Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/ad0241-1ae3-4d5b-b0d1-85c5d5302d88/1/ynNiqpUGj7MZnVEAtyjkg5TEoos.roa
File: ynNiqpUGj7MZnVEAtyjkg5TEoos.roa (raw, json)
Hash identifier: 7jLIH+SKex+C92stTPt3XMFBbwMSgEi9jC3uB/DzHz8=
Subject key identifier: CA:73:62:AA:95:06:8F:B3:19:9D:51:00:B7:28:E4:83:94:C4:A2:8B
Certificate issuer: /CN=5d16dccfb2e2c88cf09f487c421fc8af7bbd3574
Certificate serial: 018CCA99D4B45CED47B7C78614B465758CC1
Authority key identifier: 5D:16:DC:CF:B2:E2:C8:8C:F0:9F:48:7C:42:1F:C8:AF:7B:BD:35:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XRbcz7LiyIzwn0h8Qh_Ir3u9NXQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/ad0241-1ae3-4d5b-b0d1-85c5d5302d88/1/ynNiqpUGj7MZnVEAtyjkg5TEoos.roa
Signing time: Tue 02 Jan 2024 14:35:28 +0000
ROA not before: Tue 02 Jan 2024 14:35:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200931
IP address blocks: 185.91.4.0/24 maxlen: 24
185.91.4.0/22 maxlen: 22
185.91.5.0/24 maxlen: 24
185.91.6.0/24 maxlen: 24
2a03:8860::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/ad0241-1ae3-4d5b-b0d1-85c5d5302d88/1/XRbcz7LiyIzwn0h8Qh_Ir3u9NXQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/ad0241-1ae3-4d5b-b0d1-85c5d5302d88/1/XRbcz7LiyIzwn0h8Qh_Ir3u9NXQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/XRbcz7LiyIzwn0h8Qh_Ir3u9NXQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:d4:b4:5c:ed:47:b7:c7:86:14:b4:65:75:8c:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d16dccfb2e2c88cf09f487c421fc8af7bbd3574
Validity
Not Before: Jan 2 14:35:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca7362aa95068fb3199d5100b728e48394c4a28b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:7a:8d:b3:74:98:e2:37:bf:53:a3:4d:2a:41:
89:d1:f2:3e:57:30:65:73:88:a3:b8:34:2a:9a:fa:
62:f8:8b:62:e9:e6:d5:86:75:42:be:92:12:00:9d:
7d:59:f1:60:55:50:ce:e4:cb:ff:0c:06:59:f5:2e:
97:81:00:11:89:f4:0a:81:09:e0:1b:23:6b:8c:04:
b3:93:25:5d:1e:fc:0e:a7:9b:db:b3:28:6c:b0:6a:
76:82:ad:c3:4a:89:db:73:06:a8:37:87:c7:c6:62:
12:8d:ec:e7:fb:aa:31:f6:e5:63:d4:c5:32:ad:23:
b9:8a:50:75:55:88:c8:0a:a6:d0:d3:d9:6a:c5:ff:
95:5b:d1:4d:de:48:22:7e:55:33:51:88:59:53:09:
0f:76:a8:78:80:39:9a:8a:c7:8f:b0:6b:41:62:71:
f4:78:ed:fc:d7:4e:a2:5e:33:8b:52:4b:f0:b9:bc:
da:6c:82:3f:ca:ab:f1:b1:48:5f:13:0d:e6:55:95:
4c:34:b1:39:06:8e:fd:f0:05:91:8f:87:ca:d3:b2:
eb:40:99:82:50:3f:85:30:7a:1d:6f:7d:af:25:c4:
e4:81:08:ea:2d:fd:7e:07:71:24:3d:41:6d:ac:20:
2b:e5:15:43:15:98:ac:6b:26:71:cc:bb:6a:af:df:
55:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:73:62:AA:95:06:8F:B3:19:9D:51:00:B7:28:E4:83:94:C4:A2:8B
X509v3 Authority Key Identifier:
keyid:5D:16:DC:CF:B2:E2:C8:8C:F0:9F:48:7C:42:1F:C8:AF:7B:BD:35:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XRbcz7LiyIzwn0h8Qh_Ir3u9NXQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/ad0241-1ae3-4d5b-b0d1-85c5d5302d88/1/ynNiqpUGj7MZnVEAtyjkg5TEoos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/ad0241-1ae3-4d5b-b0d1-85c5d5302d88/1/XRbcz7LiyIzwn0h8Qh_Ir3u9NXQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.91.4.0/22
IPv6:
2a03:8860::/32
Signature Algorithm: sha256WithRSAEncryption
80:7f:bb:b9:04:46:68:bb:d7:14:2c:51:fe:28:1f:1a:f3:00:
82:18:9c:89:96:f8:de:26:b7:26:18:ab:6b:c8:03:84:43:f9:
b5:8f:eb:d9:5a:61:f1:aa:c8:47:c1:63:f0:7d:e1:0f:b2:0d:
0a:35:d8:f0:92:1a:60:4e:df:b8:09:e6:e3:38:80:c5:7c:14:
a7:ce:02:ec:66:ad:c0:ce:d0:e7:03:75:e4:ea:22:5c:3e:54:
4c:7d:99:44:6b:91:42:d0:f0:44:92:43:ce:6f:14:c2:83:99:
a1:7d:29:67:82:3e:8d:b8:76:a4:c6:05:d8:ba:2d:ad:55:7c:
01:c8:a8:1e:24:06:ee:46:52:4d:fc:46:25:fb:9a:af:56:8e:
93:30:2e:d6:0a:8e:11:85:9e:3f:38:93:f7:bc:c8:f8:7f:dd:
61:91:92:ac:f6:8a:c6:b4:8a:36:34:0a:a4:c9:67:9e:0e:b8:
42:7b:8c:aa:77:c7:8d:74:a7:29:05:9f:de:7c:1e:17:f2:ca:
2f:db:d8:a7:b9:56:b5:df:09:b0:c3:fd:26:f2:b9:23:58:cf:
3c:ab:3e:a7:eb:a8:fd:a9:f6:50:82:b5:2c:5b:0e:b6:0e:51:
5e:41:c9:fd:19:a9:3f:0a:46:58:a4:b7:45:25:ef:39:81:d9:
a8:70:d7:ab
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKmdS0XO1Ht8eGFLRldYzBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMTZkY2NmYjJlMmM4OGNmMDlmNDg3YzQyMWZjOGFmN2Ji
ZDM1NzQwHhcNMjQwMTAyMTQzNTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTczNjJhYTk1MDY4ZmIzMTk5ZDUxMDBiNzI4ZTQ4Mzk0YzRhMjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3qNs3SY4je/U6NNKkGJ0fI+VzBl
c4ijuDQqmvpi+Iti6ebVhnVCvpISAJ19WfFgVVDO5Mv/DAZZ9S6XgQARifQKgQng
GyNrjASzkyVdHvwOp5vbsyhssGp2gq3DSonbcwaoN4fHxmISjezn+6ox9uVj1MUy
rSO5ilB1VYjICqbQ09lqxf+VW9FN3kgiflUzUYhZUwkPdqh4gDmaisePsGtBYnH0
eO38106iXjOLUkvwubzabII/yqvxsUhfEw3mVZVMNLE5Bo798AWRj4fK07LrQJmC
UD+FMHodb32vJcTkgQjqLf1+B3EkPUFtrCAr5RVDFZisayZxzLtqr99VywIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMpzYqqVBo+zGZ1RALco5IOUxKKLMB8GA1UdIwQY
MBaAFF0W3M+y4siM8J9IfEIfyK97vTV0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFJiY3o3TGl5SXp3bjBoOFFoX0lyM3U5TlhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9hZDAyNDEtMWFlMy00ZDViLWIwZDEt
ODVjNWQ1MzAyZDg4LzEveW5OaXFwVUdqN01ablZFQXR5amtnNVRFb29zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9hZDAyNDEtMWFlMy00ZDViLWIwZDEtODVjNWQ1MzAyZDg4
LzEvWFJiY3o3TGl5SXp3bjBoOFFoX0lyM3U5TlhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVsEMA0E
AgACMAcDBQAqA4hgMA0GCSqGSIb3DQEBCwUAA4IBAQCAf7u5BEZou9cULFH+KB8a
8wCCGJyJlvjeJrcmGKtryAOEQ/m1j+vZWmHxqshHwWPwfeEPsg0KNdjwkhpgTt+4
CebjOIDFfBSnzgLsZq3AztDnA3Xk6iJcPlRMfZlEa5FC0PBEkkPObxTCg5mhfSln
gj6NuHakxgXYui2tVXwByKgeJAbuRlJN/EYl+5qvVo6TMC7WCo4RhZ4/OJP3vMj4
f91hkZKs9orGtIo2NAqkyWeeDrhCe4yqd8eNdKcpBZ/efB4X8sov29inuVa13wmw
w/0m8rkjWM88qz6n66j9qfZQgrUsWw62DlFeQcn9Gak/CkZYpLdFJe85gdmocNer
-----END CERTIFICATE-----
Generated at Fri Jun 21 16:56:36 2024 by rpki-client on console-ams.rpki-client.org