Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/ya2AGZPhi9hAyyLlCTCKrdIzLXw.roa
File: ya2AGZPhi9hAyyLlCTCKrdIzLXw.roa (raw, json)
Hash identifier: KH8ct0pru/m+D6z7pPzhDVLSenXXxt32icIo+hHFfu4=
Subject key identifier: C9:AD:80:19:93:E1:8B:D8:40:CB:22:E5:09:30:8A:AD:D2:33:2D:7C
Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial: 018CC42456BFDAFA0C0B50AFC4677C6E111C
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/ya2AGZPhi9hAyyLlCTCKrdIzLXw.roa
Signing time: Mon 01 Jan 2024 08:29:25 +0000
ROA not before: Mon 01 Jan 2024 08:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57512
IP address blocks: 91.108.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Jun 2024 10:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:56:bf:da:fa:0c:0b:50:af:c4:67:7c:6e:11:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Validity
Not Before: Jan 1 08:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9ad801993e18bd840cb22e509308aadd2332d7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c8:9f:95:3a:7a:2c:5e:cc:80:d0:44:75:31:
61:3c:35:3d:3a:a4:b7:cb:51:01:3d:9c:8f:c1:dd:
b2:a1:90:65:e0:03:ef:80:60:3f:d7:c9:0e:88:44:
24:1a:b7:cb:1e:ad:1c:3c:4a:37:f2:71:4f:55:db:
b8:18:d8:a4:d8:3a:7c:cc:4c:e7:ab:e6:ee:eb:8f:
72:0d:41:39:6a:3b:fa:25:93:b2:7b:20:8c:01:44:
68:01:bf:a1:24:b0:2a:5f:b0:1a:ae:a7:0c:7e:78:
1a:bc:a6:24:ea:26:73:3f:63:6f:6d:5e:7f:a3:a1:
33:61:4e:ea:6e:0f:4f:f3:c7:e2:f3:47:e3:84:30:
83:d6:3c:f9:c0:30:ec:57:61:24:b8:e4:9a:8d:21:
42:89:65:f3:d4:c7:34:8d:58:a5:b9:01:3c:88:96:
43:cb:90:7c:ed:80:48:89:2b:a1:77:5f:8c:72:f4:
84:b5:88:c5:3b:fd:52:b5:e5:2f:eb:16:41:58:64:
09:ce:33:91:ca:f1:6f:e1:4c:02:48:74:ab:af:46:
0e:23:49:1c:ca:fe:5b:ff:70:91:77:21:40:32:7d:
87:21:e1:a6:73:83:34:58:00:41:49:f7:ba:4c:77:
53:66:f6:60:d1:4a:3f:9d:7d:1a:a9:4e:4a:6a:fb:
a0:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:AD:80:19:93:E1:8B:D8:40:CB:22:E5:09:30:8A:AD:D2:33:2D:7C
X509v3 Authority Key Identifier:
keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/ya2AGZPhi9hAyyLlCTCKrdIzLXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.54.0/24
Signature Algorithm: sha256WithRSAEncryption
68:58:c1:d0:4c:ad:38:7a:95:02:1f:bd:76:e0:98:59:77:a9:
b1:0b:f1:ed:93:ec:b2:62:f7:21:a3:6d:87:17:c7:5c:98:46:
bd:c1:a9:5c:82:b2:93:5d:c5:2f:db:97:2d:24:00:3f:ee:03:
f5:27:3b:87:4e:24:53:11:39:59:02:db:d7:85:4b:dd:a1:72:
0f:83:92:3f:17:31:67:7d:87:3b:d6:ea:13:47:cf:bc:f7:0f:
ca:f1:97:f6:fe:e8:dd:40:93:8c:e6:4f:6d:ef:c1:c3:6c:b2:
0c:90:24:cb:c2:78:f6:f5:67:3b:e6:cc:64:48:eb:17:0d:05:
79:5a:42:cc:d3:07:c9:f2:98:c1:0f:75:5b:8f:11:8b:2e:94:
65:fb:be:31:0d:73:b2:ee:24:cd:ca:b1:47:da:a0:65:2c:50:
3b:4c:4c:fb:fb:16:69:00:e6:4c:40:aa:e7:ee:d3:6e:79:c8:
1a:0f:6e:70:0d:d4:d1:53:55:1f:54:40:9b:5c:a4:a2:fb:b7:
fc:52:9b:a2:12:e8:90:15:cb:ab:05:ab:b7:f4:f8:ca:2d:13:
79:ba:ee:a5:83:49:8f:dc:78:37:88:c0:da:da:26:c7:bb:a2:
27:27:38:e6:b9:18:22:e7:b9:ae:9b:df:bb:b7:0e:40:4f:93:
e7:2a:d6:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJFa/2voMC1CvxGd8bhEcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx
YTUxYjgwHhcNMjQwMTAxMDgyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWFkODAxOTkzZTE4YmQ4NDBjYjIyZTUwOTMwOGFhZGQyMzMyZDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8iflTp6LF7MgNBEdTFhPDU9OqS3
y1EBPZyPwd2yoZBl4APvgGA/18kOiEQkGrfLHq0cPEo38nFPVdu4GNik2Dp8zEzn
q+bu649yDUE5ajv6JZOyeyCMAURoAb+hJLAqX7AarqcMfngavKYk6iZzP2NvbV5/
o6EzYU7qbg9P88fi80fjhDCD1jz5wDDsV2EkuOSajSFCiWXz1Mc0jViluQE8iJZD
y5B87YBIiSuhd1+McvSEtYjFO/1SteUv6xZBWGQJzjORyvFv4UwCSHSrr0YOI0kc
yv5b/3CRdyFAMn2HIeGmc4M0WABBSfe6THdTZvZg0Uo/nX0aqU5KavugXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMmtgBmT4YvYQMsi5Qkwiq3SMy18MB8GA1UdIwQY
MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt
NzY3NDE2NTI1MTBkLzEveWEyQUdaUGhpOWhBeXlMbENUQ0tyZEl6TFh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk
LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW2w2MA0G
CSqGSIb3DQEBCwUAA4IBAQBoWMHQTK04epUCH7124JhZd6mxC/Htk+yyYvcho22H
F8dcmEa9walcgrKTXcUv25ctJAA/7gP1JzuHTiRTETlZAtvXhUvdoXIPg5I/FzFn
fYc71uoTR8+89w/K8Zf2/ujdQJOM5k9t78HDbLIMkCTLwnj29Wc75sxkSOsXDQV5
WkLM0wfJ8pjBD3VbjxGLLpRl+74xDXOy7iTNyrFH2qBlLFA7TEz7+xZpAOZMQKrn
7tNuecgaD25wDdTRU1UfVECbXKSi+7f8UpuiEuiQFcurBau39PjKLRN5uu6lg0mP
3Hg3iMDa2ibHu6InJzjmuRgi57mum9+7tw5AT5PnKtaC
-----END CERTIFICATE-----
Generated at Mon Jun 17 11:57:51 2024 by rpki-client on console-ams.rpki-client.org