Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/Ycjh8sqEiSn2Foirj4SRHmrx6CA.roa
File: Ycjh8sqEiSn2Foirj4SRHmrx6CA.roa (raw, json)
Hash identifier: MZE/n2Sw8egFeuo5Bgb1KoMdUrEDqMCgMppHTDU5V6o=
Subject key identifier: 61:C8:E1:F2:CA:84:89:29:F6:16:88:AB:8F:84:91:1E:6A:F1:E8:20
Certificate issuer: /CN=331bce2ee806e93621112dbd618536f775f44fba
Certificate serial: 0192B34D3F6BD3D4A00A50876B7063AD4A2C
Authority key identifier: 33:1B:CE:2E:E8:06:E9:36:21:11:2D:BD:61:85:36:F7:75:F4:4F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MxvOLugG6TYhES29YYU293X0T7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/Ycjh8sqEiSn2Foirj4SRHmrx6CA.roa
Signing time: Tue 22 Oct 2024 08:17:16 +0000
ROA not before: Tue 22 Oct 2024 08:17:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60446
IP address blocks: 5.252.206.0/24 maxlen: 24
45.67.232.0/24 maxlen: 24
45.67.233.0/24 maxlen: 24
45.67.234.0/24 maxlen: 24
91.230.149.0/24 maxlen: 24
185.130.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/MxvOLugG6TYhES29YYU293X0T7o.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/MxvOLugG6TYhES29YYU293X0T7o.mft
rsync://rpki.ripe.net/repository/DEFAULT/MxvOLugG6TYhES29YYU293X0T7o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b3:4d:3f:6b:d3:d4:a0:0a:50:87:6b:70:63:ad:4a:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=331bce2ee806e93621112dbd618536f775f44fba
Validity
Not Before: Oct 22 08:17:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61c8e1f2ca848929f61688ab8f84911e6af1e820
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:2f:58:27:e8:3e:68:87:d4:8b:3f:70:1e:5e:
fb:8f:0f:87:22:fa:e3:d8:b1:c4:4e:ec:c4:73:6e:
95:55:7a:4f:d3:af:d1:bd:c3:e2:93:27:50:94:99:
03:6b:66:6e:a2:b7:ae:db:b4:e5:ad:37:84:f0:de:
e5:01:b5:56:1a:73:ca:9e:16:72:c9:88:a9:f4:b8:
75:c9:f9:16:a6:bc:ac:ab:9c:cb:ca:f6:32:96:f7:
6a:91:71:c0:f1:61:56:91:9a:9a:81:37:ad:b4:62:
ac:da:be:28:7a:a1:90:6c:b3:ce:56:5c:cb:1b:a7:
9d:52:fe:86:66:cb:19:2f:f1:e0:bd:da:7e:9e:30:
a7:0f:17:2a:90:04:20:64:25:c8:76:14:c0:5a:be:
15:d0:c6:44:29:65:af:48:88:20:5d:a1:9f:5d:0d:
47:3c:da:59:7e:89:f2:9f:0e:a2:0a:e6:ec:10:32:
ca:c7:d2:84:aa:1b:5c:97:52:ff:8d:67:c1:f9:0d:
86:4f:70:23:2d:c1:d1:92:2c:35:2b:43:65:ef:88:
04:ca:db:67:91:cb:30:e5:ed:7c:32:0a:b0:41:ed:
1e:b2:48:9a:83:e8:44:71:e2:76:91:39:b3:26:73:
c1:5d:88:02:13:ee:a0:5d:67:b7:81:f3:e2:6e:82:
07:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:C8:E1:F2:CA:84:89:29:F6:16:88:AB:8F:84:91:1E:6A:F1:E8:20
X509v3 Authority Key Identifier:
keyid:33:1B:CE:2E:E8:06:E9:36:21:11:2D:BD:61:85:36:F7:75:F4:4F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MxvOLugG6TYhES29YYU293X0T7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/Ycjh8sqEiSn2Foirj4SRHmrx6CA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/MxvOLugG6TYhES29YYU293X0T7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.206.0/24
45.67.232.0-45.67.234.255
91.230.149.0/24
185.130.56.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:1c:07:7a:e9:f6:f3:44:b1:2b:70:f1:96:a9:4e:91:1a:34:
8f:df:c4:61:0b:a5:15:83:c7:22:02:8d:b4:b4:15:e9:cc:13:
c2:92:d1:bd:de:db:0a:e2:61:92:09:68:71:ca:66:fa:59:a7:
f0:b3:5e:74:ed:73:fb:b7:70:d7:dd:07:df:0e:c3:05:52:a0:
24:b8:14:56:e3:73:58:f0:35:21:29:71:bd:fa:3b:38:d3:f5:
9a:85:99:c2:f6:38:2f:07:45:e5:03:a7:1d:62:f6:c4:51:79:
41:83:06:24:0f:e6:a9:80:79:fa:9f:d1:d8:19:97:ec:52:c3:
c3:cf:80:e0:88:e4:7d:d2:17:fe:ce:fc:07:c2:c5:47:b4:cf:
ca:61:13:c8:5b:87:64:36:bc:49:21:9d:6d:74:4b:9f:c4:c7:
a1:b6:31:b4:a9:90:e9:82:c1:74:fd:84:ad:38:ab:15:ea:18:
60:3c:e2:76:3c:bc:ff:f3:be:8d:d3:f6:0f:d7:32:13:1f:d1:
96:31:92:ab:a4:13:df:8f:75:b9:50:35:7c:8f:85:e8:07:04:
8c:c0:ae:25:70:80:5b:f9:3c:a5:b0:c2:e1:43:c2:ba:de:d4:
36:74:8f:a9:d6:e2:ad:a1:7a:da:f3:e9:a0:91:e2:64:81:dd:
11:df:63:b6
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZKzTT9r09SgClCHa3BjrUosMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMWJjZTJlZTgwNmU5MzYyMTExMmRiZDYxODUzNmY3NzVm
NDRmYmEwHhcNMjQxMDIyMDgxNzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWM4ZTFmMmNhODQ4OTI5ZjYxNjg4YWI4Zjg0OTExZTZhZjFlODIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAri9YJ+g+aIfUiz9wHl77jw+HIvrj
2LHETuzEc26VVXpP06/RvcPikydQlJkDa2Zuoreu27TlrTeE8N7lAbVWGnPKnhZy
yYip9Lh1yfkWprysq5zLyvYylvdqkXHA8WFWkZqagTettGKs2r4oeqGQbLPOVlzL
G6edUv6GZssZL/Hgvdp+njCnDxcqkAQgZCXIdhTAWr4V0MZEKWWvSIggXaGfXQ1H
PNpZfonynw6iCubsEDLKx9KEqhtcl1L/jWfB+Q2GT3AjLcHRkiw1K0Nl74gEyttn
kcsw5e18MgqwQe0eskiag+hEceJ2kTmzJnPBXYgCE+6gXWe3gfPiboIHwQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGHI4fLKhIkp9haIq4+EkR5q8eggMB8GA1UdIwQY
MBaAFDMbzi7oBuk2IREtvWGFNvd19E+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXh2T0x1Z0c2VFloRVMyOVlZVTI5M1gwVDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS80YmEzY2EtZDZmZC00MTE2LTkxNDYt
YWVhYzE2MjI3YzI1LzEvWWNqaDhzcUVpU24yRm9pcmo0U1JIbXJ4NkNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS80YmEzY2EtZDZmZC00MTE2LTkxNDYtYWVhYzE2MjI3YzI1
LzEvTXh2T0x1Z0c2VFloRVMyOVlZVTI5M1gwVDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQABfzOMAwD
BAMtQ+gDBAAtQ+oDBABb5pUDBAC5gjgwDQYJKoZIhvcNAQELBQADggEBAKAcB3rp
9vNEsStw8ZapTpEaNI/fxGELpRWDxyICjbS0FenME8KS0b3e2wriYZIJaHHKZvpZ
p/CzXnTtc/u3cNfdB98OwwVSoCS4FFbjc1jwNSEpcb36OzjT9ZqFmcL2OC8HReUD
px1i9sRReUGDBiQP5qmAefqf0dgZl+xSw8PPgOCI5H3SF/7O/AfCxUe0z8phE8hb
h2Q2vEkhnW10S5/Ex6G2MbSpkOmCwXT9hK04qxXqGGA84nY8vP/zvo3T9g/XMhMf
0ZYxkqukE9+PdblQNXyPhegHBIzAriVwgFv5PKWwwuFDwrre1DZ0j6nW4q2hetrz
6aCR4mSB3RHfY7Y=
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:07:50 2024 by rpki-client on console-fra.rpki-client.org