Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/yyP9fmeZAYp1K1vaVu0uJv4Agws.roa
File: yyP9fmeZAYp1K1vaVu0uJv4Agws.roa (raw, json)
Hash identifier: egmTg6Tzum2/xFgjHv1aVGDhof0qC374Rh2lR+uVm0s=
Subject key identifier: CB:23:FD:7E:67:99:01:8A:75:2B:5B:DA:56:ED:2E:26:FE:00:83:0B
Certificate issuer: /CN=8b82433ffe94bf3536fec327543d396158202072
Certificate serial: 019426D9EAC00A80E885D91D0882E39DC091
Authority key identifier: 8B:82:43:3F:FE:94:BF:35:36:FE:C3:27:54:3D:39:61:58:20:20:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i4JDP_6UvzU2_sMnVD05YVggIHI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/yyP9fmeZAYp1K1vaVu0uJv4Agws.roa
Signing time: Thu 02 Jan 2025 11:50:03 +0000
ROA not before: Thu 02 Jan 2025 11:50:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48383
IP address blocks: 217.12.32.0/22 maxlen: 22
217.12.36.0/24 maxlen: 24
217.12.39.0/24 maxlen: 24
217.12.42.0/23 maxlen: 23
217.12.44.0/23 maxlen: 23
217.12.46.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/i4JDP_6UvzU2_sMnVD05YVggIHI.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/i4JDP_6UvzU2_sMnVD05YVggIHI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i4JDP_6UvzU2_sMnVD05YVggIHI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 18:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:ea:c0:0a:80:e8:85:d9:1d:08:82:e3:9d:c0:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b82433ffe94bf3536fec327543d396158202072
Validity
Not Before: Jan 2 11:50:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb23fd7e6799018a752b5bda56ed2e26fe00830b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e9:4d:a5:b8:00:bc:8c:b4:7f:f1:30:cd:48:
2b:9a:ae:9b:74:12:67:3f:d4:a8:f0:72:20:dd:49:
b0:38:0a:a5:54:40:49:1a:d9:5b:91:86:19:6b:9a:
b7:12:68:67:ab:79:35:a1:ed:00:ce:2d:79:c3:3a:
32:99:09:a8:0e:0f:53:ba:0b:96:aa:40:50:25:03:
5f:53:f8:a5:ea:b3:ec:a0:b9:a7:6e:48:84:bb:44:
dd:8d:ed:01:0a:1c:e5:98:f8:8a:45:06:dd:4a:df:
a4:b3:53:0a:ba:e7:fb:7a:23:c2:0e:8b:f1:6e:e9:
28:88:20:be:e9:db:de:68:94:c4:82:b5:be:ed:02:
10:76:72:3e:4d:0a:8d:f6:59:bf:67:48:f8:a2:03:
85:08:73:94:b3:16:f5:a3:48:4c:fa:f2:c7:bb:d4:
bb:9d:1b:9b:93:c3:12:8c:1e:56:02:ff:b9:b7:b3:
87:d0:70:6d:a4:1e:4d:90:f9:8f:28:6b:a4:f4:e3:
1b:de:05:ee:e4:4e:cd:d7:99:46:4a:7c:bc:4a:f1:
39:22:29:ed:a8:28:6c:65:a2:57:0f:15:75:e2:dc:
2e:c1:25:48:23:80:44:55:76:0c:a9:1f:b9:a0:1c:
64:30:60:ca:a0:06:24:c0:6f:16:4a:d9:98:79:c0:
d3:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:23:FD:7E:67:99:01:8A:75:2B:5B:DA:56:ED:2E:26:FE:00:83:0B
X509v3 Authority Key Identifier:
keyid:8B:82:43:3F:FE:94:BF:35:36:FE:C3:27:54:3D:39:61:58:20:20:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i4JDP_6UvzU2_sMnVD05YVggIHI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/yyP9fmeZAYp1K1vaVu0uJv4Agws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/i4JDP_6UvzU2_sMnVD05YVggIHI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.12.32.0-217.12.36.255
217.12.39.0/24
217.12.42.0-217.12.47.255
Signature Algorithm: sha256WithRSAEncryption
87:ac:8d:aa:95:3a:8f:3f:81:a2:77:81:94:7a:8e:e9:07:08:
e3:cb:1f:3a:3e:f7:5b:62:72:fb:53:c3:cc:e1:17:7a:13:0b:
61:9e:44:0a:67:72:38:f9:2a:94:78:72:1d:3f:42:44:41:6c:
55:e5:74:29:bf:a6:84:e6:76:87:f6:d1:23:94:d6:30:a1:de:
63:7f:99:f4:55:6b:64:b4:6f:11:66:d5:42:78:3e:5c:d2:07:
83:4d:15:0d:dc:0d:a3:4a:be:3b:80:cd:34:2a:52:65:13:fb:
a2:05:26:8e:ea:bc:52:cc:6a:8e:0b:29:a5:2f:fe:1f:55:1f:
db:73:72:53:58:0d:45:f0:88:45:56:c9:c1:00:8c:25:c5:a1:
e6:78:7e:02:64:b7:61:19:f5:28:04:b6:45:4a:34:77:85:cc:
bc:00:d3:9e:f0:0d:a2:10:9c:db:6e:47:07:22:e7:c0:56:8e:
60:07:18:d9:4c:67:6a:e0:ff:86:06:10:ab:4d:34:5a:59:5d:
be:13:c5:0a:9b:e8:10:02:82:5f:01:e8:9d:bc:1c:e3:ad:ae:
50:03:f5:91:10:1f:50:3f:09:1b:2b:3e:a2:f0:0d:60:ed:92:
bf:7b:f6:44:88:25:fd:49:dd:a1:a6:26:7c:b3:f3:31:95:fd:
ea:e0:df:80
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQm2erACoDohdkdCILjncCRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiODI0MzNmZmU5NGJmMzUzNmZlYzMyNzU0M2QzOTYxNTgy
MDIwNzIwHhcNMjUwMTAyMTE1MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjIzZmQ3ZTY3OTkwMThhNzUyYjViZGE1NmVkMmUyNmZlMDA4MzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnulNpbgAvIy0f/EwzUgrmq6bdBJn
P9So8HIg3UmwOAqlVEBJGtlbkYYZa5q3Emhnq3k1oe0Azi15wzoymQmoDg9TuguW
qkBQJQNfU/il6rPsoLmnbkiEu0Tdje0BChzlmPiKRQbdSt+ks1MKuuf7eiPCDovx
bukoiCC+6dveaJTEgrW+7QIQdnI+TQqN9lm/Z0j4ogOFCHOUsxb1o0hM+vLHu9S7
nRubk8MSjB5WAv+5t7OH0HBtpB5NkPmPKGuk9OMb3gXu5E7N15lGSny8SvE5Iint
qChsZaJXDxV14twuwSVII4BEVXYMqR+5oBxkMGDKoAYkwG8WStmYecDTnQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFMsj/X5nmQGKdStb2lbtLib+AIMLMB8GA1UdIwQY
MBaAFIuCQz/+lL81Nv7DJ1Q9OWFYICByMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTRKRFBfNlV2elUyX3NNblZEMDVZVmdnSUhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9mNTU5M2QtNjg5Yy00ZGZlLThkOTYt
MmRkNzg5MGRjNjg5LzEveXlQOWZtZVpBWXAxSzF2YVZ1MHVKdjRBZ3dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9mNTU5M2QtNjg5Yy00ZGZlLThkOTYtMmRkNzg5MGRjNjg5
LzEvaTRKRFBfNlV2elUyX3NNblZEMDVZVmdnSUhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAXZDCAD
BADZDCQDBADZDCcwDAMEAdkMKgMEBNkMIDANBgkqhkiG9w0BAQsFAAOCAQEAh6yN
qpU6jz+BoneBlHqO6QcI48sfOj73W2Jy+1PDzOEXehMLYZ5ECmdyOPkqlHhyHT9C
REFsVeV0Kb+mhOZ2h/bRI5TWMKHeY3+Z9FVrZLRvEWbVQng+XNIHg00VDdwNo0q+
O4DNNCpSZRP7ogUmjuq8UsxqjgsppS/+H1Uf23NyU1gNRfCIRVbJwQCMJcWh5nh+
AmS3YRn1KAS2RUo0d4XMvADTnvANohCc225HByLnwFaOYAcY2UxnauD/hgYQq000
WlldvhPFCpvoEAKCXwHonbwc462uUAP1kRAfUD8JGys+ovANYO2Sv3v2RIgl/Und
oaYmfLPzMZX96uDfgA==
-----END CERTIFICATE-----
Generated at Sat Apr 19 02:35:00 2025 by rpki-client