Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/f6b173-912c-4151-bac5-4c8883327a2a/1/aOu60CyJYFTGMdUiw33yXqgfGfs.roa
File: aOu60CyJYFTGMdUiw33yXqgfGfs.roa (raw, json)
Hash identifier: CBKqIw1ciAZxXCM35i6svB7mFgi8ZsCrwdIdQTmIcq8=
Subject key identifier: 68:EB:BA:D0:2C:89:60:54:C6:31:D5:22:C3:7D:F2:5E:A8:1F:19:FB
Certificate issuer: /CN=07e5c4e4be3b8cbde0eae9460a11032d6a64ab71
Certificate serial: 018CCA29B50FE2A9C083F83E9AEDC28DDD75
Authority key identifier: 07:E5:C4:E4:BE:3B:8C:BD:E0:EA:E9:46:0A:11:03:2D:6A:64:AB:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B-XE5L47jL3g6ulGChEDLWpkq3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/f6b173-912c-4151-bac5-4c8883327a2a/1/aOu60CyJYFTGMdUiw33yXqgfGfs.roa
Signing time: Tue 02 Jan 2024 12:33:00 +0000
ROA not before: Tue 02 Jan 2024 12:33:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56611
IP address blocks: 185.173.232.0/24 maxlen: 24
185.173.233.0/24 maxlen: 24
185.173.234.0/24 maxlen: 24
80.82.71.0/24 maxlen: 24
80.82.75.0/24 maxlen: 24
80.82.72.0/24 maxlen: 24
2a02:6c8::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/f6b173-912c-4151-bac5-4c8883327a2a/1/B-XE5L47jL3g6ulGChEDLWpkq3E.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/f6b173-912c-4151-bac5-4c8883327a2a/1/B-XE5L47jL3g6ulGChEDLWpkq3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/B-XE5L47jL3g6ulGChEDLWpkq3E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 May 2024 05:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:b5:0f:e2:a9:c0:83:f8:3e:9a:ed:c2:8d:dd:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07e5c4e4be3b8cbde0eae9460a11032d6a64ab71
Validity
Not Before: Jan 2 12:33:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68ebbad02c896054c631d522c37df25ea81f19fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:9c:79:81:ab:1e:94:be:73:a3:66:c0:f8:7b:
6e:24:39:7a:4c:11:a4:5d:3d:fa:38:be:a5:82:08:
f4:7f:9a:2a:6e:af:66:e0:7b:87:1d:c7:7a:44:66:
eb:04:ee:64:88:7b:66:64:73:4c:a3:c3:44:ce:b8:
cd:89:90:a8:cc:ea:f3:c6:2a:d0:38:63:29:45:3a:
9d:d9:a6:cb:3f:ef:bc:be:9f:43:d6:53:d2:6a:44:
6f:6a:b7:4a:de:34:9f:fc:c6:86:34:54:0b:6b:62:
51:9b:3e:e0:3b:42:6c:a1:08:dd:9d:bb:a6:de:78:
d6:02:35:40:4a:cc:b4:ad:61:82:c4:ab:c1:f5:db:
06:cb:7c:a2:cb:d0:aa:c3:01:4b:57:9b:42:34:28:
eb:76:f2:79:07:05:41:3a:28:b7:68:45:29:5c:c7:
0c:07:5b:93:d4:ff:67:df:e7:dc:36:93:b6:e9:4d:
a3:14:eb:5f:a3:d8:45:cc:d3:8b:84:e1:68:94:8c:
88:60:10:ab:ed:c5:03:34:11:6a:ea:8b:25:ff:a5:
cc:2b:3a:d1:45:f4:c0:7d:22:4d:3f:72:20:49:b1:
bc:44:06:bd:33:15:30:cb:ed:23:e5:0e:b6:58:8c:
0a:15:41:dc:ec:7c:57:73:7c:84:54:93:8c:3c:55:
e9:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:EB:BA:D0:2C:89:60:54:C6:31:D5:22:C3:7D:F2:5E:A8:1F:19:FB
X509v3 Authority Key Identifier:
keyid:07:E5:C4:E4:BE:3B:8C:BD:E0:EA:E9:46:0A:11:03:2D:6A:64:AB:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B-XE5L47jL3g6ulGChEDLWpkq3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/f6b173-912c-4151-bac5-4c8883327a2a/1/aOu60CyJYFTGMdUiw33yXqgfGfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/f6b173-912c-4151-bac5-4c8883327a2a/1/B-XE5L47jL3g6ulGChEDLWpkq3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.82.71.0-80.82.72.255
80.82.75.0/24
185.173.232.0-185.173.234.255
IPv6:
2a02:6c8::/33
Signature Algorithm: sha256WithRSAEncryption
4b:75:47:3c:82:e0:80:f2:82:d2:de:3d:43:22:fc:80:fa:b0:
41:1d:09:dc:2c:81:75:b9:db:63:40:8e:73:4f:81:0e:ee:bd:
ab:8b:f0:57:f9:9c:2a:ff:ed:4b:fc:18:0b:96:4d:ca:83:8b:
d1:71:39:b3:65:45:ae:82:93:23:69:2d:4d:d3:e5:e1:3d:23:
27:81:f9:b2:d2:e9:e8:0a:a4:45:6b:38:33:f4:13:fc:5c:81:
42:53:cf:e1:62:e2:4c:7f:75:cf:69:3f:68:36:6b:30:57:74:
e5:1f:93:be:7e:3c:45:e2:d1:35:f7:de:79:7f:49:40:06:19:
d5:32:db:42:9c:d8:8f:6a:de:7a:3e:79:61:bc:15:e4:d3:80:
bf:ca:a8:97:e3:42:72:88:8e:5d:94:71:b2:95:b1:ae:b0:d9:
ba:15:9b:ed:9f:80:60:c9:11:df:05:93:93:60:a2:c8:55:4a:
8f:21:9d:dc:8d:82:96:5d:7a:a7:f4:61:13:1c:65:22:cf:b8:
3c:ae:6e:a3:f0:00:f1:c5:03:77:ca:85:8d:5c:92:e8:6e:f1:
79:65:39:63:d0:f0:ce:f8:94:a0:24:22:d9:ec:ee:f4:53:8a:
53:d1:32:d7:df:b8:4e:b9:65:1c:10:df:85:20:e3:7c:49:b4:
c3:85:79:69
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYzKKbUP4qnAg/g+mu3Cjd11MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZTVjNGU0YmUzYjhjYmRlMGVhZTk0NjBhMTEwMzJkNmE2
NGFiNzEwHhcNMjQwMTAyMTIzMzAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGViYmFkMDJjODk2MDU0YzYzMWQ1MjJjMzdkZjI1ZWE4MWYxOWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpx5gaselL5zo2bA+HtuJDl6TBGk
XT36OL6lggj0f5oqbq9m4HuHHcd6RGbrBO5kiHtmZHNMo8NEzrjNiZCozOrzxirQ
OGMpRTqd2abLP++8vp9D1lPSakRvardK3jSf/MaGNFQLa2JRmz7gO0JsoQjdnbum
3njWAjVASsy0rWGCxKvB9dsGy3yiy9CqwwFLV5tCNCjrdvJ5BwVBOii3aEUpXMcM
B1uT1P9n3+fcNpO26U2jFOtfo9hFzNOLhOFolIyIYBCr7cUDNBFq6osl/6XMKzrR
RfTAfSJNP3IgSbG8RAa9MxUwy+0j5Q62WIwKFUHc7HxXc3yEVJOMPFXp3wIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFGjrutAsiWBUxjHVIsN98l6oHxn7MB8GA1UdIwQY
MBaAFAflxOS+O4y94OrpRgoRAy1qZKtxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQi1YRTVMNDdqTDNnNnVsR0NoRURMV3BrcTNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9mNmIxNzMtOTEyYy00MTUxLWJhYzUt
NGM4ODgzMzI3YTJhLzEvYU91NjBDeUpZRlRHTWRVaXczM3lYcWdmR2ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9mNmIxNzMtOTEyYy00MTUxLWJhYzUtNGM4ODgzMzI3YTJh
LzEvQi1YRTVMNDdqTDNnNnVsR0NoRURMV3BrcTNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAoBAIAATAiMAwDBABQUkcD
BABQUkgDBABQUkswDAMEA7mt6AMEALmt6jAOBAIAAjAIAwYHKgIGyAAwDQYJKoZI
hvcNAQELBQADggEBAEt1RzyC4IDygtLePUMi/ID6sEEdCdwsgXW522NAjnNPgQ7u
vauL8Ff5nCr/7Uv8GAuWTcqDi9FxObNlRa6CkyNpLU3T5eE9IyeB+bLS6egKpEVr
ODP0E/xcgUJTz+Fi4kx/dc9pP2g2azBXdOUfk75+PEXi0TX33nl/SUAGGdUy20Kc
2I9q3no+eWG8FeTTgL/KqJfjQnKIjl2UcbKVsa6w2boVm+2fgGDJEd8Fk5NgoshV
So8hndyNgpZdeqf0YRMcZSLPuDyubqPwAPHFA3fKhY1ckuhu8XllOWPQ8M74lKAk
Itns7vRTilPRMtffuE65ZRwQ34Ug43xJtMOFeWk=
-----END CERTIFICATE-----
Generated at Sat May 25 14:23:54 2024 by rpki-client on console-ams.rpki-client.org