Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/3uLHkhvTrVomuhOMXM1spSdySgE.roa
File: 3uLHkhvTrVomuhOMXM1spSdySgE.roa (raw, json)
Hash identifier: 6HhCYc1X65svyA9t5B64PIqtz9MYGsf/TQCZkFa5ZX0=
Subject key identifier: DE:E2:C7:92:1B:D3:AD:5A:26:BA:13:8C:5C:CD:6C:A5:27:72:4A:01
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018F4DFFA0107713EA1DA218F868C47DA6EA
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/3uLHkhvTrVomuhOMXM1spSdySgE.roa
Signing time: Mon 06 May 2024 13:02:29 +0000
ROA not before: Mon 06 May 2024 13:02:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61112
IP address blocks: 185.126.80.0/24 maxlen: 24
185.214.103.0/24 maxlen: 24
185.225.20.0/24 maxlen: 24
194.147.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 14:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4d:ff:a0:10:77:13:ea:1d:a2:18:f8:68:c4:7d:a6:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: May 6 13:02:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dee2c7921bd3ad5a26ba138c5ccd6ca527724a01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:01:f5:a5:0d:99:98:f1:40:ad:78:ae:4b:a4:
d5:a8:37:c3:a9:a2:4b:f7:b2:c6:a3:22:37:ac:a4:
2c:25:e7:f3:37:a9:4a:e0:fb:2f:85:a5:23:38:bc:
52:f7:46:04:91:ad:a0:02:dd:32:6b:0b:9d:2a:b6:
7f:3d:f6:d8:47:32:55:63:e7:f7:0b:a9:51:1a:6c:
a5:67:79:bb:92:f3:0b:a0:32:4f:54:47:1c:48:47:
4e:96:77:0b:27:54:88:34:1c:01:5e:9d:a9:6f:53:
4a:0e:8e:70:62:ed:02:0b:0d:d1:23:17:c1:49:96:
7c:cd:e2:6f:6f:e8:47:be:29:3f:28:0b:45:13:3d:
f9:f6:42:71:43:c2:2e:8b:9c:7e:5e:f7:9c:08:19:
aa:bc:d2:37:d9:f8:1e:74:1d:fd:20:7a:d3:d3:46:
8c:fb:f7:94:76:c4:90:a3:6d:a8:92:00:b6:3f:c5:
c3:c7:f9:f0:1e:ea:35:a7:8a:09:38:88:50:2f:85:
d7:f2:fb:ec:24:95:1c:78:77:23:57:64:e8:f2:66:
c0:4e:00:a9:5b:e0:52:ed:24:a5:19:a4:ec:54:ac:
6b:06:cc:ee:fe:e3:ff:48:e7:ec:39:27:87:7d:3d:
cd:da:6f:f0:04:a1:7d:cf:ef:ed:ab:73:ad:d0:26:
53:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:E2:C7:92:1B:D3:AD:5A:26:BA:13:8C:5C:CD:6C:A5:27:72:4A:01
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/3uLHkhvTrVomuhOMXM1spSdySgE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.80.0/24
185.214.103.0/24
185.225.20.0/24
194.147.16.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:c4:30:82:a5:aa:fc:5b:a3:fc:68:fc:2a:15:84:cb:e3:ed:
b8:bc:2c:fc:ab:a7:a0:9d:63:6d:83:3e:7d:84:00:52:df:f9:
c6:de:42:3f:e3:8c:dd:99:dd:7e:b9:0d:f1:9d:08:d1:7a:89:
6f:fe:b5:07:98:c3:62:2d:d2:a0:58:c6:54:51:91:fc:78:5b:
20:78:fa:0f:d9:e2:6e:08:cd:04:6c:bd:95:91:1d:80:12:93:
d5:5e:1b:fc:27:18:b6:30:01:02:ae:47:6d:2f:c1:80:d8:35:
62:c8:af:41:0f:74:dc:df:aa:d1:73:30:fa:7d:9e:b3:ef:97:
27:c5:75:14:66:a8:b3:46:6c:40:15:fe:e1:41:75:cf:e2:3f:
cb:3a:ab:49:4a:5d:a0:17:62:ee:71:6f:2f:d6:20:a6:0b:a1:
c7:90:52:a8:15:7a:4a:c9:95:d3:90:1f:26:94:09:45:f8:3d:
19:bd:de:9c:fc:c6:03:c1:33:b2:b7:ea:97:e6:e3:dd:bf:43:
ae:f9:d9:6d:a0:f8:e0:65:84:86:98:fd:ae:03:f3:f6:ea:83:
47:46:11:a2:c1:f6:bc:30:4f:5d:3d:02:20:c0:cc:96:03:53:
ce:36:61:79:0e:a9:fc:73:26:c4:8c:87:5a:32:37:18:81:b3:
b5:f0:ce:0f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY9N/6AQdxPqHaIY+GjEfabqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwNTA2MTMwMjI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWUyYzc5MjFiZDNhZDVhMjZiYTEzOGM1Y2NkNmNhNTI3NzI0YTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwH1pQ2ZmPFArXiuS6TVqDfDqaJL
97LGoyI3rKQsJefzN6lK4PsvhaUjOLxS90YEka2gAt0yawudKrZ/PfbYRzJVY+f3
C6lRGmylZ3m7kvMLoDJPVEccSEdOlncLJ1SINBwBXp2pb1NKDo5wYu0CCw3RIxfB
SZZ8zeJvb+hHvik/KAtFEz359kJxQ8Iui5x+XvecCBmqvNI32fgedB39IHrT00aM
+/eUdsSQo22okgC2P8XDx/nwHuo1p4oJOIhQL4XX8vvsJJUceHcjV2To8mbATgCp
W+BS7SSlGaTsVKxrBszu/uP/SOfsOSeHfT3N2m/wBKF9z+/tq3Ot0CZTRQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFN7ix5Ib061aJroTjFzNbKUnckoBMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvM3VMSGtodlRyVm9tdWhPTVhNMXNwU2R5U2dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuX5QAwQA
udZnAwQAueEUAwQAwpMQMA0GCSqGSIb3DQEBCwUAA4IBAQAPxDCCpar8W6P8aPwq
FYTL4+24vCz8q6egnWNtgz59hABS3/nG3kI/44zdmd1+uQ3xnQjReolv/rUHmMNi
LdKgWMZUUZH8eFsgePoP2eJuCM0EbL2VkR2AEpPVXhv8Jxi2MAECrkdtL8GA2DVi
yK9BD3Tc36rRczD6fZ6z75cnxXUUZqizRmxAFf7hQXXP4j/LOqtJSl2gF2LucW8v
1iCmC6HHkFKoFXpKyZXTkB8mlAlF+D0Zvd6c/MYDwTOyt+qX5uPdv0Ou+dltoPjg
ZYSGmP2uA/P26oNHRhGiwfa8ME9dPQIgwMyWA1PONmF5Dqn8cybEjIdaMjcYgbO1
8M4P
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:41:48 2024 by rpki-client on console-fra.rpki-client.org