Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/ymHEOOwyWVzV_CpKsQVa4HcE12k.roa
File: ymHEOOwyWVzV_CpKsQVa4HcE12k.roa (raw, json)
Hash identifier: 8sWk8x8UOzr93L+wTHhq4t/AQek5KFg1tr1Y4NvleyA=
Subject key identifier: CA:61:C4:38:EC:32:59:5C:D5:FC:2A:4A:B1:05:5A:E0:77:04:D7:69
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 018CC94E6D53512734C9BAA7510221A437BC
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/ymHEOOwyWVzV_CpKsQVa4HcE12k.roa
Signing time: Tue 02 Jan 2024 08:33:29 +0000
ROA not before: Tue 02 Jan 2024 08:33:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59436
IP address blocks: 46.3.242.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.mft
rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:6d:53:51:27:34:c9:ba:a7:51:02:21:a4:37:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Jan 2 08:33:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca61c438ec32595cd5fc2a4ab1055ae07704d769
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:27:50:b2:16:c5:35:27:4d:cb:18:f5:ef:06:
5a:21:5f:8d:ef:1e:35:b0:78:08:bb:03:c2:6a:02:
1d:63:4a:ee:c8:80:a7:1e:df:9f:d4:61:7a:9d:c2:
73:83:90:59:5f:ad:18:2d:18:19:59:8a:96:ab:fd:
75:b1:a4:c9:10:83:b3:35:23:88:fb:b9:8e:98:cc:
62:aa:0a:13:28:af:56:35:68:1e:52:d2:c2:63:09:
9f:12:49:a6:2f:e8:a4:3f:13:99:e7:0d:27:e5:9d:
f9:0a:12:2d:5c:25:61:5a:25:29:7e:24:40:e9:7b:
35:29:5a:52:b0:62:af:9b:d5:3f:c1:11:61:7a:56:
3d:1b:e9:3b:12:4c:ef:28:74:7c:94:b4:df:98:d5:
db:b7:8b:00:59:ba:f6:eb:b4:8d:77:aa:df:06:5a:
d6:61:5a:ff:ba:b0:a4:7b:66:07:b8:63:ee:16:f9:
9d:6d:ec:c2:d5:53:4b:0a:4a:e4:7f:e2:7e:b2:8f:
54:2b:6b:5f:49:9a:32:cc:f3:e5:6d:b2:44:80:43:
f6:3a:cb:18:36:2f:bf:59:a2:7a:27:52:15:61:f4:
9c:9e:3b:47:0e:20:0e:13:f8:5d:75:ca:49:6c:c4:
3d:cb:2a:c9:b1:4e:82:b4:ab:40:b4:2b:1f:32:dc:
62:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:61:C4:38:EC:32:59:5C:D5:FC:2A:4A:B1:05:5A:E0:77:04:D7:69
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/ymHEOOwyWVzV_CpKsQVa4HcE12k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.242.0/23
Signature Algorithm: sha256WithRSAEncryption
61:07:fe:40:c7:f5:c2:f2:ca:65:00:b4:72:86:76:60:19:95:
32:9d:37:04:32:68:7a:34:ee:0d:38:ae:cc:0f:cc:69:0e:6e:
13:1c:6b:2b:64:15:dd:ad:a4:bd:81:6c:00:3e:5a:1b:2c:66:
9e:6b:c1:c8:8c:c6:fc:37:12:af:0d:12:9a:27:05:cf:93:f0:
1b:2c:c7:73:da:aa:81:c1:42:87:08:be:63:56:37:9d:e8:9f:
c2:55:7a:06:d6:14:83:b5:21:77:9e:29:a4:f3:6a:12:a5:68:
58:7b:68:5f:ff:64:35:d0:05:9a:e0:8d:8e:bf:d2:66:bf:f3:
00:b8:4b:90:ac:fd:a5:b1:36:0d:28:34:f7:b0:a9:07:aa:21:
bc:6f:2b:e6:a6:2b:fe:fd:b6:9d:50:b5:47:82:26:cb:b7:d0:
04:96:95:16:98:5e:e6:40:70:0b:32:79:29:75:fe:e0:98:70:
d8:0d:ae:30:aa:2b:e3:15:7b:20:df:3b:1b:39:0f:2a:ca:a9:
e9:2c:ef:82:81:45:34:66:b3:5a:fc:75:7e:45:51:d5:da:40:
bc:aa:32:e6:00:8c:ed:eb:a3:5d:42:bd:38:45:6e:6a:ab:4b:
dd:45:e6:a4:7b:0d:59:8f:1d:6f:8b:61:21:5a:19:27:e8:92:
91:8d:23:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTm1TUSc0ybqnUQIhpDe8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjQwMTAyMDgzMzI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTYxYzQzOGVjMzI1OTVjZDVmYzJhNGFiMTA1NWFlMDc3MDRkNzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiidQshbFNSdNyxj17wZaIV+N7x41
sHgIuwPCagIdY0ruyICnHt+f1GF6ncJzg5BZX60YLRgZWYqWq/11saTJEIOzNSOI
+7mOmMxiqgoTKK9WNWgeUtLCYwmfEkmmL+ikPxOZ5w0n5Z35ChItXCVhWiUpfiRA
6Xs1KVpSsGKvm9U/wRFhelY9G+k7EkzvKHR8lLTfmNXbt4sAWbr267SNd6rfBlrW
YVr/urCke2YHuGPuFvmdbezC1VNLCkrkf+J+so9UK2tfSZoyzPPlbbJEgEP2OssY
Ni+/WaJ6J1IVYfScnjtHDiAOE/hddcpJbMQ9yyrJsU6CtKtAtCsfMtxigwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMphxDjsMllc1fwqSrEFWuB3BNdpMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEveW1IRU9Pd3lXVnpWX0NwS3NRVmE0SGNFMTJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLgPyMA0G
CSqGSIb3DQEBCwUAA4IBAQBhB/5Ax/XC8splALRyhnZgGZUynTcEMmh6NO4NOK7M
D8xpDm4THGsrZBXdraS9gWwAPlobLGaea8HIjMb8NxKvDRKaJwXPk/AbLMdz2qqB
wUKHCL5jVjed6J/CVXoG1hSDtSF3nimk82oSpWhYe2hf/2Q10AWa4I2Ov9Jmv/MA
uEuQrP2lsTYNKDT3sKkHqiG8byvmpiv+/badULVHgibLt9AElpUWmF7mQHALMnkp
df7gmHDYDa4wqivjFXsg3zsbOQ8qyqnpLO+CgUU0ZrNa/HV+RVHV2kC8qjLmAIzt
66NdQr04RW5qq0vdReakew1Zjx1vi2EhWhkn6JKRjSM9
-----END CERTIFICATE-----
Generated at Mon Nov 25 09:34:20 2024 by rpki-client on console-fra.rpki-client.org