Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/cf5758-aff7-4d88-b7dc-772918fff544/1/pYpy0y4-gyn4kxpR5rfxZ8y43IA.roa
File: pYpy0y4-gyn4kxpR5rfxZ8y43IA.roa (raw, json)
Hash identifier: D6GxiV73MrMInGkPISEWZyR97QTKxev/Joz1STUUkvM=
Subject key identifier: A5:8A:72:D3:2E:3E:83:29:F8:93:1A:51:E6:B7:F1:67:CC:B8:DC:80
Certificate issuer: /CN=9585c19915455835457413ef222a7d375b29901d
Certificate serial: 018CC3B709320C9D5E4A71B7E9922B8D8114
Authority key identifier: 95:85:C1:99:15:45:58:35:45:74:13:EF:22:2A:7D:37:5B:29:90:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lYXBmRVFWDVFdBPvIip9N1spkB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/cf5758-aff7-4d88-b7dc-772918fff544/1/pYpy0y4-gyn4kxpR5rfxZ8y43IA.roa
Signing time: Mon 01 Jan 2024 06:30:01 +0000
ROA not before: Mon 01 Jan 2024 06:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12798
IP address blocks: 185.82.48.0/24 maxlen: 24
185.82.51.0/24 maxlen: 24
185.82.50.0/24 maxlen: 24
212.22.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/cf5758-aff7-4d88-b7dc-772918fff544/1/lYXBmRVFWDVFdBPvIip9N1spkB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/cf5758-aff7-4d88-b7dc-772918fff544/1/lYXBmRVFWDVFdBPvIip9N1spkB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/lYXBmRVFWDVFdBPvIip9N1spkB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:09:32:0c:9d:5e:4a:71:b7:e9:92:2b:8d:81:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9585c19915455835457413ef222a7d375b29901d
Validity
Not Before: Jan 1 06:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a58a72d32e3e8329f8931a51e6b7f167ccb8dc80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:43:15:59:7f:fd:1f:2e:31:26:87:d0:23:6f:
08:11:e1:bf:02:03:aa:c8:2e:3e:18:b8:b0:57:82:
60:1e:d1:09:56:e6:87:47:38:18:10:5c:a9:96:74:
a8:bf:d6:f4:0e:75:1d:ce:a1:e3:d2:f2:3a:e4:6d:
a2:a4:f3:ce:b9:81:c7:51:e7:8e:10:a9:5e:22:01:
c7:3d:bd:28:72:33:89:7b:79:98:69:1b:84:f9:40:
06:e7:d6:db:ff:42:a6:33:75:d6:1d:2a:02:1d:cf:
11:c2:f7:9b:ed:fc:82:ab:eb:ae:15:63:ee:57:4f:
7a:5b:5f:18:59:f3:05:c1:6d:19:44:53:5e:d8:9c:
1f:54:e3:b9:6e:10:f0:7d:dd:b3:db:8c:a0:b9:59:
8a:a4:e3:7c:62:3c:b1:6c:fa:63:18:cd:37:a5:1b:
b7:8e:de:d3:e6:5a:3b:2e:34:9d:1f:76:57:84:11:
d4:9e:9a:5f:43:70:89:cb:aa:97:41:3a:77:c2:da:
f5:55:22:e4:13:03:ef:27:9f:93:d4:b0:25:6c:77:
49:cd:ef:81:1f:25:4b:b1:f4:4b:e1:65:04:06:31:
1d:b2:b7:64:e2:d1:b4:e8:8f:e1:3f:dd:ca:0e:6e:
81:f6:ac:d3:20:6d:6b:1e:96:b7:a4:d3:8e:b1:95:
61:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:8A:72:D3:2E:3E:83:29:F8:93:1A:51:E6:B7:F1:67:CC:B8:DC:80
X509v3 Authority Key Identifier:
keyid:95:85:C1:99:15:45:58:35:45:74:13:EF:22:2A:7D:37:5B:29:90:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lYXBmRVFWDVFdBPvIip9N1spkB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/cf5758-aff7-4d88-b7dc-772918fff544/1/pYpy0y4-gyn4kxpR5rfxZ8y43IA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/cf5758-aff7-4d88-b7dc-772918fff544/1/lYXBmRVFWDVFdBPvIip9N1spkB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.82.48.0/24
185.82.50.0/23
212.22.224.0/19
Signature Algorithm: sha256WithRSAEncryption
0f:1c:59:b6:aa:a6:0b:c2:b2:a7:f8:e6:43:17:fd:f4:c3:e5:
53:57:a9:90:e9:97:a4:3f:26:f1:e0:fa:48:51:86:90:30:b9:
c6:42:4c:43:21:fc:f6:b4:8b:3b:1a:7a:38:a5:96:72:7e:1d:
6a:e8:1d:67:5e:16:44:64:30:de:5f:13:10:d6:6d:4c:4d:00:
c9:ad:82:9d:21:67:9b:76:a6:05:d8:af:43:a5:cf:52:81:17:
d7:bb:9e:f4:b8:06:89:2a:92:25:06:e2:e5:ca:a0:0d:04:c3:
9e:fa:f5:52:b5:d1:51:37:80:cf:3a:e3:9d:c7:1c:4d:ba:de:
1a:32:0d:5c:27:5e:ae:d7:a7:29:a2:07:3b:18:f7:13:c8:1f:
54:46:5f:0f:f2:fe:33:0c:6d:d1:ae:76:ef:8a:c3:e4:91:45:
6e:36:70:19:86:01:3b:5d:a0:21:39:b7:5a:81:cd:69:06:f2:
ac:34:61:e8:e0:83:f7:a2:69:9a:e4:eb:d0:b2:2b:24:06:74:
9e:db:f4:59:f7:cf:04:c0:42:e6:29:b0:7b:15:b8:e5:df:4c:
98:3e:9d:fe:bc:c7:0f:78:84:d3:26:60:d1:4e:2d:2e:d2:fe:
f4:ee:1b:30:ef:4f:a9:61:5e:d8:36:33:39:f3:ba:66:3d:de:
95:44:27:ee
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDtwkyDJ1eSnG36ZIrjYEUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ODVjMTk5MTU0NTU4MzU0NTc0MTNlZjIyMmE3ZDM3NWIy
OTkwMWQwHhcNMjQwMTAxMDYzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNThhNzJkMzJlM2U4MzI5Zjg5MzFhNTFlNmI3ZjE2N2NjYjhkYzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0MVWX/9Hy4xJofQI28IEeG/AgOq
yC4+GLiwV4JgHtEJVuaHRzgYEFyplnSov9b0DnUdzqHj0vI65G2ipPPOuYHHUeeO
EKleIgHHPb0ocjOJe3mYaRuE+UAG59bb/0KmM3XWHSoCHc8Rwveb7fyCq+uuFWPu
V096W18YWfMFwW0ZRFNe2JwfVOO5bhDwfd2z24yguVmKpON8YjyxbPpjGM03pRu3
jt7T5lo7LjSdH3ZXhBHUnppfQ3CJy6qXQTp3wtr1VSLkEwPvJ5+T1LAlbHdJze+B
HyVLsfRL4WUEBjEdsrdk4tG06I/hP93KDm6B9qzTIG1rHpa3pNOOsZVhgQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKWKctMuPoMp+JMaUea38WfMuNyAMB8GA1UdIwQY
MBaAFJWFwZkVRVg1RXQT7yIqfTdbKZAdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFlYQm1SVkZXRFZGZEJQdklpcDlOMXNwa0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jZjU3NTgtYWZmNy00ZDg4LWI3ZGMt
NzcyOTE4ZmZmNTQ0LzEvcFlweTB5NC1neW40a3hwUjVyZnhaOHk0M0lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jZjU3NTgtYWZmNy00ZDg4LWI3ZGMtNzcyOTE4ZmZmNTQ0
LzEvbFlYQm1SVkZXRFZGZEJQdklpcDlOMXNwa0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuVIwAwQB
uVIyAwQF1BbgMA0GCSqGSIb3DQEBCwUAA4IBAQAPHFm2qqYLwrKn+OZDF/30w+VT
V6mQ6ZekPybx4PpIUYaQMLnGQkxDIfz2tIs7Gno4pZZyfh1q6B1nXhZEZDDeXxMQ
1m1MTQDJrYKdIWebdqYF2K9Dpc9SgRfXu570uAaJKpIlBuLlyqANBMOe+vVStdFR
N4DPOuOdxxxNut4aMg1cJ16u16cpogc7GPcTyB9URl8P8v4zDG3RrnbvisPkkUVu
NnAZhgE7XaAhObdagc1pBvKsNGHo4IP3omma5OvQsiskBnSe2/RZ988EwELmKbB7
Fbjl30yYPp3+vMcPeITTJmDRTi0u0v707hsw70+pYV7YNjM587pmPd6VRCfu
-----END CERTIFICATE-----
Generated at Mon Nov 25 04:45:29 2024 by rpki-client on console-ams.rpki-client.org