Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/841f3a-ab83-4dd9-b183-6b06c176bd5a/1/YeNb4uILFMttwTAEJ0OqaURJezM.roa
File: YeNb4uILFMttwTAEJ0OqaURJezM.roa (raw, json)
Hash identifier: TrCAXhjpMq5IYAz3anoVsFKGrU1fVwfTtHHZACZFwhI=
Subject key identifier: 61:E3:5B:E2:E2:0B:14:CB:6D:C1:30:04:27:43:AA:69:44:49:7B:33
Certificate issuer: /CN=d43c92474fed383c95fa2ccd83d614f57e563d82
Certificate serial: 01942067D6A179D6AD5B0315BCC703AEC717
Authority key identifier: D4:3C:92:47:4F:ED:38:3C:95:FA:2C:CD:83:D6:14:F5:7E:56:3D:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DySR0_tODyV-izNg9YU9X5WPYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/841f3a-ab83-4dd9-b183-6b06c176bd5a/1/YeNb4uILFMttwTAEJ0OqaURJezM.roa
Signing time: Wed 01 Jan 2025 05:47:43 +0000
ROA not before: Wed 01 Jan 2025 05:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29605
IP address blocks: 178.255.128.0/21 maxlen: 24
185.87.88.0/22 maxlen: 24
193.110.140.0/24 maxlen: 24
2a01:6940::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/841f3a-ab83-4dd9-b183-6b06c176bd5a/1/1DySR0_tODyV-izNg9YU9X5WPYI.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/841f3a-ab83-4dd9-b183-6b06c176bd5a/1/1DySR0_tODyV-izNg9YU9X5WPYI.mft
rsync://rpki.ripe.net/repository/DEFAULT/1DySR0_tODyV-izNg9YU9X5WPYI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 17:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:d6:a1:79:d6:ad:5b:03:15:bc:c7:03:ae:c7:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d43c92474fed383c95fa2ccd83d614f57e563d82
Validity
Not Before: Jan 1 05:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=61e35be2e20b14cb6dc130042743aa6944497b33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f1:a5:60:ec:0a:3b:5b:21:e1:98:81:31:23:
56:31:dd:d1:0d:ec:65:d4:50:97:be:21:76:02:34:
d1:81:51:3f:73:c5:52:1a:6b:cf:34:3d:1c:e0:92:
ec:a4:8a:7a:4c:3f:4a:36:c9:5e:7a:4a:47:5e:56:
bf:71:84:52:cb:18:1b:98:dc:d8:d3:48:6e:5a:13:
92:6d:4f:3b:30:3e:13:85:be:0d:e7:0a:49:24:44:
88:0d:b2:c8:bd:7f:1e:51:31:d8:03:3e:e6:80:b2:
35:05:13:0f:77:03:e4:7d:4b:68:a0:78:68:0f:bb:
29:a0:e6:5f:a1:6b:52:3e:a7:30:00:3c:9a:95:6e:
3f:2b:aa:a9:a4:55:6d:55:6d:f4:d9:de:b9:00:6c:
0b:cf:3b:15:bb:21:8f:a4:91:72:72:8c:4e:00:78:
b3:e0:e0:be:27:0a:f2:58:58:92:9a:26:db:94:7b:
f5:dd:4b:a8:08:7e:70:3b:85:b8:2c:19:44:bc:4d:
52:18:a3:c6:a3:72:4a:c2:5f:53:bc:dd:6e:50:bf:
3c:c8:fc:a2:8e:bd:e9:bf:ea:c2:22:1d:0f:7e:c3:
a1:74:7b:4d:62:01:80:eb:0b:ee:85:8e:0f:b7:47:
f8:a3:a7:a2:46:19:de:4c:4b:42:c6:bf:3a:fd:90:
88:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:E3:5B:E2:E2:0B:14:CB:6D:C1:30:04:27:43:AA:69:44:49:7B:33
X509v3 Authority Key Identifier:
keyid:D4:3C:92:47:4F:ED:38:3C:95:FA:2C:CD:83:D6:14:F5:7E:56:3D:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DySR0_tODyV-izNg9YU9X5WPYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/841f3a-ab83-4dd9-b183-6b06c176bd5a/1/YeNb4uILFMttwTAEJ0OqaURJezM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/841f3a-ab83-4dd9-b183-6b06c176bd5a/1/1DySR0_tODyV-izNg9YU9X5WPYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.128.0/21
185.87.88.0/22
193.110.140.0/24
IPv6:
2a01:6940::/32
Signature Algorithm: sha256WithRSAEncryption
b3:9a:2b:c6:a1:4b:3a:1d:cd:f4:85:0d:b3:51:a0:d1:d3:e6:
46:d9:3e:28:f1:5f:fc:c4:6e:8c:8a:b5:21:22:a9:e8:6c:30:
28:2a:e5:a2:86:fe:16:ff:62:fa:98:4c:77:77:31:1c:1a:d2:
2b:1e:0b:3f:c7:bb:90:fa:02:ab:6f:9a:ab:e9:ff:42:c8:a2:
bf:f5:b4:7c:10:47:de:d7:46:f5:c2:12:6c:e4:f8:3a:ec:cf:
06:ad:35:8a:1e:fb:87:df:26:c6:8b:33:60:9e:c0:80:aa:ae:
ed:55:71:03:68:63:cb:a2:f0:01:e3:a6:58:59:53:89:88:64:
7a:31:d4:d5:7d:85:7a:ec:00:3f:17:e2:00:22:90:9a:55:04:
70:03:4c:51:35:11:aa:1b:6e:72:fb:11:11:04:c2:59:0f:36:
59:cc:96:59:ba:85:f2:46:10:d9:63:42:83:14:9b:62:43:92:
3a:ae:8c:2a:2a:fe:12:71:be:9f:6b:8a:e2:fc:80:12:a8:98:
79:53:ae:1f:34:f2:09:57:7b:85:6c:c4:ef:8a:1b:8f:c3:f5:
5c:66:29:ce:f5:d1:18:e1:67:9c:29:85:b6:c5:8f:d5:8e:c3:
49:b3:22:3e:78:6c:7a:4b:3c:3c:e4:5d:d8:a3:43:08:b4:bf:
2a:28:8e:fe
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQgZ9ahedatWwMVvMcDrscXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0M2M5MjQ3NGZlZDM4M2M5NWZhMmNjZDgzZDYxNGY1N2U1
NjNkODIwHhcNMjUwMTAxMDU0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWUzNWJlMmUyMGIxNGNiNmRjMTMwMDQyNzQzYWE2OTQ0NDk3YjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvGlYOwKO1sh4ZiBMSNWMd3RDexl
1FCXviF2AjTRgVE/c8VSGmvPND0c4JLspIp6TD9KNsleekpHXla/cYRSyxgbmNzY
00huWhOSbU87MD4Thb4N5wpJJESIDbLIvX8eUTHYAz7mgLI1BRMPdwPkfUtooHho
D7spoOZfoWtSPqcwADyalW4/K6qppFVtVW302d65AGwLzzsVuyGPpJFycoxOAHiz
4OC+JwryWFiSmibblHv13UuoCH5wO4W4LBlEvE1SGKPGo3JKwl9TvN1uUL88yPyi
jr3pv+rCIh0PfsOhdHtNYgGA6wvuhY4Pt0f4o6eiRhneTEtCxr86/ZCIqQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGHjW+LiCxTLbcEwBCdDqmlESXszMB8GA1UdIwQY
MBaAFNQ8kkdP7Tg8lfoszYPWFPV+Vj2CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUR5U1IwX3RPRHlWLWl6Tmc5WVU5WDVXUFlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS84NDFmM2EtYWI4My00ZGQ5LWIxODMt
NmIwNmMxNzZiZDVhLzEvWWVOYjR1SUxGTXR0d1RBRUowT3FhVVJKZXpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS84NDFmM2EtYWI4My00ZGQ5LWIxODMtNmIwNmMxNzZiZDVh
LzEvMUR5U1IwX3RPRHlWLWl6Tmc5WVU5WDVXUFlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDsv+AAwQC
uVdYAwQAwW6MMA0EAgACMAcDBQAqAWlAMA0GCSqGSIb3DQEBCwUAA4IBAQCzmivG
oUs6Hc30hQ2zUaDR0+ZG2T4o8V/8xG6MirUhIqnobDAoKuWihv4W/2L6mEx3dzEc
GtIrHgs/x7uQ+gKrb5qr6f9CyKK/9bR8EEfe10b1whJs5Pg67M8GrTWKHvuH3ybG
izNgnsCAqq7tVXEDaGPLovAB46ZYWVOJiGR6MdTVfYV67AA/F+IAIpCaVQRwA0xR
NRGqG25y+xERBMJZDzZZzJZZuoXyRhDZY0KDFJtiQ5I6rowqKv4Scb6fa4ri/IAS
qJh5U64fNPIJV3uFbMTvihuPw/VcZinO9dEY4WecKYW2xY/VjsNJsyI+eGx6Szw8
5F3Yo0MItL8qKI7+
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:58:37 2025 by rpki-client