Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/e9146a-8ec9-4c31-ad9e-ad256643052b/1/71G2hKW37Db5RPQcv4tV3_GUHB4.roa
File: 71G2hKW37Db5RPQcv4tV3_GUHB4.roa (raw, json)
Hash identifier: z0s/EH6YT613YZz8JCVXAuX4q6FxtjV70p6z+vDRwbk=
Subject key identifier: EF:51:B6:84:A5:B7:EC:36:F9:44:F4:1C:BF:8B:55:DF:F1:94:1C:1E
Certificate issuer: /CN=b81b03e22875bb070b1b7c58eada2e4bb1aabe7f
Certificate serial: 0192507FB59868F48067E5191149CA995019
Authority key identifier: B8:1B:03:E2:28:75:BB:07:0B:1B:7C:58:EA:DA:2E:4B:B1:AA:BE:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uBsD4ih1uwcLG3xY6touS7Gqvn8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/e9146a-8ec9-4c31-ad9e-ad256643052b/1/71G2hKW37Db5RPQcv4tV3_GUHB4.roa
Signing time: Thu 03 Oct 2024 03:49:59 +0000
ROA not before: Thu 03 Oct 2024 03:49:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202377
IP address blocks: 185.255.140.0/22 maxlen: 22
185.255.140.0/24 maxlen: 24
185.255.141.0/24 maxlen: 24
185.255.142.0/23 maxlen: 23
2a0c:6540::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/e9146a-8ec9-4c31-ad9e-ad256643052b/1/uBsD4ih1uwcLG3xY6touS7Gqvn8.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/e9146a-8ec9-4c31-ad9e-ad256643052b/1/uBsD4ih1uwcLG3xY6touS7Gqvn8.mft
rsync://rpki.ripe.net/repository/DEFAULT/uBsD4ih1uwcLG3xY6touS7Gqvn8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:50:7f:b5:98:68:f4:80:67:e5:19:11:49:ca:99:50:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b81b03e22875bb070b1b7c58eada2e4bb1aabe7f
Validity
Not Before: Oct 3 03:49:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef51b684a5b7ec36f944f41cbf8b55dff1941c1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:c6:0f:33:ba:48:71:d3:b9:79:22:51:5f:90:
0d:9a:65:48:3b:aa:ee:e3:8c:e3:e9:61:d1:f0:9e:
36:8b:ad:fd:a9:78:ec:af:50:79:13:71:91:d5:df:
3e:37:9f:43:28:fe:97:db:7a:bf:40:7e:bd:e7:d1:
f7:cf:f8:5b:b3:1f:97:27:6d:84:72:26:46:ba:41:
29:f0:94:d0:f3:8f:8e:6d:99:15:cf:4d:01:a8:c9:
45:46:48:a8:7f:5f:b2:fa:86:6f:61:15:a0:f2:1d:
d5:c1:12:41:a2:00:25:68:28:3b:2e:5c:26:b8:c7:
d9:6b:13:ae:18:00:15:c9:db:9f:80:db:b7:39:fd:
0b:b2:52:7f:0c:c6:9f:5e:74:93:10:0e:be:59:de:
e8:cb:33:85:41:47:25:f0:3c:b1:26:a6:35:6c:2d:
0b:25:46:93:bc:24:ff:2a:40:39:22:25:02:83:7e:
ea:82:5c:b1:1a:32:d9:72:b4:83:1b:12:8f:ff:c1:
8a:46:2a:a6:ba:d5:f9:8f:e3:ff:8c:3a:87:5a:df:
38:87:6b:0d:e2:a0:96:51:7a:b9:52:8b:70:f5:97:
c2:80:99:d4:22:d5:38:dd:18:e8:1e:05:12:4b:f7:
21:20:12:17:a4:0b:f3:21:f3:d5:e6:a5:99:a0:2f:
5f:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:51:B6:84:A5:B7:EC:36:F9:44:F4:1C:BF:8B:55:DF:F1:94:1C:1E
X509v3 Authority Key Identifier:
keyid:B8:1B:03:E2:28:75:BB:07:0B:1B:7C:58:EA:DA:2E:4B:B1:AA:BE:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uBsD4ih1uwcLG3xY6touS7Gqvn8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/e9146a-8ec9-4c31-ad9e-ad256643052b/1/71G2hKW37Db5RPQcv4tV3_GUHB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/e9146a-8ec9-4c31-ad9e-ad256643052b/1/uBsD4ih1uwcLG3xY6touS7Gqvn8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.140.0/22
IPv6:
2a0c:6540::/32
Signature Algorithm: sha256WithRSAEncryption
13:80:dd:5d:51:70:f7:42:fd:4a:c8:c4:8b:06:69:6b:8e:ba:
cd:ed:a9:1f:98:e4:56:4e:78:9d:0d:30:61:1a:e7:6b:b1:f0:
ce:c7:f6:ac:d9:bb:78:75:ac:ca:f6:f6:4e:43:45:cf:53:ce:
07:6d:c1:79:f1:0e:e7:78:61:47:8e:eb:e9:52:98:3e:7a:2a:
3f:9d:6e:67:e0:29:37:71:16:ed:f0:0a:e7:6a:51:99:31:b5:
b3:bf:d4:7e:52:ff:3d:ce:dc:9a:09:5f:42:b3:5e:aa:69:a4:
c1:2e:5e:5a:bf:e7:26:f1:e0:74:bc:f7:c5:4f:8f:58:7b:f2:
ca:6d:c4:5c:a9:4c:28:32:95:ab:73:11:54:bf:ef:cd:bd:ff:
ec:56:fe:ab:9f:b1:54:c3:22:1d:60:3d:42:e2:20:58:9b:ef:
37:23:9d:9c:4e:e0:02:6e:cc:78:76:a4:3a:ea:56:60:f3:32:
cf:12:7c:9e:52:a5:4e:d8:03:93:95:51:1c:f0:ab:33:36:73:
ce:b9:4f:6f:ec:a7:f3:4b:1d:75:be:0c:5c:8b:50:e9:24:d2:
1f:60:c9:91:73:a0:8d:ea:a6:03:4b:5d:fb:c4:a3:01:de:3f:
fa:47:14:1e:94:dd:26:95:7a:af:d6:a3:14:43:87:57:cb:ed:
99:c9:e3:a2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZJQf7WYaPSAZ+UZEUnKmVAZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MWIwM2UyMjg3NWJiMDcwYjFiN2M1OGVhZGEyZTRiYjFh
YWJlN2YwHhcNMjQxMDAzMDM0OTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjUxYjY4NGE1YjdlYzM2Zjk0NGY0MWNiZjhiNTVkZmYxOTQxYzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAysYPM7pIcdO5eSJRX5ANmmVIO6ru
44zj6WHR8J42i639qXjsr1B5E3GR1d8+N59DKP6X23q/QH6959H3z/hbsx+XJ22E
ciZGukEp8JTQ84+ObZkVz00BqMlFRkiof1+y+oZvYRWg8h3VwRJBogAlaCg7Llwm
uMfZaxOuGAAVydufgNu3Of0LslJ/DMafXnSTEA6+Wd7oyzOFQUcl8DyxJqY1bC0L
JUaTvCT/KkA5IiUCg37qglyxGjLZcrSDGxKP/8GKRiqmutX5j+P/jDqHWt84h2sN
4qCWUXq5Uotw9ZfCgJnUItU43RjoHgUSS/chIBIXpAvzIfPV5qWZoC9fXQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFO9RtoSlt+w2+UT0HL+LVd/xlBweMB8GA1UdIwQY
MBaAFLgbA+IodbsHCxt8WOraLkuxqr5/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUJzRDRpaDF1d2NMRzN4WTZ0b3VTN0dxdm44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9lOTE0NmEtOGVjOS00YzMxLWFkOWUt
YWQyNTY2NDMwNTJiLzEvNzFHMmhLVzM3RGI1UlBRY3Y0dFYzX0dVSEI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9lOTE0NmEtOGVjOS00YzMxLWFkOWUtYWQyNTY2NDMwNTJi
LzEvdUJzRDRpaDF1d2NMRzN4WTZ0b3VTN0dxdm44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuf+MMA0E
AgACMAcDBQAqDGVAMA0GCSqGSIb3DQEBCwUAA4IBAQATgN1dUXD3Qv1KyMSLBmlr
jrrN7akfmORWTnidDTBhGudrsfDOx/as2bt4dazK9vZOQ0XPU84HbcF58Q7neGFH
juvpUpg+eio/nW5n4Ck3cRbt8ArnalGZMbWzv9R+Uv89ztyaCV9Cs16qaaTBLl5a
v+cm8eB0vPfFT49Ye/LKbcRcqUwoMpWrcxFUv+/Nvf/sVv6rn7FUwyIdYD1C4iBY
m+83I52cTuACbsx4dqQ66lZg8zLPEnyeUqVO2AOTlVEc8KszNnPOuU9v7KfzSx11
vgxci1DpJNIfYMmRc6CN6qYDS137xKMB3j/6RxQelN0mlXqv1qMUQ4dXy+2ZyeOi
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:39:30 2024 by rpki-client on console-ams.rpki-client.org