Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/312529-73f6-4809-af9b-e8d70717ff8a/1/Yxb0tQH6JbBw81cjfua2ZA3hME0.roa
File: Yxb0tQH6JbBw81cjfua2ZA3hME0.roa (raw, json)
Hash identifier: 1qK1Iqi1UXJTNMWyoZhJdZYYMS22vHvxVDNnj4Ne+Jk=
Subject key identifier: 63:16:F4:B5:01:FA:25:B0:70:F3:57:23:7E:E6:B6:64:0D:E1:30:4D
Certificate issuer: /CN=6665dd97665a23b1b183e223822b66b5ae536a2f
Certificate serial: 018D44CE10779B900891145BE3A488E8C1A8
Authority key identifier: 66:65:DD:97:66:5A:23:B1:B1:83:E2:23:82:2B:66:B5:AE:53:6A:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZmXdl2ZaI7Gxg-Ijgitmta5Tai8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/312529-73f6-4809-af9b-e8d70717ff8a/1/Yxb0tQH6JbBw81cjfua2ZA3hME0.roa
Signing time: Fri 26 Jan 2024 08:06:11 +0000
ROA not before: Fri 26 Jan 2024 08:06:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396982
IP address blocks: 5.198.136.0/24 maxlen: 24
5.198.140.0/24 maxlen: 24
5.198.142.0/24 maxlen: 24
5.198.143.0/24 maxlen: 24
188.92.136.0/24 maxlen: 24
188.92.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/312529-73f6-4809-af9b-e8d70717ff8a/1/ZmXdl2ZaI7Gxg-Ijgitmta5Tai8.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/312529-73f6-4809-af9b-e8d70717ff8a/1/ZmXdl2ZaI7Gxg-Ijgitmta5Tai8.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZmXdl2ZaI7Gxg-Ijgitmta5Tai8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:44:ce:10:77:9b:90:08:91:14:5b:e3:a4:88:e8:c1:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6665dd97665a23b1b183e223822b66b5ae536a2f
Validity
Not Before: Jan 26 08:06:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6316f4b501fa25b070f357237ee6b6640de1304d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c0:d2:62:8d:06:6e:27:81:fd:84:d8:df:c4:
8c:9b:20:ee:ae:db:e6:7c:59:62:47:71:ec:d2:ec:
3b:66:05:1c:09:68:5c:25:f3:5c:f2:6f:52:f9:ca:
cd:c5:96:94:18:ac:e8:48:28:84:93:b4:b1:c5:15:
a4:d0:c6:e4:64:d8:7b:16:05:c6:9d:f5:38:94:a3:
7a:0f:ad:53:5d:36:45:4e:cb:e1:56:a5:62:54:fa:
5e:fc:af:24:61:5a:2a:9d:91:83:c7:0a:f2:9a:10:
90:8b:8b:e5:b5:17:1f:cb:f3:2d:57:2b:6e:9a:b1:
66:62:3e:df:b0:4a:95:d4:ce:ab:8e:bc:d8:13:9a:
18:cf:f3:cc:41:a8:52:b1:54:fb:64:a6:97:41:72:
9f:7c:37:82:86:9c:4b:a1:73:40:cf:f1:63:de:3d:
9e:98:b0:b5:58:35:46:f4:8e:07:05:10:62:8a:0b:
ee:3c:24:a0:23:96:79:66:13:82:fd:7e:89:7e:c3:
dd:1c:9d:fe:8d:a4:18:29:5b:6d:38:67:28:fd:35:
f6:5d:1a:94:e7:1a:06:a0:0c:6d:0b:67:44:16:90:
5c:86:d8:b0:41:43:53:9b:23:84:58:e8:ae:ad:ca:
fa:c7:64:ea:64:39:97:7f:77:04:dc:94:6b:50:fc:
98:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:16:F4:B5:01:FA:25:B0:70:F3:57:23:7E:E6:B6:64:0D:E1:30:4D
X509v3 Authority Key Identifier:
keyid:66:65:DD:97:66:5A:23:B1:B1:83:E2:23:82:2B:66:B5:AE:53:6A:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZmXdl2ZaI7Gxg-Ijgitmta5Tai8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/312529-73f6-4809-af9b-e8d70717ff8a/1/Yxb0tQH6JbBw81cjfua2ZA3hME0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/312529-73f6-4809-af9b-e8d70717ff8a/1/ZmXdl2ZaI7Gxg-Ijgitmta5Tai8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.198.136.0/24
5.198.140.0/24
5.198.142.0/23
188.92.136.0/23
Signature Algorithm: sha256WithRSAEncryption
7b:c0:77:b2:41:de:ae:6d:cc:2c:47:b7:da:56:93:57:d2:0d:
bf:9d:96:69:02:c4:21:af:94:41:47:e9:6a:ed:99:58:2e:b3:
55:c5:8c:f6:79:53:b7:95:d9:cf:e7:7e:bf:a3:c6:fe:42:29:
2e:37:03:89:35:02:b8:bc:cf:25:bd:38:13:b4:c1:10:f7:0c:
4e:22:4a:fc:e2:97:5c:70:bb:7b:29:0e:71:d4:bd:e4:7d:06:
1a:34:61:fb:88:b9:ed:a2:75:5f:c1:ca:18:80:9a:7a:ed:dc:
38:86:6f:49:39:77:3b:2e:bb:15:e2:27:a9:75:b4:1e:87:d4:
33:a5:65:cd:c5:3d:31:1c:7d:f0:b2:06:d9:71:18:01:38:5e:
2d:6c:05:43:36:c2:a4:72:3e:e6:71:17:1c:79:1c:b1:ac:62:
69:21:38:81:5e:42:7b:d3:1c:c4:d4:a1:a5:d5:2a:d5:b5:23:
c3:17:c1:c3:88:a0:92:0f:aa:c0:bd:1c:ee:78:27:e7:fb:eb:
57:14:7f:89:73:97:66:52:e8:0c:cc:b3:e1:8e:5f:8a:ed:cc:
32:8d:0b:77:29:21:23:2c:b1:0d:92:ac:89:c5:b1:ed:10:d4:
c8:8c:e4:ff:07:7f:d2:67:ab:8b:48:22:97:94:92:6f:db:ac:
2b:8d:b5:59
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY1EzhB3m5AIkRRb46SI6MGoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NjVkZDk3NjY1YTIzYjFiMTgzZTIyMzgyMmI2NmI1YWU1
MzZhMmYwHhcNMjQwMTI2MDgwNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzE2ZjRiNTAxZmEyNWIwNzBmMzU3MjM3ZWU2YjY2NDBkZTEzMDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8DSYo0GbieB/YTY38SMmyDurtvm
fFliR3Hs0uw7ZgUcCWhcJfNc8m9S+crNxZaUGKzoSCiEk7SxxRWk0MbkZNh7FgXG
nfU4lKN6D61TXTZFTsvhVqViVPpe/K8kYVoqnZGDxwrymhCQi4vltRcfy/MtVytu
mrFmYj7fsEqV1M6rjrzYE5oYz/PMQahSsVT7ZKaXQXKffDeChpxLoXNAz/Fj3j2e
mLC1WDVG9I4HBRBiigvuPCSgI5Z5ZhOC/X6JfsPdHJ3+jaQYKVttOGco/TX2XRqU
5xoGoAxtC2dEFpBchtiwQUNTmyOEWOiurcr6x2TqZDmXf3cE3JRrUPyYPwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGMW9LUB+iWwcPNXI37mtmQN4TBNMB8GA1UdIwQY
MBaAFGZl3ZdmWiOxsYPiI4IrZrWuU2ovMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm1YZGwyWmFJN0d4Zy1JamdpdG10YTVUYWk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8zMTI1MjktNzNmNi00ODA5LWFmOWIt
ZThkNzA3MTdmZjhhLzEvWXhiMHRRSDZKYkJ3ODFjamZ1YTJaQTNoTUUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS8zMTI1MjktNzNmNi00ODA5LWFmOWItZThkNzA3MTdmZjhh
LzEvWm1YZGwyWmFJN0d4Zy1JamdpdG10YTVUYWk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABcaIAwQA
BcaMAwQBBcaOAwQBvFyIMA0GCSqGSIb3DQEBCwUAA4IBAQB7wHeyQd6ubcwsR7fa
VpNX0g2/nZZpAsQhr5RBR+lq7ZlYLrNVxYz2eVO3ldnP536/o8b+QikuNwOJNQK4
vM8lvTgTtMEQ9wxOIkr84pdccLt7KQ5x1L3kfQYaNGH7iLntonVfwcoYgJp67dw4
hm9JOXc7LrsV4iepdbQeh9QzpWXNxT0xHH3wsgbZcRgBOF4tbAVDNsKkcj7mcRcc
eRyxrGJpITiBXkJ70xzE1KGl1SrVtSPDF8HDiKCSD6rAvRzueCfn++tXFH+Jc5dm
UugMzLPhjl+K7cwyjQt3KSEjLLENkqyJxbHtENTIjOT/B3/SZ6uLSCKXlJJv26wr
jbVZ
-----END CERTIFICATE-----
Generated at Sun May 5 21:24:02 2024 by rpki-client on console-ams.rpki-client.org