Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/fBhzlDUC3oq9lzFuxUrp4V9hX-A.roa
File: fBhzlDUC3oq9lzFuxUrp4V9hX-A.roa (raw, json)
Hash identifier: MJ+MQzkjIllbKQMzw2c2JPPPR6ML28vbfXzaKSzP3vY=
Subject key identifier: 7C:18:73:94:35:02:DE:8A:BD:97:31:6E:C5:4A:E9:E1:5F:61:5F:E0
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01928AE3733BFF579336EA79989388949FBA
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/fBhzlDUC3oq9lzFuxUrp4V9hX-A.roa
Signing time: Mon 14 Oct 2024 11:56:54 +0000
ROA not before: Mon 14 Oct 2024 11:56:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 185.199.159.0/24 maxlen: 24
185.206.248.0/24 maxlen: 24
185.206.251.0/24 maxlen: 24
185.209.36.0/23 maxlen: 24
185.209.74.0/24 maxlen: 24
185.210.152.0/24 maxlen: 24
185.210.153.0/24 maxlen: 24
185.210.154.0/24 maxlen: 24
185.210.155.0/24 maxlen: 24
185.218.102.0/24 maxlen: 24
185.223.76.0/24 maxlen: 24
185.225.2.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
185.227.145.0/24 maxlen: 24
185.234.20.0/22 maxlen: 24
185.234.23.0/24 maxlen: 24
185.238.228.0/22 maxlen: 24
185.240.120.0/23 maxlen: 24
185.251.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8a:e3:73:3b:ff:57:93:36:ea:79:98:93:88:94:9f:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Oct 14 11:56:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c1873943502de8abd97316ec54ae9e15f615fe0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:79:f8:2b:f5:4a:e5:2f:de:79:92:e7:13:8c:
70:40:dd:6e:b5:8c:b3:b5:74:86:0c:b7:af:2f:8a:
1e:63:f5:bf:e4:a7:2d:c5:4b:11:54:2a:d5:5c:d4:
ed:43:4c:0b:14:f9:c6:a2:da:e7:64:0c:58:86:08:
aa:8d:91:ee:bd:64:c3:42:74:05:72:54:d0:65:c1:
f6:4d:be:04:53:ff:95:5d:a2:89:f9:80:1b:e3:b8:
0a:73:62:b4:88:f1:3e:7d:00:fc:bc:c7:3a:19:38:
20:6e:23:a1:d2:2e:fa:8e:5b:1f:97:4f:37:52:f2:
1a:13:d6:ce:b7:9d:00:78:da:f4:c8:8d:25:8b:10:
fc:20:0a:e8:4b:85:3c:43:78:79:9d:f7:d1:76:82:
05:86:29:19:08:29:9a:2d:eb:12:d9:62:52:3b:f3:
a8:7e:2b:90:6b:ed:ad:f7:59:f2:78:f8:02:97:33:
e1:c6:f8:83:d9:c1:b5:d9:da:43:35:24:a6:7d:d8:
bb:a3:2d:02:38:17:2a:6a:ec:43:e1:f7:fb:3d:c2:
6d:8d:ec:74:6c:21:c3:d1:15:a5:3d:37:c8:a5:45:
28:32:21:f4:11:07:5b:81:1a:b2:04:ab:ac:52:8c:
bf:85:f0:7f:7c:22:09:2b:13:2f:50:7b:13:3d:be:
ca:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:18:73:94:35:02:DE:8A:BD:97:31:6E:C5:4A:E9:E1:5F:61:5F:E0
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/fBhzlDUC3oq9lzFuxUrp4V9hX-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.159.0/24
185.206.248.0/24
185.206.251.0/24
185.209.36.0/23
185.209.74.0/24
185.210.152.0/22
185.218.102.0/24
185.223.76.0/24
185.225.2.0/24
185.226.107.0/24
185.227.145.0/24
185.234.20.0/22
185.238.228.0/22
185.240.120.0/23
185.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:cd:55:dc:4b:41:bb:9f:ff:78:1f:39:9e:3d:3f:61:b8:1f:
0f:87:4f:24:89:2e:db:f2:ad:27:b5:27:e7:04:ba:a6:b7:88:
aa:ba:19:ac:79:a0:09:f4:39:ff:c8:b7:cc:64:17:2e:7c:0b:
37:02:8c:75:5a:22:44:c5:71:04:e4:84:f4:d3:d0:d7:1c:b8:
bd:af:2d:08:8b:7f:4e:4c:54:e7:6c:53:cd:a6:e9:a4:3c:9a:
3f:ed:df:9b:3a:53:20:33:38:85:2c:5e:65:6c:98:d2:0e:d2:
88:04:47:87:f3:76:0f:25:f8:c7:0d:16:a9:fe:35:1c:8e:75:
c1:2a:3c:4f:f1:fc:60:ad:90:80:fd:94:f3:8f:da:ae:ae:ac:
ae:2e:f2:53:fa:50:0d:78:f2:ad:97:ef:6d:db:c0:46:4a:3d:
f3:31:0a:b1:fb:5a:b3:57:26:40:c5:ba:dd:bf:52:e3:5b:9e:
45:71:47:78:8e:7f:e0:93:1a:11:ce:29:34:7d:98:b7:e1:3a:
78:69:a4:85:01:5e:b1:fe:ba:ad:d9:9a:2c:10:0c:64:75:a2:
ec:9c:bc:27:d1:d6:05:ac:71:1b:80:fe:b9:74:95:48:be:ec:
e2:93:27:40:a8:fa:e1:d4:b8:70:b3:83:9f:d7:f4:08:36:fe:
ec:8d:3e:20
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZKK43M7/1eTNup5mJOIlJ+6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQxMDE0MTE1NjU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzE4NzM5NDM1MDJkZThhYmQ5NzMxNmVjNTRhZTllMTVmNjE1ZmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXn4K/VK5S/eeZLnE4xwQN1utYyz
tXSGDLevL4oeY/W/5KctxUsRVCrVXNTtQ0wLFPnGotrnZAxYhgiqjZHuvWTDQnQF
clTQZcH2Tb4EU/+VXaKJ+YAb47gKc2K0iPE+fQD8vMc6GTggbiOh0i76jlsfl083
UvIaE9bOt50AeNr0yI0lixD8IAroS4U8Q3h5nffRdoIFhikZCCmaLesS2WJSO/Oo
fiuQa+2t91nyePgClzPhxviD2cG12dpDNSSmfdi7oy0COBcqauxD4ff7PcJtjex0
bCHD0RWlPTfIpUUoMiH0EQdbgRqyBKusUoy/hfB/fCIJKxMvUHsTPb7KQQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFHwYc5Q1At6KvZcxbsVK6eFfYV/gMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvZkJoemxEVUMzb3E5bHpGdXhVcnA0VjloWC1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAucefAwQA
uc74AwQAuc77AwQBudEkAwQAudFKAwQCudKYAwQAudpmAwQAud9MAwQAueECAwQA
ueJrAwQAueORAwQCueoUAwQCue7kAwQBufB4AwQAufvnMA0GCSqGSIb3DQEBCwUA
A4IBAQC6zVXcS0G7n/94HzmePT9huB8Ph08kiS7b8q0ntSfnBLqmt4iquhmseaAJ
9Dn/yLfMZBcufAs3Aox1WiJExXEE5IT009DXHLi9ry0Ii39OTFTnbFPNpumkPJo/
7d+bOlMgMziFLF5lbJjSDtKIBEeH83YPJfjHDRap/jUcjnXBKjxP8fxgrZCA/ZTz
j9qurqyuLvJT+lANePKtl+9t28BGSj3zMQqx+1qzVyZAxbrdv1LjW55FcUd4jn/g
kxoRzik0fZi34Tp4aaSFAV6x/rqt2ZosEAxkdaLsnLwn0dYFrHEbgP65dJVIvuzi
kydAqPrh1Lhws4Of1/QINv7sjT4g
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:27:31 2024 by rpki-client on console-ams.rpki-client.org