Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/Y6jF9PH5aJPVujRrPVMTa1yqaGo.roa
File: Y6jF9PH5aJPVujRrPVMTa1yqaGo.roa (raw, json)
Hash identifier: 48MOGCiPHjU7rQt03ej3I6WKXrp6RYky0Ef/UTtBBkI=
Subject key identifier: 63:A8:C5:F4:F1:F9:68:93:D5:BA:34:6B:3D:53:13:6B:5C:AA:68:6A
Certificate issuer: /CN=0969a2a39635b797476f1f1633ae8f27bf33b533
Certificate serial: 0193030F1A053B7190FA867ECCE9DA4E2748
Authority key identifier: 09:69:A2:A3:96:35:B7:97:47:6F:1F:16:33:AE:8F:27:BF:33:B5:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CWmio5Y1t5dHbx8WM66PJ78ztTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/Y6jF9PH5aJPVujRrPVMTa1yqaGo.roa
Signing time: Wed 06 Nov 2024 19:59:01 +0000
ROA not before: Wed 06 Nov 2024 19:59:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207709
IP address blocks: 2.56.152.0/24 maxlen: 24
2.56.153.0/24 maxlen: 24
2.56.154.0/24 maxlen: 24
2.56.155.0/24 maxlen: 24
185.242.160.0/24 maxlen: 24
185.242.161.0/24 maxlen: 24
185.242.162.0/24 maxlen: 24
185.242.163.0/24 maxlen: 24
195.85.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/CWmio5Y1t5dHbx8WM66PJ78ztTM.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/CWmio5Y1t5dHbx8WM66PJ78ztTM.mft
rsync://rpki.ripe.net/repository/DEFAULT/CWmio5Y1t5dHbx8WM66PJ78ztTM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:03:0f:1a:05:3b:71:90:fa:86:7e:cc:e9:da:4e:27:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0969a2a39635b797476f1f1633ae8f27bf33b533
Validity
Not Before: Nov 6 19:59:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63a8c5f4f1f96893d5ba346b3d53136b5caa686a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:3a:eb:55:4f:a1:e0:fa:b6:05:bb:11:4c:1c:
ed:a1:b4:bd:b1:ea:fa:2b:0d:e9:35:1a:69:87:9c:
ab:c3:8d:fb:30:86:cf:2d:37:38:cf:8c:ea:11:2c:
31:06:3a:04:e2:0a:7f:b4:12:e3:88:21:16:2d:77:
c8:49:f1:7e:67:6a:ee:b1:7c:f0:78:1d:bf:b3:54:
91:4d:b5:0e:d3:fe:a0:4a:a3:35:08:9c:94:60:63:
a0:95:fa:88:10:5f:d1:ef:31:3a:f3:16:11:84:e8:
30:51:a0:67:12:c2:e3:19:d3:10:8c:a6:35:0d:a8:
61:28:4e:76:6f:46:6c:79:27:93:aa:7f:b9:06:6b:
a9:7c:33:2e:1b:2e:d6:0f:07:96:90:6e:a0:d6:5f:
ee:7e:72:13:46:07:48:d9:65:d4:2d:89:0f:a5:e7:
c0:02:13:16:00:0b:70:13:7d:4e:c1:c7:6d:8b:66:
2f:bc:d8:7e:5d:cf:2e:25:26:ee:d4:10:b9:c5:a8:
12:46:44:de:5f:80:ac:89:fe:23:3d:de:6f:9d:aa:
84:2e:07:e9:2e:01:0d:f6:74:d8:a5:a0:58:13:c0:
2f:86:ee:52:ea:99:e0:f9:25:38:6f:e4:6c:ad:bc:
85:f3:b1:99:53:5a:7e:64:be:f5:ed:8b:2e:51:d6:
3e:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:A8:C5:F4:F1:F9:68:93:D5:BA:34:6B:3D:53:13:6B:5C:AA:68:6A
X509v3 Authority Key Identifier:
keyid:09:69:A2:A3:96:35:B7:97:47:6F:1F:16:33:AE:8F:27:BF:33:B5:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CWmio5Y1t5dHbx8WM66PJ78ztTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/Y6jF9PH5aJPVujRrPVMTa1yqaGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/CWmio5Y1t5dHbx8WM66PJ78ztTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.152.0/22
185.242.160.0/22
195.85.216.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:37:82:c2:fc:bc:47:61:a5:b2:43:6c:55:34:a5:99:ae:23:
b1:91:e2:c9:fa:cc:2c:21:91:5d:90:ed:9d:ba:9f:d1:0d:d7:
b6:b0:74:d5:72:4c:ab:c4:7d:b4:50:67:3e:2d:c3:5f:84:ea:
0c:57:7b:0f:30:8b:85:67:f8:5a:35:a8:a7:7c:80:58:dc:64:
25:38:be:d5:2b:7c:67:9b:d1:83:8b:cc:c3:52:a8:1c:3c:7a:
5f:bb:46:1a:48:55:97:77:ae:62:21:29:ba:3a:12:20:10:37:
a9:91:4a:4e:07:f5:b9:bb:86:d8:4f:25:de:73:76:8f:51:61:
2c:c7:f2:93:c4:e6:bc:be:c3:1d:35:0c:f4:46:85:4a:d7:cc:
5a:f8:c2:9b:eb:91:84:d2:b4:21:b4:3b:f3:48:b6:67:f7:17:
e7:bc:75:c3:45:80:fe:49:94:3e:25:a5:ce:c6:51:bb:6f:d8:
cb:49:36:53:f8:b0:1d:a1:a8:ce:fb:ca:99:94:39:23:d9:b9:
c7:57:39:b7:45:5f:f1:71:f2:fa:9c:51:53:f1:a5:19:cc:f1:
d6:11:26:59:04:d1:7b:bc:a2:8d:70:f9:c9:69:e7:17:1f:c1:
e0:5e:83:3c:5f:d6:f7:70:c5:07:1e:7b:2c:b1:e5:b9:de:d0:
6d:0e:8e:cd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZMDDxoFO3GQ+oZ+zOnaTidIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NjlhMmEzOTYzNWI3OTc0NzZmMWYxNjMzYWU4ZjI3YmYz
M2I1MzMwHhcNMjQxMTA2MTk1OTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2E4YzVmNGYxZjk2ODkzZDViYTM0NmIzZDUzMTM2YjVjYWE2ODZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzrrVU+h4Pq2BbsRTBztobS9ser6
Kw3pNRpph5yrw437MIbPLTc4z4zqESwxBjoE4gp/tBLjiCEWLXfISfF+Z2rusXzw
eB2/s1SRTbUO0/6gSqM1CJyUYGOglfqIEF/R7zE68xYRhOgwUaBnEsLjGdMQjKY1
DahhKE52b0ZseSeTqn+5BmupfDMuGy7WDweWkG6g1l/ufnITRgdI2WXULYkPpefA
AhMWAAtwE31Owcdti2YvvNh+Xc8uJSbu1BC5xagSRkTeX4Csif4jPd5vnaqELgfp
LgEN9nTYpaBYE8Avhu5S6png+SU4b+RsrbyF87GZU1p+ZL717YsuUdY+QQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGOoxfTx+WiT1bo0az1TE2tcqmhqMB8GA1UdIwQY
MBaAFAlpoqOWNbeXR28fFjOujye/M7UzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1dtaW81WTF0NWRIYng4V002NlBKNzh6dFRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC82ZGI0MjctZjdkYy00ZWE5LWFlOTUt
NDE0OTA4NzJmYzRlLzEvWTZqRjlQSDVhSlBWdWpSclBWTVRhMXlxYUdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC82ZGI0MjctZjdkYy00ZWE5LWFlOTUtNDE0OTA4NzJmYzRl
LzEvQ1dtaW81WTF0NWRIYng4V002NlBKNzh6dFRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCAjiYAwQC
ufKgAwQAw1XYMA0GCSqGSIb3DQEBCwUAA4IBAQBvN4LC/LxHYaWyQ2xVNKWZriOx
keLJ+swsIZFdkO2dup/RDde2sHTVckyrxH20UGc+LcNfhOoMV3sPMIuFZ/haNain
fIBY3GQlOL7VK3xnm9GDi8zDUqgcPHpfu0YaSFWXd65iISm6OhIgEDepkUpOB/W5
u4bYTyXec3aPUWEsx/KTxOa8vsMdNQz0RoVK18xa+MKb65GE0rQhtDvzSLZn9xfn
vHXDRYD+SZQ+JaXOxlG7b9jLSTZT+LAdoajO+8qZlDkj2bnHVzm3RV/xcfL6nFFT
8aUZzPHWESZZBNF7vKKNcPnJaecXH8HgXoM8X9b3cMUHHnssseW53tBtDo7N
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:34:32 2024 by rpki-client on console-ams.rpki-client.org