Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/YFo8MOY4nHVynKXMZG8voIjlBu0.roa
File: YFo8MOY4nHVynKXMZG8voIjlBu0.roa (raw, json)
Hash identifier: xub5wL06tyhhnsYXpcsHJyyvH/slOjkZfoIVL0nAG34=
Subject key identifier: 60:5A:3C:30:E6:38:9C:75:72:9C:A5:CC:64:6F:2F:A0:88:E5:06:ED
Certificate issuer: /CN=307d887c02e07c9e474d1f8e21049caa6ce3fbd3
Certificate serial: 018CC4252D60F4EDA27084034FE20900DAD8
Authority key identifier: 30:7D:88:7C:02:E0:7C:9E:47:4D:1F:8E:21:04:9C:AA:6C:E3:FB:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/YFo8MOY4nHVynKXMZG8voIjlBu0.roa
Signing time: Mon 01 Jan 2024 08:30:19 +0000
ROA not before: Mon 01 Jan 2024 08:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16347
IP address blocks: 109.74.84.0/23 maxlen: 23
109.74.91.0/24 maxlen: 24
85.14.166.0/23 maxlen: 23
85.14.174.0/24 maxlen: 24
85.14.178.0/23 maxlen: 23
217.171.23.0/24 maxlen: 24
217.171.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/MH2IfALgfJ5HTR-OIQScqmzj-9M.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/MH2IfALgfJ5HTR-OIQScqmzj-9M.mft
rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jul 2024 07:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:2d:60:f4:ed:a2:70:84:03:4f:e2:09:00:da:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307d887c02e07c9e474d1f8e21049caa6ce3fbd3
Validity
Not Before: Jan 1 08:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=605a3c30e6389c75729ca5cc646f2fa088e506ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a0:8a:c7:d2:87:f2:cd:97:aa:3c:17:1c:b1:
c0:5a:85:63:42:ef:e9:d2:1b:36:1c:fb:5c:03:73:
8f:5d:2f:63:af:76:9b:92:a0:f6:d5:fe:31:03:96:
a9:3c:03:33:45:fb:e7:4e:c8:41:86:8b:f9:c0:16:
3f:e9:a0:46:18:9b:0b:b5:52:ab:e1:bf:a7:93:fa:
f7:81:10:ee:bf:0c:27:85:28:76:60:6f:26:e3:64:
d9:53:9e:ff:ac:e7:72:b7:06:10:09:b6:32:d3:ee:
8c:bd:cc:c8:f7:43:5b:b0:34:94:71:8f:b4:1f:f0:
c4:0e:98:34:ae:23:ed:c1:03:f5:53:a0:9d:d5:d6:
f3:f0:09:b7:54:30:b2:4b:e2:52:f3:63:00:68:e3:
1e:b5:56:5d:1d:98:29:f4:47:3c:8a:99:b9:5b:5d:
e9:78:69:fa:58:c2:07:4d:f7:61:68:14:7c:e9:6d:
05:2a:da:21:7b:9d:ec:5f:7c:18:2b:7c:77:6b:24:
ea:83:77:9e:cb:b7:ae:1c:ba:1b:9c:70:ce:f0:7e:
c0:00:e0:69:29:08:e6:15:94:48:35:d1:7c:37:c1:
79:ca:9e:30:89:0e:25:19:be:bd:6a:52:dd:0a:d1:
10:11:8d:ee:aa:24:0f:0a:db:5a:1c:16:1c:6a:9b:
4d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:5A:3C:30:E6:38:9C:75:72:9C:A5:CC:64:6F:2F:A0:88:E5:06:ED
X509v3 Authority Key Identifier:
keyid:30:7D:88:7C:02:E0:7C:9E:47:4D:1F:8E:21:04:9C:AA:6C:E3:FB:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/YFo8MOY4nHVynKXMZG8voIjlBu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/MH2IfALgfJ5HTR-OIQScqmzj-9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.14.166.0/23
85.14.174.0/24
85.14.178.0/23
109.74.84.0/23
109.74.91.0/24
217.171.23.0/24
217.171.28.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:5f:da:c8:d2:70:71:03:55:93:d6:46:e3:a0:35:c2:bd:92:
c8:ba:1a:ad:56:ca:24:e4:f4:9e:38:f0:ef:18:9d:47:d2:c9:
b9:b2:0d:90:94:0f:46:ec:e1:4e:f0:a2:c5:c9:34:9f:4f:b6:
d6:dc:ed:0d:83:57:53:63:e3:85:4b:41:80:ed:73:e8:d5:e0:
11:4b:05:84:e5:c2:c9:e6:93:57:e1:89:5d:a0:84:f4:d1:af:
17:2f:e2:19:ea:d5:d4:fb:25:21:0f:a4:cb:d7:72:db:bf:49:
58:91:62:52:26:7f:a2:a7:58:81:81:34:82:50:4c:42:b6:dd:
a1:52:3a:06:94:9c:a1:e5:bc:58:11:e2:29:15:65:67:e9:9e:
34:28:df:46:79:71:b6:2c:aa:1d:c4:c3:e8:d0:a2:35:cb:22:
cc:4e:5c:e6:50:90:98:d0:23:f1:9b:da:8a:e3:dd:24:27:4e:
39:9b:a6:f1:0d:89:01:29:8d:83:a0:5e:30:c6:c6:59:58:86:
66:21:70:b0:d6:a5:70:89:1e:21:94:04:d3:47:7a:a5:79:49:
6f:ab:7b:9e:c6:eb:3c:0a:65:02:18:83:0e:a1:49:81:79:63:
46:e0:76:c2:27:05:dc:70:bf:47:db:4a:00:78:40:44:3a:c6:
59:18:34:cb
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzEJS1g9O2icIQDT+IJANrYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Q4ODdjMDJlMDdjOWU0NzRkMWY4ZTIxMDQ5Y2FhNmNl
M2ZiZDMwHhcNMjQwMTAxMDgzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDVhM2MzMGU2Mzg5Yzc1NzI5Y2E1Y2M2NDZmMmZhMDg4ZTUwNmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmaCKx9KH8s2XqjwXHLHAWoVjQu/p
0hs2HPtcA3OPXS9jr3abkqD21f4xA5apPAMzRfvnTshBhov5wBY/6aBGGJsLtVKr
4b+nk/r3gRDuvwwnhSh2YG8m42TZU57/rOdytwYQCbYy0+6MvczI90NbsDSUcY+0
H/DEDpg0riPtwQP1U6Cd1dbz8Am3VDCyS+JS82MAaOMetVZdHZgp9Ec8ipm5W13p
eGn6WMIHTfdhaBR86W0FKtohe53sX3wYK3x3ayTqg3eey7euHLobnHDO8H7AAOBp
KQjmFZRINdF8N8F5yp4wiQ4lGb69alLdCtEQEY3uqiQPCttaHBYcaptNrwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGBaPDDmOJx1cpylzGRvL6CI5QbtMB8GA1UdIwQY
MBaAFDB9iHwC4HyeR00fjiEEnKps4/vTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUgySWZBTGdmSjVIVFItT0lRU2NxbXpqLTlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9iMjBkODMtNjEyYy00YjYyLTk3YTMt
MWE1ZTVmMTkxYmZhLzEvWUZvOE1PWTRuSFZ5bktYTVpHOHZvSWpsQnUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9iMjBkODMtNjEyYy00YjYyLTk3YTMtMWE1ZTVmMTkxYmZh
LzEvTUgySWZBTGdmSjVIVFItT0lRU2NxbXpqLTlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBVQ6mAwQA
VQ6uAwQBVQ6yAwQBbUpUAwQAbUpbAwQA2asXAwQA2ascMA0GCSqGSIb3DQEBCwUA
A4IBAQA/X9rI0nBxA1WT1kbjoDXCvZLIuhqtVsok5PSeOPDvGJ1H0sm5sg2QlA9G
7OFO8KLFyTSfT7bW3O0Ng1dTY+OFS0GA7XPo1eARSwWE5cLJ5pNX4YldoIT00a8X
L+IZ6tXU+yUhD6TL13Lbv0lYkWJSJn+ip1iBgTSCUExCtt2hUjoGlJyh5bxYEeIp
FWVn6Z40KN9GeXG2LKodxMPo0KI1yyLMTlzmUJCY0CPxm9qK490kJ045m6bxDYkB
KY2DoF4wxsZZWIZmIXCw1qVwiR4hlATTR3qleUlvq3uexus8CmUCGIMOoUmBeWNG
4HbCJwXccL9H20oAeEBEOsZZGDTL
-----END CERTIFICATE-----
Generated at Mon Jul 1 15:54:49 2024 by rpki-client on console-ams.rpki-client.org