Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/685232-f5e9-41d6-b94e-1a6ce5faf916/1/jy5A7JBlpqrd6J9-BVVK_iGc9L4.roa
File: jy5A7JBlpqrd6J9-BVVK_iGc9L4.roa (raw, json)
Hash identifier: zFiG8FBJQtns11+3LP3voLJsqN5VbeI5785wAVOFhus=
Subject key identifier: 8F:2E:40:EC:90:65:A6:AA:DD:E8:9F:7E:05:55:4A:FE:21:9C:F4:BE
Certificate issuer: /CN=c9c02d4234f4bc4e87555e41c03779d5620a5155
Certificate serial: 018F337A0F660D844798406E0A71A4D67BB4
Authority key identifier: C9:C0:2D:42:34:F4:BC:4E:87:55:5E:41:C0:37:79:D5:62:0A:51:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ycAtQjT0vE6HVV5BwDd51WIKUVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/685232-f5e9-41d6-b94e-1a6ce5faf916/1/jy5A7JBlpqrd6J9-BVVK_iGc9L4.roa
Signing time: Wed 01 May 2024 09:26:28 +0000
ROA not before: Wed 01 May 2024 09:26:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59888
IP address blocks: 212.1.200.0/21 maxlen: 21
212.1.200.0/23 maxlen: 23
212.1.202.0/23 maxlen: 23
212.1.204.0/23 maxlen: 23
212.1.206.0/24 maxlen: 24
2a07:7600::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/685232-f5e9-41d6-b94e-1a6ce5faf916/1/ycAtQjT0vE6HVV5BwDd51WIKUVU.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/685232-f5e9-41d6-b94e-1a6ce5faf916/1/ycAtQjT0vE6HVV5BwDd51WIKUVU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ycAtQjT0vE6HVV5BwDd51WIKUVU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 12:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:33:7a:0f:66:0d:84:47:98:40:6e:0a:71:a4:d6:7b:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9c02d4234f4bc4e87555e41c03779d5620a5155
Validity
Not Before: May 1 09:26:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f2e40ec9065a6aadde89f7e05554afe219cf4be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:27:d6:64:ee:aa:94:d5:d9:b5:6d:3e:ef:70:
7d:f3:2d:ce:d2:67:d7:15:87:99:d6:06:c2:f3:81:
d6:74:33:0e:7b:d9:5b:df:49:71:97:f9:0b:fe:f5:
85:99:e3:18:76:61:5c:b5:dd:79:9a:f0:33:13:75:
0d:1b:20:d0:a0:02:1d:a3:ad:b5:1c:ad:7b:3b:c5:
a3:9b:11:95:1c:cf:07:75:76:9c:a7:28:f1:3f:5c:
cc:79:55:06:8c:05:61:37:92:8a:97:52:4e:1f:13:
7b:50:6c:84:8b:06:da:4e:5f:f0:33:b2:e5:93:8d:
5e:eb:7e:30:a0:1c:50:d4:18:28:69:9d:58:5d:6d:
52:15:c9:77:f1:53:17:c7:dd:ee:a0:ed:82:e7:7d:
78:b6:9b:c8:68:f0:3e:ae:ed:2b:08:75:d6:6d:bc:
a0:d7:c6:66:a7:08:06:a0:a5:23:6b:05:fb:01:ef:
b4:35:3a:87:92:f2:5d:3e:1e:ad:b0:3a:24:33:ed:
97:1b:71:d8:1a:93:69:89:01:5d:1d:cb:4b:75:cf:
2f:0c:5f:42:a3:a2:48:1c:05:e0:d9:2e:ab:74:fe:
9a:37:39:02:b6:27:e3:23:5e:38:e3:3d:77:b4:e9:
0c:66:96:8e:38:32:7e:aa:86:cd:5b:1b:8b:f2:16:
09:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:2E:40:EC:90:65:A6:AA:DD:E8:9F:7E:05:55:4A:FE:21:9C:F4:BE
X509v3 Authority Key Identifier:
keyid:C9:C0:2D:42:34:F4:BC:4E:87:55:5E:41:C0:37:79:D5:62:0A:51:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ycAtQjT0vE6HVV5BwDd51WIKUVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/685232-f5e9-41d6-b94e-1a6ce5faf916/1/jy5A7JBlpqrd6J9-BVVK_iGc9L4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/685232-f5e9-41d6-b94e-1a6ce5faf916/1/ycAtQjT0vE6HVV5BwDd51WIKUVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.1.200.0/21
IPv6:
2a07:7600::/29
Signature Algorithm: sha256WithRSAEncryption
3f:cf:9c:d0:a3:9b:43:3c:e9:b7:51:73:3f:27:91:ea:12:e5:
9d:16:48:0c:b1:16:8a:7f:09:42:da:b3:4a:90:10:ee:e0:87:
5c:fd:1a:c5:6a:43:41:3d:6c:41:a7:cb:11:e5:28:d2:ff:01:
0d:ec:ff:9f:13:36:09:36:fe:bd:29:80:df:88:3b:bb:40:80:
46:e8:49:96:7e:6e:8b:53:b3:e9:14:84:06:fa:94:70:e8:cd:
64:00:2b:fc:52:83:67:88:53:7b:0f:d8:f2:25:ed:f4:02:69:
f6:91:b5:97:fa:bb:1a:bf:b5:9f:5b:b7:1c:3f:cd:1a:9c:73:
8c:ff:c1:34:e5:19:fa:ec:2f:7d:78:79:8a:0d:2c:89:bb:46:
42:26:1d:f7:b7:f1:97:9f:d7:35:78:36:8b:d4:02:28:2e:79:
35:35:52:93:b6:1c:22:00:2b:37:28:31:8f:17:50:b8:05:a1:
f5:33:33:dd:74:7c:8f:31:bd:a4:92:e3:42:08:8d:ac:d4:c2:
88:5b:c8:0e:93:61:4c:f6:16:e8:3e:22:8f:fe:44:15:3a:f8:
cb:e1:45:ab:a6:b8:15:81:3b:32:4a:20:9c:2e:f2:9d:c0:95:
95:07:5a:7b:4c:2f:56:db:01:9b:08:4f:e1:4b:9b:2f:f5:73:
ed:db:16:c4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY8zeg9mDYRHmEBuCnGk1nu0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5YzAyZDQyMzRmNGJjNGU4NzU1NWU0MWMwMzc3OWQ1NjIw
YTUxNTUwHhcNMjQwNTAxMDkyNjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjJlNDBlYzkwNjVhNmFhZGRlODlmN2UwNTU1NGFmZTIxOWNmNGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyfWZO6qlNXZtW0+73B98y3O0mfX
FYeZ1gbC84HWdDMOe9lb30lxl/kL/vWFmeMYdmFctd15mvAzE3UNGyDQoAIdo621
HK17O8WjmxGVHM8HdXacpyjxP1zMeVUGjAVhN5KKl1JOHxN7UGyEiwbaTl/wM7Ll
k41e634woBxQ1BgoaZ1YXW1SFcl38VMXx93uoO2C5314tpvIaPA+ru0rCHXWbbyg
18ZmpwgGoKUjawX7Ae+0NTqHkvJdPh6tsDokM+2XG3HYGpNpiQFdHctLdc8vDF9C
o6JIHAXg2S6rdP6aNzkCtifjI1444z13tOkMZpaOODJ+qobNWxuL8hYJQwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI8uQOyQZaaq3eiffgVVSv4hnPS+MB8GA1UdIwQY
MBaAFMnALUI09LxOh1VeQcA3edViClFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWNBdFFqVDB2RTZIVlY1QndEZDUxV0lLVVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS82ODUyMzItZjVlOS00MWQ2LWI5NGUt
MWE2Y2U1ZmFmOTE2LzEvank1QTdKQmxwcXJkNko5LUJWVktfaUdjOUw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS82ODUyMzItZjVlOS00MWQ2LWI5NGUtMWE2Y2U1ZmFmOTE2
LzEveWNBdFFqVDB2RTZIVlY1QndEZDUxV0lLVVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQD1AHIMA0E
AgACMAcDBQMqB3YAMA0GCSqGSIb3DQEBCwUAA4IBAQA/z5zQo5tDPOm3UXM/J5Hq
EuWdFkgMsRaKfwlC2rNKkBDu4Idc/RrFakNBPWxBp8sR5SjS/wEN7P+fEzYJNv69
KYDfiDu7QIBG6EmWfm6LU7PpFIQG+pRw6M1kACv8UoNniFN7D9jyJe30Amn2kbWX
+rsav7WfW7ccP80anHOM/8E05Rn67C99eHmKDSyJu0ZCJh33t/GXn9c1eDaL1AIo
Lnk1NVKTthwiACs3KDGPF1C4BaH1MzPddHyPMb2kkuNCCI2s1MKIW8gOk2FM9hbo
PiKP/kQVOvjL4UWrprgVgTsySiCcLvKdwJWVB1p7TC9W2wGbCE/hS5sv9XPt2xbE
-----END CERTIFICATE-----
Generated at Fri Jun 7 19:17:59 2024 by rpki-client on console-ams.rpki-client.org