Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/9786f4-dd54-4e43-aea4-59c4c10aebd9/1/YINxsdCwZc3ub_x2FGspy_tgnAs.roa
File: YINxsdCwZc3ub_x2FGspy_tgnAs.roa (raw, json)
Hash identifier: JbutJkMYaTeGRPUO+QHR/wv0jFqczlaA74cvyWatAPM=
Subject key identifier: 60:83:71:B1:D0:B0:65:CD:EE:6F:FC:76:14:6B:29:CB:FB:60:9C:0B
Certificate issuer: /CN=c49eee24deab5520119b6a3da0457d39c40641db
Certificate serial: 018CC8DEDFC14425C972C5890DD49EE146ED
Authority key identifier: C4:9E:EE:24:DE:AB:55:20:11:9B:6A:3D:A0:45:7D:39:C4:06:41:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xJ7uJN6rVSARm2o9oEV9OcQGQds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/9786f4-dd54-4e43-aea4-59c4c10aebd9/1/YINxsdCwZc3ub_x2FGspy_tgnAs.roa
Signing time: Tue 02 Jan 2024 06:31:38 +0000
ROA not before: Tue 02 Jan 2024 06:31:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43667
IP address blocks: 77.91.192.0/21 maxlen: 24
185.32.132.0/22 maxlen: 24
94.198.128.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/9786f4-dd54-4e43-aea4-59c4c10aebd9/1/xJ7uJN6rVSARm2o9oEV9OcQGQds.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/9786f4-dd54-4e43-aea4-59c4c10aebd9/1/xJ7uJN6rVSARm2o9oEV9OcQGQds.mft
rsync://rpki.ripe.net/repository/DEFAULT/xJ7uJN6rVSARm2o9oEV9OcQGQds.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:df:c1:44:25:c9:72:c5:89:0d:d4:9e:e1:46:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c49eee24deab5520119b6a3da0457d39c40641db
Validity
Not Before: Jan 2 06:31:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=608371b1d0b065cdee6ffc76146b29cbfb609c0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ed:97:16:2d:5f:74:78:c9:44:67:46:18:eb:
21:64:3e:c6:ee:e6:0e:84:b8:ea:d8:99:55:81:00:
35:b8:51:6c:1b:e7:37:64:b3:3e:9e:9e:ec:f0:b9:
04:79:82:d7:78:98:ed:78:af:93:e3:3e:77:64:07:
87:e3:25:4d:96:3d:25:72:5d:33:48:fd:99:55:41:
8e:97:16:4d:1a:de:f0:2b:e1:d6:ef:a3:1a:ff:3d:
19:36:b0:a1:b9:bb:30:79:a0:84:34:1d:ab:cd:73:
91:4c:0d:c8:8e:ee:70:e2:0d:84:50:0d:fd:9a:d0:
b0:8e:61:87:9d:fb:d9:bf:a2:88:df:3f:e5:53:71:
23:82:1f:cc:a5:af:13:ca:73:0c:52:7b:5b:0b:e2:
e5:bc:d5:a0:4d:2b:7c:6d:4e:97:8a:01:32:1f:ae:
d7:4b:2a:a7:00:de:cc:2a:4e:c4:7b:96:e6:d3:aa:
24:bb:82:e1:4d:96:f4:78:3e:56:c1:f8:84:62:7e:
9e:73:98:36:73:19:3b:4d:3f:72:db:ea:9d:d9:f0:
9a:19:cb:8c:09:2f:58:45:a8:5b:aa:4e:65:f9:0f:
50:d7:c3:58:d6:62:9b:04:cb:ef:5c:bd:75:f7:c0:
12:ab:95:c2:e7:00:bf:74:1d:99:51:42:5c:f8:c7:
36:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:83:71:B1:D0:B0:65:CD:EE:6F:FC:76:14:6B:29:CB:FB:60:9C:0B
X509v3 Authority Key Identifier:
keyid:C4:9E:EE:24:DE:AB:55:20:11:9B:6A:3D:A0:45:7D:39:C4:06:41:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xJ7uJN6rVSARm2o9oEV9OcQGQds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9786f4-dd54-4e43-aea4-59c4c10aebd9/1/YINxsdCwZc3ub_x2FGspy_tgnAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9786f4-dd54-4e43-aea4-59c4c10aebd9/1/xJ7uJN6rVSARm2o9oEV9OcQGQds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.192.0/21
94.198.128.0/21
185.32.132.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:20:f0:7c:01:d4:8d:d3:36:03:aa:e1:10:18:b3:2f:01:67:
c1:c1:49:26:60:65:0e:a4:bd:80:a2:e4:c6:a0:2c:0d:18:b3:
6b:a0:fa:4b:88:5d:2d:86:87:38:c2:c9:b5:ab:41:d7:e1:8a:
c2:6b:30:ea:b6:08:d2:df:0a:a9:4c:56:d2:d1:f4:d2:34:30:
46:ac:75:ad:19:a8:17:36:4f:a1:80:1d:f8:b8:54:7d:65:65:
c7:56:c8:b1:72:25:86:8c:4e:73:a8:7b:f2:c6:98:7d:73:60:
3f:5a:66:a4:d4:97:cf:48:e1:82:39:c9:20:8d:24:47:8c:e2:
e8:5d:d5:f3:0f:ad:6f:c6:bf:51:44:20:0a:4e:b2:da:c9:08:
8b:c6:7e:92:9a:f5:32:10:ad:62:6e:0a:d5:cb:9f:af:6a:a7:
51:26:1a:76:f0:5f:54:c9:6a:b6:57:b6:4d:ef:0a:eb:6f:d6:
81:21:41:4a:d7:96:3a:39:45:0a:66:3f:c0:25:06:b9:1e:c6:
b4:a7:22:12:3e:92:26:b9:1c:1b:d3:66:5f:cb:e1:22:39:8c:
11:68:38:b4:77:7a:2e:5e:2d:7a:39:bd:8e:71:4f:5c:bb:76:
4a:ce:08:b8:4a:ea:62:56:b9:d3:72:41:e4:79:03:e5:29:99:
84:b8:3c:5f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzI3t/BRCXJcsWJDdSe4UbtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0OWVlZTI0ZGVhYjU1MjAxMTliNmEzZGEwNDU3ZDM5YzQw
NjQxZGIwHhcNMjQwMTAyMDYzMTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDgzNzFiMWQwYjA2NWNkZWU2ZmZjNzYxNDZiMjljYmZiNjA5YzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+2XFi1fdHjJRGdGGOshZD7G7uYO
hLjq2JlVgQA1uFFsG+c3ZLM+np7s8LkEeYLXeJjteK+T4z53ZAeH4yVNlj0lcl0z
SP2ZVUGOlxZNGt7wK+HW76Ma/z0ZNrChubsweaCENB2rzXORTA3Iju5w4g2EUA39
mtCwjmGHnfvZv6KI3z/lU3Ejgh/Mpa8TynMMUntbC+LlvNWgTSt8bU6XigEyH67X
SyqnAN7MKk7Ee5bm06oku4LhTZb0eD5WwfiEYn6ec5g2cxk7TT9y2+qd2fCaGcuM
CS9YRahbqk5l+Q9Q18NY1mKbBMvvXL1198ASq5XC5wC/dB2ZUUJc+Mc27QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGCDcbHQsGXN7m/8dhRrKcv7YJwLMB8GA1UdIwQY
MBaAFMSe7iTeq1UgEZtqPaBFfTnEBkHbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEo3dUpONnJWU0FSbTJvOW9FVjlPY1FHUWRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85Nzg2ZjQtZGQ1NC00ZTQzLWFlYTQt
NTljNGMxMGFlYmQ5LzEvWUlOeHNkQ3daYzN1Yl94MkZHc3B5X3RnbkFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85Nzg2ZjQtZGQ1NC00ZTQzLWFlYTQtNTljNGMxMGFlYmQ5
LzEveEo3dUpONnJWU0FSbTJvOW9FVjlPY1FHUWRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDTVvAAwQD
XsaAAwQCuSCEMA0GCSqGSIb3DQEBCwUAA4IBAQBbIPB8AdSN0zYDquEQGLMvAWfB
wUkmYGUOpL2AouTGoCwNGLNroPpLiF0thoc4wsm1q0HX4YrCazDqtgjS3wqpTFbS
0fTSNDBGrHWtGagXNk+hgB34uFR9ZWXHVsixciWGjE5zqHvyxph9c2A/Wmak1JfP
SOGCOckgjSRHjOLoXdXzD61vxr9RRCAKTrLayQiLxn6SmvUyEK1ibgrVy5+vaqdR
Jhp28F9UyWq2V7ZN7wrrb9aBIUFK15Y6OUUKZj/AJQa5Hsa0pyISPpImuRwb02Zf
y+EiOYwRaDi0d3ouXi16Ob2OcU9cu3ZKzgi4SupiVrnTckHkeQPlKZmEuDxf
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:12:23 2024 by rpki-client on console-ams.rpki-client.org