Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/489576-4dfb-4a03-b0a3-eccdc0ce7d14/1/1YWTDS9OD7qAo4jPvK1RQ_VccKY.roa
File: 1YWTDS9OD7qAo4jPvK1RQ_VccKY.roa (raw, json)
Hash identifier: FyRzY7eDmlURTUVS+C4n4oPG+2EmfkNtvm35u2eKpwM=
Subject key identifier: D5:85:93:0D:2F:4E:0F:BA:80:A3:88:CF:BC:AD:51:43:F5:5C:70:A6
Certificate issuer: /CN=2895647d9fd16a1694f8026ebe87760cb531eb0e
Certificate serial: 018CC8019F773880860A2C5DB96B862E45F9
Authority key identifier: 28:95:64:7D:9F:D1:6A:16:94:F8:02:6E:BE:87:76:0C:B5:31:EB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KJVkfZ_RahaU-AJuvod2DLUx6w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/489576-4dfb-4a03-b0a3-eccdc0ce7d14/1/1YWTDS9OD7qAo4jPvK1RQ_VccKY.roa
Signing time: Tue 02 Jan 2024 02:29:58 +0000
ROA not before: Tue 02 Jan 2024 02:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206991
IP address blocks: 185.169.64.0/24 maxlen: 24
185.169.65.0/24 maxlen: 24
185.169.67.0/24 maxlen: 24
185.169.66.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/489576-4dfb-4a03-b0a3-eccdc0ce7d14/1/KJVkfZ_RahaU-AJuvod2DLUx6w4.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/489576-4dfb-4a03-b0a3-eccdc0ce7d14/1/KJVkfZ_RahaU-AJuvod2DLUx6w4.mft
rsync://rpki.ripe.net/repository/DEFAULT/KJVkfZ_RahaU-AJuvod2DLUx6w4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:9f:77:38:80:86:0a:2c:5d:b9:6b:86:2e:45:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2895647d9fd16a1694f8026ebe87760cb531eb0e
Validity
Not Before: Jan 2 02:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d585930d2f4e0fba80a388cfbcad5143f55c70a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:1c:fb:fd:01:58:4c:3e:93:63:ea:2b:3e:74:
e5:f2:cb:74:72:45:48:b4:cb:6a:79:63:b0:89:27:
1b:06:89:39:65:ee:83:04:89:16:a4:a1:23:3e:f0:
44:1b:ed:3d:2f:ef:8a:61:25:90:af:f5:5d:67:12:
1a:08:35:0d:84:78:2a:85:21:cf:1f:f1:68:2d:81:
9e:06:d2:63:c6:29:46:de:a1:1c:b0:a9:1a:cc:79:
97:7b:df:75:de:de:f1:ba:e8:63:1e:69:15:f0:73:
bb:1f:54:39:55:e7:ce:f3:64:51:2e:d0:69:18:78:
78:ca:fc:56:d1:ab:e2:44:38:2b:99:94:d7:b7:59:
5e:7f:d9:c1:86:02:fe:89:be:2c:31:b0:e5:c3:95:
6f:ff:57:31:be:af:19:b4:77:22:3a:a8:6b:e5:7c:
bb:0d:a4:52:af:89:01:c9:71:22:8a:79:d6:6e:44:
53:fd:c4:24:3f:d5:8c:36:66:80:58:b8:90:dc:56:
bd:32:d1:56:f7:af:30:cc:01:74:cb:59:09:f3:b0:
8a:f3:23:01:ef:15:e5:ce:69:9c:f6:ec:d6:bc:38:
55:6d:e9:4a:2e:b3:a3:35:f1:6b:d7:28:93:11:e6:
6a:bd:df:3f:7e:2c:e6:f3:99:d4:26:78:0e:c6:98:
61:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:85:93:0D:2F:4E:0F:BA:80:A3:88:CF:BC:AD:51:43:F5:5C:70:A6
X509v3 Authority Key Identifier:
keyid:28:95:64:7D:9F:D1:6A:16:94:F8:02:6E:BE:87:76:0C:B5:31:EB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KJVkfZ_RahaU-AJuvod2DLUx6w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/489576-4dfb-4a03-b0a3-eccdc0ce7d14/1/1YWTDS9OD7qAo4jPvK1RQ_VccKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/489576-4dfb-4a03-b0a3-eccdc0ce7d14/1/KJVkfZ_RahaU-AJuvod2DLUx6w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.169.64.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:35:66:be:0d:d6:2e:26:88:d7:83:ad:b4:f0:10:97:58:ee:
49:62:36:09:45:0f:ae:6b:6d:c0:4c:86:20:f8:a9:e5:15:33:
3b:9e:fe:26:28:b2:dd:fb:c9:6f:b9:07:d3:04:00:5f:16:d0:
fc:f9:54:81:f1:f0:eb:64:71:ae:f3:57:00:d1:85:a0:89:05:
28:2a:82:4c:6b:b7:5a:07:33:2b:1d:62:36:ca:79:60:77:72:
c6:1c:5d:8e:76:14:4d:ed:6f:e2:e2:0d:79:3b:fd:b4:e9:b7:
ac:7e:dd:5f:d1:7c:16:dd:c2:f4:02:79:25:bf:20:97:33:3e:
c0:0a:58:bd:22:90:69:1e:92:f5:e2:3d:26:32:41:b7:6e:20:
a3:31:95:d7:a1:a4:19:55:89:34:b1:a6:e8:83:00:e6:76:02:
25:73:29:2f:1c:65:80:44:46:c5:52:49:f8:60:fc:79:4d:29:
47:03:c9:a1:51:71:5e:a8:0f:c1:52:90:a8:f1:e3:15:72:b2:
62:48:21:b7:4f:7c:13:ce:3a:fa:5c:ab:69:49:98:54:c1:df:
e3:3d:5f:5d:e4:1d:52:d8:d0:d3:03:6a:7f:b2:c1:88:8e:cd:
26:d5:8a:e9:f0:64:ca:74:4d:49:61:0b:94:39:74:a3:d0:e0:
a5:22:5b:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAZ93OICGCixduWuGLkX5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4OTU2NDdkOWZkMTZhMTY5NGY4MDI2ZWJlODc3NjBjYjUz
MWViMGUwHhcNMjQwMTAyMDIyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTg1OTMwZDJmNGUwZmJhODBhMzg4Y2ZiY2FkNTE0M2Y1NWM3MGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBz7/QFYTD6TY+orPnTl8st0ckVI
tMtqeWOwiScbBok5Ze6DBIkWpKEjPvBEG+09L++KYSWQr/VdZxIaCDUNhHgqhSHP
H/FoLYGeBtJjxilG3qEcsKkazHmXe9913t7xuuhjHmkV8HO7H1Q5VefO82RRLtBp
GHh4yvxW0aviRDgrmZTXt1lef9nBhgL+ib4sMbDlw5Vv/1cxvq8ZtHciOqhr5Xy7
DaRSr4kByXEiinnWbkRT/cQkP9WMNmaAWLiQ3Fa9MtFW968wzAF0y1kJ87CK8yMB
7xXlzmmc9uzWvDhVbelKLrOjNfFr1yiTEeZqvd8/fizm85nUJngOxphhrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNWFkw0vTg+6gKOIz7ytUUP1XHCmMB8GA1UdIwQY
MBaAFCiVZH2f0WoWlPgCbr6Hdgy1MesOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0pWa2ZaX1JhaGFVLUFKdXZvZDJETFV4Nnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy80ODk1NzYtNGRmYi00YTAzLWIwYTMt
ZWNjZGMwY2U3ZDE0LzEvMVlXVERTOU9EN3FBbzRqUHZLMVJRX1ZjY0tZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy80ODk1NzYtNGRmYi00YTAzLWIwYTMtZWNjZGMwY2U3ZDE0
LzEvS0pWa2ZaX1JhaGFVLUFKdXZvZDJETFV4Nnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCualAMA0G
CSqGSIb3DQEBCwUAA4IBAQCbNWa+DdYuJojXg6208BCXWO5JYjYJRQ+ua23ATIYg
+KnlFTM7nv4mKLLd+8lvuQfTBABfFtD8+VSB8fDrZHGu81cA0YWgiQUoKoJMa7da
BzMrHWI2ynlgd3LGHF2OdhRN7W/i4g15O/206besft1f0XwW3cL0AnklvyCXMz7A
Cli9IpBpHpL14j0mMkG3biCjMZXXoaQZVYk0sabogwDmdgIlcykvHGWAREbFUkn4
YPx5TSlHA8mhUXFeqA/BUpCo8eMVcrJiSCG3T3wTzjr6XKtpSZhUwd/jPV9d5B1S
2NDTA2p/ssGIjs0m1Yrp8GTKdE1JYQuUOXSj0OClIlsG
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:15:09 2024 by rpki-client on console-fra.rpki-client.org