Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/71J6_Ok9dqvDmUkQYs1EAeBmlko.roa
File: 71J6_Ok9dqvDmUkQYs1EAeBmlko.roa (raw, json)
Hash identifier: V4k1pOSqoKbD/ZbTRdDJG3hN1qv3J1flHboGtIaJnx0=
Subject key identifier: EF:52:7A:FC:E9:3D:76:AB:C3:99:49:10:62:CD:44:01:E0:66:96:4A
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01926C155CB2B61247767F540E962AADE40C
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/71J6_Ok9dqvDmUkQYs1EAeBmlko.roa
Signing time: Tue 08 Oct 2024 12:23:12 +0000
ROA not before: Tue 08 Oct 2024 12:23:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 45.147.224.0/24 maxlen: 24
185.222.30.0/24 maxlen: 24
185.230.65.0/24 maxlen: 24
185.230.66.0/24 maxlen: 24
194.5.67.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6c:15:5c:b2:b6:12:47:76:7f:54:0e:96:2a:ad:e4:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Oct 8 12:23:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef527afce93d76abc399491062cd4401e066964a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:21:6d:f6:cc:e4:d0:48:8c:48:47:73:31:3a:
4b:cf:60:22:77:42:2d:98:ce:04:59:7a:28:08:8a:
d6:1b:9f:24:6b:02:4f:93:b9:bc:d8:0d:46:1c:9c:
09:6f:ba:7f:21:85:61:8f:88:96:5d:ef:3d:8a:cd:
0d:a0:14:66:0e:ce:65:1d:a2:c7:4f:a7:0a:a9:1d:
08:27:42:4f:a2:82:78:9a:77:0e:8c:b5:1f:6f:d8:
59:84:b3:5e:af:ba:32:25:87:a3:dc:0a:01:b9:fe:
76:00:59:b5:19:d6:5b:71:ba:a6:7f:37:34:38:25:
7f:fe:e2:14:99:dc:15:41:4b:16:91:10:a1:67:ee:
1e:53:57:3b:75:47:84:75:4e:bf:c7:12:fd:f6:d1:
7c:d9:0f:7f:dd:47:44:96:a0:6a:3d:1a:53:f2:c5:
99:72:5e:86:51:38:d7:39:a4:62:c7:3b:fb:a2:f9:
d1:36:fa:02:14:37:a9:46:d2:7c:3b:c7:82:c4:93:
37:ed:96:db:17:03:69:18:7f:7a:3f:7b:15:ee:99:
29:17:f4:f3:94:39:5c:67:5e:c9:b7:56:43:77:88:
f3:63:85:8a:14:d8:b0:1f:eb:c6:cf:e7:14:d0:4b:
02:a7:85:4a:df:37:29:11:03:b2:b7:2e:ad:80:08:
8a:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:52:7A:FC:E9:3D:76:AB:C3:99:49:10:62:CD:44:01:E0:66:96:4A
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/71J6_Ok9dqvDmUkQYs1EAeBmlko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.224.0/24
185.222.30.0/24
185.230.65.0-185.230.66.255
194.5.67.0/24
Signature Algorithm: sha256WithRSAEncryption
50:1c:c9:77:b7:d1:4a:b8:a9:6b:2e:41:4b:ac:89:9d:50:85:
da:d9:24:f7:97:80:b7:5b:3f:89:97:5c:56:54:c7:7c:63:95:
84:f0:0f:09:e2:ea:12:50:4c:1d:43:8f:d5:bc:fd:78:ee:27:
af:d3:30:15:24:69:d1:77:3e:04:f1:50:cf:5c:49:08:56:31:
a7:99:dd:4d:56:b6:47:cc:78:9d:46:a4:09:02:c1:0e:b4:85:
5c:47:d7:fc:77:50:e8:14:8b:cb:de:ed:dc:5c:d6:a9:9c:76:
d4:a1:6e:c5:50:4f:31:03:fc:72:e8:4d:67:5d:5a:23:85:de:
91:30:12:43:08:62:5c:9b:b7:61:0e:65:57:b5:7e:33:a9:5d:
1a:13:e2:af:dc:23:4b:40:92:55:35:6a:da:e3:2c:5a:d5:e3:
f5:1a:86:c3:b5:98:3d:4b:7f:7e:85:ad:33:6c:0a:c1:f3:5e:
30:b8:5e:e6:07:e3:9a:26:6f:27:fc:ec:06:54:b8:d9:6c:c8:
66:49:39:cf:fe:5d:55:08:b9:db:e1:4f:1f:ee:71:ae:3b:3b:
77:03:6d:04:51:63:cb:fe:21:d5:07:89:74:ab:38:1f:92:dd:
a2:db:71:35:f7:cf:a2:06:eb:62:47:73:8d:bf:b9:48:eb:67:
72:1c:d4:2b
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZJsFVyythJHdn9UDpYqreQMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQxMDA4MTIyMzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjUyN2FmY2U5M2Q3NmFiYzM5OTQ5MTA2MmNkNDQwMWUwNjY5NjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1SFt9szk0EiMSEdzMTpLz2Aid0It
mM4EWXooCIrWG58kawJPk7m82A1GHJwJb7p/IYVhj4iWXe89is0NoBRmDs5lHaLH
T6cKqR0IJ0JPooJ4mncOjLUfb9hZhLNer7oyJYej3AoBuf52AFm1GdZbcbqmfzc0
OCV//uIUmdwVQUsWkRChZ+4eU1c7dUeEdU6/xxL99tF82Q9/3UdElqBqPRpT8sWZ
cl6GUTjXOaRixzv7ovnRNvoCFDepRtJ8O8eCxJM37ZbbFwNpGH96P3sV7pkpF/Tz
lDlcZ17Jt1ZDd4jzY4WKFNiwH+vGz+cU0EsCp4VK3zcpEQOyty6tgAiKnwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFO9SevzpPXarw5lJEGLNRAHgZpZKMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvNzFKNl9PazlkcXZEbVVrUVlzMUVBZUJtbGtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALZPgAwQA
ud4eMAwDBAC55kEDBAC55kIDBADCBUMwDQYJKoZIhvcNAQELBQADggEBAFAcyXe3
0Uq4qWsuQUusiZ1QhdrZJPeXgLdbP4mXXFZUx3xjlYTwDwni6hJQTB1Dj9W8/Xju
J6/TMBUkadF3PgTxUM9cSQhWMaeZ3U1WtkfMeJ1GpAkCwQ60hVxH1/x3UOgUi8ve
7dxc1qmcdtShbsVQTzED/HLoTWddWiOF3pEwEkMIYlybt2EOZVe1fjOpXRoT4q/c
I0tAklU1atrjLFrV4/UahsO1mD1Lf36FrTNsCsHzXjC4XuYH45ombyf87AZUuNls
yGZJOc/+XVUIudvhTx/uca47O3cDbQRRY8v+IdUHiXSrOB+S3aLbcTX3z6IG62JH
c42/uUjrZ3Ic1Cs=
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:27:30 2024 by rpki-client on console-ams.rpki-client.org