Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/yrvKGKoQPEy1zSQyhwl3FGzClOA.roa
File: yrvKGKoQPEy1zSQyhwl3FGzClOA.roa (raw, json)
Hash identifier: wWZE4EALrifGDBwyGOwAa0SGqpaN/wf6pr9/g16e/7E=
Subject key identifier: CA:BB:CA:18:AA:10:3C:4C:B5:CD:24:32:87:09:77:14:6C:C2:94:E0
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018CC5010FE2366AB1B240CA8B55730C1EFB
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/yrvKGKoQPEy1zSQyhwl3FGzClOA.roa
Signing time: Mon 01 Jan 2024 12:30:30 +0000
ROA not before: Mon 01 Jan 2024 12:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42831
IP address blocks: 185.192.70.0/24 maxlen: 24
89.40.92.0/24 maxlen: 24
194.32.120.0/24 maxlen: 24
178.239.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 01:03:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:0f:e2:36:6a:b1:b2:40:ca:8b:55:73:0c:1e:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 12:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cabbca18aa103c4cb5cd2432870977146cc294e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:51:aa:59:b1:04:02:02:68:5e:12:70:0c:20:
7a:ff:68:c4:4c:fd:af:19:56:f2:2b:df:ba:3c:d1:
6b:31:2c:9f:6e:a7:f6:ee:e5:da:19:ec:d4:12:1e:
cc:8f:86:fb:2e:6a:32:2e:97:0b:8d:a9:08:9f:d0:
d1:7f:7f:d6:ef:55:02:5f:04:c6:59:9b:31:c8:bf:
0b:c3:e2:cf:59:ec:2d:84:6d:e2:7e:36:21:b5:9d:
15:42:53:5b:d6:19:27:69:67:2d:c2:fb:da:ea:2c:
f4:1a:72:a7:2b:a2:6b:af:98:a6:06:2a:5b:49:70:
c8:ac:3a:d2:df:14:eb:6d:d6:d2:c7:26:30:cd:12:
d0:b3:13:1d:7a:fc:3e:77:f9:03:68:84:6d:e9:aa:
19:91:2e:be:e2:ae:41:bc:60:0e:03:7d:7c:b4:d3:
c6:cd:f6:d0:3c:b3:e1:23:82:9b:84:22:4b:eb:c5:
ad:5b:a9:ac:31:58:6d:cb:83:e1:86:15:22:1d:0b:
7d:87:a4:22:62:0a:42:4c:3b:d7:0a:64:13:8d:f1:
49:05:c2:e9:fd:f2:c2:9c:ec:2f:a3:a2:c3:f5:e1:
45:17:73:98:92:60:3b:f9:3e:44:d2:80:af:5c:72:
e6:dc:82:de:98:4a:81:30:fc:dd:50:13:9a:42:1e:
27:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:BB:CA:18:AA:10:3C:4C:B5:CD:24:32:87:09:77:14:6C:C2:94:E0
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/yrvKGKoQPEy1zSQyhwl3FGzClOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.92.0/24
178.239.198.0/24
185.192.70.0/24
194.32.120.0/24
Signature Algorithm: sha256WithRSAEncryption
14:1a:6b:a3:4c:29:a4:91:28:82:54:ec:2b:2f:15:8d:69:2b:
4d:71:9f:89:19:0c:49:e7:bf:aa:69:c9:ec:f2:cb:95:b3:21:
21:7d:51:9a:88:15:e0:04:a5:4c:76:43:2e:a8:fb:70:83:22:
f2:9f:42:5e:77:28:06:b6:a0:8e:35:f3:ae:d9:23:d5:53:1a:
d3:e1:a5:c3:96:a1:18:02:c8:12:64:d8:ca:08:be:d2:7d:b9:
82:b7:8b:39:93:a2:af:ff:f2:de:ac:4f:0b:9f:2c:ed:79:40:
fe:1b:f3:dd:bf:8b:97:31:d8:cb:7d:1e:8f:25:a5:19:2d:fd:
d1:0d:01:6f:36:c8:53:f6:a2:4e:7c:99:e4:58:c0:25:97:89:
83:19:c6:2b:ec:de:15:70:8c:23:fd:8f:ff:64:c8:1d:b2:d8:
0c:f3:3a:2f:b6:96:52:d0:e9:47:59:33:f3:d3:c5:78:20:c7:
89:82:48:f4:58:bc:ff:ca:c9:53:7d:74:e1:6d:a8:54:92:5e:
cd:2e:bc:72:b2:f5:c2:48:f1:fc:95:20:fa:d3:a4:ac:ec:1d:
30:96:f3:16:ca:24:e8:d8:da:ca:08:ee:d3:3d:f5:08:89:7a:
79:5d:a1:81:a8:fb:e4:a7:25:dc:01:e9:09:e2:b0:fd:24:2e:
02:4a:49:ee
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzFAQ/iNmqxskDKi1VzDB77MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTAxMTIzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWJiY2ExOGFhMTAzYzRjYjVjZDI0MzI4NzA5NzcxNDZjYzI5NGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFGqWbEEAgJoXhJwDCB6/2jETP2v
GVbyK9+6PNFrMSyfbqf27uXaGezUEh7Mj4b7LmoyLpcLjakIn9DRf3/W71UCXwTG
WZsxyL8Lw+LPWewthG3ifjYhtZ0VQlNb1hknaWctwvva6iz0GnKnK6Jrr5imBipb
SXDIrDrS3xTrbdbSxyYwzRLQsxMdevw+d/kDaIRt6aoZkS6+4q5BvGAOA318tNPG
zfbQPLPhI4KbhCJL68WtW6msMVhty4PhhhUiHQt9h6QiYgpCTDvXCmQTjfFJBcLp
/fLCnOwvo6LD9eFFF3OYkmA7+T5E0oCvXHLm3ILemEqBMPzdUBOaQh4n4wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMq7yhiqEDxMtc0kMocJdxRswpTgMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEveXJ2S0dLb1FQRXkxelNReWh3bDNGR3pDbE9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWShcAwQA
su/GAwQAucBGAwQAwiB4MA0GCSqGSIb3DQEBCwUAA4IBAQAUGmujTCmkkSiCVOwr
LxWNaStNcZ+JGQxJ57+qacns8suVsyEhfVGaiBXgBKVMdkMuqPtwgyLyn0JedygG
tqCONfOu2SPVUxrT4aXDlqEYAsgSZNjKCL7SfbmCt4s5k6Kv//LerE8LnyzteUD+
G/Pdv4uXMdjLfR6PJaUZLf3RDQFvNshT9qJOfJnkWMAll4mDGcYr7N4VcIwj/Y//
ZMgdstgM8zovtpZS0OlHWTPz08V4IMeJgkj0WLz/yslTfXThbahUkl7NLrxysvXC
SPH8lSD606Ss7B0wlvMWyiTo2NrKCO7TPfUIiXp5XaGBqPvkpyXcAekJ4rD9JC4C
Sknu
-----END CERTIFICATE-----
Generated at Mon May 6 06:51:20 2024 by rpki-client on console-ams.rpki-client.org