Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/f2jGa0PrZf1CGXcLNXls9jqBRYA.roa
File: f2jGa0PrZf1CGXcLNXls9jqBRYA.roa (raw, json)
Hash identifier: dTcLUUMwHpOIx3+pynBHOzlAFMQfUpDx/50F7tIJvNU=
Subject key identifier: 7F:68:C6:6B:43:EB:65:FD:42:19:77:0B:35:79:6C:F6:3A:81:45:80
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018DBBF025DE8778D9208E1109590F7A05C7
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/f2jGa0PrZf1CGXcLNXls9jqBRYA.roa
Signing time: Sun 18 Feb 2024 11:18:14 +0000
ROA not before: Sun 18 Feb 2024 11:18:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26042
IP address blocks: 185.230.67.0/24 maxlen: 24
194.76.168.0/24 maxlen: 24
194.76.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 14:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:bb:f0:25:de:87:78:d9:20:8e:11:09:59:0f:7a:05:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Feb 18 11:18:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f68c66b43eb65fd4219770b35796cf63a814580
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:18:be:c7:7e:49:c6:93:65:dc:60:53:30:e1:
81:e9:5b:40:3f:1b:aa:a9:fd:6b:19:6c:99:c6:d3:
33:c3:65:42:b9:86:c0:9a:99:69:a1:25:e4:35:89:
e2:ba:00:46:64:4b:89:35:f0:50:bb:2d:d8:a8:65:
af:43:f0:25:76:ad:04:5d:6a:a5:c7:80:91:ba:a4:
0d:e4:57:22:49:2f:c7:cb:26:56:f9:76:c9:e0:a7:
0c:36:28:17:b8:24:48:53:69:45:91:5d:78:8b:4d:
b4:78:3a:12:6f:0a:74:de:3a:0c:87:78:88:e7:ba:
56:5f:c2:2f:93:80:c4:98:dd:cc:9c:b7:78:db:ad:
c0:e0:93:86:b2:bb:fa:47:1a:a9:02:ba:df:24:61:
1a:eb:00:a0:8f:29:be:8b:7c:6b:cc:4f:7b:11:6b:
ac:fa:7e:3b:61:f2:6e:a1:90:ab:b8:3b:3a:c4:c1:
71:f1:32:b7:75:5c:31:df:5e:3c:44:d4:37:08:81:
41:da:02:8a:c9:00:3a:3e:b0:1b:95:fb:ed:c0:76:
f6:9d:2d:83:3a:94:32:b4:20:bf:cd:8b:37:3a:6c:
dd:90:88:36:5b:3b:b9:ab:a2:23:05:52:3a:f9:6e:
16:fa:11:0d:de:aa:b0:eb:4e:b6:fe:11:e6:83:16:
3e:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:68:C6:6B:43:EB:65:FD:42:19:77:0B:35:79:6C:F6:3A:81:45:80
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/f2jGa0PrZf1CGXcLNXls9jqBRYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.67.0/24
194.76.168.0/23
Signature Algorithm: sha256WithRSAEncryption
32:c3:13:3f:d2:e1:e9:4c:65:a8:ec:9a:28:da:0c:33:16:92:
c8:0f:de:68:f9:ea:4a:1f:31:5a:1d:d1:b7:b7:34:e3:3f:cb:
0d:29:e2:b8:0b:37:5b:77:e0:81:a9:44:56:79:4e:02:6c:08:
67:67:3d:a1:a4:20:99:28:df:b0:ff:52:25:f2:bc:40:55:17:
b1:63:4e:6f:af:fd:33:3a:2a:56:b4:c5:a5:36:ce:c8:db:5d:
c2:b9:36:10:e8:73:da:cc:f3:05:7a:87:b1:39:1d:08:5e:f3:
89:78:31:53:47:af:f0:7a:49:44:d1:e9:15:3b:f5:60:f4:59:
da:93:ab:ea:f0:00:fc:fe:a6:de:5d:7a:f6:98:3f:e7:8d:82:
ab:5a:06:07:9b:64:44:bf:c4:ee:ad:65:a2:9c:93:07:fb:5a:
af:29:73:c4:89:21:d4:52:ee:72:bc:c9:74:28:cc:b3:bc:54:
53:f8:a0:ca:92:73:d7:f8:77:1c:98:f8:31:ee:ef:2c:9c:1b:
00:e5:0d:c1:65:5b:36:03:c3:fe:b0:1a:46:80:67:b1:91:54:
31:63:83:59:3a:43:ff:38:fa:06:8d:db:1f:89:2b:73:eb:00:
ef:83:e5:8a:58:e6:bc:b3:30:8e:22:83:13:53:94:69:ff:26:
55:a8:db:1d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY278CXeh3jZII4RCVkPegXHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMjE4MTExODE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjY4YzY2YjQzZWI2NWZkNDIxOTc3MGIzNTc5NmNmNjNhODE0NTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxi+x35JxpNl3GBTMOGB6VtAPxuq
qf1rGWyZxtMzw2VCuYbAmplpoSXkNYniugBGZEuJNfBQuy3YqGWvQ/Aldq0EXWql
x4CRuqQN5FciSS/HyyZW+XbJ4KcMNigXuCRIU2lFkV14i020eDoSbwp03joMh3iI
57pWX8Ivk4DEmN3MnLd4263A4JOGsrv6RxqpArrfJGEa6wCgjym+i3xrzE97EWus
+n47YfJuoZCruDs6xMFx8TK3dVwx3148RNQ3CIFB2gKKyQA6PrAblfvtwHb2nS2D
OpQytCC/zYs3OmzdkIg2Wzu5q6IjBVI6+W4W+hEN3qqw6062/hHmgxY+BQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH9oxmtD62X9Qhl3CzV5bPY6gUWAMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvZjJqR2EwUHJaZjFDR1hjTE5YbHM5anFCUllBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAueZDAwQB
wkyoMA0GCSqGSIb3DQEBCwUAA4IBAQAywxM/0uHpTGWo7Joo2gwzFpLID95o+epK
HzFaHdG3tzTjP8sNKeK4Czdbd+CBqURWeU4CbAhnZz2hpCCZKN+w/1Il8rxAVRex
Y05vr/0zOipWtMWlNs7I213CuTYQ6HPazPMFeoexOR0IXvOJeDFTR6/weklE0ekV
O/Vg9Fnak6vq8AD8/qbeXXr2mD/njYKrWgYHm2REv8TurWWinJMH+1qvKXPEiSHU
Uu5yvMl0KMyzvFRT+KDKknPX+HccmPgx7u8snBsA5Q3BZVs2A8P+sBpGgGexkVQx
Y4NZOkP/OPoGjdsfiStz6wDvg+WKWOa8szCOIoMTU5Rp/yZVqNsd
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:41:48 2024 by rpki-client on console-fra.rpki-client.org