Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/y9yEzF2k0l8zoYG6JT7cvycjRio.roa
File: y9yEzF2k0l8zoYG6JT7cvycjRio.roa (raw, json)
Hash identifier: +x4hHct2/ui7YXz9cKZ6rs2apAg2CHGCJro6SSbhoe0=
Subject key identifier: CB:DC:84:CC:5D:A4:D2:5F:33:A1:81:BA:25:3E:DC:BF:27:23:46:2A
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018D788A274C45FEDC6919F921F906C26461
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/y9yEzF2k0l8zoYG6JT7cvycjRio.roa
Signing time: Mon 05 Feb 2024 09:12:16 +0000
ROA not before: Mon 05 Feb 2024 09:12:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15899
IP address blocks: 85.254.9.0/24 maxlen: 24
85.254.10.0/24 maxlen: 24
85.254.11.0/24 maxlen: 24
85.254.12.0/24 maxlen: 24
85.254.13.0/24 maxlen: 24
85.254.14.0/24 maxlen: 24
85.254.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 07:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:78:8a:27:4c:45:fe:dc:69:19:f9:21:f9:06:c2:64:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Feb 5 09:12:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cbdc84cc5da4d25f33a181ba253edcbf2723462a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7f:f3:e9:30:52:90:1e:65:c8:b4:ce:71:39:
e1:5d:b6:cf:c3:e3:79:ae:c9:2a:7b:b3:17:ea:1d:
a3:62:20:f0:6d:cd:e7:8b:9e:0c:7a:6d:a1:97:f2:
dd:4c:aa:47:72:a1:df:0d:47:02:0c:50:87:ec:24:
b4:aa:be:fe:37:2c:50:b2:d2:ee:8e:ee:44:7a:93:
8c:34:0c:58:b9:d6:f9:08:ec:aa:e7:85:de:9c:ce:
90:17:68:7c:cf:1b:d2:66:a2:54:ab:15:91:75:25:
71:f4:18:99:bd:f5:6c:64:30:5a:ed:9f:c9:f1:c6:
4b:4d:eb:60:25:81:d0:ca:16:3a:24:c4:3b:69:23:
58:f8:af:3b:46:14:9b:3f:f5:60:00:10:c3:97:1c:
77:0c:8b:b0:8b:0a:34:36:a3:11:87:ac:63:be:a9:
52:9f:09:3b:fb:b7:2f:5d:9c:b1:0e:3a:e6:9f:3c:
7e:ff:81:d0:2f:3c:a0:a9:52:bf:a0:a9:a5:61:1b:
33:5e:51:08:77:36:56:4b:38:cf:ff:4e:b1:08:e1:
3c:0b:36:e6:1c:01:a7:dd:ce:a8:2c:5f:29:fe:08:
e2:73:ab:be:ce:b1:3c:f2:de:fe:c2:8f:f7:a7:54:
78:16:05:5e:c1:6f:50:51:86:d2:ef:60:7c:f9:3f:
91:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:DC:84:CC:5D:A4:D2:5F:33:A1:81:BA:25:3E:DC:BF:27:23:46:2A
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/y9yEzF2k0l8zoYG6JT7cvycjRio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.9.0-85.254.15.255
Signature Algorithm: sha256WithRSAEncryption
8f:7e:db:85:61:e1:37:71:fc:10:e9:98:c7:c0:f5:97:cd:dd:
e0:0a:ab:c9:7d:8a:2e:2f:d4:ad:c4:71:e8:1f:db:e4:31:24:
50:9a:43:ab:b1:ff:20:cf:a6:05:96:84:e9:2e:d0:e6:d1:6e:
6f:ca:c9:d4:20:2f:1d:e9:13:4a:6d:ac:80:89:3b:08:54:8e:
c7:38:72:58:64:00:a5:05:32:ec:4e:b7:fc:a9:e2:67:7f:1b:
28:17:f6:e5:12:5f:43:37:4e:0a:cb:f7:32:64:ea:32:7b:8e:
e2:81:2b:88:ed:af:3a:04:c3:9b:5d:fc:47:fd:ef:9b:a0:a5:
11:c6:b6:35:5a:57:23:af:74:fd:e8:98:44:22:72:0b:7e:2e:
69:ca:9b:62:3a:d8:8d:b6:c9:68:cd:2d:a0:db:b0:f0:c9:94:
b4:f4:f6:84:c8:44:1e:d4:98:df:80:ed:e2:65:03:57:ff:ef:
7c:bb:3a:3c:a9:af:52:82:40:d1:f8:b6:d5:96:d8:9e:ae:85:
b0:1d:2e:26:cb:8e:0e:83:fe:1f:58:ed:1f:b6:51:d9:36:d7:
bd:25:e1:fc:c0:90:3a:1d:f4:96:db:7f:08:b8:9e:19:04:d5:
33:7c:ec:89:bf:9f:d8:0b:bf:61:09:39:cc:d4:15:54:f7:f5:
f0:ea:c2:ab
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY14iidMRf7caRn5IfkGwmRhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMjA1MDkxMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmRjODRjYzVkYTRkMjVmMzNhMTgxYmEyNTNlZGNiZjI3MjM0NjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3/z6TBSkB5lyLTOcTnhXbbPw+N5
rskqe7MX6h2jYiDwbc3ni54Mem2hl/LdTKpHcqHfDUcCDFCH7CS0qr7+NyxQstLu
ju5EepOMNAxYudb5COyq54XenM6QF2h8zxvSZqJUqxWRdSVx9BiZvfVsZDBa7Z/J
8cZLTetgJYHQyhY6JMQ7aSNY+K87RhSbP/VgABDDlxx3DIuwiwo0NqMRh6xjvqlS
nwk7+7cvXZyxDjrmnzx+/4HQLzygqVK/oKmlYRszXlEIdzZWSzjP/06xCOE8Czbm
HAGn3c6oLF8p/gjic6u+zrE88t7+wo/3p1R4FgVewW9QUYbS72B8+T+RFQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMvchMxdpNJfM6GBuiU+3L8nI0YqMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEveTl5RXpGMmswbDh6b1lHNkpUN2N2eWNqUmlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABV/gkD
BARV/gAwDQYJKoZIhvcNAQELBQADggEBAI9+24Vh4Tdx/BDpmMfA9ZfN3eAKq8l9
ii4v1K3Ecegf2+QxJFCaQ6ux/yDPpgWWhOku0ObRbm/KydQgLx3pE0ptrICJOwhU
jsc4clhkAKUFMuxOt/yp4md/GygX9uUSX0M3TgrL9zJk6jJ7juKBK4jtrzoEw5td
/Ef975ugpRHGtjVaVyOvdP3omEQicgt+LmnKm2I62I22yWjNLaDbsPDJlLT09oTI
RB7UmN+A7eJlA1f/73y7Ojypr1KCQNH4ttWW2J6uhbAdLibLjg6D/h9Y7R+2Udk2
170l4fzAkDod9Jbbfwi4nhkE1TN87Im/n9gLv2EJOczUFVT39fDqwqs=
-----END CERTIFICATE-----
Generated at Wed May 1 13:38:18 2024 by rpki-client on console-fra.rpki-client.org