Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/978837-1023-4b39-9b37-a108dbe0fd1f/1/YcvglW45trHd9TikrBDBne7Z6Og.roa
File: YcvglW45trHd9TikrBDBne7Z6Og.roa (raw, json)
Hash identifier: oa1mMxhJP5VLMEaxzDBABu/oMCkGLr0++ZAUYEaGJY0=
Subject key identifier: 61:CB:E0:95:6E:39:B6:B1:DD:F5:38:A4:AC:10:C1:9D:EE:D9:E8:E8
Certificate issuer: /CN=aa0bd78ca2caa5eb8ff3b9e823774dc1b74debeb
Certificate serial: 018F1537C333CA57D88F3B1398B60CB326DC
Authority key identifier: AA:0B:D7:8C:A2:CA:A5:EB:8F:F3:B9:E8:23:77:4D:C1:B7:4D:EB:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qgvXjKLKpeuP87noI3dNwbdN6-s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/978837-1023-4b39-9b37-a108dbe0fd1f/1/YcvglW45trHd9TikrBDBne7Z6Og.roa
Signing time: Thu 25 Apr 2024 12:25:27 +0000
ROA not before: Thu 25 Apr 2024 12:25:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61998
IP address blocks: 194.36.124.0/24 maxlen: 24
194.36.125.0/24 maxlen: 24
194.36.126.0/24 maxlen: 24
194.36.127.0/24 maxlen: 24
2a0c:bfc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/978837-1023-4b39-9b37-a108dbe0fd1f/1/qgvXjKLKpeuP87noI3dNwbdN6-s.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/978837-1023-4b39-9b37-a108dbe0fd1f/1/qgvXjKLKpeuP87noI3dNwbdN6-s.mft
rsync://rpki.ripe.net/repository/DEFAULT/qgvXjKLKpeuP87noI3dNwbdN6-s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 01 Jul 2024 03:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:15:37:c3:33:ca:57:d8:8f:3b:13:98:b6:0c:b3:26:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa0bd78ca2caa5eb8ff3b9e823774dc1b74debeb
Validity
Not Before: Apr 25 12:25:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61cbe0956e39b6b1ddf538a4ac10c19deed9e8e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:cd:c2:87:1e:6e:ee:2f:fc:e9:0b:a0:ee:d8:
a2:ba:dc:7b:d8:25:05:c3:08:84:ae:be:12:09:20:
d1:8c:22:4a:e7:43:3c:2d:b8:ec:b1:fa:62:f7:b2:
4b:e6:e2:07:9d:a8:ed:cd:39:36:b1:3f:57:5f:f2:
96:18:1f:6c:68:1b:84:ba:98:d4:94:12:b9:45:85:
40:c9:15:de:b5:1d:93:db:d9:b7:21:e3:dc:13:dc:
1e:50:d6:2f:dd:1f:4d:ab:9b:a5:2e:78:0b:1c:d0:
dc:42:b2:6d:4c:ff:83:28:86:51:be:93:09:b6:54:
28:bd:98:d3:2a:6d:1f:90:47:b7:d2:f4:b8:47:47:
98:0c:60:a6:65:3a:5d:8a:cd:6a:30:60:ec:22:c1:
98:6b:23:5e:3c:ba:17:69:98:9b:b9:35:2a:b7:55:
53:7f:ac:38:3a:5e:f4:ec:87:2c:c5:8f:31:fd:e6:
47:92:28:5e:a3:8f:16:7a:3b:25:e6:ae:9b:f9:0d:
50:5e:66:2a:94:ab:35:15:28:57:e7:75:f4:b2:fd:
c8:c6:0e:7c:44:95:7a:4f:18:8a:30:53:f1:a6:b1:
14:84:7d:b4:2e:83:89:de:7a:32:22:a6:e9:1c:93:
89:a2:ad:2f:35:c7:3d:5f:4e:a7:7c:15:42:ef:90:
a7:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:CB:E0:95:6E:39:B6:B1:DD:F5:38:A4:AC:10:C1:9D:EE:D9:E8:E8
X509v3 Authority Key Identifier:
keyid:AA:0B:D7:8C:A2:CA:A5:EB:8F:F3:B9:E8:23:77:4D:C1:B7:4D:EB:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qgvXjKLKpeuP87noI3dNwbdN6-s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/978837-1023-4b39-9b37-a108dbe0fd1f/1/YcvglW45trHd9TikrBDBne7Z6Og.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/978837-1023-4b39-9b37-a108dbe0fd1f/1/qgvXjKLKpeuP87noI3dNwbdN6-s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.36.124.0/22
IPv6:
2a0c:bfc0::/29
Signature Algorithm: sha256WithRSAEncryption
77:ba:b3:96:b1:8d:b5:79:fb:9d:e4:ab:c1:b9:d7:2a:47:c6:
ce:7a:1d:cd:2b:c6:fd:7d:09:fc:16:15:9a:00:03:73:01:ac:
e4:49:13:70:3a:1d:95:78:8d:f4:b6:0d:c0:a7:5b:23:21:8e:
a7:7e:3d:f2:66:56:db:40:d8:57:51:21:3c:1e:17:5c:07:1e:
1f:42:de:fb:0a:52:90:e1:77:52:a7:44:90:33:0f:0c:c5:f4:
6e:2f:39:2a:32:0d:4a:e6:50:93:dd:3c:77:b7:f4:c4:17:eb:
b9:3d:2c:f2:fe:f7:d9:32:e8:b1:24:e5:c6:f4:ad:0a:84:f6:
0f:40:a5:f8:68:c4:05:9f:78:94:e6:50:33:c5:4d:f4:7a:ba:
e8:c3:ee:aa:d7:2f:55:cd:cd:05:47:4d:63:c2:94:36:c8:0b:
80:bb:3b:41:23:cd:45:77:5a:ed:c5:5f:85:5d:78:16:d6:eb:
4a:c9:8a:a5:f8:90:8c:31:f6:55:46:ef:33:fc:87:02:3f:48:
39:0f:71:cd:4e:70:d6:25:10:9c:c1:fb:b1:9c:7b:be:7e:c0:
3a:e7:c8:f1:43:72:95:d4:fe:b7:18:3c:2f:8b:cc:45:60:6b:
2b:43:0f:17:ab:14:11:0f:e7:97:6a:d5:22:31:1b:36:9e:9c:
83:8f:0a:be
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY8VN8MzylfYjzsTmLYMsybcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMGJkNzhjYTJjYWE1ZWI4ZmYzYjllODIzNzc0ZGMxYjc0
ZGViZWIwHhcNMjQwNDI1MTIyNTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWNiZTA5NTZlMzliNmIxZGRmNTM4YTRhYzEwYzE5ZGVlZDllOGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoc3Chx5u7i/86Qug7tiiutx72CUF
wwiErr4SCSDRjCJK50M8Lbjssfpi97JL5uIHnajtzTk2sT9XX/KWGB9saBuEupjU
lBK5RYVAyRXetR2T29m3IePcE9weUNYv3R9Nq5ulLngLHNDcQrJtTP+DKIZRvpMJ
tlQovZjTKm0fkEe30vS4R0eYDGCmZTpdis1qMGDsIsGYayNePLoXaZibuTUqt1VT
f6w4Ol707IcsxY8x/eZHkiheo48Wejsl5q6b+Q1QXmYqlKs1FShX53X0sv3Ixg58
RJV6TxiKMFPxprEUhH20LoOJ3noyIqbpHJOJoq0vNcc9X06nfBVC75CnWQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGHL4JVuObax3fU4pKwQwZ3u2ejoMB8GA1UdIwQY
MBaAFKoL14yiyqXrj/O56CN3TcG3TevrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWd2WGpLTEtwZXVQODdub0kzZE53YmRONi1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy85Nzg4MzctMTAyMy00YjM5LTliMzct
YTEwOGRiZTBmZDFmLzEvWWN2Z2xXNDV0ckhkOVRpa3JCREJuZTdaNk9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy85Nzg4MzctMTAyMy00YjM5LTliMzctYTEwOGRiZTBmZDFm
LzEvcWd2WGpLTEtwZXVQODdub0kzZE53YmRONi1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwiR8MA0E
AgACMAcDBQMqDL/AMA0GCSqGSIb3DQEBCwUAA4IBAQB3urOWsY21efud5KvBudcq
R8bOeh3NK8b9fQn8FhWaAANzAazkSRNwOh2VeI30tg3Ap1sjIY6nfj3yZlbbQNhX
USE8HhdcBx4fQt77ClKQ4XdSp0SQMw8MxfRuLzkqMg1K5lCT3Tx3t/TEF+u5PSzy
/vfZMuixJOXG9K0KhPYPQKX4aMQFn3iU5lAzxU30errow+6q1y9Vzc0FR01jwpQ2
yAuAuztBI81Fd1rtxV+FXXgW1utKyYql+JCMMfZVRu8z/IcCP0g5D3HNTnDWJRCc
wfuxnHu+fsA658jxQ3KV1P63GDwvi8xFYGsrQw8XqxQRD+eXatUiMRs2npyDjwq+
-----END CERTIFICATE-----
Generated at Sun Jun 30 10:09:54 2024 by rpki-client on console-fra.rpki-client.org