a6:56:c6:4d:e1:01:77:d5:fb:c1:15:83:dc:
75:23:00:ed:31:e3:ad:b8:f9:cd:46:55:a6:bd:ef:
8d:b1:24:21:82:57:12:65:c5:bc:fc:53:02:55:8d:
5f:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:4F:2F:A9:C9:70:D8:29:91:CB:50:4D:7D:DC:2C:A5:67:BB:74:0E
X509v3 Authority Key Identifier:
keyid:6B:84:F4:A2:96:BC:E1:4D:6D:EE:D2:51:16:AA:70:B6:0B:CC:E4:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4T0opa84U1t7tJRFqpwtgvM5KQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/844fd9-fef1-44d9-a6c9-14fab0244948/1/RU8vqclw2CmRy1BNfdwspWe7dA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/844fd9-fef1-44d9-a6c9-14fab0244948/1/a4T0opa84U1t7tJRFqpwtgvM5KQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.180.60.0/22
Signature Algorithm: sha256WithRSAEncryption
83:20:a0:e6:d3:bc:d9:7e:3f:e1:fa:c7:e1:51:16:c0:36:50:
51:04:1d:34:c8:22:fa:f0:63:0a:06:c1:be:56:01:ea:b3:43:
0a:36:a2:2b:4f:5e:a8:8b:0f:89:93:c3:f1:5e:55:74:e3:c1:
d1:e5:b4:46:3d:b7:d8:9d:18:49:7c:bb:30:40:8e:df:81:dd:
4f:b1:4b:52:c7:66:ad:68:2b:e4:a5:2f:c2:34:39:f2:9c:1b:
98:15:59:40:4f:b7:5e:31:9c:72:2b:36:c9:99:2b:f6:b1:27:
bb:70:74:f7:38:55:b7:2b:73:e9:87:b8:f1:fb:11:df:18:32:
56:d8:84:ab:22:ea:37:56:eb:63:8e:10:5a:3d:4b:93:a1:8c:
18:ce:58:e1:1e:54:b7:75:de:5b:9e:53:90:ca:2a:b0:34:37:
1b:2d:03:0c:25:ff:51:4f:e6:c1:13:07:fa:bc:c5:c1:45:0c:
92:17:c5:f5:32:9c:f8:8c:d1:f1:fa:ec:9b:43:89:f7:d7:48:
56:cc:5e:c7:99:ba:7e:4d:0b:ec:62:11:28:4a:4c:f1:42:7a:
af:d3:b7:e1:cf:af:94:36:7c:6d:67:b2:d5:35:14:65:85:42:
95:e3:e6:63:9c:ac:f2:c9:d1:19:b9:69:35:3c:fc:55:77:c0:
10:48:84:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSV0aX86X3WSw1IoLC7cvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiODRmNGEyOTZiY2UxNGQ2ZGVlZDI1MTE2YWE3MGI2MGJj
Y2U0YTQwHhcNMjQwMTAxMDQzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTRmMmZhOWM5NzBkODI5OTFjYjUwNGQ3ZGRjMmNhNTY3YmI3NDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlstaKThxDAawwSh+LwSax/veGnFV
JmP9OTRYBgxl0KviVAVVE7uIuq2rM2flKnblmZ9E74rHy8hsGuSUpAI03vxI1RWs
z9O9SopaEfmipwFXya2okop212WfkAwnNWBoJpcPi4UbguH38zb+Zms5ALYPCOa2
2hPt7zLoYc9XOIoJzDpsn4r5wfqIScboziBkHnqR+S2wEGUuHbpcdsnWQNFiHOPs
JfYFNfVKYQiULryC6aeVneHAcvoJRkFCO+FV1IgAY/XfZTqsx+6mJKQXBEa8h6ZW
xk3hAXfV+8EVg9x1IwDtMeOtuPnNRlWmve+NsSQhglcSZcW8/FMCVY1fKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEVPL6nJcNgpkctQTX3cLKVnu3QOMB8GA1UdIwQY
MBaAFGuE9KKWvOFNbe7SURaqcLYLzOSkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTRUMG9wYTg0VTF0N3RKUkZxcHd0Z3ZNNUtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC84NDRmZDktZmVmMS00NGQ5LWE2Yzkt
MTRmYWIwMjQ0OTQ4LzEvUlU4dnFjbHcyQ21SeTFCTmZkd3NwV2U3ZEE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC84NDRmZDktZmVmMS00NGQ5LWE2YzktMTRmYWIwMjQ0OTQ4
LzEvYTRUMG9wYTg0VTF0N3RKUkZxcHd0Z3ZNNUtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubQ8MA0G
CSqGSIb3DQEBCwUAA4IBAQCDIKDm07zZfj/h+sfhURbANlBRBB00yCL68GMKBsG+
VgHqs0MKNqIrT16oiw+Jk8PxXlV048HR5bRGPbfYnRhJfLswQI7fgd1PsUtSx2at
aCvkpS/CNDnynBuYFVlAT7deMZxyKzbJmSv2sSe7cHT3OFW3K3Pph7jx+xHfGDJW
2ISrIuo3VutjjhBaPUuToYwYzljhHlS3dd5bnlOQyiqwNDcbLQMMJf9RT+bBEwf6
vMXBRQySF8X1Mpz4jNHx+uybQ4n310hWzF7Hmbp+TQvsYhEoSkzxQnqv07fhz6+U
NnxtZ7LVNRRlhUKV4+ZjnKzyydEZuWk1PPxVd8AQSIS3
-----END CERTIFICATE-----
Generated at Sat Jun 8 01:19:53 2024 by rpki-client on console-ams.rpki-client.org