Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/395684-c872-4217-b27c-8b5ea6648176/1/yYL7NqpoWSZJ1cqMkquPgCRVL58.roa
File: yYL7NqpoWSZJ1cqMkquPgCRVL58.roa (raw, json)
Hash identifier: 5kPSj6ACHtK8YZLxswaMx/GgoPwUJe37Sd8QoaJ3DWI=
Subject key identifier: C9:82:FB:36:AA:68:59:26:49:D5:CA:8C:92:AB:8F:80:24:55:2F:9F
Certificate issuer: /CN=b043e621fe1009701f6366843c0abc41e180c144
Certificate serial: 018CC72746B1F2CDF7FF20EA70DF3979D104
Authority key identifier: B0:43:E6:21:FE:10:09:70:1F:63:66:84:3C:0A:BC:41:E1:80:C1:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sEPmIf4QCXAfY2aEPAq8QeGAwUQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/395684-c872-4217-b27c-8b5ea6648176/1/yYL7NqpoWSZJ1cqMkquPgCRVL58.roa
Signing time: Mon 01 Jan 2024 22:31:29 +0000
ROA not before: Mon 01 Jan 2024 22:31:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8708
IP address blocks: 193.111.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/395684-c872-4217-b27c-8b5ea6648176/1/sEPmIf4QCXAfY2aEPAq8QeGAwUQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/395684-c872-4217-b27c-8b5ea6648176/1/sEPmIf4QCXAfY2aEPAq8QeGAwUQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/sEPmIf4QCXAfY2aEPAq8QeGAwUQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 20:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:46:b1:f2:cd:f7:ff:20:ea:70:df:39:79:d1:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b043e621fe1009701f6366843c0abc41e180c144
Validity
Not Before: Jan 1 22:31:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c982fb36aa68592649d5ca8c92ab8f8024552f9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:c5:6c:75:50:6a:f4:e9:6a:04:4d:cb:04:1c:
8a:fd:59:bf:76:20:b2:86:e6:22:87:98:da:79:27:
b4:c0:18:aa:7d:65:3d:4b:47:15:76:4c:00:93:dd:
b5:ab:04:30:e9:08:ab:c0:c5:e7:b0:24:f4:0d:07:
10:6c:4a:ef:82:d6:92:d6:ad:2f:8f:f3:da:73:b4:
86:dd:46:b5:a7:ed:b5:d4:d0:33:d5:b3:29:50:71:
f3:88:47:0d:06:cb:bc:50:92:60:8c:c3:29:71:c7:
02:a0:8c:a8:e1:68:d1:cc:b9:1d:13:86:ea:56:8b:
99:f4:00:2c:30:c9:dc:51:3e:db:f5:a1:47:00:c7:
c3:b3:cb:a5:9e:a1:80:12:d4:b3:08:5c:0e:4e:d5:
87:27:ab:5c:99:6a:18:ed:91:f5:b7:30:8e:7d:dd:
f2:4c:eb:fb:1a:a1:fd:0c:03:ac:07:fb:9d:10:57:
88:b7:25:5e:92:09:06:3b:cb:a9:ec:54:80:d6:6a:
38:e2:cc:a8:79:4f:a6:45:32:c2:d4:99:5f:c3:f2:
c5:55:f3:80:c9:71:36:54:7f:49:99:3f:c5:41:9d:
71:04:ef:28:f3:7f:ca:1c:24:5e:47:c2:3b:af:85:
ce:ca:9f:b3:14:47:91:e0:53:1a:70:e1:3e:66:5b:
60:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:82:FB:36:AA:68:59:26:49:D5:CA:8C:92:AB:8F:80:24:55:2F:9F
X509v3 Authority Key Identifier:
keyid:B0:43:E6:21:FE:10:09:70:1F:63:66:84:3C:0A:BC:41:E1:80:C1:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sEPmIf4QCXAfY2aEPAq8QeGAwUQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/395684-c872-4217-b27c-8b5ea6648176/1/yYL7NqpoWSZJ1cqMkquPgCRVL58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/395684-c872-4217-b27c-8b5ea6648176/1/sEPmIf4QCXAfY2aEPAq8QeGAwUQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.161.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:18:c7:2d:38:25:41:82:1c:15:9c:d9:58:ae:e9:e8:5c:ee:
44:f1:06:d4:5d:ca:62:0b:3b:3b:f2:bb:7d:50:91:ae:b7:fc:
92:25:d3:08:75:2b:05:08:35:82:e2:9c:4c:a1:82:e6:1f:ae:
6c:af:dd:48:15:46:a1:ed:9d:a5:00:bd:06:22:0c:14:a0:34:
5a:16:c6:5f:66:b1:e1:fe:f5:ce:61:8a:a2:69:c8:19:97:68:
80:65:ce:3d:fa:8a:2e:2b:d1:8f:24:b0:cb:7d:24:5e:61:bd:
51:bd:ed:68:65:73:23:fb:67:79:0f:13:2f:de:17:ec:82:a4:
51:2f:8f:c6:9a:10:d8:91:a2:8d:27:ec:05:82:db:6b:30:f1:
98:e3:e4:f0:17:f6:5b:60:95:26:8f:38:d7:80:c0:77:2e:de:
13:d8:89:1b:14:02:c9:f1:97:59:41:c8:f9:a3:d3:55:63:5e:
8c:b8:9b:0e:d2:09:bf:bd:5d:c4:55:ee:ac:34:8a:36:f0:39:
38:b3:67:28:ac:da:2e:53:fe:5e:a4:d7:44:5f:65:3d:85:63:
f0:02:6e:99:02:cc:9f:21:88:bd:3e:a3:7d:01:e9:35:4f:16:
57:f8:5a:34:fb:aa:d3:de:54:9a:4e:69:40:0e:34:71:96:af:
92:fb:80:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJ0ax8s33/yDqcN85edEEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNDNlNjIxZmUxMDA5NzAxZjYzNjY4NDNjMGFiYzQxZTE4
MGMxNDQwHhcNMjQwMTAxMjIzMTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTgyZmIzNmFhNjg1OTI2NDlkNWNhOGM5MmFiOGY4MDI0NTUyZjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcVsdVBq9OlqBE3LBByK/Vm/diCy
huYih5jaeSe0wBiqfWU9S0cVdkwAk921qwQw6QirwMXnsCT0DQcQbErvgtaS1q0v
j/Pac7SG3Ua1p+211NAz1bMpUHHziEcNBsu8UJJgjMMpcccCoIyo4WjRzLkdE4bq
VouZ9AAsMMncUT7b9aFHAMfDs8ulnqGAEtSzCFwOTtWHJ6tcmWoY7ZH1tzCOfd3y
TOv7GqH9DAOsB/udEFeItyVekgkGO8up7FSA1mo44syoeU+mRTLC1Jlfw/LFVfOA
yXE2VH9JmT/FQZ1xBO8o83/KHCReR8I7r4XOyp+zFEeR4FMacOE+ZltgqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMmC+zaqaFkmSdXKjJKrj4AkVS+fMB8GA1UdIwQY
MBaAFLBD5iH+EAlwH2NmhDwKvEHhgMFEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0VQbUlmNFFDWEFmWTJhRVBBcThRZUdBd1VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC8zOTU2ODQtYzg3Mi00MjE3LWIyN2Mt
OGI1ZWE2NjQ4MTc2LzEveVlMN05xcG9XU1pKMWNxTWtxdVBnQ1JWTDU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC8zOTU2ODQtYzg3Mi00MjE3LWIyN2MtOGI1ZWE2NjQ4MTc2
LzEvc0VQbUlmNFFDWEFmWTJhRVBBcThRZUdBd1VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwW+hMA0G
CSqGSIb3DQEBCwUAA4IBAQBtGMctOCVBghwVnNlYrunoXO5E8QbUXcpiCzs78rt9
UJGut/ySJdMIdSsFCDWC4pxMoYLmH65sr91IFUah7Z2lAL0GIgwUoDRaFsZfZrHh
/vXOYYqiacgZl2iAZc49+oouK9GPJLDLfSReYb1Rve1oZXMj+2d5DxMv3hfsgqRR
L4/GmhDYkaKNJ+wFgttrMPGY4+TwF/ZbYJUmjzjXgMB3Lt4T2IkbFALJ8ZdZQcj5
o9NVY16MuJsO0gm/vV3EVe6sNIo28Dk4s2corNouU/5epNdEX2U9hWPwAm6ZAsyf
IYi9PqN9Aek1TxZX+Fo0+6rT3lSaTmlADjRxlq+S+4Cl
-----END CERTIFICATE-----
Generated at Sun May 19 00:38:52 2024 by rpki-client on console-ams.rpki-client.org