Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/907409-5e61-4c66-94e6-d69ea93cbafb/1/yNhG0WmvC5yZi7-ovkjnbWUQxts.roa
File: yNhG0WmvC5yZi7-ovkjnbWUQxts.roa (raw, json)
Hash identifier: j6pIdl5Q9VXqZ7knDFJ1l/kvsr0uOXtJxhfR3DjzmC8=
Subject key identifier: C8:D8:46:D1:69:AF:0B:9C:99:8B:BF:A8:BE:48:E7:6D:65:10:C6:DB
Certificate issuer: /CN=8916aaa5d252fd90145fedac683762d6e2074155
Certificate serial: 018CC8DE0C92E585911FF17F11077CA54880
Authority key identifier: 89:16:AA:A5:D2:52:FD:90:14:5F:ED:AC:68:37:62:D6:E2:07:41:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iRaqpdJS_ZAUX-2saDdi1uIHQVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/907409-5e61-4c66-94e6-d69ea93cbafb/1/yNhG0WmvC5yZi7-ovkjnbWUQxts.roa
Signing time: Tue 02 Jan 2024 06:30:44 +0000
ROA not before: Tue 02 Jan 2024 06:30:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13101
IP address blocks: 95.214.160.0/22 maxlen: 22
185.243.68.0/22 maxlen: 22
89.28.176.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/907409-5e61-4c66-94e6-d69ea93cbafb/1/iRaqpdJS_ZAUX-2saDdi1uIHQVU.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/907409-5e61-4c66-94e6-d69ea93cbafb/1/iRaqpdJS_ZAUX-2saDdi1uIHQVU.mft
rsync://rpki.ripe.net/repository/DEFAULT/iRaqpdJS_ZAUX-2saDdi1uIHQVU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:0c:92:e5:85:91:1f:f1:7f:11:07:7c:a5:48:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8916aaa5d252fd90145fedac683762d6e2074155
Validity
Not Before: Jan 2 06:30:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8d846d169af0b9c998bbfa8be48e76d6510c6db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d2:69:6f:67:1b:3e:70:e1:3a:ff:70:6a:38:
db:d6:be:8a:d9:c7:1c:05:d1:b2:d9:e4:32:53:8d:
93:ff:6d:db:6a:c4:32:95:0a:49:58:29:d1:2c:0e:
39:51:c4:94:44:e1:4c:c8:c8:57:aa:4d:2d:5e:ee:
02:8d:87:77:96:c1:59:68:22:34:b9:f1:b3:95:2b:
2d:a0:b0:ee:8f:74:05:e1:97:07:49:3a:48:5e:41:
22:e1:dd:46:cd:a1:9d:12:89:b9:fd:e1:36:3d:99:
4a:02:1d:7f:4e:7e:32:ce:c6:2e:8a:0a:29:b2:7f:
df:3d:67:79:1b:ae:12:3c:9b:2a:c6:e6:39:17:e1:
c1:53:3d:8e:ce:07:e4:71:f3:fc:4d:be:ba:67:8d:
71:73:ec:4d:0e:6a:92:3f:49:50:ff:51:1d:a3:52:
d7:ef:33:e0:44:95:e5:be:e1:96:00:34:aa:8b:cc:
d9:79:b3:93:27:c3:84:9e:ff:63:63:cb:1f:3d:b2:
ed:c0:fe:5e:e4:38:28:4f:9d:f0:32:52:74:91:34:
21:f1:96:06:8e:0e:8b:2c:0c:e7:eb:47:5b:e6:43:
fe:77:2f:16:17:be:04:b5:51:bf:c7:f6:29:35:e2:
19:9b:90:5c:ef:13:b0:30:37:c9:43:51:05:96:d8:
ac:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:D8:46:D1:69:AF:0B:9C:99:8B:BF:A8:BE:48:E7:6D:65:10:C6:DB
X509v3 Authority Key Identifier:
keyid:89:16:AA:A5:D2:52:FD:90:14:5F:ED:AC:68:37:62:D6:E2:07:41:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iRaqpdJS_ZAUX-2saDdi1uIHQVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/907409-5e61-4c66-94e6-d69ea93cbafb/1/yNhG0WmvC5yZi7-ovkjnbWUQxts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/907409-5e61-4c66-94e6-d69ea93cbafb/1/iRaqpdJS_ZAUX-2saDdi1uIHQVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.28.176.0/21
95.214.160.0/22
185.243.68.0/22
Signature Algorithm: sha256WithRSAEncryption
c0:a6:de:ea:72:e8:c2:a1:24:1b:a8:93:07:fe:80:61:3d:0d:
0b:79:af:cf:7b:0b:82:b0:a4:dc:20:5c:e0:2d:8e:67:24:52:
af:2a:44:02:33:a4:f5:3f:c6:3e:90:11:9d:d4:f5:d3:0a:6c:
49:ae:cc:e1:db:a5:47:0b:b4:1f:49:d9:85:dd:0d:b8:be:87:
80:3e:cd:1b:e2:27:26:b0:5f:12:89:b2:b1:b3:0b:d9:f1:02:
f3:13:78:8c:ed:18:15:ca:3a:50:73:be:3a:44:5c:07:30:17:
87:82:64:62:fa:88:a0:bb:30:12:04:40:e1:f4:b5:79:0d:5a:
32:d2:fa:c7:7a:a3:b9:b9:12:01:3a:6d:d4:7d:c2:9e:d5:95:
16:cd:95:33:bf:01:b9:c7:3e:df:2e:89:1c:46:b8:3c:e0:8e:
36:a3:57:ec:76:64:4c:cc:f5:e5:9e:85:5f:70:da:c9:63:e4:
9a:58:35:7b:bc:35:10:35:07:1a:64:54:3e:9c:e0:f8:88:2e:
e0:e7:83:e4:c9:fc:62:ef:f6:29:61:85:28:f6:45:5f:fe:e4:
91:7c:4b:04:83:f3:85:cb:78:92:3b:e5:2c:0e:7e:67:9c:b9:
46:0e:74:05:d2:09:ea:1e:c3:8a:f7:6c:d1:03:f9:a8:61:13:
ec:db:24:de
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzI3gyS5YWRH/F/EQd8pUiAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MTZhYWE1ZDI1MmZkOTAxNDVmZWRhYzY4Mzc2MmQ2ZTIw
NzQxNTUwHhcNMjQwMTAyMDYzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGQ4NDZkMTY5YWYwYjljOTk4YmJmYThiZTQ4ZTc2ZDY1MTBjNmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptJpb2cbPnDhOv9wajjb1r6K2ccc
BdGy2eQyU42T/23basQylQpJWCnRLA45UcSUROFMyMhXqk0tXu4CjYd3lsFZaCI0
ufGzlSstoLDuj3QF4ZcHSTpIXkEi4d1GzaGdEom5/eE2PZlKAh1/Tn4yzsYuigop
sn/fPWd5G64SPJsqxuY5F+HBUz2OzgfkcfP8Tb66Z41xc+xNDmqSP0lQ/1Edo1LX
7zPgRJXlvuGWADSqi8zZebOTJ8OEnv9jY8sfPbLtwP5e5DgoT53wMlJ0kTQh8ZYG
jg6LLAzn60db5kP+dy8WF74EtVG/x/YpNeIZm5Bc7xOwMDfJQ1EFltis8QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMjYRtFprwucmYu/qL5I521lEMbbMB8GA1UdIwQY
MBaAFIkWqqXSUv2QFF/trGg3YtbiB0FVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVJhcXBkSlNfWkFVWC0yc2FEZGkxdUlIUVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS85MDc0MDktNWU2MS00YzY2LTk0ZTYt
ZDY5ZWE5M2NiYWZiLzEveU5oRzBXbXZDNXlaaTctb3Zram5iV1VReHRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS85MDc0MDktNWU2MS00YzY2LTk0ZTYtZDY5ZWE5M2NiYWZi
LzEvaVJhcXBkSlNfWkFVWC0yc2FEZGkxdUlIUVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDWRywAwQC
X9agAwQCufNEMA0GCSqGSIb3DQEBCwUAA4IBAQDApt7qcujCoSQbqJMH/oBhPQ0L
ea/PewuCsKTcIFzgLY5nJFKvKkQCM6T1P8Y+kBGd1PXTCmxJrszh26VHC7QfSdmF
3Q24voeAPs0b4icmsF8SibKxswvZ8QLzE3iM7RgVyjpQc746RFwHMBeHgmRi+oig
uzASBEDh9LV5DVoy0vrHeqO5uRIBOm3UfcKe1ZUWzZUzvwG5xz7fLokcRrg84I42
o1fsdmRMzPXlnoVfcNrJY+SaWDV7vDUQNQcaZFQ+nOD4iC7g54Pkyfxi7/YpYYUo
9kVf/uSRfEsEg/OFy3iSO+UsDn5nnLlGDnQF0gnqHsOK92zRA/moYRPs2yTe
-----END CERTIFICATE-----
Generated at Mon Nov 25 21:48:45 2024 by rpki-client on console-ams.rpki-client.org