Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/a7e850-00be-4dc2-8c41-3866b95f485f/1/YHCofV86c13WRpG9Unl6I_FRPk8.roa
File: YHCofV86c13WRpG9Unl6I_FRPk8.roa (raw, json)
Hash identifier: EdGLvgJMciz2OlHcfh+y/ytKsdgWhQbv4OPSIh90mQg=
Subject key identifier: 60:70:A8:7D:5F:3A:73:5D:D6:46:91:BD:52:79:7A:23:F1:51:3E:4F
Certificate issuer: /CN=5df40ee7489e95c57f104271919da268bc513f9b
Certificate serial: 018CC5DC2B753DC10DD2D49F940B4723DEB8
Authority key identifier: 5D:F4:0E:E7:48:9E:95:C5:7F:10:42:71:91:9D:A2:68:BC:51:3F:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XfQO50ielcV_EEJxkZ2iaLxRP5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/a7e850-00be-4dc2-8c41-3866b95f485f/1/YHCofV86c13WRpG9Unl6I_FRPk8.roa
Signing time: Mon 01 Jan 2024 16:29:49 +0000
ROA not before: Mon 01 Jan 2024 16:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207673
IP address blocks: 194.76.58.0/23 maxlen: 23
194.76.104.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/a7e850-00be-4dc2-8c41-3866b95f485f/1/XfQO50ielcV_EEJxkZ2iaLxRP5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/a7e850-00be-4dc2-8c41-3866b95f485f/1/XfQO50ielcV_EEJxkZ2iaLxRP5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/XfQO50ielcV_EEJxkZ2iaLxRP5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 22:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:2b:75:3d:c1:0d:d2:d4:9f:94:0b:47:23:de:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5df40ee7489e95c57f104271919da268bc513f9b
Validity
Not Before: Jan 1 16:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6070a87d5f3a735dd64691bd52797a23f1513e4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:7d:d0:24:e2:be:10:3a:f4:6b:84:13:08:e0:
16:89:7d:b0:af:78:82:f9:9b:50:97:d1:39:58:40:
00:51:b7:d8:78:e5:cf:b7:c5:36:a8:d9:c9:dc:d7:
f6:5c:43:e4:9a:7b:df:59:91:03:22:49:11:b1:8b:
a6:08:78:7a:d0:7e:fd:6d:3d:c2:24:81:5e:aa:5e:
7c:e4:03:de:0d:f3:c5:0a:e7:a0:21:f0:c8:34:91:
77:6d:9d:fd:d4:1f:46:e9:73:6a:5f:4f:2d:06:4f:
a3:2a:cc:19:a9:23:29:96:ff:5b:ad:bb:36:0e:86:
d9:19:ee:7a:f4:1b:77:e0:fd:1b:0a:a0:6b:d7:99:
63:7c:a5:b3:f0:90:c2:7e:68:f8:b6:dd:e8:c9:d8:
d1:6f:99:d0:ae:c8:e1:3e:51:81:a7:4f:8f:ea:39:
fe:a8:27:f2:98:d0:3d:54:a0:ba:e0:06:d1:6f:13:
70:a9:69:8a:c6:0e:64:e3:bc:be:62:80:cc:55:27:
70:ad:30:a4:90:56:d6:e8:03:73:20:59:dc:aa:30:
28:d0:60:a9:11:a6:19:59:42:65:72:1d:a5:be:a6:
7d:c2:63:d5:06:a2:96:81:4c:81:d6:70:7e:79:08:
1c:13:e2:f1:f7:b1:53:41:6b:dd:63:4f:88:57:6d:
4c:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:70:A8:7D:5F:3A:73:5D:D6:46:91:BD:52:79:7A:23:F1:51:3E:4F
X509v3 Authority Key Identifier:
keyid:5D:F4:0E:E7:48:9E:95:C5:7F:10:42:71:91:9D:A2:68:BC:51:3F:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XfQO50ielcV_EEJxkZ2iaLxRP5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/a7e850-00be-4dc2-8c41-3866b95f485f/1/YHCofV86c13WRpG9Unl6I_FRPk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/a7e850-00be-4dc2-8c41-3866b95f485f/1/XfQO50ielcV_EEJxkZ2iaLxRP5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.76.58.0/23
194.76.104.0/23
Signature Algorithm: sha256WithRSAEncryption
da:f0:63:a2:e1:53:1f:01:9c:eb:75:df:6c:8a:71:93:70:99:
fe:ca:9f:1e:c7:5d:16:04:57:41:36:93:21:47:2e:37:2e:bf:
38:c3:ff:43:af:8d:53:56:09:33:36:3f:4c:a5:bc:a2:66:ab:
9e:0a:f3:fb:67:87:19:3a:86:f7:ae:34:64:68:84:dc:94:71:
9d:8e:8c:83:28:04:e2:33:69:1a:d0:81:f2:0f:4e:e6:69:a0:
50:99:ae:61:35:61:42:f4:a0:ed:55:5d:cd:e6:4c:dd:d7:da:
0d:3f:9e:53:b6:b9:78:a6:76:06:0c:cf:b4:9a:92:cc:0f:3f:
8e:53:fc:2e:97:71:c0:ad:61:79:11:0c:c6:ae:da:7a:eb:96:
93:19:2b:38:4e:b6:17:c8:f1:ee:a4:0c:c8:43:f6:5f:f5:60:
ef:38:48:3c:57:f0:1b:f9:65:4f:b3:28:89:90:af:60:20:1c:
0b:d6:33:94:b6:d9:c6:c9:ab:3f:a5:4d:c1:ef:ff:73:80:2d:
15:b6:e8:96:67:9c:e8:56:ce:6d:56:7c:e2:59:b7:23:28:a4:
28:89:99:00:10:fb:9e:9f:55:c2:64:00:b1:80:60:7a:1d:51:
c5:e8:7d:6d:b1:0b:75:06:f4:95:a4:0e:08:04:3b:21:bd:a9:
8c:3f:a2:34
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3Ct1PcEN0tSflAtHI964MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZjQwZWU3NDg5ZTk1YzU3ZjEwNDI3MTkxOWRhMjY4YmM1
MTNmOWIwHhcNMjQwMTAxMTYyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDcwYTg3ZDVmM2E3MzVkZDY0NjkxYmQ1Mjc5N2EyM2YxNTEzZTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAin3QJOK+EDr0a4QTCOAWiX2wr3iC
+ZtQl9E5WEAAUbfYeOXPt8U2qNnJ3Nf2XEPkmnvfWZEDIkkRsYumCHh60H79bT3C
JIFeql585APeDfPFCuegIfDINJF3bZ391B9G6XNqX08tBk+jKswZqSMplv9brbs2
DobZGe569Bt34P0bCqBr15ljfKWz8JDCfmj4tt3oydjRb5nQrsjhPlGBp0+P6jn+
qCfymNA9VKC64AbRbxNwqWmKxg5k47y+YoDMVSdwrTCkkFbW6ANzIFncqjAo0GCp
EaYZWUJlch2lvqZ9wmPVBqKWgUyB1nB+eQgcE+Lx97FTQWvdY0+IV21MtwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGBwqH1fOnNd1kaRvVJ5eiPxUT5PMB8GA1UdIwQY
MBaAFF30DudInpXFfxBCcZGdomi8UT+bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGZRTzUwaWVsY1ZfRUVKeGtaMmlhTHhSUDVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9hN2U4NTAtMDBiZS00ZGMyLThjNDEt
Mzg2NmI5NWY0ODVmLzEvWUhDb2ZWODZjMTNXUnBHOVVubDZJX0ZSUGs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9hN2U4NTAtMDBiZS00ZGMyLThjNDEtMzg2NmI5NWY0ODVm
LzEvWGZRTzUwaWVsY1ZfRUVKeGtaMmlhTHhSUDVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwkw6AwQB
wkxoMA0GCSqGSIb3DQEBCwUAA4IBAQDa8GOi4VMfAZzrdd9sinGTcJn+yp8ex10W
BFdBNpMhRy43Lr84w/9Dr41TVgkzNj9MpbyiZqueCvP7Z4cZOob3rjRkaITclHGd
joyDKATiM2ka0IHyD07maaBQma5hNWFC9KDtVV3N5kzd19oNP55Ttrl4pnYGDM+0
mpLMDz+OU/wul3HArWF5EQzGrtp665aTGSs4TrYXyPHupAzIQ/Zf9WDvOEg8V/Ab
+WVPsyiJkK9gIBwL1jOUttnGyas/pU3B7/9zgC0VtuiWZ5zoVs5tVnziWbcjKKQo
iZkAEPuen1XCZACxgGB6HVHF6H1tsQt1BvSVpA4IBDshvamMP6I0
-----END CERTIFICATE-----
Generated at Sat Jun 8 02:57:38 2024 by rpki-client on console-fra.rpki-client.org