Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/4ef4a9-6d96-4989-9c81-d92e68dfffe4/1/5YiioIjZ4HNvH2cyMmhjYcmv5EM.roa
File: 5YiioIjZ4HNvH2cyMmhjYcmv5EM.roa (raw, json)
Hash identifier: H78zWnD7UL10Rz6Ds/5+mVGD8NItknz371M2v+r84NY=
Subject key identifier: E5:88:A2:A0:88:D9:E0:73:6F:1F:67:32:32:68:63:61:C9:AF:E4:43
Certificate issuer: /CN=61b866e323382caea961e7d2423e53cab5099131
Certificate serial: 018EC75033D8C13D24160A2DBA26430FC74F
Authority key identifier: 61:B8:66:E3:23:38:2C:AE:A9:61:E7:D2:42:3E:53:CA:B5:09:91:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ybhm4yM4LK6pYefSQj5TyrUJkTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/4ef4a9-6d96-4989-9c81-d92e68dfffe4/1/5YiioIjZ4HNvH2cyMmhjYcmv5EM.roa
Signing time: Wed 10 Apr 2024 09:21:45 +0000
ROA not before: Wed 10 Apr 2024 09:21:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20986
IP address blocks: 185.111.52.0/22 maxlen: 22
185.111.56.0/22 maxlen: 22
185.112.16.0/22 maxlen: 22
2a06:5940::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/4ef4a9-6d96-4989-9c81-d92e68dfffe4/1/Ybhm4yM4LK6pYefSQj5TyrUJkTE.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/4ef4a9-6d96-4989-9c81-d92e68dfffe4/1/Ybhm4yM4LK6pYefSQj5TyrUJkTE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ybhm4yM4LK6pYefSQj5TyrUJkTE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 21:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c7:50:33:d8:c1:3d:24:16:0a:2d:ba:26:43:0f:c7:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b866e323382caea961e7d2423e53cab5099131
Validity
Not Before: Apr 10 09:21:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e588a2a088d9e0736f1f673232686361c9afe443
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:70:9b:3b:be:dd:0c:c9:ab:fa:6f:c3:be:40:
9e:73:95:1a:24:4f:85:b2:05:50:0f:35:a2:18:4d:
d7:e1:c0:e9:76:10:42:21:8c:06:1b:40:09:37:53:
85:a1:e2:73:59:44:b1:01:fb:da:c5:b4:e9:fd:f0:
27:74:64:14:06:8e:18:e4:94:16:ae:41:d5:a4:4a:
49:04:9d:16:e7:66:23:49:99:5c:8d:2d:53:34:e0:
67:02:12:26:e2:a1:37:ae:e4:dd:81:1e:6f:23:fe:
68:60:5d:ac:9d:65:18:10:fc:83:a7:d7:da:0a:1b:
9a:6e:dc:e8:c9:98:6d:8f:a7:5c:09:d8:79:18:6f:
08:2e:8c:08:d2:f0:28:51:11:65:c2:53:d5:3c:e7:
13:91:1b:ed:2d:1f:a8:58:3d:1f:4b:eb:4e:58:76:
2e:66:69:a2:dd:2c:56:44:62:d8:75:01:5a:00:7c:
15:5f:9d:31:2d:56:d8:a3:da:3b:06:96:ff:d0:a3:
44:0e:1b:fd:2c:1a:83:97:50:a3:df:b4:88:35:2e:
a0:a6:b0:de:86:f4:27:c3:7a:09:bd:d1:7e:6b:49:
e2:28:96:40:f0:c7:b5:08:9c:a1:b9:1a:9f:5e:41:
90:8b:35:57:12:79:27:82:5d:f3:ec:5c:d3:b2:89:
90:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:88:A2:A0:88:D9:E0:73:6F:1F:67:32:32:68:63:61:C9:AF:E4:43
X509v3 Authority Key Identifier:
keyid:61:B8:66:E3:23:38:2C:AE:A9:61:E7:D2:42:3E:53:CA:B5:09:91:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ybhm4yM4LK6pYefSQj5TyrUJkTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/4ef4a9-6d96-4989-9c81-d92e68dfffe4/1/5YiioIjZ4HNvH2cyMmhjYcmv5EM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/4ef4a9-6d96-4989-9c81-d92e68dfffe4/1/Ybhm4yM4LK6pYefSQj5TyrUJkTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.52.0-185.111.59.255
185.112.16.0/22
IPv6:
2a06:5940::/29
Signature Algorithm: sha256WithRSAEncryption
0e:be:96:f5:cc:c4:11:0f:94:73:aa:c2:61:e8:89:72:27:a8:
42:b8:dc:fa:b9:c9:f6:c2:52:3f:6a:44:77:d6:68:1e:9b:a1:
dd:cb:95:c5:14:94:35:17:6a:66:9a:f4:31:1e:16:f6:15:1b:
2b:44:08:2e:3d:e6:61:36:fe:bb:a0:b2:37:76:a6:3a:71:2e:
78:25:45:fc:1b:aa:ba:19:57:f0:95:ff:58:f4:74:6c:99:98:
92:1d:4a:92:ea:2c:a6:b4:09:85:4a:c3:c2:4a:33:dd:d0:a4:
37:ee:6b:e9:6c:55:55:5d:1b:42:b2:3d:cb:5f:f7:60:6d:11:
c3:c6:b5:3a:7c:48:8d:d9:0c:57:41:fb:de:e6:4c:c8:f6:4c:
81:1e:90:62:f1:d2:cb:3b:9d:d5:a6:05:eb:a9:12:64:80:05:
60:78:4c:ac:32:05:9b:a9:e2:45:97:e3:32:2d:ba:0a:81:66:
cb:87:3f:10:17:09:4b:1d:ef:fc:af:ac:8a:89:e5:7b:07:55:
d3:05:bc:e4:8e:11:a6:36:e3:f2:99:8f:67:51:b7:29:aa:53:
7b:89:76:bf:f0:44:b0:18:e7:b1:aa:4a:4a:3b:c9:5c:b0:ad:
c4:58:ed:79:6e:4b:e3:20:44:f3:e7:54:1a:90:d1:c8:3f:81:
d1:05:18:ca
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY7HUDPYwT0kFgotuiZDD8dPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYjg2NmUzMjMzODJjYWVhOTYxZTdkMjQyM2U1M2NhYjUw
OTkxMzEwHhcNMjQwNDEwMDkyMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTg4YTJhMDg4ZDllMDczNmYxZjY3MzIzMjY4NjM2MWM5YWZlNDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3CbO77dDMmr+m/DvkCec5UaJE+F
sgVQDzWiGE3X4cDpdhBCIYwGG0AJN1OFoeJzWUSxAfvaxbTp/fAndGQUBo4Y5JQW
rkHVpEpJBJ0W52YjSZlcjS1TNOBnAhIm4qE3ruTdgR5vI/5oYF2snWUYEPyDp9fa
ChuabtzoyZhtj6dcCdh5GG8ILowI0vAoURFlwlPVPOcTkRvtLR+oWD0fS+tOWHYu
Zmmi3SxWRGLYdQFaAHwVX50xLVbYo9o7Bpb/0KNEDhv9LBqDl1Cj37SINS6gprDe
hvQnw3oJvdF+a0niKJZA8Me1CJyhuRqfXkGQizVXEnkngl3z7FzTsomQXQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFOWIoqCI2eBzbx9nMjJoY2HJr+RDMB8GA1UdIwQY
MBaAFGG4ZuMjOCyuqWHn0kI+U8q1CZExMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWJobTR5TTRMSzZwWWVmU1FqNVR5clVKa1RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS80ZWY0YTktNmQ5Ni00OTg5LTljODEt
ZDkyZTY4ZGZmZmU0LzEvNVlpaW9Jalo0SE52SDJjeU1taGpZY212NUVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS80ZWY0YTktNmQ5Ni00OTg5LTljODEtZDkyZTY4ZGZmZmU0
LzEvWWJobTR5TTRMSzZwWWVmU1FqNVR5clVKa1RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAK5bzQD
BAK5bzgDBAK5cBAwDQQCAAIwBwMFAyoGWUAwDQYJKoZIhvcNAQELBQADggEBAA6+
lvXMxBEPlHOqwmHoiXInqEK43Pq5yfbCUj9qRHfWaB6bod3LlcUUlDUXamaa9DEe
FvYVGytECC495mE2/rugsjd2pjpxLnglRfwbqroZV/CV/1j0dGyZmJIdSpLqLKa0
CYVKw8JKM93QpDfua+lsVVVdG0KyPctf92BtEcPGtTp8SI3ZDFdB+97mTMj2TIEe
kGLx0ss7ndWmBeupEmSABWB4TKwyBZup4kWX4zItugqBZsuHPxAXCUsd7/yvrIqJ
5XsHVdMFvOSOEaY24/KZj2dRtymqU3uJdr/wRLAY57GqSko7yVywrcRY7XluS+Mg
RPPnVBqQ0cg/gdEFGMo=
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:09:36 2024 by rpki-client on console-fra.rpki-client.org