Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/36177f-7cd8-4bd3-8689-213d64beff71/1/YV88VvN7c0ZPqThFhXysYkvYcuI.roa
File: YV88VvN7c0ZPqThFhXysYkvYcuI.roa (raw, json)
Hash identifier: 057VOgnDcfz1hYayJOQssT6CWdBcmeewIOxFR3Ik33g=
Subject key identifier: 61:5F:3C:56:F3:7B:73:46:4F:A9:38:45:85:7C:AC:62:4B:D8:72:E2
Certificate issuer: /CN=ab9f84c6a48d5c6dfe64149873b148d1120b009b
Certificate serial: 018E0E060D50B4D5312AF673830BA742EB6B
Authority key identifier: AB:9F:84:C6:A4:8D:5C:6D:FE:64:14:98:73:B1:48:D1:12:0B:00:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q5-ExqSNXG3-ZBSYc7FI0RILAJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/36177f-7cd8-4bd3-8689-213d64beff71/1/YV88VvN7c0ZPqThFhXysYkvYcuI.roa
Signing time: Tue 05 Mar 2024 09:51:01 +0000
ROA not before: Tue 05 Mar 2024 09:51:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58075
IP address blocks: 185.187.100.0/22 maxlen: 24
2a0a:47c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/36177f-7cd8-4bd3-8689-213d64beff71/1/q5-ExqSNXG3-ZBSYc7FI0RILAJs.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/36177f-7cd8-4bd3-8689-213d64beff71/1/q5-ExqSNXG3-ZBSYc7FI0RILAJs.mft
rsync://rpki.ripe.net/repository/DEFAULT/q5-ExqSNXG3-ZBSYc7FI0RILAJs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0e:06:0d:50:b4:d5:31:2a:f6:73:83:0b:a7:42:eb:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab9f84c6a48d5c6dfe64149873b148d1120b009b
Validity
Not Before: Mar 5 09:51:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=615f3c56f37b73464fa93845857cac624bd872e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:8c:5d:f2:86:31:43:e9:9a:94:d8:3c:80:02:
43:40:64:b7:e9:e2:48:7a:09:d3:ae:36:24:17:0f:
6f:09:45:ef:dd:44:9d:aa:4c:dd:b4:1e:75:d5:2d:
90:61:36:01:0d:7b:0b:27:f6:c0:0e:1b:75:f9:e7:
3d:8e:da:a5:6e:f4:2e:46:17:d9:cc:75:be:4e:4b:
4c:18:5e:4c:6c:ac:42:75:ec:60:87:fe:65:fc:cb:
75:56:f6:05:a2:65:73:ed:a7:67:dc:71:bd:a7:af:
86:fe:14:7f:be:a3:92:4f:2a:bf:f8:4c:5f:b6:3e:
aa:15:d2:3e:b1:f7:e9:e6:61:53:74:9b:31:99:56:
17:20:50:ab:8d:fd:c8:85:a3:4b:29:e9:54:f9:2a:
c8:ef:94:a2:07:50:c7:6a:e1:a5:f1:40:24:49:71:
71:55:21:a3:f0:df:74:71:39:2b:b0:0b:70:e5:7f:
7c:fd:a6:05:a4:87:aa:b3:16:5f:a3:3c:91:5a:b9:
0c:46:aa:ac:c9:a2:ae:34:e1:5d:a7:1e:00:96:4d:
a3:9c:d9:90:dd:5e:27:f8:29:02:9f:ec:fd:73:24:
ad:bd:dd:d9:d7:7e:97:a6:ed:71:58:b3:34:00:08:
f6:78:ae:cb:90:4d:0b:b7:5c:b6:0d:eb:7a:14:e0:
5f:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:5F:3C:56:F3:7B:73:46:4F:A9:38:45:85:7C:AC:62:4B:D8:72:E2
X509v3 Authority Key Identifier:
keyid:AB:9F:84:C6:A4:8D:5C:6D:FE:64:14:98:73:B1:48:D1:12:0B:00:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q5-ExqSNXG3-ZBSYc7FI0RILAJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/36177f-7cd8-4bd3-8689-213d64beff71/1/YV88VvN7c0ZPqThFhXysYkvYcuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/36177f-7cd8-4bd3-8689-213d64beff71/1/q5-ExqSNXG3-ZBSYc7FI0RILAJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.187.100.0/22
IPv6:
2a0a:47c0::/29
Signature Algorithm: sha256WithRSAEncryption
83:8e:06:4f:62:8f:8f:fa:1b:9e:aa:0f:b7:42:a4:05:c4:9d:
3c:ea:6f:10:d5:d9:d3:d9:70:6c:04:18:b5:34:e1:d9:27:b7:
86:88:6a:5b:d8:77:80:01:73:c9:00:ac:17:6e:d7:8c:ce:6c:
1e:f0:a5:02:9b:d3:52:4f:33:d9:4a:f5:5c:0a:d9:d9:30:75:
62:08:c7:83:b4:3a:f1:0c:7c:66:60:32:c2:31:9d:4c:49:72:
e1:a4:a0:83:a0:25:cb:c3:6e:55:60:17:d3:40:4c:3b:f9:62:
29:64:ed:00:fc:98:3c:92:28:06:b6:5c:ce:c0:a0:46:3a:2b:
69:d6:a5:8b:82:18:57:ed:70:63:d0:82:63:71:84:2a:71:2b:
1f:39:d2:a0:ea:bb:88:c6:be:6b:9c:81:88:68:a0:8c:2b:26:
ff:08:2f:f7:47:b8:b1:45:fa:6a:74:f6:b7:dc:1f:f7:d3:31:
6d:15:71:4d:12:3b:39:3a:94:46:13:1d:3c:27:b0:89:20:4b:
85:ce:c1:e1:d5:00:4f:05:c7:b6:d2:87:e7:be:d5:8c:57:9e:
22:de:64:af:b3:4c:1e:7b:c9:ad:f1:aa:c6:be:9a:43:c7:0d:
56:b6:fe:fe:e8:4c:f1:9c:8c:c2:15:41:25:69:b5:5f:f9:d9:
1c:48:da:ed
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY4OBg1QtNUxKvZzgwunQutrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOWY4NGM2YTQ4ZDVjNmRmZTY0MTQ5ODczYjE0OGQxMTIw
YjAwOWIwHhcNMjQwMzA1MDk1MTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTVmM2M1NmYzN2I3MzQ2NGZhOTM4NDU4NTdjYWM2MjRiZDg3MmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoxd8oYxQ+malNg8gAJDQGS36eJI
egnTrjYkFw9vCUXv3USdqkzdtB511S2QYTYBDXsLJ/bADht1+ec9jtqlbvQuRhfZ
zHW+TktMGF5MbKxCdexgh/5l/Mt1VvYFomVz7adn3HG9p6+G/hR/vqOSTyq/+Exf
tj6qFdI+sffp5mFTdJsxmVYXIFCrjf3IhaNLKelU+SrI75SiB1DHauGl8UAkSXFx
VSGj8N90cTkrsAtw5X98/aYFpIeqsxZfozyRWrkMRqqsyaKuNOFdpx4Alk2jnNmQ
3V4n+CkCn+z9cyStvd3Z136Xpu1xWLM0AAj2eK7LkE0Lt1y2Det6FOBfSwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGFfPFbze3NGT6k4RYV8rGJL2HLiMB8GA1UdIwQY
MBaAFKufhMakjVxt/mQUmHOxSNESCwCbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTUtRXhxU05YRzMtWkJTWWM3RkkwUklMQUpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8zNjE3N2YtN2NkOC00YmQzLTg2ODkt
MjEzZDY0YmVmZjcxLzEvWVY4OFZ2TjdjMFpQcVRoRmhYeXNZa3ZZY3VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8zNjE3N2YtN2NkOC00YmQzLTg2ODktMjEzZDY0YmVmZjcx
LzEvcTUtRXhxU05YRzMtWkJTWWM3RkkwUklMQUpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubtkMA0E
AgACMAcDBQMqCkfAMA0GCSqGSIb3DQEBCwUAA4IBAQCDjgZPYo+P+hueqg+3QqQF
xJ086m8Q1dnT2XBsBBi1NOHZJ7eGiGpb2HeAAXPJAKwXbteMzmwe8KUCm9NSTzPZ
SvVcCtnZMHViCMeDtDrxDHxmYDLCMZ1MSXLhpKCDoCXLw25VYBfTQEw7+WIpZO0A
/Jg8kigGtlzOwKBGOitp1qWLghhX7XBj0IJjcYQqcSsfOdKg6ruIxr5rnIGIaKCM
Kyb/CC/3R7ixRfpqdPa33B/30zFtFXFNEjs5OpRGEx08J7CJIEuFzsHh1QBPBce2
0ofnvtWMV54i3mSvs0wee8mt8arGvppDxw1Wtv7+6EzxnIzCFUElabVf+dkcSNrt
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:29:20 2024 by rpki-client on console-ams.rpki-client.org