Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/747db8-ac57-46a8-b632-6ce3c03a134c/1/ywv56Z--GmQgxcCY0w9vAAw80Y8.roa
File: ywv56Z--GmQgxcCY0w9vAAw80Y8.roa (raw, json)
Hash identifier: M6m2Lj3JGYCS7d4BO9lrTPQnZD6rL/7HWzX+x1kLE0s=
Subject key identifier: CB:0B:F9:E9:9F:BE:1A:64:20:C5:C0:98:D3:0F:6F:00:0C:3C:D1:8F
Certificate issuer: /CN=28178243a0866b091272d1e1eb451e71e413b99a
Certificate serial: 0193491E69D6B847F7D030271E41D75584D1
Authority key identifier: 28:17:82:43:A0:86:6B:09:12:72:D1:E1:EB:45:1E:71:E4:13:B9:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBeCQ6CGawkSctHh60UeceQTuZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/747db8-ac57-46a8-b632-6ce3c03a134c/1/ywv56Z--GmQgxcCY0w9vAAw80Y8.roa
Signing time: Wed 20 Nov 2024 10:29:10 +0000
ROA not before: Wed 20 Nov 2024 10:29:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204627
IP address blocks: 185.61.248.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/747db8-ac57-46a8-b632-6ce3c03a134c/1/KBeCQ6CGawkSctHh60UeceQTuZo.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/747db8-ac57-46a8-b632-6ce3c03a134c/1/KBeCQ6CGawkSctHh60UeceQTuZo.mft
rsync://rpki.ripe.net/repository/DEFAULT/KBeCQ6CGawkSctHh60UeceQTuZo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:49:1e:69:d6:b8:47:f7:d0:30:27:1e:41:d7:55:84:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28178243a0866b091272d1e1eb451e71e413b99a
Validity
Not Before: Nov 20 10:29:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb0bf9e99fbe1a6420c5c098d30f6f000c3cd18f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:3e:8f:30:92:6f:f2:6b:ae:28:27:61:3e:17:
75:64:93:b3:19:85:de:dc:fc:ee:5a:f2:96:41:74:
51:a3:8a:bb:2c:70:9a:3e:be:0f:e3:12:8d:3f:91:
22:2b:9c:44:4c:09:04:4d:64:6e:ec:39:5d:34:af:
0b:78:32:92:b9:f0:9e:4a:77:cd:ff:ca:7d:01:3d:
e7:d1:f7:70:3d:6d:fe:86:aa:ff:88:a7:c9:bd:ad:
81:2a:6a:a3:90:ad:72:da:14:66:78:61:f0:8e:ff:
47:3d:2a:96:16:22:0c:e3:e4:3b:fd:ec:0a:e7:ae:
6f:7a:71:7f:c8:a7:c7:53:4e:17:3c:aa:b9:e8:7b:
35:0b:a1:62:a7:61:b2:73:4e:54:40:8a:ad:da:ba:
3e:49:00:cf:86:45:a1:53:90:4d:d4:16:96:7d:47:
7f:b8:99:bc:0a:f0:66:cb:06:c7:d6:a6:98:0b:a5:
8d:47:06:18:88:09:ee:b0:dc:1d:5a:ed:87:68:fb:
dc:6c:be:64:cf:00:02:10:d3:9a:2d:dd:dd:2e:ea:
93:fa:8a:50:e3:de:d5:66:81:2a:b9:4d:8a:42:1e:
76:96:3f:9a:8a:b5:25:cd:af:cc:2b:88:54:da:9a:
1e:af:e4:6a:71:67:d9:3e:49:a3:a4:be:f7:cb:0c:
82:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:0B:F9:E9:9F:BE:1A:64:20:C5:C0:98:D3:0F:6F:00:0C:3C:D1:8F
X509v3 Authority Key Identifier:
keyid:28:17:82:43:A0:86:6B:09:12:72:D1:E1:EB:45:1E:71:E4:13:B9:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBeCQ6CGawkSctHh60UeceQTuZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/747db8-ac57-46a8-b632-6ce3c03a134c/1/ywv56Z--GmQgxcCY0w9vAAw80Y8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/747db8-ac57-46a8-b632-6ce3c03a134c/1/KBeCQ6CGawkSctHh60UeceQTuZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.61.248.0/22
Signature Algorithm: sha256WithRSAEncryption
78:70:22:d3:98:8f:17:52:c5:b6:61:3d:15:e0:82:cf:cc:c5:
28:aa:7a:8d:91:7b:1e:6b:f6:2c:cc:5b:96:c5:b8:04:34:f3:
68:71:d8:06:58:87:73:d9:7b:ed:ab:0e:b0:59:98:18:8f:80:
17:8d:86:c8:e7:b7:5c:c1:9a:f4:e8:75:96:17:9b:42:24:3a:
f3:f7:c3:e5:7b:bd:7b:50:77:67:98:63:c2:34:be:11:e9:eb:
19:2c:b4:d3:f8:bd:d3:ca:7f:4c:f2:2d:06:16:d5:7f:f5:e1:
fc:d6:ab:4d:31:86:74:5b:86:c8:9e:79:00:c5:81:59:ae:13:
ff:65:c6:5f:3d:52:0c:47:a5:e4:a9:32:79:4c:1f:04:14:27:
96:f4:aa:e9:20:32:26:a3:dd:24:9e:5b:b4:1f:54:91:0a:b3:
54:c5:09:52:b9:d8:ba:06:ed:94:42:e3:ea:7b:91:8d:a8:b3:
b7:8c:93:90:fb:ba:54:46:fe:79:f3:b2:55:96:40:63:b7:c8:
06:8e:28:a6:b3:bf:62:83:bc:3e:e4:5c:e3:fe:c4:af:b9:40:
6e:ef:b9:9e:a7:a3:89:14:b9:73:04:5b:c2:51:4b:57:e4:20:
8b:28:55:29:1a:8d:5d:b1:8e:01:d0:a8:dd:e7:58:3f:67:93:
f1:92:59:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZNJHmnWuEf30DAnHkHXVYTRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTc4MjQzYTA4NjZiMDkxMjcyZDFlMWViNDUxZTcxZTQx
M2I5OWEwHhcNMjQxMTIwMTAyOTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjBiZjllOTlmYmUxYTY0MjBjNWMwOThkMzBmNmYwMDBjM2NkMThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0D6PMJJv8muuKCdhPhd1ZJOzGYXe
3PzuWvKWQXRRo4q7LHCaPr4P4xKNP5EiK5xETAkETWRu7DldNK8LeDKSufCeSnfN
/8p9AT3n0fdwPW3+hqr/iKfJva2BKmqjkK1y2hRmeGHwjv9HPSqWFiIM4+Q7/ewK
565venF/yKfHU04XPKq56Hs1C6Fip2Gyc05UQIqt2ro+SQDPhkWhU5BN1BaWfUd/
uJm8CvBmywbH1qaYC6WNRwYYiAnusNwdWu2HaPvcbL5kzwACENOaLd3dLuqT+opQ
497VZoEquU2KQh52lj+airUlza/MK4hU2poer+RqcWfZPkmjpL73ywyCCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMsL+emfvhpkIMXAmNMPbwAMPNGPMB8GA1UdIwQY
MBaAFCgXgkOghmsJEnLR4etFHnHkE7maMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JlQ1E2Q0dhd2tTY3RIaDYwVWVjZVFUdVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS83NDdkYjgtYWM1Ny00NmE4LWI2MzIt
NmNlM2MwM2ExMzRjLzEveXd2NTZaLS1HbVFneGNDWTB3OXZBQXc4MFk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS83NDdkYjgtYWM1Ny00NmE4LWI2MzItNmNlM2MwM2ExMzRj
LzEvS0JlQ1E2Q0dhd2tTY3RIaDYwVWVjZVFUdVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuT34MA0G
CSqGSIb3DQEBCwUAA4IBAQB4cCLTmI8XUsW2YT0V4ILPzMUoqnqNkXsea/YszFuW
xbgENPNocdgGWIdz2Xvtqw6wWZgYj4AXjYbI57dcwZr06HWWF5tCJDrz98Ple717
UHdnmGPCNL4R6esZLLTT+L3Tyn9M8i0GFtV/9eH81qtNMYZ0W4bInnkAxYFZrhP/
ZcZfPVIMR6XkqTJ5TB8EFCeW9KrpIDImo90knlu0H1SRCrNUxQlSudi6Bu2UQuPq
e5GNqLO3jJOQ+7pURv5587JVlkBjt8gGjiims79ig7w+5Fzj/sSvuUBu77mep6OJ
FLlzBFvCUUtX5CCLKFUpGo1dsY4B0Kjd51g/Z5Pxklm7
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:13:09 2024 by rpki-client on console-fra.rpki-client.org