Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/db2912-89a9-4ee9-8229-a55f77b83e6b/1/yemkBwFnltpe8mN37JKE1_TDmSg.roa
File: yemkBwFnltpe8mN37JKE1_TDmSg.roa (raw, json)
Hash identifier: rq2XK4eqoo4fj1ra2eL/cmHLmzWXrovvgstimjyfGKw=
Subject key identifier: C9:E9:A4:07:01:67:96:DA:5E:F2:63:77:EC:92:84:D7:F4:C3:99:28
Certificate issuer: /CN=00ad6d83c8083729d7a9d8571d65ce97e058b821
Certificate serial: 018CC794B194F1F6AC31FFBCCFAB267B9350
Authority key identifier: 00:AD:6D:83:C8:08:37:29:D7:A9:D8:57:1D:65:CE:97:E0:58:B8:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK1tg8gINynXqdhXHWXOl-BYuCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/db2912-89a9-4ee9-8229-a55f77b83e6b/1/yemkBwFnltpe8mN37JKE1_TDmSg.roa
Signing time: Tue 02 Jan 2024 00:30:59 +0000
ROA not before: Tue 02 Jan 2024 00:30:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9007
IP address blocks: 192.166.160.0/19 maxlen: 19
192.166.160.0/20 maxlen: 20
2a04:7680::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/db2912-89a9-4ee9-8229-a55f77b83e6b/1/AK1tg8gINynXqdhXHWXOl-BYuCE.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/db2912-89a9-4ee9-8229-a55f77b83e6b/1/AK1tg8gINynXqdhXHWXOl-BYuCE.mft
rsync://rpki.ripe.net/repository/DEFAULT/AK1tg8gINynXqdhXHWXOl-BYuCE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 17 Nov 2024 11:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:b1:94:f1:f6:ac:31:ff:bc:cf:ab:26:7b:93:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00ad6d83c8083729d7a9d8571d65ce97e058b821
Validity
Not Before: Jan 2 00:30:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9e9a407016796da5ef26377ec9284d7f4c39928
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:4d:aa:f2:d2:15:cd:4a:34:52:23:be:e8:c8:
03:95:2f:2a:27:66:38:8f:f8:85:00:50:69:c9:3b:
c2:15:ac:08:5c:c2:2c:7b:70:45:65:e0:e1:67:8d:
b1:5f:11:e7:e0:51:f9:bd:bb:7f:05:db:56:41:93:
4a:0d:5b:6e:b6:c8:50:c7:66:04:16:dd:51:c8:d5:
8b:6a:92:8e:5a:7f:e0:18:73:f1:6b:33:66:05:eb:
36:ea:b8:be:d2:e5:7a:8f:78:f7:e5:ef:9f:98:ec:
e6:04:9c:c9:41:52:f9:d5:f5:be:e3:17:c6:8e:bf:
98:b5:17:80:32:32:10:d0:f2:79:06:14:fa:00:50:
3f:9b:b3:e2:72:c3:bb:c1:38:a5:08:90:77:d9:a2:
bf:08:a4:d1:4f:20:ab:4e:28:d0:ad:9d:91:99:43:
94:48:fe:44:ce:49:df:0c:ea:92:cb:68:fc:d9:73:
d7:b6:77:17:1d:7e:85:92:5a:7e:bb:20:b2:10:26:
c4:fd:97:59:b7:d4:67:d7:b5:ea:50:dc:a6:8e:41:
e4:4f:9a:c7:c5:f6:fa:07:64:c7:f6:5b:ff:27:63:
df:d0:a1:94:6c:39:ae:94:78:85:6f:f5:9c:a3:e3:
bf:06:df:e6:69:1b:2c:31:19:6e:c2:e9:ba:d3:19:
b0:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:E9:A4:07:01:67:96:DA:5E:F2:63:77:EC:92:84:D7:F4:C3:99:28
X509v3 Authority Key Identifier:
keyid:00:AD:6D:83:C8:08:37:29:D7:A9:D8:57:1D:65:CE:97:E0:58:B8:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK1tg8gINynXqdhXHWXOl-BYuCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/db2912-89a9-4ee9-8229-a55f77b83e6b/1/yemkBwFnltpe8mN37JKE1_TDmSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/db2912-89a9-4ee9-8229-a55f77b83e6b/1/AK1tg8gINynXqdhXHWXOl-BYuCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.166.160.0/19
IPv6:
2a04:7680::/29
Signature Algorithm: sha256WithRSAEncryption
65:53:96:82:26:53:9b:92:77:79:14:38:bc:3d:dd:b7:55:d2:
4d:32:16:5a:91:57:cc:0b:32:1f:d7:c1:7c:e2:1a:e6:96:77:
0b:cf:f3:1b:24:e4:19:88:2a:90:a7:4d:a8:86:d8:b0:b7:21:
30:9b:51:db:b2:b1:ad:1f:ea:5e:e5:a3:00:46:ad:19:29:c6:
1b:df:d8:27:22:7c:59:32:0c:63:6c:0e:c7:43:12:63:a3:d0:
fc:ad:32:23:e9:d7:56:4c:f3:e9:d4:c6:78:2a:cf:c8:3f:fa:
b8:6d:3e:f0:55:09:28:14:20:30:21:c6:a8:8c:6c:08:67:51:
70:81:f4:7a:55:e5:32:0a:f5:35:94:52:d7:9a:3c:38:9d:21:
cb:8f:e6:45:05:85:c9:4f:d0:29:d0:f5:e6:56:79:4a:ad:07:
1a:1f:8d:c8:de:73:f0:c0:b9:41:cc:89:1b:b5:62:6d:dd:3f:
3c:ba:18:12:bc:fc:bb:07:40:27:72:a8:a4:c8:a7:f8:71:ee:
13:83:86:8e:40:bd:86:55:10:97:bc:83:6a:09:ab:8c:58:17:
cf:55:9d:0d:8e:97:fa:13:1e:47:16:51:12:37:6e:1d:a5:50:
93:41:c7:84:1a:ae:1f:4b:66:0c:0d:55:17:45:ed:dc:55:d0:
02:84:07:2e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHlLGU8fasMf+8z6sme5NQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWQ2ZDgzYzgwODM3MjlkN2E5ZDg1NzFkNjVjZTk3ZTA1
OGI4MjEwHhcNMjQwMTAyMDAzMDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWU5YTQwNzAxNjc5NmRhNWVmMjYzNzdlYzkyODRkN2Y0YzM5OTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmU2q8tIVzUo0UiO+6MgDlS8qJ2Y4
j/iFAFBpyTvCFawIXMIse3BFZeDhZ42xXxHn4FH5vbt/BdtWQZNKDVtutshQx2YE
Ft1RyNWLapKOWn/gGHPxazNmBes26ri+0uV6j3j35e+fmOzmBJzJQVL51fW+4xfG
jr+YtReAMjIQ0PJ5BhT6AFA/m7PicsO7wTilCJB32aK/CKTRTyCrTijQrZ2RmUOU
SP5EzknfDOqSy2j82XPXtncXHX6Fklp+uyCyECbE/ZdZt9Rn17XqUNymjkHkT5rH
xfb6B2TH9lv/J2Pf0KGUbDmulHiFb/Wco+O/Bt/maRssMRluwum60xmwHwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMnppAcBZ5baXvJjd+yShNf0w5koMB8GA1UdIwQY
MBaAFACtbYPICDcp16nYVx1lzpfgWLghMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUsxdGc4Z0lOeW5YcWRoWEhXWE9sLUJZdUNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9kYjI5MTItODlhOS00ZWU5LTgyMjkt
YTU1Zjc3YjgzZTZiLzEveWVta0J3Rm5sdHBlOG1OMzdKS0UxX1REbVNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9kYjI5MTItODlhOS00ZWU5LTgyMjktYTU1Zjc3YjgzZTZi
LzEvQUsxdGc4Z0lOeW5YcWRoWEhXWE9sLUJZdUNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFwKagMA0E
AgACMAcDBQMqBHaAMA0GCSqGSIb3DQEBCwUAA4IBAQBlU5aCJlObknd5FDi8Pd23
VdJNMhZakVfMCzIf18F84hrmlncLz/MbJOQZiCqQp02ohtiwtyEwm1HbsrGtH+pe
5aMARq0ZKcYb39gnInxZMgxjbA7HQxJjo9D8rTIj6ddWTPPp1MZ4Ks/IP/q4bT7w
VQkoFCAwIcaojGwIZ1FwgfR6VeUyCvU1lFLXmjw4nSHLj+ZFBYXJT9Ap0PXmVnlK
rQcaH43I3nPwwLlBzIkbtWJt3T88uhgSvPy7B0AncqikyKf4ce4Tg4aOQL2GVRCX
vINqCauMWBfPVZ0Njpf6Ex5HFlESN24dpVCTQceEGq4fS2YMDVUXRe3cVdAChAcu
-----END CERTIFICATE-----
Generated at Sat Nov 16 15:45:56 2024 by rpki-client on console-fra.rpki-client.org