Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YlDPxuZSiKacNi0_gW8xRLPkJTs.roa
File: YlDPxuZSiKacNi0_gW8xRLPkJTs.roa (raw, json)
Hash identifier: hI00cARilHnpEZ40NnisFCCEUEpH4eex2cFR0zQL9U0=
Subject key identifier: 62:50:CF:C6:E6:52:88:A6:9C:36:2D:3F:81:6F:31:44:B3:E4:25:3B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CCA2A92BE660428EF0FD84921B81422EE
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YlDPxuZSiKacNi0_gW8xRLPkJTs.roa
Signing time: Tue 02 Jan 2024 12:33:56 +0000
ROA not before: Tue 02 Jan 2024 12:33:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212609
IP address blocks: 62.76.232.0/24 maxlen: 24
194.87.125.0/24 maxlen: 24
194.87.139.0/24 maxlen: 24
195.58.33.0/24 maxlen: 24
195.58.57.0/24 maxlen: 24
193.124.206.0/24 maxlen: 24
212.193.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:92:be:66:04:28:ef:0f:d8:49:21:b8:14:22:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 12:33:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6250cfc6e65288a69c362d3f816f3144b3e4253b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:af:2e:7f:50:e2:23:6e:8f:f6:e6:e3:44:77:
74:4c:16:88:82:d5:25:bd:83:e8:0e:82:92:b6:55:
96:b1:50:1e:b6:73:5a:b3:2f:1a:9d:be:07:54:d8:
96:d6:f1:51:ec:32:ad:d7:ae:e1:75:25:6f:e4:3f:
e2:10:54:10:3f:e4:0e:eb:37:81:f6:4b:c1:57:81:
1c:2c:e9:c1:37:a2:56:77:39:a3:00:27:62:65:69:
36:cb:e3:2a:e4:a7:d9:23:ef:6c:12:74:44:0d:0a:
51:49:b1:65:2f:be:4e:6d:b7:6c:5d:33:b4:1d:89:
6a:2e:47:d8:cd:b7:70:de:cb:73:d0:66:f4:77:55:
a8:57:41:2a:0b:b3:09:36:84:69:25:8a:eb:0a:90:
67:9c:3f:9c:6b:42:33:60:1f:e8:68:4b:dd:98:ad:
d5:48:28:7c:4a:b5:ff:14:c9:f1:e9:63:75:0b:34:
a6:21:46:14:11:fc:e7:26:ab:8b:a7:7d:8f:b4:55:
14:ef:2f:7f:a3:44:d9:39:3b:db:e1:03:61:88:b7:
b0:64:42:15:d7:1f:c7:c9:51:5a:54:9f:93:50:7b:
11:b7:58:54:e0:68:23:28:29:90:f7:95:9e:75:eb:
0c:33:00:e8:01:b4:0a:48:01:83:b2:7d:ff:9d:6f:
c8:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:50:CF:C6:E6:52:88:A6:9C:36:2D:3F:81:6F:31:44:B3:E4:25:3B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/YlDPxuZSiKacNi0_gW8xRLPkJTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.232.0/24
193.124.206.0/24
194.87.125.0/24
194.87.139.0/24
195.58.33.0/24
195.58.57.0/24
212.193.9.0/24
Signature Algorithm: sha256WithRSAEncryption
65:f5:51:51:31:e8:e4:7c:a0:d1:dc:0b:df:00:63:c9:4d:87:
ed:71:2e:9a:60:8b:79:02:a1:ff:86:d9:f5:17:bc:c5:ba:ff:
39:ef:f3:a9:8a:2d:1a:cf:16:f9:4f:6e:d6:0a:51:61:6d:10:
37:34:9f:e3:43:00:f0:2b:9f:41:36:18:08:b2:7a:06:3c:59:
50:12:1f:8f:c9:70:fc:b3:11:36:2b:42:a1:38:cf:6a:f6:f1:
c7:17:1b:b4:d0:42:6d:e7:da:11:ab:dc:a5:b7:3f:bd:8a:bf:
b2:f2:a8:3f:44:5f:d1:b9:65:eb:f7:b8:4f:05:80:de:a1:73:
1e:12:f9:44:95:ef:e3:f4:4f:fa:6c:4c:78:2b:84:91:97:e2:
18:e7:78:45:a9:d9:46:fe:5e:16:35:2a:37:0a:8b:7b:5c:c1:
74:d8:c7:5c:ef:84:2d:0e:9f:ca:33:18:2d:98:ed:5b:f4:47:
41:02:a9:ba:c9:90:20:1f:94:de:cd:92:d1:70:27:ab:5d:70:
db:12:81:9c:ad:1b:f3:6e:db:a0:05:77:82:2d:6c:4c:9b:cc:
de:de:88:ff:96:f2:c3:b9:24:4c:d6:29:2f:2b:7a:50:8e:cc:
a3:d1:f6:22:ae:41:8c:df:20:54:8e:ee:60:3b:e3:70:b1:14:
32:0c:4f:6e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzKKpK+ZgQo7w/YSSG4FCLuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMTIzMzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjUwY2ZjNmU2NTI4OGE2OWMzNjJkM2Y4MTZmMzE0NGIzZTQyNTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkq8uf1DiI26P9ubjRHd0TBaIgtUl
vYPoDoKStlWWsVAetnNasy8anb4HVNiW1vFR7DKt167hdSVv5D/iEFQQP+QO6zeB
9kvBV4EcLOnBN6JWdzmjACdiZWk2y+Mq5KfZI+9sEnREDQpRSbFlL75ObbdsXTO0
HYlqLkfYzbdw3stz0Gb0d1WoV0EqC7MJNoRpJYrrCpBnnD+ca0IzYB/oaEvdmK3V
SCh8SrX/FMnx6WN1CzSmIUYUEfznJquLp32PtFUU7y9/o0TZOTvb4QNhiLewZEIV
1x/HyVFaVJ+TUHsRt1hU4GgjKCmQ95WedesMMwDoAbQKSAGDsn3/nW/ImwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGJQz8bmUoimnDYtP4FvMUSz5CU7MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWWxEUHh1WlNpS2FjTmkwX2dXOHhSTFBrSlRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAPkzoAwQA
wXzOAwQAwld9AwQAwleLAwQAwzohAwQAwzo5AwQA1MEJMA0GCSqGSIb3DQEBCwUA
A4IBAQBl9VFRMejkfKDR3AvfAGPJTYftcS6aYIt5AqH/htn1F7zFuv857/Opii0a
zxb5T27WClFhbRA3NJ/jQwDwK59BNhgIsnoGPFlQEh+PyXD8sxE2K0KhOM9q9vHH
Fxu00EJt59oRq9yltz+9ir+y8qg/RF/RuWXr97hPBYDeoXMeEvlEle/j9E/6bEx4
K4SRl+IY53hFqdlG/l4WNSo3Cot7XMF02Mdc74QtDp/KMxgtmO1b9EdBAqm6yZAg
H5TezZLRcCerXXDbEoGcrRvzbtugBXeCLWxMm8ze3oj/lvLDuSRM1ikvK3pQjsyj
0fYirkGM3yBUju5gO+NwsRQyDE9u
-----END CERTIFICATE-----
Generated at Sat May 18 05:39:02 2024 by rpki-client on console-ams.rpki-client.org