Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/64d4d0-6c98-4eec-bba1-37aa35e69dc1/1/ysZfVorUQmswH_FXovyIIoRmcp0.roa
File: ysZfVorUQmswH_FXovyIIoRmcp0.roa (raw, json)
Hash identifier: vEL2T3FDGhbO8ezjb+9xo4o6l2aPDp3nmioCLwZOP1U=
Subject key identifier: CA:C6:5F:56:8A:D4:42:6B:30:1F:F1:57:A2:FC:88:22:84:66:72:9D
Certificate issuer: /CN=d3c8b10a38f81c64e201207bfc3544c2972af5f3
Certificate serial: 018CC79333738235CB7BC9558FAEA2D5F19B
Authority key identifier: D3:C8:B1:0A:38:F8:1C:64:E2:01:20:7B:FC:35:44:C2:97:2A:F5:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08ixCjj4HGTiASB7_DVEwpcq9fM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/64d4d0-6c98-4eec-bba1-37aa35e69dc1/1/ysZfVorUQmswH_FXovyIIoRmcp0.roa
Signing time: Tue 02 Jan 2024 00:29:22 +0000
ROA not before: Tue 02 Jan 2024 00:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50736
IP address blocks: 193.124.116.0/24 maxlen: 24
185.25.152.0/22 maxlen: 22
193.124.134.0/24 maxlen: 24
193.124.48.0/24 maxlen: 24
193.124.54.0/24 maxlen: 24
194.58.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/64d4d0-6c98-4eec-bba1-37aa35e69dc1/1/08ixCjj4HGTiASB7_DVEwpcq9fM.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/64d4d0-6c98-4eec-bba1-37aa35e69dc1/1/08ixCjj4HGTiASB7_DVEwpcq9fM.mft
rsync://rpki.ripe.net/repository/DEFAULT/08ixCjj4HGTiASB7_DVEwpcq9fM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:33:73:82:35:cb:7b:c9:55:8f:ae:a2:d5:f1:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3c8b10a38f81c64e201207bfc3544c2972af5f3
Validity
Not Before: Jan 2 00:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cac65f568ad4426b301ff157a2fc88228466729d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:52:39:d4:28:e2:0d:fb:8c:63:b3:70:72:34:
3a:a2:11:8b:32:b7:66:ae:b5:c9:cf:18:cf:57:24:
b2:00:80:a3:f1:b4:3c:8e:24:7b:fa:9d:a2:c6:49:
e5:ed:71:59:b5:e7:0e:bf:c8:07:a5:98:d4:b7:c3:
a9:5c:98:7b:16:8c:90:ee:c2:02:59:d4:e5:e9:f6:
e9:89:51:27:78:97:d5:55:c0:09:bd:4f:9c:fe:d1:
49:cb:b8:24:21:c4:13:5e:56:f6:f5:9d:52:25:14:
e8:69:3e:fc:80:ce:29:76:ab:af:2d:79:22:31:42:
8f:24:60:14:5f:cb:8a:59:bd:a4:b2:7f:cc:38:24:
7d:26:ac:21:72:d4:a8:5e:43:16:d0:06:77:af:fa:
dd:af:4c:91:8b:ee:eb:43:7d:67:64:92:7c:ec:c6:
34:1e:21:0a:cf:0b:ed:d0:f1:c6:72:d0:d1:a7:40:
82:a0:df:7e:42:16:8d:42:39:8a:6f:a3:8a:6d:85:
64:a3:1d:72:6b:c1:16:aa:4b:5c:80:92:56:2b:8f:
c8:77:3e:d5:d9:98:90:d3:44:64:fe:10:67:9b:b6:
94:bd:aa:b5:ae:b0:eb:a6:7e:a9:1d:39:ad:0d:cc:
d0:bf:24:b7:31:97:15:64:c8:eb:56:63:2d:51:98:
fb:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:C6:5F:56:8A:D4:42:6B:30:1F:F1:57:A2:FC:88:22:84:66:72:9D
X509v3 Authority Key Identifier:
keyid:D3:C8:B1:0A:38:F8:1C:64:E2:01:20:7B:FC:35:44:C2:97:2A:F5:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08ixCjj4HGTiASB7_DVEwpcq9fM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/64d4d0-6c98-4eec-bba1-37aa35e69dc1/1/ysZfVorUQmswH_FXovyIIoRmcp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/64d4d0-6c98-4eec-bba1-37aa35e69dc1/1/08ixCjj4HGTiASB7_DVEwpcq9fM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.152.0/22
193.124.48.0/24
193.124.54.0/24
193.124.116.0/24
193.124.134.0/24
194.58.78.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:40:38:e1:d2:2b:a2:e6:27:06:98:c5:91:3c:e6:78:76:6d:
03:73:31:e1:b8:e9:c1:c1:a5:74:80:66:42:f5:54:08:fe:c8:
1a:8f:11:65:9a:c2:68:b7:07:87:50:a6:1c:c4:f2:fc:ba:95:
1a:7a:3a:a0:45:71:03:9f:b1:25:e4:c3:f7:01:b5:8f:f2:aa:
09:a5:74:f8:30:83:2e:74:b9:ff:83:69:e9:82:2d:89:e7:3a:
8d:43:f3:fb:5c:4e:e8:71:16:e9:d4:f0:e3:4c:f2:d0:ac:16:
f3:68:a3:53:c4:70:c4:d2:85:49:dc:b0:3f:9a:cb:ff:96:4c:
0c:10:cd:bf:ff:f0:05:0c:7b:71:6c:e0:52:10:d6:36:bd:a8:
80:59:53:c4:e5:d6:ab:56:25:06:5f:42:4d:54:70:1b:33:4b:
9d:e1:78:82:67:db:94:b2:9c:2e:14:07:1b:e5:1c:16:46:55:
fc:20:38:77:1f:be:e3:31:76:a3:dd:70:29:37:24:0b:de:9b:
8c:9f:3d:3d:a9:d8:94:ee:38:8c:0d:4c:93:8b:da:88:fc:1e:
e8:27:c9:b4:1b:6e:07:8e:60:59:6f:4f:79:bd:e0:ad:df:a6:
40:94:8d:0b:04:6c:93:b5:31:42:e7:85:8e:eb:e9:6e:ab:bc:
03:a7:cc:5e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzHkzNzgjXLe8lVj66i1fGbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYzhiMTBhMzhmODFjNjRlMjAxMjA3YmZjMzU0NGMyOTcy
YWY1ZjMwHhcNMjQwMTAyMDAyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWM2NWY1NjhhZDQ0MjZiMzAxZmYxNTdhMmZjODgyMjg0NjY3MjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFI51CjiDfuMY7NwcjQ6ohGLMrdm
rrXJzxjPVySyAICj8bQ8jiR7+p2ixknl7XFZtecOv8gHpZjUt8OpXJh7FoyQ7sIC
WdTl6fbpiVEneJfVVcAJvU+c/tFJy7gkIcQTXlb29Z1SJRToaT78gM4pdquvLXki
MUKPJGAUX8uKWb2ksn/MOCR9JqwhctSoXkMW0AZ3r/rdr0yRi+7rQ31nZJJ87MY0
HiEKzwvt0PHGctDRp0CCoN9+QhaNQjmKb6OKbYVkox1ya8EWqktcgJJWK4/Idz7V
2ZiQ00Rk/hBnm7aUvaq1rrDrpn6pHTmtDczQvyS3MZcVZMjrVmMtUZj7kQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMrGX1aK1EJrMB/xV6L8iCKEZnKdMB8GA1UdIwQY
MBaAFNPIsQo4+Bxk4gEge/w1RMKXKvXzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDhpeENqajRIR1RpQVNCN19EVkV3cGNxOWZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS82NGQ0ZDAtNmM5OC00ZWVjLWJiYTEt
MzdhYTM1ZTY5ZGMxLzEveXNaZlZvclVRbXN3SF9GWG92eUlJb1JtY3AwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS82NGQ0ZDAtNmM5OC00ZWVjLWJiYTEtMzdhYTM1ZTY5ZGMx
LzEvMDhpeENqajRIR1RpQVNCN19EVkV3cGNxOWZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCuRmYAwQA
wXwwAwQAwXw2AwQAwXx0AwQAwXyGAwQAwjpOMA0GCSqGSIb3DQEBCwUAA4IBAQDF
QDjh0iui5icGmMWRPOZ4dm0DczHhuOnBwaV0gGZC9VQI/sgajxFlmsJotweHUKYc
xPL8upUaejqgRXEDn7El5MP3AbWP8qoJpXT4MIMudLn/g2npgi2J5zqNQ/P7XE7o
cRbp1PDjTPLQrBbzaKNTxHDE0oVJ3LA/msv/lkwMEM2///AFDHtxbOBSENY2vaiA
WVPE5darViUGX0JNVHAbM0ud4XiCZ9uUspwuFAcb5RwWRlX8IDh3H77jMXaj3XAp
NyQL3puMnz09qdiU7jiMDUyTi9qI/B7oJ8m0G24HjmBZb095veCt36ZAlI0LBGyT
tTFC54WO6+luq7wDp8xe
-----END CERTIFICATE-----
Generated at Wed May 8 07:21:59 2024 by rpki-client on console-fra.rpki-client.org