Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/YvRh5nVaU7K5TXANQLzq2dzn0x4.roa
File: YvRh5nVaU7K5TXANQLzq2dzn0x4.roa (raw, json)
Hash identifier: /v2GM26UAgEo26LyzBlzUgLlrq+4Jdy/et1rP8m/Sl4=
Subject key identifier: 62:F4:61:E6:75:5A:53:B2:B9:4D:70:0D:40:BC:EA:D9:DC:E7:D3:1E
Certificate issuer: /CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac
Certificate serial: 018FA03F5E145058A844AA06461F0BF085C7
Authority key identifier: B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/YvRh5nVaU7K5TXANQLzq2dzn0x4.roa
Signing time: Wed 22 May 2024 12:20:58 +0000
ROA not before: Wed 22 May 2024 12:20:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209420
IP address blocks: 31.207.68.0/24 maxlen: 24
31.207.69.0/24 maxlen: 24
152.89.133.0/24 maxlen: 24
192.145.16.0/23 maxlen: 23
192.145.16.0/24 maxlen: 24
192.145.17.0/24 maxlen: 24
192.145.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.mft
rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 21:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a0:3f:5e:14:50:58:a8:44:aa:06:46:1f:0b:f0:85:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac
Validity
Not Before: May 22 12:20:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62f461e6755a53b2b94d700d40bcead9dce7d31e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:9c:d1:a1:b1:67:0a:a8:0a:c6:68:4e:aa:33:
05:ec:61:31:a8:8a:ed:99:c4:64:25:09:30:7f:19:
5a:ed:58:d9:26:3b:53:3d:60:ad:61:92:cd:e5:de:
ed:bd:5f:00:dc:e6:4d:fe:b6:5b:6b:ec:22:ba:10:
e2:4b:8c:ba:98:f6:59:f1:36:4d:98:79:09:73:2a:
87:63:11:bf:62:f6:5e:b6:44:3c:04:2d:58:a8:3b:
94:29:ab:c1:17:e1:2c:c4:5f:8c:f9:c9:a9:9a:77:
d9:ed:0a:08:04:df:11:f7:ee:a6:ae:b9:cb:9b:c1:
4f:05:26:69:2f:94:b7:b5:44:64:d3:0b:83:a6:05:
7e:ba:54:0b:ec:bd:bc:6e:72:8c:49:93:62:9e:0b:
7e:6e:0b:6d:f5:3e:ec:6f:54:aa:da:f8:c4:ae:71:
37:78:b9:73:ff:06:1b:f8:c6:13:b0:c3:85:7d:14:
ee:84:08:af:ba:0d:14:63:b6:0e:93:87:75:36:5f:
6e:8f:f6:ae:cf:19:8b:42:f0:36:6d:1f:3f:6d:c6:
8f:77:a5:bf:e0:3c:d7:a2:0a:2c:6f:3f:c2:fd:26:
d5:6c:24:a6:b5:03:d4:7e:9d:f7:80:d6:d4:ed:cc:
fa:57:f2:6d:12:cb:f0:7d:34:24:aa:79:13:21:25:
94:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:F4:61:E6:75:5A:53:B2:B9:4D:70:0D:40:BC:EA:D9:DC:E7:D3:1E
X509v3 Authority Key Identifier:
keyid:B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/YvRh5nVaU7K5TXANQLzq2dzn0x4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.207.68.0/23
152.89.133.0/24
192.145.16.0-192.145.18.255
Signature Algorithm: sha256WithRSAEncryption
76:ec:cd:95:51:2c:4e:8a:6d:8d:38:31:e8:65:fe:c9:ef:42:
5e:54:70:81:f2:77:a6:84:5c:71:db:ac:34:ba:0b:97:4a:68:
9a:1f:f0:4b:32:d2:d7:15:6c:d7:57:21:e3:b2:9e:bf:cf:20:
a1:98:4e:17:7c:43:ee:d3:3a:5c:a1:4d:de:6f:24:f8:72:4c:
f0:81:3e:29:3b:10:1b:1e:8b:01:e3:0b:f3:22:17:db:aa:c5:
45:da:91:f9:9c:11:11:e9:01:69:87:5c:54:2d:8c:fc:c1:ab:
cf:ff:38:8c:51:3d:a3:12:a9:74:f7:dd:b8:08:8a:17:3c:9b:
55:49:9d:a1:62:43:81:4a:9c:a8:5d:8e:4c:10:c1:b4:e8:a0:
0f:a2:03:f1:98:59:90:18:b2:a1:cb:51:52:0d:91:ad:57:ec:
2b:39:b4:d5:3c:fe:9a:72:ed:1f:28:17:2c:8a:4b:64:dc:6e:
a3:ff:9a:69:f2:5c:a1:6c:26:5d:4c:f7:71:9c:c2:5b:76:3f:
2c:12:a6:32:ae:bd:d3:5e:27:34:3c:ab:6a:1f:f9:de:f2:5c:
79:74:24:af:07:a5:4e:e3:e3:ab:ab:81:ba:23:48:c3:cf:04:
0b:2f:ac:be:8e:35:b7:57:fd:0d:e7:9b:f0:94:31:d9:dc:d1:
25:fa:d5:ff
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY+gP14UUFioRKoGRh8L8IXHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3MjU4OGMwMGVlZjcxNTgwOWViNWZkZDZkNjcxN2NjMjhj
MGRmYWMwHhcNMjQwNTIyMTIyMDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmY0NjFlNjc1NWE1M2IyYjk0ZDcwMGQ0MGJjZWFkOWRjZTdkMzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZzRobFnCqgKxmhOqjMF7GExqIrt
mcRkJQkwfxla7VjZJjtTPWCtYZLN5d7tvV8A3OZN/rZba+wiuhDiS4y6mPZZ8TZN
mHkJcyqHYxG/YvZetkQ8BC1YqDuUKavBF+EsxF+M+cmpmnfZ7QoIBN8R9+6mrrnL
m8FPBSZpL5S3tURk0wuDpgV+ulQL7L28bnKMSZNingt+bgtt9T7sb1Sq2vjErnE3
eLlz/wYb+MYTsMOFfRTuhAivug0UY7YOk4d1Nl9uj/auzxmLQvA2bR8/bcaPd6W/
4DzXogosbz/C/SbVbCSmtQPUfp33gNbU7cz6V/JtEsvwfTQkqnkTISWUuQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFGL0YeZ1WlOyuU1wDUC86tnc59MeMB8GA1UdIwQY
MBaAFLcliMAO73FYCetf3W1nF8wowN+sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlXSXdBN3ZjVmdKNjFfZGJXY1h6Q2pBMzZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9lYmJhYzktZmVlNy00ZjNiLThjZDUt
N2E0MTI1NGVhYWNhLzEvWXZSaDVuVmFVN0s1VFhBTlFMenEyZHpuMHg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9lYmJhYzktZmVlNy00ZjNiLThjZDUtN2E0MTI1NGVhYWNh
LzEvdHlXSXdBN3ZjVmdKNjFfZGJXY1h6Q2pBMzZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBH89EAwQA
mFmFMAwDBATAkRADBADAkRIwDQYJKoZIhvcNAQELBQADggEBAHbszZVRLE6KbY04
Mehl/snvQl5UcIHyd6aEXHHbrDS6C5dKaJof8Esy0tcVbNdXIeOynr/PIKGYThd8
Q+7TOlyhTd5vJPhyTPCBPik7EBseiwHjC/MiF9uqxUXakfmcERHpAWmHXFQtjPzB
q8//OIxRPaMSqXT33bgIihc8m1VJnaFiQ4FKnKhdjkwQwbTooA+iA/GYWZAYsqHL
UVINka1X7Cs5tNU8/ppy7R8oFyyKS2TcbqP/mmnyXKFsJl1M93Gcwlt2PywSpjKu
vdNeJzQ8q2of+d7yXHl0JK8HpU7j46urgbojSMPPBAsvrL6ONbdX/Q3nm/CUMdnc
0SX61f8=
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:17:25 2024 by rpki-client on console-ams.rpki-client.org