Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/KlFJTuiyE5udGy8BewisoBfnJZQ.roa
File: KlFJTuiyE5udGy8BewisoBfnJZQ.roa (raw, json)
Hash identifier: rA/LaMTKUo4aab/q2csPvojeUNgH+nQQg0+GyE9wQQM=
Subject key identifier: 2A:51:49:4E:E8:B2:13:9B:9D:1B:2F:01:7B:08:AC:A0:17:E7:25:94
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018CC80297E58AF2DD3C68D25FB61E0D7F44
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/KlFJTuiyE5udGy8BewisoBfnJZQ.roa
Signing time: Tue 02 Jan 2024 02:31:02 +0000
ROA not before: Tue 02 Jan 2024 02:31:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212609
IP address blocks: 185.108.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Dec 2024 16:33:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:97:e5:8a:f2:dd:3c:68:d2:5f:b6:1e:0d:7f:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 2 02:31:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a51494ee8b2139b9d1b2f017b08aca017e72594
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:58:b5:b5:01:c3:c0:9c:cd:82:ac:1d:3e:79:
08:74:80:0c:55:87:8c:74:ac:f8:25:06:d4:58:b8:
0d:b3:67:e8:58:0a:a2:53:6e:f9:28:24:2b:58:c9:
17:1e:92:7c:38:be:75:11:5f:66:5b:d1:b7:c6:70:
f0:ba:dc:74:6d:18:0f:39:0e:2a:09:35:17:bd:f5:
7e:cf:3b:0a:4b:e2:49:e7:2b:f0:fb:07:94:8d:07:
a8:fd:ea:4b:f4:a6:9c:a9:1a:fb:9b:87:18:db:75:
79:38:05:3a:fe:84:d5:58:f8:11:ed:b6:a3:15:ba:
f6:c0:08:88:f1:07:f8:46:81:3c:c1:26:b9:c5:f8:
43:5c:f9:ac:42:e7:0b:5b:cf:4e:85:8d:d4:28:98:
d0:a4:ff:ad:c3:70:8f:96:cc:59:21:b8:2d:91:a6:
b3:46:cd:99:99:a6:2e:94:7f:f2:c4:bd:0a:3e:37:
c9:40:f2:a3:13:4d:88:c7:4b:6b:68:24:23:93:9b:
01:f9:0e:ae:fe:fa:9f:ec:2c:0a:b2:be:16:11:cd:
12:46:8f:9a:c1:1d:30:f9:26:e1:bd:99:f0:c5:9e:
26:5a:91:f2:59:eb:e4:4a:48:05:ba:ea:2b:c8:3d:
fc:8d:10:d9:ba:c7:34:0d:ef:13:f7:6f:ad:d2:f8:
05:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:51:49:4E:E8:B2:13:9B:9D:1B:2F:01:7B:08:AC:A0:17:E7:25:94
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/KlFJTuiyE5udGy8BewisoBfnJZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.207.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:98:8e:2e:2b:fb:74:5c:ee:7f:3c:00:5c:33:bc:09:73:8d:
b7:f6:d6:56:60:13:4d:7a:9f:fd:fc:be:45:3e:d4:f5:92:d4:
6a:91:38:42:5f:09:26:02:ae:c4:e3:16:3f:35:f4:d1:6d:38:
aa:d1:6e:e7:61:ae:e8:a1:81:79:8f:fd:19:01:19:66:49:a4:
c5:8b:de:bb:99:46:98:24:72:4a:b2:f9:71:d1:3a:6d:18:6c:
19:f6:02:23:1a:a4:92:3b:30:42:55:b6:9f:cb:37:e3:0f:f6:
e9:10:1b:9f:e3:f4:b1:c1:ac:c0:a7:0a:9b:c2:90:93:fa:37:
35:c7:76:2b:dd:99:2f:ef:34:ab:68:e2:73:6b:81:17:76:f5:
61:08:92:7a:ad:b7:bf:63:48:68:ee:0d:90:ce:5d:20:ba:76:
fc:0e:d9:e6:cd:57:8f:04:60:10:27:fa:41:bc:68:a9:83:77:
12:41:8d:7f:8f:3d:2e:52:ae:1e:f3:74:e0:a6:28:4d:50:b1:
e1:f6:28:cd:18:43:ea:51:6f:6c:ab:41:f6:67:a9:f7:72:2b:
4f:86:81:8a:89:9d:c2:a6:6f:b9:78:91:59:9c:49:6c:9b:a2:
0e:0c:a9:3a:a3:49:08:ed:90:46:e7:e2:d5:7f:98:2a:ed:c6:
5d:5b:fc:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIApflivLdPGjSX7YeDX9EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMTAyMDIzMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTUxNDk0ZWU4YjIxMzliOWQxYjJmMDE3YjA4YWNhMDE3ZTcyNTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgVi1tQHDwJzNgqwdPnkIdIAMVYeM
dKz4JQbUWLgNs2foWAqiU275KCQrWMkXHpJ8OL51EV9mW9G3xnDwutx0bRgPOQ4q
CTUXvfV+zzsKS+JJ5yvw+weUjQeo/epL9KacqRr7m4cY23V5OAU6/oTVWPgR7baj
Fbr2wAiI8Qf4RoE8wSa5xfhDXPmsQucLW89OhY3UKJjQpP+tw3CPlsxZIbgtkaaz
Rs2ZmaYulH/yxL0KPjfJQPKjE02Ix0traCQjk5sB+Q6u/vqf7CwKsr4WEc0SRo+a
wR0w+SbhvZnwxZ4mWpHyWevkSkgFuuoryD38jRDZusc0De8T92+t0vgFgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCpRSU7oshObnRsvAXsIrKAX5yWUMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvS2xGSlR1aXlFNXVkR3k4QmV3aXNvQmZuSlpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWzPMA0G
CSqGSIb3DQEBCwUAA4IBAQB+mI4uK/t0XO5/PABcM7wJc4239tZWYBNNep/9/L5F
PtT1ktRqkThCXwkmAq7E4xY/NfTRbTiq0W7nYa7ooYF5j/0ZARlmSaTFi967mUaY
JHJKsvlx0TptGGwZ9gIjGqSSOzBCVbafyzfjD/bpEBuf4/SxwazApwqbwpCT+jc1
x3Yr3Zkv7zSraOJza4EXdvVhCJJ6rbe/Y0ho7g2Qzl0gunb8DtnmzVePBGAQJ/pB
vGipg3cSQY1/jz0uUq4e83TgpihNULHh9ijNGEPqUW9sq0H2Z6n3citPhoGKiZ3C
pm+5eJFZnElsm6IODKk6o0kI7ZBG5+LVf5gq7cZdW/yr
-----END CERTIFICATE-----
Generated at Tue Dec 10 23:10:06 2024 by rpki-client on console-ams.rpki-client.org