Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/213464-1ddb-4c60-b57e-9c724f7d1265/1/_f1R0nJa_Km96lMRdkZYtcnBhdg.roa
File: _f1R0nJa_Km96lMRdkZYtcnBhdg.roa (raw, json)
Hash identifier: c7wK0p2aSVdDVjhi/YlYdt6oIemWEX7fVGJgVz5zTu4=
Subject key identifier: FD:FD:51:D2:72:5A:FC:A9:BD:EA:53:11:76:46:58:B5:C9:C1:85:D8
Certificate issuer: /CN=c97ec9a2a4d9d3a2c1c05dabd41a5f9212e2d6cf
Certificate serial: 018CC5DC58D3991369733CF1F568497795D1
Authority key identifier: C9:7E:C9:A2:A4:D9:D3:A2:C1:C0:5D:AB:D4:1A:5F:92:12:E2:D6:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yX7JoqTZ06LBwF2r1BpfkhLi1s8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/213464-1ddb-4c60-b57e-9c724f7d1265/1/_f1R0nJa_Km96lMRdkZYtcnBhdg.roa
Signing time: Mon 01 Jan 2024 16:30:01 +0000
ROA not before: Mon 01 Jan 2024 16:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44979
IP address blocks: 185.111.4.0/24 maxlen: 24
185.111.6.0/24 maxlen: 24
185.111.7.0/24 maxlen: 24
185.111.5.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/213464-1ddb-4c60-b57e-9c724f7d1265/1/yX7JoqTZ06LBwF2r1BpfkhLi1s8.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/213464-1ddb-4c60-b57e-9c724f7d1265/1/yX7JoqTZ06LBwF2r1BpfkhLi1s8.mft
rsync://rpki.ripe.net/repository/DEFAULT/yX7JoqTZ06LBwF2r1BpfkhLi1s8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:58:d3:99:13:69:73:3c:f1:f5:68:49:77:95:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c97ec9a2a4d9d3a2c1c05dabd41a5f9212e2d6cf
Validity
Not Before: Jan 1 16:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fdfd51d2725afca9bdea5311764658b5c9c185d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:0b:f7:8f:53:c4:27:d0:f1:9c:8c:17:34:22:
13:13:b5:f6:90:2e:5d:7c:5a:f6:49:66:ab:20:10:
ac:db:7b:b8:58:54:24:e8:fc:ef:be:e1:a4:62:c4:
11:f5:d3:fd:7b:d2:63:a4:65:e0:9e:98:a7:aa:fb:
70:4b:7b:a6:a8:1f:ed:4a:35:68:1e:66:7d:5c:61:
4f:57:7b:86:88:66:05:1b:d1:92:ae:3c:e7:f8:27:
08:47:33:bd:60:24:6d:54:4b:46:42:3d:37:71:89:
22:e2:41:d4:3b:49:cf:7e:a9:b1:07:ff:8f:66:f2:
b8:20:cd:79:31:89:db:53:bd:64:72:b5:c0:b9:67:
3f:58:ca:94:b3:69:eb:70:b9:bf:02:14:db:ad:24:
7c:f4:72:bc:b7:5c:4d:42:25:c9:e6:84:a4:d4:e4:
ec:6b:6d:d9:6e:18:82:c1:e5:f1:39:a6:bf:a3:ea:
e2:57:b1:b0:71:a6:d7:8b:4e:c6:47:1b:4c:29:f2:
42:42:35:0e:ee:bf:60:0c:e5:47:2d:6e:a6:db:e3:
37:b0:12:8a:2e:c2:7e:97:cd:a2:1b:33:3e:d1:56:
d7:ae:ab:a1:35:92:0f:5e:d4:7c:4e:e5:d3:9c:6b:
08:33:e1:44:ae:3f:40:9e:5e:cf:7a:89:4c:3c:26:
bd:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:FD:51:D2:72:5A:FC:A9:BD:EA:53:11:76:46:58:B5:C9:C1:85:D8
X509v3 Authority Key Identifier:
keyid:C9:7E:C9:A2:A4:D9:D3:A2:C1:C0:5D:AB:D4:1A:5F:92:12:E2:D6:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yX7JoqTZ06LBwF2r1BpfkhLi1s8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/213464-1ddb-4c60-b57e-9c724f7d1265/1/_f1R0nJa_Km96lMRdkZYtcnBhdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/213464-1ddb-4c60-b57e-9c724f7d1265/1/yX7JoqTZ06LBwF2r1BpfkhLi1s8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.4.0/22
Signature Algorithm: sha256WithRSAEncryption
94:89:d8:92:45:e6:9b:9a:f0:c4:dd:61:8a:a6:72:79:2b:47:
a1:1d:b7:80:6b:f0:be:53:4d:4b:3f:9b:9c:5f:bc:47:45:a7:
72:c7:4e:e6:8b:55:dc:eb:3f:eb:8d:72:02:77:87:1a:6c:1e:
74:96:20:06:f9:b4:29:67:a8:81:5a:94:c1:ca:42:a7:01:16:
6f:eb:56:aa:1b:8c:a8:db:16:36:fd:53:ce:41:10:b1:5f:5f:
19:ce:da:9a:99:72:e5:10:a1:2b:e4:04:2d:73:fe:0c:9f:2a:
34:64:e2:a6:1a:28:69:7a:7a:82:f8:46:e5:2e:f9:9a:e3:86:
0c:80:83:32:ca:d8:3e:87:67:7f:c6:05:11:e9:c1:97:3e:98:
b5:5c:3d:f9:7d:bb:61:30:25:5a:aa:06:31:75:1d:31:5e:03:
83:a0:0c:68:55:20:73:c0:d9:a6:64:eb:c6:11:0d:77:86:1b:
8b:a1:7c:3a:f2:b0:58:2b:13:41:cf:3b:f0:27:14:52:dc:05:
1b:ca:53:79:e4:97:8f:73:32:c9:0d:6f:6b:b6:27:f8:9d:10:
44:d4:06:45:d1:d1:a1:d1:62:16:91:74:14:b8:01:2b:d2:df:
0f:0a:85:16:38:56:22:6e:f9:dd:b2:0b:88:26:b1:7e:ee:be:
89:c5:62:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3FjTmRNpczzx9WhJd5XRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5N2VjOWEyYTRkOWQzYTJjMWMwNWRhYmQ0MWE1ZjkyMTJl
MmQ2Y2YwHhcNMjQwMTAxMTYzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGZkNTFkMjcyNWFmY2E5YmRlYTUzMTE3NjQ2NThiNWM5YzE4NWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQv3j1PEJ9DxnIwXNCITE7X2kC5d
fFr2SWarIBCs23u4WFQk6PzvvuGkYsQR9dP9e9JjpGXgnpinqvtwS3umqB/tSjVo
HmZ9XGFPV3uGiGYFG9GSrjzn+CcIRzO9YCRtVEtGQj03cYki4kHUO0nPfqmxB/+P
ZvK4IM15MYnbU71kcrXAuWc/WMqUs2nrcLm/AhTbrSR89HK8t1xNQiXJ5oSk1OTs
a23ZbhiCweXxOaa/o+riV7GwcabXi07GRxtMKfJCQjUO7r9gDOVHLW6m2+M3sBKK
LsJ+l82iGzM+0VbXrquhNZIPXtR8TuXTnGsIM+FErj9Anl7PeolMPCa9ZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP39UdJyWvypvepTEXZGWLXJwYXYMB8GA1UdIwQY
MBaAFMl+yaKk2dOiwcBdq9QaX5IS4tbPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVg3Sm9xVFowNkxCd0YycjFCcGZraExpMXM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8yMTM0NjQtMWRkYi00YzYwLWI1N2Ut
OWM3MjRmN2QxMjY1LzEvX2YxUjBuSmFfS205NmxNUmRrWll0Y25CaGRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8yMTM0NjQtMWRkYi00YzYwLWI1N2UtOWM3MjRmN2QxMjY1
LzEveVg3Sm9xVFowNkxCd0YycjFCcGZraExpMXM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuW8EMA0G
CSqGSIb3DQEBCwUAA4IBAQCUidiSReabmvDE3WGKpnJ5K0ehHbeAa/C+U01LP5uc
X7xHRadyx07mi1Xc6z/rjXICd4cabB50liAG+bQpZ6iBWpTBykKnARZv61aqG4yo
2xY2/VPOQRCxX18ZztqamXLlEKEr5AQtc/4Mnyo0ZOKmGihpenqC+EblLvma44YM
gIMyytg+h2d/xgUR6cGXPpi1XD35fbthMCVaqgYxdR0xXgODoAxoVSBzwNmmZOvG
EQ13hhuLoXw68rBYKxNBzzvwJxRS3AUbylN55JePczLJDW9rtif4nRBE1AZF0dGh
0WIWkXQUuAEr0t8PCoUWOFYibvndsguIJrF+7r6JxWKL
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:17:52 2024 by rpki-client on console-fra.rpki-client.org