Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/5c29c1-194a-410d-8c76-bbd01d425084/1/yNFZdHMfEQSJ2YnvCJlMe7bjLV4.roa
File: yNFZdHMfEQSJ2YnvCJlMe7bjLV4.roa (raw, json)
Hash identifier: zr+e8J7x5rURspbQCYYtfSO+GxM6hUSOQWpwgexZBBo=
Subject key identifier: C8:D1:59:74:73:1F:11:04:89:D9:89:EF:08:99:4C:7B:B6:E3:2D:5E
Certificate issuer: /CN=78988b2081d9942203d22248acd805db3a13dcc5
Certificate serial: 018CC8DE280C0CE6F412B7360A7AA9B9E54D
Authority key identifier: 78:98:8B:20:81:D9:94:22:03:D2:22:48:AC:D8:05:DB:3A:13:DC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eJiLIIHZlCID0iJIrNgF2zoT3MU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/5c29c1-194a-410d-8c76-bbd01d425084/1/yNFZdHMfEQSJ2YnvCJlMe7bjLV4.roa
Signing time: Tue 02 Jan 2024 06:30:51 +0000
ROA not before: Tue 02 Jan 2024 06:30:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206293
IP address blocks: 195.62.44.0/23 maxlen: 23
91.198.163.0/24 maxlen: 24
185.20.188.0/22 maxlen: 22
194.6.226.0/24 maxlen: 24
194.9.10.0/23 maxlen: 23
91.195.140.0/23 maxlen: 23
2a00:4fa0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/5c29c1-194a-410d-8c76-bbd01d425084/1/eJiLIIHZlCID0iJIrNgF2zoT3MU.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/5c29c1-194a-410d-8c76-bbd01d425084/1/eJiLIIHZlCID0iJIrNgF2zoT3MU.mft
rsync://rpki.ripe.net/repository/DEFAULT/eJiLIIHZlCID0iJIrNgF2zoT3MU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 03:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:28:0c:0c:e6:f4:12:b7:36:0a:7a:a9:b9:e5:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78988b2081d9942203d22248acd805db3a13dcc5
Validity
Not Before: Jan 2 06:30:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8d15974731f110489d989ef08994c7bb6e32d5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a1:30:55:35:6f:ba:d1:e5:b4:1f:93:a6:8e:
6c:89:c5:4d:a1:b5:86:38:52:fd:96:1d:d3:99:64:
7d:2d:19:a4:18:44:bb:97:4d:ce:ae:d4:7a:30:ac:
26:06:17:83:5b:76:b8:a1:67:b6:db:ca:70:30:ac:
b5:e3:c5:58:90:28:4e:db:17:f2:c2:75:f1:e4:21:
d9:86:f0:fa:63:c8:39:7a:d2:43:c1:51:c2:46:e5:
e7:4d:25:ea:d1:4e:f9:fb:b1:a8:7e:3a:d3:be:65:
5b:fa:3e:14:e6:7b:97:f4:04:f2:ab:c0:2d:e1:4b:
d5:f4:04:94:5d:65:96:ae:14:42:bc:eb:3f:14:2a:
e8:b1:0d:b2:fb:74:02:a5:3b:b1:4a:fd:f8:13:fe:
0c:0f:b3:ec:16:85:05:73:db:6f:63:cf:3a:19:44:
db:90:4a:bc:cc:5c:e4:ea:4f:1e:d6:47:84:00:3f:
f8:9e:75:8f:36:a2:d6:1d:4d:f3:8d:b0:36:7c:08:
60:48:cb:d9:76:85:08:54:02:c5:ba:f8:c2:26:4a:
17:23:67:d3:f2:e0:6b:e9:7f:da:1e:91:71:1b:32:
59:18:cb:c0:71:b7:b9:ce:2c:3e:1d:7a:59:a7:a6:
42:b9:93:53:30:7c:df:4d:13:c9:b3:b8:fc:50:36:
cd:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:D1:59:74:73:1F:11:04:89:D9:89:EF:08:99:4C:7B:B6:E3:2D:5E
X509v3 Authority Key Identifier:
keyid:78:98:8B:20:81:D9:94:22:03:D2:22:48:AC:D8:05:DB:3A:13:DC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eJiLIIHZlCID0iJIrNgF2zoT3MU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/5c29c1-194a-410d-8c76-bbd01d425084/1/yNFZdHMfEQSJ2YnvCJlMe7bjLV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/5c29c1-194a-410d-8c76-bbd01d425084/1/eJiLIIHZlCID0iJIrNgF2zoT3MU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.140.0/23
91.198.163.0/24
185.20.188.0/22
194.6.226.0/24
194.9.10.0/23
195.62.44.0/23
IPv6:
2a00:4fa0::/29
Signature Algorithm: sha256WithRSAEncryption
24:e7:0f:66:42:b5:28:45:9f:3e:84:77:15:e9:0e:5c:37:e0:
c4:9f:81:9f:95:89:a1:1f:bd:e4:a3:a1:9c:a8:07:65:b2:42:
6f:d3:70:d2:52:d0:0e:44:4a:77:15:68:49:d2:0d:5c:8d:75:
54:3f:74:ca:19:8e:41:04:de:bd:61:2c:28:94:f7:3a:1c:15:
99:0b:97:23:1a:88:ad:23:cb:23:00:c7:05:67:92:ea:c2:97:
ad:3e:e5:7a:0c:fa:3e:76:70:b1:9f:22:d4:78:14:87:aa:c8:
99:68:75:f8:f8:a7:f2:c9:5e:90:4f:c0:e8:e5:5e:87:af:d8:
2b:f8:2e:69:03:2c:0a:fb:97:e8:32:34:7d:e3:08:b8:47:b9:
96:ad:bd:f1:9a:ac:55:42:84:49:9c:e3:07:9c:33:70:50:b9:
c8:57:68:9b:3a:bd:41:0a:18:d8:71:be:96:af:ab:d5:19:6b:
69:64:7c:df:29:ee:7c:f9:99:5a:62:d9:ff:33:0b:14:93:25:
75:90:42:5a:e5:98:e3:df:f2:44:de:fa:f0:7c:55:2c:c1:b1:
04:ee:38:78:0d:ae:64:d3:d4:3b:a1:36:e4:3f:e0:9f:f7:0f:
86:b2:d4:04:00:94:44:11:5e:83:46:77:06:ce:ab:4f:78:a5:
d1:8c:b0:b3
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzI3igMDOb0Erc2CnqpueVNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4OTg4YjIwODFkOTk0MjIwM2QyMjI0OGFjZDgwNWRiM2Ex
M2RjYzUwHhcNMjQwMTAyMDYzMDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGQxNTk3NDczMWYxMTA0ODlkOTg5ZWYwODk5NGM3YmI2ZTMyZDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqEwVTVvutHltB+Tpo5sicVNobWG
OFL9lh3TmWR9LRmkGES7l03OrtR6MKwmBheDW3a4oWe228pwMKy148VYkChO2xfy
wnXx5CHZhvD6Y8g5etJDwVHCRuXnTSXq0U75+7GofjrTvmVb+j4U5nuX9ATyq8At
4UvV9ASUXWWWrhRCvOs/FCrosQ2y+3QCpTuxSv34E/4MD7PsFoUFc9tvY886GUTb
kEq8zFzk6k8e1keEAD/4nnWPNqLWHU3zjbA2fAhgSMvZdoUIVALFuvjCJkoXI2fT
8uBr6X/aHpFxGzJZGMvAcbe5ziw+HXpZp6ZCuZNTMHzfTRPJs7j8UDbN6QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFMjRWXRzHxEEidmJ7wiZTHu24y1eMB8GA1UdIwQY
MBaAFHiYiyCB2ZQiA9IiSKzYBds6E9zFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUppTElJSFpsQ0lEMGlKSXJOZ0Yyem9UM01VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC81YzI5YzEtMTk0YS00MTBkLThjNzYt
YmJkMDFkNDI1MDg0LzEveU5GWmRITWZFUVNKMlludkNKbE1lN2JqTFY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC81YzI5YzEtMTk0YS00MTBkLThjNzYtYmJkMDFkNDI1MDg0
LzEvZUppTElJSFpsQ0lEMGlKSXJOZ0Yyem9UM01VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQBW8OMAwQA
W8ajAwQCuRS8AwQAwgbiAwQBwgkKAwQBwz4sMA0EAgACMAcDBQMqAE+gMA0GCSqG
SIb3DQEBCwUAA4IBAQAk5w9mQrUoRZ8+hHcV6Q5cN+DEn4GflYmhH73ko6GcqAdl
skJv03DSUtAOREp3FWhJ0g1cjXVUP3TKGY5BBN69YSwolPc6HBWZC5cjGoitI8sj
AMcFZ5LqwpetPuV6DPo+dnCxnyLUeBSHqsiZaHX4+KfyyV6QT8Do5V6Hr9gr+C5p
AywK+5foMjR94wi4R7mWrb3xmqxVQoRJnOMHnDNwULnIV2ibOr1BChjYcb6Wr6vV
GWtpZHzfKe58+ZlaYtn/MwsUkyV1kEJa5Zjj3/JE3vrwfFUswbEE7jh4Da5k09Q7
oTbkP+Cf9w+GstQEAJREEV6DRncGzqtPeKXRjLCz
-----END CERTIFICATE-----
Generated at Sat Jun 8 10:01:53 2024 by rpki-client on console-ams.rpki-client.org