Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/a14e1e-ced4-42e9-8338-f2af8001ac78/1/yhLkTBwFXW9MjzC359UU8CJ6Bcc.roa
File: yhLkTBwFXW9MjzC359UU8CJ6Bcc.roa (raw, json)
Hash identifier: YsI+CGd1aoGxeJp5us7qb7YQNNKxFAd0kxBSQecushk=
Subject key identifier: CA:12:E4:4C:1C:05:5D:6F:4C:8F:30:B7:E7:D5:14:F0:22:7A:05:C7
Certificate issuer: /CN=d44bc0e83e81f57fb4894041dca76c77d33f02e7
Certificate serial: 01941F8C6785B6E9B408692A7E5C59582D74
Authority key identifier: D4:4B:C0:E8:3E:81:F5:7F:B4:89:40:41:DC:A7:6C:77:D3:3F:02:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1EvA6D6B9X-0iUBB3Kdsd9M_Auc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/a14e1e-ced4-42e9-8338-f2af8001ac78/1/yhLkTBwFXW9MjzC359UU8CJ6Bcc.roa
Signing time: Wed 01 Jan 2025 01:48:02 +0000
ROA not before: Wed 01 Jan 2025 01:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43682
IP address blocks: 78.24.192.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/a14e1e-ced4-42e9-8338-f2af8001ac78/1/1EvA6D6B9X-0iUBB3Kdsd9M_Auc.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/a14e1e-ced4-42e9-8338-f2af8001ac78/1/1EvA6D6B9X-0iUBB3Kdsd9M_Auc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1EvA6D6B9X-0iUBB3Kdsd9M_Auc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:67:85:b6:e9:b4:08:69:2a:7e:5c:59:58:2d:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d44bc0e83e81f57fb4894041dca76c77d33f02e7
Validity
Not Before: Jan 1 01:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca12e44c1c055d6f4c8f30b7e7d514f0227a05c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:d4:4d:a5:8f:a5:7e:07:63:dd:06:1b:a9:cb:
36:f3:57:c1:04:cf:b4:26:94:c7:ba:6b:ec:77:23:
e8:1c:db:84:32:13:86:81:a3:e7:55:93:1c:76:6c:
5f:0c:e5:b7:f2:22:09:5b:65:d3:51:cb:e1:e3:e9:
fb:fa:67:52:92:84:dd:4f:d8:ba:79:5d:d4:f1:9e:
88:91:ed:5a:bd:65:bf:6c:3a:d5:3c:fe:d7:76:aa:
22:a4:4f:9d:aa:32:1c:d9:d2:0d:ba:b6:a2:64:cc:
29:b3:d7:6b:75:34:e6:c7:a3:42:2a:1b:87:45:85:
f5:90:54:48:06:65:65:2d:8a:94:ca:e0:f5:b1:e0:
48:39:c8:a7:3b:86:ec:d9:8f:a8:25:6b:56:9d:94:
cb:01:4a:67:23:20:63:c7:c5:06:c7:70:62:05:d7:
be:79:a4:df:c6:72:5f:b8:fe:dd:a0:cb:cc:94:15:
9f:40:2d:13:26:44:1c:8e:8b:97:72:49:0f:a1:a0:
6b:05:a8:6d:34:95:21:9f:5c:db:d1:ab:2e:bc:7b:
42:f2:3c:7f:93:e2:ab:ff:02:9b:78:33:9d:29:62:
ba:ef:99:45:b9:75:00:48:99:de:07:aa:b1:93:c2:
67:f1:91:81:3e:9b:8c:6d:24:4d:45:8b:c5:fe:02:
50:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:12:E4:4C:1C:05:5D:6F:4C:8F:30:B7:E7:D5:14:F0:22:7A:05:C7
X509v3 Authority Key Identifier:
keyid:D4:4B:C0:E8:3E:81:F5:7F:B4:89:40:41:DC:A7:6C:77:D3:3F:02:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1EvA6D6B9X-0iUBB3Kdsd9M_Auc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/a14e1e-ced4-42e9-8338-f2af8001ac78/1/yhLkTBwFXW9MjzC359UU8CJ6Bcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/a14e1e-ced4-42e9-8338-f2af8001ac78/1/1EvA6D6B9X-0iUBB3Kdsd9M_Auc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.24.192.0/21
Signature Algorithm: sha256WithRSAEncryption
1b:72:fb:ec:e8:8e:6e:6a:af:d2:cd:b5:73:d7:10:6f:3a:f6:
26:fa:99:b1:8f:d4:34:ca:10:c8:01:3a:35:3f:1c:fb:3e:c8:
b3:c4:71:e0:32:f8:a0:5a:40:b5:ca:00:f0:e5:e6:2c:fa:d7:
12:8f:58:1b:8a:b0:ae:0a:84:23:ac:fc:11:51:40:34:cc:b0:
6d:28:f8:0d:aa:8d:78:1c:80:97:0c:50:aa:c1:ee:c1:35:14:
bd:20:16:cc:8d:52:80:77:ee:40:90:b5:d1:48:a1:ad:66:dd:
ad:32:61:52:31:3b:60:a2:ec:9a:3b:9d:6e:6f:89:9b:ec:12:
0b:85:5b:8c:08:fd:2c:b6:d1:75:a1:5a:40:a5:8e:fa:dd:33:
1c:23:3e:96:75:0c:07:8d:1a:06:cf:5a:1b:14:05:07:e4:99:
0c:ea:ec:52:6c:44:c2:ae:41:77:53:f1:35:dd:88:ef:c4:ed:
c8:5f:e4:61:64:e2:9b:b7:13:e2:42:74:b6:6d:d4:bb:c5:73:
28:ac:4d:c4:69:5a:77:e6:c8:01:fd:60:61:7f:6b:87:9e:72:
04:cf:40:9d:e8:13:46:97:a0:4a:87:b9:ad:00:4d:c0:89:34:
7a:56:13:58:05:d1:82:fa:34:62:55:8e:6c:1a:bf:1b:ee:ad:
fd:58:3e:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjGeFtum0CGkqflxZWC10MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NGJjMGU4M2U4MWY1N2ZiNDg5NDA0MWRjYTc2Yzc3ZDMz
ZjAyZTcwHhcNMjUwMTAxMDE0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTEyZTQ0YzFjMDU1ZDZmNGM4ZjMwYjdlN2Q1MTRmMDIyN2EwNWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA69RNpY+lfgdj3QYbqcs281fBBM+0
JpTHumvsdyPoHNuEMhOGgaPnVZMcdmxfDOW38iIJW2XTUcvh4+n7+mdSkoTdT9i6
eV3U8Z6Ike1avWW/bDrVPP7XdqoipE+dqjIc2dINuraiZMwps9drdTTmx6NCKhuH
RYX1kFRIBmVlLYqUyuD1seBIOcinO4bs2Y+oJWtWnZTLAUpnIyBjx8UGx3BiBde+
eaTfxnJfuP7doMvMlBWfQC0TJkQcjouXckkPoaBrBahtNJUhn1zb0asuvHtC8jx/
k+Kr/wKbeDOdKWK675lFuXUASJneB6qxk8Jn8ZGBPpuMbSRNRYvF/gJQDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMoS5EwcBV1vTI8wt+fVFPAiegXHMB8GA1UdIwQY
MBaAFNRLwOg+gfV/tIlAQdynbHfTPwLnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUV2QTZENkI5WC0waVVCQjNLZHNkOU1fQXVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9hMTRlMWUtY2VkNC00MmU5LTgzMzgt
ZjJhZjgwMDFhYzc4LzEveWhMa1RCd0ZYVzlNanpDMzU5VVU4Q0o2QmNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9hMTRlMWUtY2VkNC00MmU5LTgzMzgtZjJhZjgwMDFhYzc4
LzEvMUV2QTZENkI5WC0waVVCQjNLZHNkOU1fQXVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDThjAMA0G
CSqGSIb3DQEBCwUAA4IBAQAbcvvs6I5uaq/SzbVz1xBvOvYm+pmxj9Q0yhDIATo1
Pxz7PsizxHHgMvigWkC1ygDw5eYs+tcSj1gbirCuCoQjrPwRUUA0zLBtKPgNqo14
HICXDFCqwe7BNRS9IBbMjVKAd+5AkLXRSKGtZt2tMmFSMTtgouyaO51ub4mb7BIL
hVuMCP0sttF1oVpApY763TMcIz6WdQwHjRoGz1obFAUH5JkM6uxSbETCrkF3U/E1
3YjvxO3IX+RhZOKbtxPiQnS2bdS7xXMorE3EaVp35sgB/WBhf2uHnnIEz0Cd6BNG
l6BKh7mtAE3AiTR6VhNYBdGC+jRiVY5sGr8b7q39WD5g
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:11 2025 by rpki-client