Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/9286bb-c5e5-429f-8a76-0fd862da3ae1/1/Y4yfCdJzEOi3bR6C-i_sJLUjuG8.roa
File: Y4yfCdJzEOi3bR6C-i_sJLUjuG8.roa (raw, json)
Hash identifier: bEi6MXZnoObXRQdKWH/nnEr5gyrGK2EWOoVjfjiosco=
Subject key identifier: 63:8C:9F:09:D2:73:10:E8:B7:6D:1E:82:FA:2F:EC:24:B5:23:B8:6F
Certificate issuer: /CN=47b7054d656153d2d55add8b9dfe3f6d137ad27e
Certificate serial: 018CC94DA49520CE091183B3AAFF6C473806
Authority key identifier: 47:B7:05:4D:65:61:53:D2:D5:5A:DD:8B:9D:FE:3F:6D:13:7A:D2:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R7cFTWVhU9LVWt2Lnf4_bRN60n4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/9286bb-c5e5-429f-8a76-0fd862da3ae1/1/Y4yfCdJzEOi3bR6C-i_sJLUjuG8.roa
Signing time: Tue 02 Jan 2024 08:32:37 +0000
ROA not before: Tue 02 Jan 2024 08:32:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208097
IP address blocks: 84.38.245.0/24 maxlen: 24
192.122.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/9286bb-c5e5-429f-8a76-0fd862da3ae1/1/R7cFTWVhU9LVWt2Lnf4_bRN60n4.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/9286bb-c5e5-429f-8a76-0fd862da3ae1/1/R7cFTWVhU9LVWt2Lnf4_bRN60n4.mft
rsync://rpki.ripe.net/repository/DEFAULT/R7cFTWVhU9LVWt2Lnf4_bRN60n4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 13:57:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:a4:95:20:ce:09:11:83:b3:aa:ff:6c:47:38:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47b7054d656153d2d55add8b9dfe3f6d137ad27e
Validity
Not Before: Jan 2 08:32:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=638c9f09d27310e8b76d1e82fa2fec24b523b86f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:74:75:3a:55:ec:12:9c:94:50:86:5e:6a:13:
e5:f9:4f:49:3a:ad:9d:bc:b5:db:da:42:b8:d5:68:
6d:57:fd:e1:24:55:2d:b0:46:94:ec:3c:15:be:91:
fa:cc:ee:4e:22:58:aa:77:f2:18:25:11:68:13:7b:
9a:1f:b1:5f:86:5e:0b:ab:1c:39:e3:1d:36:ef:c9:
cd:38:78:0c:6a:b1:7f:b9:94:e6:ce:e1:bb:33:0d:
ae:0a:c5:9b:59:e3:17:19:a9:7e:57:4c:bb:19:d4:
56:2d:ec:88:56:33:8a:b4:37:d2:c7:ab:91:85:ab:
c7:6d:86:7b:35:8b:30:35:0c:fb:05:5f:be:0c:74:
42:b9:81:74:cc:93:d8:4e:c1:a5:50:29:4e:e1:28:
e8:dc:60:4c:13:c0:49:e7:4a:bd:48:4f:25:d2:3d:
4a:37:20:3e:a8:57:e9:0a:7b:b0:1e:a6:a3:ba:4b:
32:50:42:18:e3:1d:6b:42:2a:82:ef:e2:6a:80:e5:
65:4a:2e:e2:80:2f:92:25:ca:d0:cc:a0:ea:16:d8:
d3:18:bc:16:13:4a:bf:66:fb:4a:87:d3:f6:de:85:
08:03:85:15:e9:96:4d:ea:4b:01:24:79:be:8c:c8:
14:37:c7:d6:01:07:19:77:dc:a0:36:88:b1:88:03:
86:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:8C:9F:09:D2:73:10:E8:B7:6D:1E:82:FA:2F:EC:24:B5:23:B8:6F
X509v3 Authority Key Identifier:
keyid:47:B7:05:4D:65:61:53:D2:D5:5A:DD:8B:9D:FE:3F:6D:13:7A:D2:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R7cFTWVhU9LVWt2Lnf4_bRN60n4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/9286bb-c5e5-429f-8a76-0fd862da3ae1/1/Y4yfCdJzEOi3bR6C-i_sJLUjuG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/9286bb-c5e5-429f-8a76-0fd862da3ae1/1/R7cFTWVhU9LVWt2Lnf4_bRN60n4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.38.245.0/24
192.122.253.0/24
Signature Algorithm: sha256WithRSAEncryption
02:2f:74:39:c6:27:58:f5:d1:b5:45:59:a1:ea:0d:5e:36:ba:
cc:7a:d4:ed:dc:66:10:b3:cd:f3:f4:ff:c1:41:00:b4:e0:26:
d7:e4:41:d1:29:b5:d9:2d:d7:ac:e4:8c:67:20:82:76:b3:f3:
cc:92:f9:50:92:25:50:50:e2:db:df:9f:46:61:cc:74:7e:f4:
a6:89:d3:5c:53:05:b5:b0:a2:a2:e5:27:1e:ca:bc:99:35:72:
fb:87:6d:54:d7:2f:31:3b:74:bd:0e:15:ad:d5:28:52:ee:3c:
19:19:3b:2f:d1:c4:98:09:47:f0:fc:24:1b:42:db:a2:1f:73:
b5:9c:31:b8:07:4c:9d:9b:57:9f:15:21:b4:08:d7:1e:25:44:
ca:f0:c0:70:d0:ec:ba:57:b5:48:2e:d6:72:97:39:dc:d2:15:
83:59:f6:b0:87:17:1e:30:e8:d5:7a:d4:79:ca:44:59:a6:cf:
af:ad:ff:3b:e2:65:f5:44:2c:51:11:e5:97:2c:2f:30:78:83:
a8:7d:22:69:d2:fd:7e:cd:f2:c2:01:66:aa:9c:9e:92:e2:d6:
78:62:10:dc:92:24:c7:85:87:ea:a4:d4:11:e3:43:37:d7:87:
78:5c:34:22:5f:7c:ea:9e:17:0c:13:3c:18:67:8c:9a:40:4e:
ae:53:2c:19
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJTaSVIM4JEYOzqv9sRzgGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3YjcwNTRkNjU2MTUzZDJkNTVhZGQ4YjlkZmUzZjZkMTM3
YWQyN2UwHhcNMjQwMTAyMDgzMjM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzhjOWYwOWQyNzMxMGU4Yjc2ZDFlODJmYTJmZWMyNGI1MjNiODZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1HR1OlXsEpyUUIZeahPl+U9JOq2d
vLXb2kK41WhtV/3hJFUtsEaU7DwVvpH6zO5OIliqd/IYJRFoE3uaH7Ffhl4Lqxw5
4x0278nNOHgMarF/uZTmzuG7Mw2uCsWbWeMXGal+V0y7GdRWLeyIVjOKtDfSx6uR
havHbYZ7NYswNQz7BV++DHRCuYF0zJPYTsGlUClO4Sjo3GBME8BJ50q9SE8l0j1K
NyA+qFfpCnuwHqajuksyUEIY4x1rQiqC7+JqgOVlSi7igC+SJcrQzKDqFtjTGLwW
E0q/ZvtKh9P23oUIA4UV6ZZN6ksBJHm+jMgUN8fWAQcZd9ygNoixiAOGywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGOMnwnScxDot20egvov7CS1I7hvMB8GA1UdIwQY
MBaAFEe3BU1lYVPS1Vrdi53+P20TetJ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjdjRlRXVmhVOUxWV3QyTG5mNF9iUk42MG40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi85Mjg2YmItYzVlNS00MjlmLThhNzYt
MGZkODYyZGEzYWUxLzEvWTR5ZkNkSnpFT2kzYlI2Qy1pX3NKTFVqdUc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi85Mjg2YmItYzVlNS00MjlmLThhNzYtMGZkODYyZGEzYWUx
LzEvUjdjRlRXVmhVOUxWV3QyTG5mNF9iUk42MG40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCb1AwQA
wHr9MA0GCSqGSIb3DQEBCwUAA4IBAQACL3Q5xidY9dG1RVmh6g1eNrrMetTt3GYQ
s83z9P/BQQC04CbX5EHRKbXZLdes5IxnIIJ2s/PMkvlQkiVQUOLb359GYcx0fvSm
idNcUwW1sKKi5SceyryZNXL7h21U1y8xO3S9DhWt1ShS7jwZGTsv0cSYCUfw/CQb
QtuiH3O1nDG4B0ydm1efFSG0CNceJUTK8MBw0Oy6V7VILtZylznc0hWDWfawhxce
MOjVetR5ykRZps+vrf874mX1RCxREeWXLC8weIOofSJp0v1+zfLCAWaqnJ6S4tZ4
YhDckiTHhYfqpNQR40M314d4XDQiX3zqnhcMEzwYZ4yaQE6uUywZ
-----END CERTIFICATE-----
Generated at Fri Jun 21 19:06:51 2024 by rpki-client on console-fra.rpki-client.org