Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/7c1727-9eaf-49c9-aafc-f99453a95a99/1/YYLnpiOtsdNraYy3ykCP3me9_d0.roa
File: YYLnpiOtsdNraYy3ykCP3me9_d0.roa (raw, json)
Hash identifier: Z2+aG3QOGufBHYy7yM6ZHwElru6zT5L16YKUTxlePLo=
Subject key identifier: 61:82:E7:A6:23:AD:B1:D3:6B:69:8C:B7:CA:40:8F:DE:67:BD:FD:DD
Certificate issuer: /CN=3b5fc69b7c6ee869930ce0b8391ee5d84c53494a
Certificate serial: 019427488573CC6BD5EA44DC56B7FB832257
Authority key identifier: 3B:5F:C6:9B:7C:6E:E8:69:93:0C:E0:B8:39:1E:E5:D8:4C:53:49:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O1_Gm3xu6GmTDOC4OR7l2ExTSUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/7c1727-9eaf-49c9-aafc-f99453a95a99/1/YYLnpiOtsdNraYy3ykCP3me9_d0.roa
Signing time: Thu 02 Jan 2025 13:50:51 +0000
ROA not before: Thu 02 Jan 2025 13:50:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 91.211.196.0/22 maxlen: 24
193.109.152.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/7c1727-9eaf-49c9-aafc-f99453a95a99/1/O1_Gm3xu6GmTDOC4OR7l2ExTSUo.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/7c1727-9eaf-49c9-aafc-f99453a95a99/1/O1_Gm3xu6GmTDOC4OR7l2ExTSUo.mft
rsync://rpki.ripe.net/repository/DEFAULT/O1_Gm3xu6GmTDOC4OR7l2ExTSUo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:85:73:cc:6b:d5:ea:44:dc:56:b7:fb:83:22:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b5fc69b7c6ee869930ce0b8391ee5d84c53494a
Validity
Not Before: Jan 2 13:50:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6182e7a623adb1d36b698cb7ca408fde67bdfddd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:0d:a0:c7:b5:3e:4e:f1:db:d9:33:da:ed:09:
52:f5:d5:0c:e9:b5:a9:c0:00:a9:64:6b:e9:96:e3:
79:c8:fb:69:2c:76:d0:fc:0b:8a:b9:4b:f7:6d:8d:
84:4a:2e:4f:4a:78:55:13:11:2f:2c:fc:9f:ce:97:
b4:de:14:3f:fa:41:bf:2b:a5:8b:8b:30:ee:bf:d7:
a0:41:10:23:6c:5e:2d:b7:0a:6e:ba:cd:1e:5c:a1:
67:3e:f3:e8:ab:b1:44:b2:b6:98:d0:c6:2f:61:75:
ec:38:b5:e2:7b:c1:ee:c0:0e:06:46:a5:d5:83:15:
64:66:5e:a8:01:d0:10:ea:b5:e7:af:47:60:83:10:
24:a7:cd:10:45:3c:7b:56:89:20:b5:3d:b3:87:2c:
7b:08:2c:f3:77:a9:34:70:69:2a:a9:97:85:17:e2:
53:3c:e9:5e:17:fd:4b:35:2a:b6:ea:0b:80:ba:5a:
46:da:7d:62:e1:9b:91:c5:d5:9c:a9:22:8c:e2:d7:
6d:0e:26:fa:0f:51:60:59:9e:24:3f:33:b4:46:96:
40:24:e5:e3:12:17:ca:fd:59:fb:49:e6:bb:3c:10:
9b:4a:75:af:54:6e:b3:46:16:95:d0:78:43:ac:a2:
65:53:c1:d7:bd:6a:d9:53:7f:8d:b7:d0:ec:60:4b:
cc:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:82:E7:A6:23:AD:B1:D3:6B:69:8C:B7:CA:40:8F:DE:67:BD:FD:DD
X509v3 Authority Key Identifier:
keyid:3B:5F:C6:9B:7C:6E:E8:69:93:0C:E0:B8:39:1E:E5:D8:4C:53:49:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1_Gm3xu6GmTDOC4OR7l2ExTSUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/7c1727-9eaf-49c9-aafc-f99453a95a99/1/YYLnpiOtsdNraYy3ykCP3me9_d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/7c1727-9eaf-49c9-aafc-f99453a95a99/1/O1_Gm3xu6GmTDOC4OR7l2ExTSUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.196.0/22
193.109.152.0/21
Signature Algorithm: sha256WithRSAEncryption
41:aa:ef:ce:b0:c0:c5:a5:2a:15:90:d7:c0:81:c2:67:aa:82:
27:60:d0:77:a2:3f:2b:a0:31:d6:66:e4:ee:63:c5:8a:cb:9e:
20:38:42:c6:47:ae:9d:fb:10:7e:80:27:f6:1c:b7:3a:fb:09:
d2:89:5b:19:c9:6a:8d:f3:53:cc:ae:64:f7:cd:34:db:65:ef:
2b:df:fe:af:29:52:7a:b7:48:f3:a9:06:8e:51:aa:10:ce:55:
88:8f:6a:cd:54:81:1b:8a:4f:e4:46:da:46:2d:12:d3:3a:e3:
93:ab:c1:63:19:26:f9:9d:89:20:15:e8:01:65:38:c7:7b:f5:
22:a0:67:e3:6e:78:07:e0:d4:e5:63:63:9d:eb:59:5c:da:d9:
cc:62:4a:8e:01:27:08:f8:0f:e1:a2:ca:e5:84:dc:c6:3f:d6:
98:fc:cd:da:1c:81:73:76:23:6f:59:74:96:a2:76:b2:03:d3:
1f:28:e0:0f:6f:53:9f:23:6e:23:7f:76:03:24:4f:1b:33:c5:
6f:e5:a5:eb:b3:0c:3a:48:68:e0:a3:34:c8:65:3d:60:41:5d:
b2:38:0b:1d:1d:97:da:10:dd:d8:35:e3:2b:d9:f5:3a:d9:a4:
08:2c:ad:de:0d:54:87:52:78:36:09:0a:bb:5a:6a:4b:36:bc:
d2:6a:96:b7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnSIVzzGvV6kTcVrf7gyJXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNWZjNjliN2M2ZWU4Njk5MzBjZTBiODM5MWVlNWQ4NGM1
MzQ5NGEwHhcNMjUwMTAyMTM1MDUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTgyZTdhNjIzYWRiMWQzNmI2OThjYjdjYTQwOGZkZTY3YmRmZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQ2gx7U+TvHb2TPa7QlS9dUM6bWp
wACpZGvpluN5yPtpLHbQ/AuKuUv3bY2ESi5PSnhVExEvLPyfzpe03hQ/+kG/K6WL
izDuv9egQRAjbF4ttwpuus0eXKFnPvPoq7FEsraY0MYvYXXsOLXie8HuwA4GRqXV
gxVkZl6oAdAQ6rXnr0dggxAkp80QRTx7VokgtT2zhyx7CCzzd6k0cGkqqZeFF+JT
POleF/1LNSq26guAulpG2n1i4ZuRxdWcqSKM4tdtDib6D1FgWZ4kPzO0RpZAJOXj
EhfK/Vn7Sea7PBCbSnWvVG6zRhaV0HhDrKJlU8HXvWrZU3+Nt9DsYEvMcwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGGC56YjrbHTa2mMt8pAj95nvf3dMB8GA1UdIwQY
MBaAFDtfxpt8buhpkwzguDke5dhMU0lKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzFfR20zeHU2R21URE9DNE9SN2wyRXhUU1VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC83YzE3MjctOWVhZi00OWM5LWFhZmMt
Zjk5NDUzYTk1YTk5LzEvWVlMbnBpT3RzZE5yYVl5M3lrQ1AzbWU5X2QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC83YzE3MjctOWVhZi00OWM5LWFhZmMtZjk5NDUzYTk1YTk5
LzEvTzFfR20zeHU2R21URE9DNE9SN2wyRXhUU1VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW9PEAwQD
wW2YMA0GCSqGSIb3DQEBCwUAA4IBAQBBqu/OsMDFpSoVkNfAgcJnqoInYNB3oj8r
oDHWZuTuY8WKy54gOELGR66d+xB+gCf2HLc6+wnSiVsZyWqN81PMrmT3zTTbZe8r
3/6vKVJ6t0jzqQaOUaoQzlWIj2rNVIEbik/kRtpGLRLTOuOTq8FjGSb5nYkgFegB
ZTjHe/UioGfjbngH4NTlY2Od61lc2tnMYkqOAScI+A/hosrlhNzGP9aY/M3aHIFz
diNvWXSWonayA9MfKOAPb1OfI24jf3YDJE8bM8Vv5aXrsww6SGjgozTIZT1gQV2y
OAsdHZfaEN3YNeMr2fU62aQILK3eDVSHUng2CQq7WmpLNrzSapa3
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:20:40 2025 by rpki-client