Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/235fec-afc9-4d2f-8b59-a99ea91cb5b9/1/yeFPB-b-DJOL0JlXjhdp2FkmI_M.roa
File: yeFPB-b-DJOL0JlXjhdp2FkmI_M.roa (raw, json)
Hash identifier: 7Mrr40vFN9fLScrrk5d1iFSczLeF/1TW4SOWAjjxTFg=
Subject key identifier: C9:E1:4F:07:E6:FE:0C:93:8B:D0:99:57:8E:17:69:D8:59:26:23:F3
Certificate issuer: /CN=76a372b754e49208d646aa7859e348b475e526d2
Certificate serial: 01913A632FE961699E21FEF43E744900CB38
Authority key identifier: 76:A3:72:B7:54:E4:92:08:D6:46:AA:78:59:E3:48:B4:75:E5:26:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqNyt1TkkgjWRqp4WeNItHXlJtI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/235fec-afc9-4d2f-8b59-a99ea91cb5b9/1/yeFPB-b-DJOL0JlXjhdp2FkmI_M.roa
Signing time: Sat 10 Aug 2024 03:44:24 +0000
ROA not before: Sat 10 Aug 2024 03:44:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205647
IP address blocks: 185.211.86.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/235fec-afc9-4d2f-8b59-a99ea91cb5b9/1/dqNyt1TkkgjWRqp4WeNItHXlJtI.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/235fec-afc9-4d2f-8b59-a99ea91cb5b9/1/dqNyt1TkkgjWRqp4WeNItHXlJtI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dqNyt1TkkgjWRqp4WeNItHXlJtI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 16:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:3a:63:2f:e9:61:69:9e:21:fe:f4:3e:74:49:00:cb:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a372b754e49208d646aa7859e348b475e526d2
Validity
Not Before: Aug 10 03:44:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9e14f07e6fe0c938bd099578e1769d8592623f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ea:15:5e:09:01:ce:8e:e3:36:fe:35:d0:39:
9c:ed:c3:99:1f:72:01:6e:b5:cb:c2:c4:8e:9a:ff:
64:ae:fd:7c:8d:1c:04:8f:25:c0:d7:55:39:11:89:
d3:b4:36:d1:6f:33:5e:a7:7b:72:79:22:4f:4a:6a:
2a:57:5e:74:cd:4f:c7:8c:0f:91:ca:fe:71:d8:7e:
dc:5e:41:5e:a2:f5:44:46:1d:40:50:d1:26:e0:0a:
01:94:fb:46:32:65:bc:ed:26:83:42:0d:7d:83:e5:
ca:fe:31:13:34:20:2d:0b:d1:db:d4:7c:a2:ea:ae:
8d:42:e2:70:71:06:de:47:cd:ae:06:b6:c7:41:3f:
f8:79:74:b3:02:f6:b2:5e:4e:17:42:16:31:1f:a1:
6a:e9:8e:82:3c:2e:2f:b7:f2:b8:95:7b:c8:65:6c:
3d:63:77:45:92:14:c6:31:f4:89:21:4f:5b:8e:0a:
96:57:3f:3e:42:92:d5:23:6a:1c:51:f8:20:c4:92:
c1:32:e7:09:25:0d:c5:f1:40:6e:21:07:6a:f4:5a:
8d:07:3e:0a:ba:47:38:6e:bc:29:d1:2b:ae:58:9e:
e3:2f:82:c6:40:fe:93:77:23:0b:c8:c4:b6:6c:29:
91:18:3e:35:32:b1:9c:f9:4a:51:f7:bd:90:dd:8a:
05:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:E1:4F:07:E6:FE:0C:93:8B:D0:99:57:8E:17:69:D8:59:26:23:F3
X509v3 Authority Key Identifier:
keyid:76:A3:72:B7:54:E4:92:08:D6:46:AA:78:59:E3:48:B4:75:E5:26:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqNyt1TkkgjWRqp4WeNItHXlJtI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/235fec-afc9-4d2f-8b59-a99ea91cb5b9/1/yeFPB-b-DJOL0JlXjhdp2FkmI_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/235fec-afc9-4d2f-8b59-a99ea91cb5b9/1/dqNyt1TkkgjWRqp4WeNItHXlJtI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.86.0/23
Signature Algorithm: sha256WithRSAEncryption
60:06:af:28:e8:6d:1b:b9:c8:22:5b:f8:99:41:c0:83:70:59:
60:b7:d6:51:f7:45:dc:6f:d9:c5:23:54:90:27:21:e4:06:4b:
9a:30:df:6e:3d:f9:fe:d8:56:a2:22:e8:61:5a:6d:fd:3d:d8:
6d:32:1d:d1:e7:7f:a3:06:7e:55:b9:44:53:56:2b:95:12:f8:
38:57:5c:06:96:f7:9c:ea:94:a7:53:fa:c1:a8:05:5a:c7:d9:
b7:77:ea:a4:df:52:a3:ac:d0:98:df:07:3c:e1:27:fc:b2:1c:
bb:aa:84:32:0f:bc:28:f0:ef:48:27:43:74:cd:69:a1:f7:4a:
84:13:5b:0b:58:8d:c8:5e:c4:61:b2:d9:c4:96:05:38:ca:a5:
90:bf:a9:7a:34:7b:7c:e2:81:8a:00:c9:ee:de:c2:4c:bd:cc:
0a:f7:73:c7:49:14:8b:04:82:42:b0:72:e2:1b:b2:0a:cc:ae:
e7:92:d2:c4:07:6a:72:49:fc:70:95:17:e3:7c:20:e0:1d:b5:
ed:6a:9c:7b:80:ce:0a:70:1f:3d:10:60:c2:c7:ea:13:cd:92:
74:7c:ee:a5:72:7c:81:66:20:25:d0:2d:48:d8:cf:e6:15:af:
75:4e:47:3b:1d:52:3f:a1:70:e2:fd:c8:17:5d:bd:6b:3f:19:
6a:eb:8a:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZE6Yy/pYWmeIf70PnRJAMs4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTM3MmI3NTRlNDkyMDhkNjQ2YWE3ODU5ZTM0OGI0NzVl
NTI2ZDIwHhcNMjQwODEwMDM0NDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWUxNGYwN2U2ZmUwYzkzOGJkMDk5NTc4ZTE3NjlkODU5MjYyM2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOoVXgkBzo7jNv410Dmc7cOZH3IB
brXLwsSOmv9krv18jRwEjyXA11U5EYnTtDbRbzNep3tyeSJPSmoqV150zU/HjA+R
yv5x2H7cXkFeovVERh1AUNEm4AoBlPtGMmW87SaDQg19g+XK/jETNCAtC9Hb1Hyi
6q6NQuJwcQbeR82uBrbHQT/4eXSzAvayXk4XQhYxH6Fq6Y6CPC4vt/K4lXvIZWw9
Y3dFkhTGMfSJIU9bjgqWVz8+QpLVI2ocUfggxJLBMucJJQ3F8UBuIQdq9FqNBz4K
ukc4brwp0SuuWJ7jL4LGQP6TdyMLyMS2bCmRGD41MrGc+UpR972Q3YoF9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMnhTwfm/gyTi9CZV44XadhZJiPzMB8GA1UdIwQY
MBaAFHajcrdU5JII1kaqeFnjSLR15SbSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFOeXQxVGtrZ2pXUnFwNFdlTkl0SFhsSnRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8yMzVmZWMtYWZjOS00ZDJmLThiNTkt
YTk5ZWE5MWNiNWI5LzEveWVGUEItYi1ESk9MMEpsWGpoZHAyRmttSV9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8yMzVmZWMtYWZjOS00ZDJmLThiNTktYTk5ZWE5MWNiNWI5
LzEvZHFOeXQxVGtrZ2pXUnFwNFdlTkl0SFhsSnRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBudNWMA0G
CSqGSIb3DQEBCwUAA4IBAQBgBq8o6G0bucgiW/iZQcCDcFlgt9ZR90Xcb9nFI1SQ
JyHkBkuaMN9uPfn+2FaiIuhhWm39PdhtMh3R53+jBn5VuURTViuVEvg4V1wGlvec
6pSnU/rBqAVax9m3d+qk31KjrNCY3wc84Sf8shy7qoQyD7wo8O9IJ0N0zWmh90qE
E1sLWI3IXsRhstnElgU4yqWQv6l6NHt84oGKAMnu3sJMvcwK93PHSRSLBIJCsHLi
G7IKzK7nktLEB2pySfxwlRfjfCDgHbXtapx7gM4KcB89EGDCx+oTzZJ0fO6lcnyB
ZiAl0C1I2M/mFa91Tkc7HVI/oXDi/cgXXb1rPxlq64qs
-----END CERTIFICATE-----
Generated at Sun Sep 29 01:36:24 2024 by rpki-client on console-ams.rpki-client.org