Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/FxB9YKBEdwAgPaPmyCWqunye-FY.roa
File: FxB9YKBEdwAgPaPmyCWqunye-FY.roa (raw, json)
Hash identifier: GCAvzHviLwmSS5Zx9LbtEWmCdgVfGh+ohNdPEU7Sa3E=
Subject key identifier: 17:10:7D:60:A0:44:77:00:20:3D:A3:E6:C8:25:AA:BA:7C:9E:F8:56
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018CDB037E727D638649C92BBFD75405F54E
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/FxB9YKBEdwAgPaPmyCWqunye-FY.roa
Signing time: Fri 05 Jan 2024 19:04:48 +0000
ROA not before: Fri 05 Jan 2024 19:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47583
IP address blocks: 185.166.37.0/24 maxlen: 24
185.166.36.0/24 maxlen: 24
185.166.38.0/24 maxlen: 24
185.166.39.0/24 maxlen: 24
185.230.64.0/24 maxlen: 24
185.210.234.0/24 maxlen: 24
85.31.63.0/24 maxlen: 24
85.31.61.0/24 maxlen: 24
85.31.62.0/24 maxlen: 24
85.31.60.0/24 maxlen: 24
185.124.111.0/24 maxlen: 24
185.124.109.0/24 maxlen: 24
185.124.108.0/24 maxlen: 24
185.124.110.0/24 maxlen: 24
185.124.139.0/24 maxlen: 24
185.124.137.0/24 maxlen: 24
185.124.136.0/24 maxlen: 24
185.124.138.0/24 maxlen: 24
185.199.53.0/24 maxlen: 24
185.199.52.0/24 maxlen: 24
185.162.52.0/24 maxlen: 24
185.162.54.0/24 maxlen: 24
185.162.53.0/24 maxlen: 24
185.162.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:db:03:7e:72:7d:63:86:49:c9:2b:bf:d7:54:05:f5:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 5 19:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=17107d60a0447700203da3e6c825aaba7c9ef856
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:55:9e:e6:36:5c:99:9b:87:39:22:b9:7c:75:
3a:f3:86:d0:c3:e5:ed:13:b5:05:97:e3:e8:66:63:
28:4b:6f:df:16:7a:0f:c8:33:2a:9a:0a:9e:09:22:
37:20:69:b3:d6:89:5c:7f:b0:15:53:f5:c3:fd:8d:
92:27:ce:e2:05:af:32:ed:82:8e:04:1b:a1:74:bf:
4e:79:27:56:89:42:4a:3a:46:eb:7a:83:04:06:0e:
cb:89:31:6a:9f:c6:6d:f1:2c:c6:46:29:7c:a1:a5:
28:d9:42:c0:42:39:4e:ca:4e:bb:34:10:92:84:70:
7e:4b:a8:5e:15:2f:49:aa:53:c3:8a:52:7d:8d:8f:
1a:9c:c3:3a:47:65:d7:1b:02:96:71:f5:2b:f1:af:
d7:a5:c5:03:25:38:c3:1d:75:0c:39:9b:c6:fc:bb:
42:54:86:cc:8a:cf:a0:c3:e0:8e:60:44:88:f4:cc:
cd:ed:a8:ea:01:cd:e1:f9:78:6d:a2:43:5b:9f:b3:
bd:f9:60:2d:96:a5:13:6c:29:84:85:02:ab:e4:d4:
7a:1a:95:16:e0:e8:7a:06:81:6b:2b:39:bf:6f:04:
b6:85:4b:23:96:4f:33:8b:d1:6f:fc:54:4a:6f:5a:
d0:84:56:b4:81:b2:68:b6:af:f7:1a:a0:4f:6d:ec:
7c:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:10:7D:60:A0:44:77:00:20:3D:A3:E6:C8:25:AA:BA:7C:9E:F8:56
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/FxB9YKBEdwAgPaPmyCWqunye-FY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.31.60.0/22
185.124.108.0/22
185.124.136.0/22
185.162.52.0/22
185.166.36.0/22
185.199.52.0/23
185.210.234.0/24
185.230.64.0/24
Signature Algorithm: sha256WithRSAEncryption
29:77:d0:80:3e:60:75:f6:64:39:21:ec:21:26:95:d4:c8:1e:
e2:6a:35:7c:f3:bb:01:18:f7:c5:50:b4:70:cb:82:99:98:67:
b6:f4:82:f5:ee:94:7e:b6:35:69:f4:4f:33:f3:b8:a6:b1:a6:
dd:93:03:ec:6b:09:6f:58:f9:1a:ed:34:ab:04:00:fd:c9:f5:
34:33:c8:e0:c9:46:2e:ab:bb:76:cf:65:42:b3:4d:91:6f:97:
27:f6:84:74:f4:35:25:b2:f9:93:5f:ee:2d:a3:64:da:2f:51:
b3:7f:78:17:d0:05:8e:9c:5c:96:16:ce:0d:00:48:fe:11:5d:
3d:7c:9d:d6:b9:20:71:c4:f6:ff:e5:a1:d6:9e:7a:42:da:af:
fe:e2:d7:6f:66:f4:f2:b6:0f:a3:80:77:db:8a:d6:8f:cd:a3:
d6:69:b6:23:42:ae:e8:45:c8:eb:64:ff:f1:88:08:ec:81:5b:
3e:ba:fc:21:fa:aa:a4:da:ff:74:23:aa:61:c2:95:13:a3:6d:
38:39:f1:01:d7:bc:54:c7:e2:e2:b6:c3:79:41:95:07:72:f0:
73:76:f5:ed:f7:9c:02:2c:be:bd:c8:97:69:18:f1:6a:35:ae:
2f:bd:4b:86:fc:2b:1c:59:ef:41:69:13:b2:05:d5:6a:a0:f3:
5d:66:84:8f
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzbA35yfWOGSckrv9dUBfVOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMTA1MTkwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzEwN2Q2MGEwNDQ3NzAwMjAzZGEzZTZjODI1YWFiYTdjOWVmODU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFWe5jZcmZuHOSK5fHU684bQw+Xt
E7UFl+PoZmMoS2/fFnoPyDMqmgqeCSI3IGmz1olcf7AVU/XD/Y2SJ87iBa8y7YKO
BBuhdL9OeSdWiUJKOkbreoMEBg7LiTFqn8Zt8SzGRil8oaUo2ULAQjlOyk67NBCS
hHB+S6heFS9JqlPDilJ9jY8anMM6R2XXGwKWcfUr8a/XpcUDJTjDHXUMOZvG/LtC
VIbMis+gw+COYESI9MzN7ajqAc3h+XhtokNbn7O9+WAtlqUTbCmEhQKr5NR6GpUW
4Oh6BoFrKzm/bwS2hUsjlk8zi9Fv/FRKb1rQhFa0gbJotq/3GqBPbex8NwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFBcQfWCgRHcAID2j5sglqrp8nvhWMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvRnhCOVlLQkVkd0FnUGFQbXlDV3F1bnllLUZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCVR88AwQC
uXxsAwQCuXyIAwQCuaI0AwQCuaYkAwQBucc0AwQAudLqAwQAueZAMA0GCSqGSIb3
DQEBCwUAA4IBAQApd9CAPmB19mQ5IewhJpXUyB7iajV887sBGPfFULRwy4KZmGe2
9IL17pR+tjVp9E8z87imsabdkwPsawlvWPka7TSrBAD9yfU0M8jgyUYuq7t2z2VC
s02Rb5cn9oR09DUlsvmTX+4to2TaL1Gzf3gX0AWOnFyWFs4NAEj+EV09fJ3WuSBx
xPb/5aHWnnpC2q/+4tdvZvTytg+jgHfbitaPzaPWabYjQq7oRcjrZP/xiAjsgVs+
uvwh+qqk2v90I6phwpUTo204OfEB17xUx+LitsN5QZUHcvBzdvXt95wCLL69yJdp
GPFqNa4vvUuG/CscWe9BaROyBdVqoPNdZoSP
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:27:30 2024 by rpki-client on console-ams.rpki-client.org