Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/yN5fYmyr85DBvWAJWr7Iz_JE5yk.roa
File: yN5fYmyr85DBvWAJWr7Iz_JE5yk.roa (raw, json)
Hash identifier: a33ceb+B0ccMjkv5yF0H48lyIzd3IUBn9McIdB4+ZMw=
Subject key identifier: C8:DE:5F:62:6C:AB:F3:90:C1:BD:60:09:5A:BE:C8:CF:F2:44:E7:29
Certificate issuer: /CN=320b24a740f2e61632050adc146c1ee6a3e686c5
Certificate serial: 018CCA29D79855A348AF6C55A90E75A260BF
Authority key identifier: 32:0B:24:A7:40:F2:E6:16:32:05:0A:DC:14:6C:1E:E6:A3:E6:86:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/yN5fYmyr85DBvWAJWr7Iz_JE5yk.roa
Signing time: Tue 02 Jan 2024 12:33:08 +0000
ROA not before: Tue 02 Jan 2024 12:33:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5538
IP address blocks: 92.240.64.0/19 maxlen: 19
194.8.1.0/24 maxlen: 24
85.254.192.0/18 maxlen: 18
5.152.224.0/21 maxlen: 21
185.23.160.0/22 maxlen: 22
2a02:500::/29 maxlen: 29
2a02:500::/32 maxlen: 32
2a02:500:4000::/35 maxlen: 35
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.mft
rsync://rpki.ripe.net/repository/DEFAULT/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:d7:98:55:a3:48:af:6c:55:a9:0e:75:a2:60:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=320b24a740f2e61632050adc146c1ee6a3e686c5
Validity
Not Before: Jan 2 12:33:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8de5f626cabf390c1bd60095abec8cff244e729
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:92:77:20:3a:4e:2c:c6:f8:00:df:2f:0a:34:
a8:47:04:a9:56:65:c5:76:23:17:58:86:53:3b:30:
70:33:cf:2b:cf:7c:a9:87:81:f0:c1:55:74:85:29:
6b:2d:fc:a8:15:53:8e:2e:dd:e9:09:51:25:c5:4c:
2f:9c:1d:94:4b:d0:b2:39:e1:a2:db:a5:65:b1:57:
a1:c5:44:03:80:d8:4f:40:00:ab:07:7d:88:dc:7d:
bc:1f:53:26:4a:3b:11:5f:8c:47:31:ac:e6:5d:57:
35:c0:df:4e:67:12:32:d7:90:1d:c8:88:eb:da:54:
75:52:a2:34:37:f2:e9:50:41:8f:17:60:8a:00:3e:
3f:43:0d:c1:79:9f:8d:34:20:5d:c4:12:5e:60:79:
b3:52:39:46:e9:bd:49:6b:63:27:a8:d7:66:4d:f1:
92:a9:0f:87:db:37:de:6b:59:91:4b:a8:d6:06:39:
e0:62:3a:55:45:4f:b8:b9:bd:45:6a:95:25:7c:bf:
74:ba:96:f9:19:ee:a0:fd:9e:19:2a:b5:44:2d:43:
c6:cd:7d:9e:c2:c4:19:cf:9b:9c:0e:42:6e:35:b2:
24:4d:35:2a:9e:03:07:d8:7d:48:62:6a:bf:90:cc:
19:10:67:59:7b:a6:34:18:1b:93:a2:8c:31:f2:7f:
75:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:DE:5F:62:6C:AB:F3:90:C1:BD:60:09:5A:BE:C8:CF:F2:44:E7:29
X509v3 Authority Key Identifier:
keyid:32:0B:24:A7:40:F2:E6:16:32:05:0A:DC:14:6C:1E:E6:A3:E6:86:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/yN5fYmyr85DBvWAJWr7Iz_JE5yk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.152.224.0/21
85.254.192.0/18
92.240.64.0/19
185.23.160.0/22
194.8.1.0/24
IPv6:
2a02:500::/29
Signature Algorithm: sha256WithRSAEncryption
76:7b:ac:ae:26:ee:b7:ab:85:6b:93:b5:2e:a5:a6:c4:71:56:
0b:d8:8d:5d:b5:c7:a8:bb:69:0f:2d:06:2c:fd:1c:5a:47:4d:
6c:b7:1e:ab:cb:19:8d:13:ae:a8:91:02:f1:18:79:35:bf:5d:
32:51:ed:30:9a:db:c9:b1:2a:e2:9d:f9:46:50:8f:eb:4e:6f:
ce:18:c6:89:08:89:43:8b:2e:cb:04:ad:5e:6e:17:f9:86:26:
44:d2:37:01:1b:2a:94:3c:72:ee:f3:b3:05:9c:cb:5e:44:97:
d6:93:ee:27:d4:79:5e:bb:c9:bf:21:43:91:a4:27:2f:ce:f0:
6b:0d:96:4c:db:73:7b:e6:92:ce:c9:f6:29:c6:d5:83:ee:85:
20:5e:9d:6e:10:9e:27:a4:56:c9:3b:ff:3b:d8:cf:e8:89:28:
75:63:09:cb:8e:cc:f8:fa:d7:c8:78:0f:d0:56:10:01:8b:3d:
07:c3:83:9d:89:f0:a7:6e:18:ff:fd:e7:2c:bd:fa:67:73:c4:
4b:eb:71:d5:bb:c3:0f:e0:fe:c3:73:38:a6:0c:b5:c1:d5:2a:
5d:ee:e5:aa:18:a4:f7:1b:2a:6b:d4:bc:86:0e:db:11:f2:a3:
98:f9:7d:51:61:09:e9:b9:74:6c:4b:0c:4e:f9:65:c7:42:5f:
b5:e1:2e:7d
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzKKdeYVaNIr2xVqQ51omC/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMGIyNGE3NDBmMmU2MTYzMjA1MGFkYzE0NmMxZWU2YTNl
Njg2YzUwHhcNMjQwMTAyMTIzMzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGRlNWY2MjZjYWJmMzkwYzFiZDYwMDk1YWJlYzhjZmYyNDRlNzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJJ3IDpOLMb4AN8vCjSoRwSpVmXF
diMXWIZTOzBwM88rz3yph4HwwVV0hSlrLfyoFVOOLt3pCVElxUwvnB2US9CyOeGi
26VlsVehxUQDgNhPQACrB32I3H28H1MmSjsRX4xHMazmXVc1wN9OZxIy15AdyIjr
2lR1UqI0N/LpUEGPF2CKAD4/Qw3BeZ+NNCBdxBJeYHmzUjlG6b1Ja2MnqNdmTfGS
qQ+H2zfea1mRS6jWBjngYjpVRU+4ub1FapUlfL90upb5Ge6g/Z4ZKrVELUPGzX2e
wsQZz5ucDkJuNbIkTTUqngMH2H1IYmq/kMwZEGdZe6Y0GBuToowx8n91oQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFMjeX2Jsq/OQwb1gCVq+yM/yROcpMB8GA1UdIwQY
MBaAFDILJKdA8uYWMgUK3BRsHuaj5obFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWdza3AwRHk1aFl5QlFyY0ZHd2U1cVBtaHNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy85YzI3ZTQtZDdiMS00M2MxLWEzOGYt
OTQ5MTRmNWRkYjNjLzEveU41ZllteXI4NURCdldBSldyN0l6X0pFNXlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy85YzI3ZTQtZDdiMS00M2MxLWEzOGYtOTQ5MTRmNWRkYjNj
LzEvTWdza3AwRHk1aFl5QlFyY0ZHd2U1cVBtaHNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDBZjgAwQG
Vf7AAwQFXPBAAwQCuRegAwQAwggBMA0EAgACMAcDBQMqAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQB2e6yuJu63q4Vrk7UupabEcVYL2I1dtceou2kPLQYs/RxaR01stx6r
yxmNE66okQLxGHk1v10yUe0wmtvJsSrinflGUI/rTm/OGMaJCIlDiy7LBK1ebhf5
hiZE0jcBGyqUPHLu87MFnMteRJfWk+4n1Hleu8m/IUORpCcvzvBrDZZM23N75pLO
yfYpxtWD7oUgXp1uEJ4npFbJO/872M/oiSh1YwnLjsz4+tfIeA/QVhABiz0Hw4Od
ifCnbhj//ecsvfpnc8RL63HVu8MP4P7DczimDLXB1Spd7uWqGKT3Gypr1LyGDtsR
8qOY+X1RYQnpuXRsSwxO+WXHQl+14S59
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:12:38 2024 by rpki-client on console-ams.rpki-client.org