Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/_hBrl9UaNF28FTExZOElFA66JpM.roa
File: _hBrl9UaNF28FTExZOElFA66JpM.roa (raw, json)
Hash identifier: 0ti7kECihzHEUYeD8cIrS9lTVrg1V0IxQAz4yTAvuSw=
Subject key identifier: FE:10:6B:97:D5:1A:34:5D:BC:15:31:31:64:E1:25:14:0E:BA:26:93
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0191A453D52F6315A6DA7EFDE8B1BDD71AC9
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/_hBrl9UaNF28FTExZOElFA66JpM.roa
Signing time: Fri 30 Aug 2024 17:27:23 +0000
ROA not before: Fri 30 Aug 2024 17:27:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 176.125.248.0/24 maxlen: 24
185.210.232.0/24 maxlen: 24
185.214.102.0/24 maxlen: 24
185.225.0.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 14:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a4:53:d5:2f:63:15:a6:da:7e:fd:e8:b1:bd:d7:1a:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Aug 30 17:27:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe106b97d51a345dbc15313164e125140eba2693
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ff:b2:b1:d3:02:e1:7d:91:6d:44:65:42:8c:
52:e4:57:da:14:35:ab:ee:ea:dc:46:b3:33:c9:43:
9c:db:6c:60:31:78:65:07:cb:f9:bb:71:7d:1e:c9:
d5:0e:34:c0:af:b9:d1:e9:14:72:f4:26:ff:96:65:
d3:a8:3a:d4:e3:73:3e:20:b7:74:d6:9d:04:10:cf:
63:12:4c:9e:ab:6b:ed:d5:ab:76:e0:3a:1a:49:5e:
6f:d2:58:c0:ae:58:d4:c4:9a:6d:ee:ae:cf:b1:10:
e2:0e:92:7b:cc:27:dc:df:34:e2:72:d8:2b:74:9f:
c0:44:73:45:b5:9c:9e:6f:aa:8c:fc:15:57:fb:c0:
25:af:33:5f:cf:83:f9:83:97:e5:b4:33:e6:c8:4e:
6a:16:5e:41:1b:d0:86:71:6e:a0:48:5f:f1:6a:f4:
16:70:7a:0e:f3:06:2e:d6:0e:a9:1b:0c:12:c5:eb:
7a:aa:af:5b:41:99:b9:7e:52:70:34:ab:4a:bf:cc:
74:c3:82:6e:76:19:77:85:a6:33:14:9c:95:71:0f:
87:cb:e8:ea:8b:4f:6a:07:c2:5c:61:3a:ec:61:be:
7f:ff:fb:24:0a:2a:f2:4f:28:8c:91:e0:6f:0e:50:
60:e3:c5:ee:ef:f1:e2:e9:93:f5:35:7d:43:33:78:
88:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:10:6B:97:D5:1A:34:5D:BC:15:31:31:64:E1:25:14:0E:BA:26:93
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/_hBrl9UaNF28FTExZOElFA66JpM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.248.0/24
185.210.232.0/24
185.214.102.0/24
185.225.0.0/24
185.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
26:31:73:f4:2f:35:95:86:75:f4:6e:d4:22:b2:ff:9b:19:17:
fb:7b:78:7a:6c:41:d3:68:92:e2:ee:81:ff:90:fb:c8:86:8f:
bd:ca:e2:24:d6:0e:59:c2:ce:65:4e:30:d3:f0:2c:10:d4:a9:
09:d0:2b:64:b1:6c:b0:12:23:75:3c:2b:9a:79:02:d8:b6:ff:
1e:7a:b7:66:ce:64:92:52:f5:c7:40:1e:b2:54:e7:c6:67:33:
b0:7c:a7:02:3b:42:5a:3b:b2:b5:df:02:1e:40:66:3a:42:5f:
3c:40:42:e4:ea:1e:eb:27:7e:0e:47:11:d1:5b:59:bc:23:d6:
75:f8:a2:71:be:4d:d1:86:56:50:52:2a:9d:85:ec:b8:c4:b2:
60:07:db:ae:dc:b5:ee:4f:88:81:a9:09:54:d4:91:a6:d4:66:
71:21:cb:2c:56:ba:a6:af:bd:03:2c:25:5d:3c:bd:be:dd:a9:
c5:67:63:fc:e0:a9:03:09:59:ba:c4:8c:a1:eb:c8:77:0f:f2:
20:d8:99:a7:64:92:25:c5:7d:c1:a3:ce:db:d6:9c:f4:4e:45:
95:39:3e:d8:72:68:4e:bd:b7:8a:e9:3a:a9:e7:d5:ed:5f:df:
a9:8a:30:dc:4a:39:8f:dd:be:59:1a:be:f6:75:d1:ea:16:34:
20:74:cf:eb
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZGkU9UvYxWm2n796LG91xrJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwODMwMTcyNzIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTEwNmI5N2Q1MWEzNDVkYmMxNTMxMzE2NGUxMjUxNDBlYmEyNjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoP+ysdMC4X2RbURlQoxS5FfaFDWr
7urcRrMzyUOc22xgMXhlB8v5u3F9HsnVDjTAr7nR6RRy9Cb/lmXTqDrU43M+ILd0
1p0EEM9jEkyeq2vt1at24DoaSV5v0ljArljUxJpt7q7PsRDiDpJ7zCfc3zTictgr
dJ/ARHNFtZyeb6qM/BVX+8AlrzNfz4P5g5fltDPmyE5qFl5BG9CGcW6gSF/xavQW
cHoO8wYu1g6pGwwSxet6qq9bQZm5flJwNKtKv8x0w4Judhl3haYzFJyVcQ+Hy+jq
i09qB8JcYTrsYb5///skCiryTyiMkeBvDlBg48Xu7/Hi6ZP1NX1DM3iITwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFP4Qa5fVGjRdvBUxMWThJRQOuiaTMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvX2hCcmw5VWFORjI4RlRFeFpPRWxGQTY2SnBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAsH34AwQA
udLoAwQAudZmAwQAueEAAwQAufvnMA0GCSqGSIb3DQEBCwUAA4IBAQAmMXP0LzWV
hnX0btQisv+bGRf7e3h6bEHTaJLi7oH/kPvIho+9yuIk1g5Zws5lTjDT8CwQ1KkJ
0CtksWywEiN1PCuaeQLYtv8eerdmzmSSUvXHQB6yVOfGZzOwfKcCO0JaO7K13wIe
QGY6Ql88QELk6h7rJ34ORxHRW1m8I9Z1+KJxvk3RhlZQUiqdhey4xLJgB9uu3LXu
T4iBqQlU1JGm1GZxIcssVrqmr70DLCVdPL2+3anFZ2P84KkDCVm6xIyh68h3D/Ig
2JmnZJIlxX3Bo87b1pz0TkWVOT7YcmhOvbeK6Tqp59XtX9+pijDcSjmP3b5ZGr72
ddHqFjQgdM/r
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:41:48 2024 by rpki-client on console-fra.rpki-client.org