Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/ylSqRAU8TDvYnpp3xgEE8eOXK84.roa
File: ylSqRAU8TDvYnpp3xgEE8eOXK84.roa (raw, json)
Hash identifier: P7AJEPUgG3VwJhcoBPvJLvG0/uwPluFWWOqQGCt2rzQ=
Subject key identifier: CA:54:AA:44:05:3C:4C:3B:D8:9E:9A:77:C6:01:04:F1:E3:97:2B:CE
Certificate issuer: /CN=297364f502534e8771a0c6259794c26e26d4bca4
Certificate serial: 018CC2DB1F3E9368CC62922C66EA153BECE6
Authority key identifier: 29:73:64:F5:02:53:4E:87:71:A0:C6:25:97:94:C2:6E:26:D4:BC:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXNk9QJTTodxoMYll5TCbibUvKQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/ylSqRAU8TDvYnpp3xgEE8eOXK84.roa
Signing time: Mon 01 Jan 2024 02:29:49 +0000
ROA not before: Mon 01 Jan 2024 02:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198381
IP address blocks: 141.105.162.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/KXNk9QJTTodxoMYll5TCbibUvKQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/KXNk9QJTTodxoMYll5TCbibUvKQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/KXNk9QJTTodxoMYll5TCbibUvKQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:1f:3e:93:68:cc:62:92:2c:66:ea:15:3b:ec:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297364f502534e8771a0c6259794c26e26d4bca4
Validity
Not Before: Jan 1 02:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca54aa44053c4c3bd89e9a77c60104f1e3972bce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:02:21:73:7d:48:da:b3:75:64:60:46:6b:f3:
10:83:e1:98:0b:f2:0b:65:76:e2:05:b2:9f:24:ee:
bf:f5:72:c1:93:0d:bb:39:b6:50:9c:be:67:d9:5c:
e2:f7:47:c6:ca:3f:8c:02:0d:c3:21:ea:e4:cc:2e:
47:31:6c:f9:d8:4e:60:37:e6:aa:be:fe:80:6d:c6:
ab:d0:a1:97:cd:54:c0:75:38:33:33:33:2f:4b:7a:
52:02:f9:fe:09:2a:1b:12:7b:8e:2c:b6:a9:d5:87:
6f:6b:82:c3:86:03:ca:bd:af:b4:c4:e7:84:bc:7e:
c0:b7:c7:bc:5c:56:1b:88:b4:ed:26:78:62:78:44:
9f:7d:9e:6c:f7:14:b2:09:cc:c4:b2:20:84:ae:42:
9c:23:d2:04:71:3e:e4:82:d5:07:0d:de:ba:b0:c5:
9c:c4:07:80:18:37:c7:3d:4a:15:81:c1:dc:ad:11:
dd:99:78:11:92:be:42:af:13:11:0d:a6:00:08:f6:
cf:01:ab:93:fe:d6:c8:f7:ea:e1:9d:68:9c:57:25:
f7:36:d7:46:b7:2f:fc:09:a9:36:5c:1c:85:90:48:
07:d1:84:f8:0d:d6:ca:a9:b0:68:8e:52:96:e6:78:
d7:a6:7f:e1:82:70:0e:b0:9c:44:64:15:e1:cd:b6:
ad:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:54:AA:44:05:3C:4C:3B:D8:9E:9A:77:C6:01:04:F1:E3:97:2B:CE
X509v3 Authority Key Identifier:
keyid:29:73:64:F5:02:53:4E:87:71:A0:C6:25:97:94:C2:6E:26:D4:BC:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXNk9QJTTodxoMYll5TCbibUvKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/ylSqRAU8TDvYnpp3xgEE8eOXK84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/KXNk9QJTTodxoMYll5TCbibUvKQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.105.162.0/23
Signature Algorithm: sha256WithRSAEncryption
94:29:f7:cb:61:b1:c7:8f:d4:5f:ad:a1:3f:e0:55:4d:fc:38:
cc:cd:95:b0:17:26:4a:7c:d2:68:c8:c2:a5:71:f9:3c:a8:1e:
8f:77:29:86:ab:cc:25:46:df:02:4e:a4:69:66:a7:b4:7e:8e:
bd:24:4b:26:45:3c:32:20:31:33:74:8b:18:c1:9c:9f:34:21:
bc:b0:00:37:2f:37:8b:db:a0:af:40:dc:48:68:23:b4:3b:19:
e5:b3:a2:ce:eb:e4:65:bd:63:f5:b3:33:14:96:42:09:02:38:
39:25:eb:42:20:a9:3d:b2:d5:10:2c:0b:2d:5b:36:61:37:27:
ef:b7:5f:e1:40:f3:b0:b1:61:fe:d4:95:d5:ec:2b:6e:f9:33:
9b:e4:d6:9e:a8:97:bb:47:07:11:e7:d0:21:c5:eb:75:7c:86:
cd:42:ea:7b:8b:72:bf:c2:9c:1b:a2:cd:d6:71:e5:61:88:f3:
36:88:76:46:00:fa:ce:05:92:7b:08:1d:da:f1:7e:ff:3a:3b:
de:88:66:ed:05:68:cf:ab:64:e0:2e:8a:bd:5f:3a:57:b5:08:
f8:3d:81:a3:ca:96:d0:6b:98:28:89:4a:ba:9f:0f:a6:a2:6f:
80:66:89:8c:ed:5e:be:54:aa:83:63:55:02:65:01:27:8c:25:
b3:18:81:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2x8+k2jMYpIsZuoVO+zmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NzM2NGY1MDI1MzRlODc3MWEwYzYyNTk3OTRjMjZlMjZk
NGJjYTQwHhcNMjQwMTAxMDIyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTU0YWE0NDA1M2M0YzNiZDg5ZTlhNzdjNjAxMDRmMWUzOTcyYmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwIhc31I2rN1ZGBGa/MQg+GYC/IL
ZXbiBbKfJO6/9XLBkw27ObZQnL5n2Vzi90fGyj+MAg3DIerkzC5HMWz52E5gN+aq
vv6Abcar0KGXzVTAdTgzMzMvS3pSAvn+CSobEnuOLLap1Ydva4LDhgPKva+0xOeE
vH7At8e8XFYbiLTtJnhieESffZ5s9xSyCczEsiCErkKcI9IEcT7kgtUHDd66sMWc
xAeAGDfHPUoVgcHcrRHdmXgRkr5CrxMRDaYACPbPAauT/tbI9+rhnWicVyX3NtdG
ty/8Cak2XByFkEgH0YT4DdbKqbBojlKW5njXpn/hgnAOsJxEZBXhzbat3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMpUqkQFPEw72J6ad8YBBPHjlyvOMB8GA1UdIwQY
MBaAFClzZPUCU06HcaDGJZeUwm4m1LykMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1hOazlRSlRUb2R4b01ZbGw1VENiaWJVdktRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wNDU4MjAtMzU0Ni00MDdjLTgzYTUt
MGEwZjNlNzhhNDkzLzEveWxTcVJBVThURHZZbnBwM3hnRUU4ZU9YSzg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8wNDU4MjAtMzU0Ni00MDdjLTgzYTUtMGEwZjNlNzhhNDkz
LzEvS1hOazlRSlRUb2R4b01ZbGw1VENiaWJVdktRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBjWmiMA0G
CSqGSIb3DQEBCwUAA4IBAQCUKffLYbHHj9RfraE/4FVN/DjMzZWwFyZKfNJoyMKl
cfk8qB6PdymGq8wlRt8CTqRpZqe0fo69JEsmRTwyIDEzdIsYwZyfNCG8sAA3LzeL
26CvQNxIaCO0Oxnls6LO6+RlvWP1szMUlkIJAjg5JetCIKk9stUQLAstWzZhNyfv
t1/hQPOwsWH+1JXV7Ctu+TOb5NaeqJe7RwcR59Ahxet1fIbNQup7i3K/wpwbos3W
ceVhiPM2iHZGAPrOBZJ7CB3a8X7/OjveiGbtBWjPq2TgLoq9XzpXtQj4PYGjypbQ
a5goiUq6nw+mom+AZomM7V6+VKqDY1UCZQEnjCWzGIFx
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:07:32 2024 by rpki-client on console-fra.rpki-client.org