Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/febab0-d93a-4704-9a71-3ad52e8b9628/1/y-yqD_o6-yvJIkDnO3_IZY-NNtI.roa
File: y-yqD_o6-yvJIkDnO3_IZY-NNtI.roa (raw, json)
Hash identifier: tHO+rJeLsUWeDeQXi11yGR/NMyk+mG8H8gO6oBJu7A8=
Subject key identifier: CB:EC:AA:0F:FA:3A:FB:2B:C9:22:40:E7:3B:7F:C8:65:8F:8D:36:D2
Certificate issuer: /CN=2d28cfa3fd2da9caaa659284758dee67099934f8
Certificate serial: 0191B6A43D59879EC8B7B17292D915E84197
Authority key identifier: 2D:28:CF:A3:FD:2D:A9:CA:AA:65:92:84:75:8D:EE:67:09:99:34:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LSjPo_0tqcqqZZKEdY3uZwmZNPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/febab0-d93a-4704-9a71-3ad52e8b9628/1/y-yqD_o6-yvJIkDnO3_IZY-NNtI.roa
Signing time: Tue 03 Sep 2024 06:48:22 +0000
ROA not before: Tue 03 Sep 2024 06:48:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214739
IP address blocks: 5.1.108.0/24 maxlen: 24
5.1.109.0/24 maxlen: 24
5.1.110.0/24 maxlen: 24
5.1.111.0/24 maxlen: 24
212.15.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/febab0-d93a-4704-9a71-3ad52e8b9628/1/LSjPo_0tqcqqZZKEdY3uZwmZNPg.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/febab0-d93a-4704-9a71-3ad52e8b9628/1/LSjPo_0tqcqqZZKEdY3uZwmZNPg.mft
rsync://rpki.ripe.net/repository/DEFAULT/LSjPo_0tqcqqZZKEdY3uZwmZNPg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b6:a4:3d:59:87:9e:c8:b7:b1:72:92:d9:15:e8:41:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d28cfa3fd2da9caaa659284758dee67099934f8
Validity
Not Before: Sep 3 06:48:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cbecaa0ffa3afb2bc92240e73b7fc8658f8d36d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:fb:14:16:68:6c:a8:f5:fd:bc:2a:74:d7:9b:
e5:bc:49:3a:c7:68:eb:1e:41:da:f6:56:ad:3c:e7:
e9:44:cc:15:5e:ea:35:1e:32:b8:6c:4d:c8:28:08:
89:9e:c9:79:b1:61:95:e6:8e:6f:4d:77:59:24:69:
b9:cc:3f:51:e1:b9:5d:7f:94:dd:e2:3d:dd:49:61:
e8:e1:59:df:2f:05:85:af:05:c2:6d:76:a9:c7:e2:
c1:9b:4e:aa:75:47:3e:ad:25:cf:3d:43:46:59:3e:
14:d5:b0:23:71:16:9b:d9:62:ef:15:d6:83:d3:2a:
71:31:88:ff:2b:10:7b:51:5a:8b:af:3a:92:0d:ca:
ab:a9:c9:8f:1b:b2:ff:de:52:70:10:57:aa:fd:60:
5d:c7:35:5a:07:fd:fa:e8:a5:a6:2e:01:57:02:96:
27:e0:20:ee:d0:04:7c:b2:e8:d1:36:f3:cb:c4:b3:
bb:89:5f:16:db:80:95:a2:f2:b6:72:09:9a:0c:ea:
78:74:a3:56:21:50:2b:36:3f:8e:0c:65:49:79:73:
00:3a:fc:ab:8d:ab:aa:6a:6f:cf:1d:1c:e2:f8:79:
65:63:f5:02:e3:8d:da:c2:dd:dc:7a:ed:be:f4:8a:
9b:02:4a:30:19:a3:b9:7c:88:58:19:97:be:f2:13:
e8:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:EC:AA:0F:FA:3A:FB:2B:C9:22:40:E7:3B:7F:C8:65:8F:8D:36:D2
X509v3 Authority Key Identifier:
keyid:2D:28:CF:A3:FD:2D:A9:CA:AA:65:92:84:75:8D:EE:67:09:99:34:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LSjPo_0tqcqqZZKEdY3uZwmZNPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/febab0-d93a-4704-9a71-3ad52e8b9628/1/y-yqD_o6-yvJIkDnO3_IZY-NNtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/febab0-d93a-4704-9a71-3ad52e8b9628/1/LSjPo_0tqcqqZZKEdY3uZwmZNPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.108.0/22
212.15.86.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:50:6d:3a:f7:e1:bf:a6:ad:03:33:78:1a:23:d9:91:a4:76:
eb:c9:f9:56:a3:a9:de:e7:e2:c8:c2:ef:ed:0a:54:c3:39:7b:
06:37:33:33:eb:71:8e:2c:50:93:f1:06:dd:c1:7a:57:5a:99:
f8:3f:a4:54:27:79:16:56:d9:81:0b:7e:d1:b6:c2:48:d1:87:
c7:f5:98:da:52:15:fc:eb:05:3a:58:56:82:37:62:bd:f7:66:
e2:ab:c2:44:d8:4e:bd:55:d6:73:d9:af:f7:f1:de:b2:45:3e:
f5:86:72:57:75:4f:50:27:2f:ce:3d:f6:c1:41:22:b8:7c:56:
c6:bd:a4:69:26:08:9f:99:6b:cf:a0:4b:ab:14:2a:ac:0c:41:
d2:38:05:7e:26:06:04:cf:75:02:82:61:c3:7f:14:32:20:57:
31:4c:fd:c8:12:1f:c1:0b:a8:1e:70:34:61:72:58:81:1b:38:
b5:74:13:ce:c6:84:25:f2:5d:3e:09:98:dc:91:96:7f:66:db:
47:35:bd:0c:cd:41:5a:35:de:1c:45:c3:a0:7d:44:d5:18:6f:
0a:64:f2:dc:f0:35:df:3d:97:e2:d2:eb:d8:a1:df:bf:38:13:
dc:e4:af:3c:d5:f7:c8:f5:64:08:fc:7c:bf:15:00:f6:99:94:
69:a3:bf:04
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZG2pD1Zh57It7FyktkV6EGXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMjhjZmEzZmQyZGE5Y2FhYTY1OTI4NDc1OGRlZTY3MDk5
OTM0ZjgwHhcNMjQwOTAzMDY0ODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmVjYWEwZmZhM2FmYjJiYzkyMjQwZTczYjdmYzg2NThmOGQzNmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2vsUFmhsqPX9vCp015vlvEk6x2jr
HkHa9latPOfpRMwVXuo1HjK4bE3IKAiJnsl5sWGV5o5vTXdZJGm5zD9R4bldf5Td
4j3dSWHo4VnfLwWFrwXCbXapx+LBm06qdUc+rSXPPUNGWT4U1bAjcRab2WLvFdaD
0ypxMYj/KxB7UVqLrzqSDcqrqcmPG7L/3lJwEFeq/WBdxzVaB/366KWmLgFXApYn
4CDu0AR8sujRNvPLxLO7iV8W24CVovK2cgmaDOp4dKNWIVArNj+ODGVJeXMAOvyr
jauqam/PHRzi+HllY/UC443awt3ceu2+9IqbAkowGaO5fIhYGZe+8hPozwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMvsqg/6OvsrySJA5zt/yGWPjTbSMB8GA1UdIwQY
MBaAFC0oz6P9LanKqmWShHWN7mcJmTT4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFNqUG9fMHRxY3FxWlpLRWRZM3Vad21aTlBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mZWJhYjAtZDkzYS00NzA0LTlhNzEt
M2FkNTJlOGI5NjI4LzEveS15cURfbzYteXZKSWtEbk8zX0laWS1OTnRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mZWJhYjAtZDkzYS00NzA0LTlhNzEtM2FkNTJlOGI5NjI4
LzEvTFNqUG9fMHRxY3FxWlpLRWRZM3Vad21aTlBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBQFsAwQA
1A9WMA0GCSqGSIb3DQEBCwUAA4IBAQCgUG069+G/pq0DM3gaI9mRpHbryflWo6ne
5+LIwu/tClTDOXsGNzMz63GOLFCT8QbdwXpXWpn4P6RUJ3kWVtmBC37RtsJI0YfH
9ZjaUhX86wU6WFaCN2K992biq8JE2E69VdZz2a/38d6yRT71hnJXdU9QJy/OPfbB
QSK4fFbGvaRpJgifmWvPoEurFCqsDEHSOAV+JgYEz3UCgmHDfxQyIFcxTP3IEh/B
C6gecDRhcliBGzi1dBPOxoQl8l0+CZjckZZ/ZttHNb0MzUFaNd4cRcOgfUTVGG8K
ZPLc8DXfPZfi0uvYod+/OBPc5K881ffI9WQI/Hy/FQD2mZRpo78E
-----END CERTIFICATE-----
Generated at Sat Sep 28 10:32:49 2024 by rpki-client on console-ams.rpki-client.org