Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/YLJmyDlPI9dPIoEBU1QiGi8xO7o.roa
File: YLJmyDlPI9dPIoEBU1QiGi8xO7o.roa (raw, json)
Hash identifier: IOcOSoMec979u4xWqF0CkN8DySllTylNjqkDjvIraPc=
Subject key identifier: 60:B2:66:C8:39:4F:23:D7:4F:22:81:01:53:54:22:1A:2F:31:3B:BA
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 0192A50A20F67C3D3131FE827B28A16AE269
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/YLJmyDlPI9dPIoEBU1QiGi8xO7o.roa
Signing time: Sat 19 Oct 2024 13:49:17 +0000
ROA not before: Sat 19 Oct 2024 13:49:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215540
IP address blocks: 5.181.2.0/24 maxlen: 24
5.181.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 06:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:a5:0a:20:f6:7c:3d:31:31:fe:82:7b:28:a1:6a:e2:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Oct 19 13:49:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60b266c8394f23d74f2281015354221a2f313bba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:20:bd:9b:ef:7f:a0:b5:81:e1:b9:92:36:88:
58:3c:3c:2a:fe:08:4e:1c:2e:ae:a1:34:5f:85:ef:
16:e4:5d:20:33:4f:4e:e3:b5:ee:21:09:11:3d:19:
a7:94:20:a5:aa:cb:21:97:38:b6:68:7b:19:5f:9d:
61:ed:37:27:b1:58:df:af:3c:00:c8:69:76:21:26:
fe:95:cb:02:4f:d0:cf:28:4a:46:d5:0b:b1:c8:af:
d4:bc:52:c0:40:4e:45:fa:bd:d7:52:58:2f:e7:6e:
56:d6:f7:bc:0e:73:f3:84:37:98:20:30:f2:b4:5f:
48:a5:c8:4d:13:82:a5:93:ad:96:d0:10:b7:a0:f5:
60:87:87:9c:56:c5:2f:ba:c6:69:70:2d:49:29:bc:
4d:39:f1:61:e8:d4:b4:44:9d:dc:1a:01:2a:2a:28:
5e:27:e4:e6:1c:87:fc:63:9e:6d:22:a3:b8:30:e9:
4f:93:f4:a3:02:43:6a:f0:18:ed:9b:88:7b:b0:f5:
7e:a2:dc:47:a2:24:2c:15:d4:85:1f:08:f9:2d:72:
3c:7b:9d:50:d2:e2:d1:5b:d9:c4:70:51:21:d7:d2:
8c:16:01:4f:45:db:f6:f9:a5:a3:bf:67:68:ab:27:
80:47:4a:91:88:6c:d3:ac:0f:17:06:3d:e3:c1:3b:
6c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:B2:66:C8:39:4F:23:D7:4F:22:81:01:53:54:22:1A:2F:31:3B:BA
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/YLJmyDlPI9dPIoEBU1QiGi8xO7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.2.0/23
Signature Algorithm: sha256WithRSAEncryption
29:4a:d1:ba:73:43:97:b8:f5:32:a5:aa:0e:f9:34:9b:8c:26:
34:31:89:47:aa:83:cf:97:90:05:56:bc:af:c6:20:97:16:8e:
22:b7:f6:65:87:c4:6b:97:ca:32:ee:80:be:74:97:17:30:9c:
a2:93:9f:a9:ec:cb:89:a9:fb:63:e0:b4:e3:fe:a6:6d:ce:00:
53:ff:5d:07:16:ad:9b:2f:8b:ba:7f:fd:8a:ed:9e:fd:a3:01:
ed:6d:16:7e:21:33:1c:54:f1:76:dd:fe:9a:43:67:00:d7:f8:
fa:eb:d2:b5:c8:76:3b:16:0d:87:24:f6:70:b4:76:84:3b:47:
26:6e:3c:f2:09:2c:2d:b1:7c:3d:fd:2e:ac:32:d8:5f:72:de:
e7:aa:53:b9:e7:29:d4:44:59:3e:45:0c:dc:61:79:c0:57:dd:
6d:fe:d4:70:cb:d5:c2:4b:de:16:dc:95:bd:d5:03:dc:ca:dc:
23:3f:7d:42:4c:de:ae:fb:30:f2:9b:67:07:d6:93:1d:31:09:
7e:ad:19:21:84:1b:5f:d3:16:77:fa:a1:00:de:59:be:6c:e5:
b0:ab:d1:59:81:67:92:d2:e5:72:6a:d3:2a:e4:fb:99:76:71:
31:57:bf:06:f9:26:0c:6e:39:5a:f8:09:e3:da:61:78:53:39:
16:29:09:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKlCiD2fD0xMf6CeyihauJpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjQxMDE5MTM0OTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGIyNjZjODM5NGYyM2Q3NGYyMjgxMDE1MzU0MjIxYTJmMzEzYmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1SC9m+9/oLWB4bmSNohYPDwq/ghO
HC6uoTRfhe8W5F0gM09O47XuIQkRPRmnlCClqsshlzi2aHsZX51h7TcnsVjfrzwA
yGl2ISb+lcsCT9DPKEpG1QuxyK/UvFLAQE5F+r3XUlgv525W1ve8DnPzhDeYIDDy
tF9IpchNE4Klk62W0BC3oPVgh4ecVsUvusZpcC1JKbxNOfFh6NS0RJ3cGgEqKihe
J+TmHIf8Y55tIqO4MOlPk/SjAkNq8Bjtm4h7sPV+otxHoiQsFdSFHwj5LXI8e51Q
0uLRW9nEcFEh19KMFgFPRdv2+aWjv2doqyeAR0qRiGzTrA8XBj3jwTtsSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGCyZsg5TyPXTyKBAVNUIhovMTu6MB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvWUxKbXlEbFBJOWRQSW9FQlUxUWlHaTh4TzdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBbUCMA0G
CSqGSIb3DQEBCwUAA4IBAQApStG6c0OXuPUypaoO+TSbjCY0MYlHqoPPl5AFVryv
xiCXFo4it/Zlh8Rrl8oy7oC+dJcXMJyik5+p7MuJqftj4LTj/qZtzgBT/10HFq2b
L4u6f/2K7Z79owHtbRZ+ITMcVPF23f6aQ2cA1/j669K1yHY7Fg2HJPZwtHaEO0cm
bjzyCSwtsXw9/S6sMthfct7nqlO55ynURFk+RQzcYXnAV91t/tRwy9XCS94W3JW9
1QPcytwjP31CTN6u+zDym2cH1pMdMQl+rRkhhBtf0xZ3+qEA3lm+bOWwq9FZgWeS
0uVyatMq5PuZdnExV78G+SYMbjla+Anj2mF4UzkWKQkD
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:31:08 2024 by rpki-client on console-ams.rpki-client.org