Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/7dc85c-b0a1-48d9-9870-3825bf33e4ec/1/y1L9v2vVO-q46RhUkE8N7byr3OU.roa
File: y1L9v2vVO-q46RhUkE8N7byr3OU.roa (raw, json)
Hash identifier: JA7iGZg7BPOeagDaNGRiFsitu4NX60PuxnepgH1FCks=
Subject key identifier: CB:52:FD:BF:6B:D5:3B:EA:B8:E9:18:54:90:4F:0D:ED:BC:AB:DC:E5
Certificate issuer: /CN=ec4af6fdc16d68ae26aa0eab5623e6be217036c1
Certificate serial: 018E953C0F39B6A0A553E262954AE4F766BD
Authority key identifier: EC:4A:F6:FD:C1:6D:68:AE:26:AA:0E:AB:56:23:E6:BE:21:70:36:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7Er2_cFtaK4mqg6rViPmviFwNsE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/7dc85c-b0a1-48d9-9870-3825bf33e4ec/1/y1L9v2vVO-q46RhUkE8N7byr3OU.roa
Signing time: Sun 31 Mar 2024 15:58:44 +0000
ROA not before: Sun 31 Mar 2024 15:58:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57935
IP address blocks: 5.61.26.0/24 maxlen: 24
92.119.56.0/24 maxlen: 24
92.119.59.0/24 maxlen: 24
185.73.113.0/24 maxlen: 24
185.73.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/7dc85c-b0a1-48d9-9870-3825bf33e4ec/1/7Er2_cFtaK4mqg6rViPmviFwNsE.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/7dc85c-b0a1-48d9-9870-3825bf33e4ec/1/7Er2_cFtaK4mqg6rViPmviFwNsE.mft
rsync://rpki.ripe.net/repository/DEFAULT/7Er2_cFtaK4mqg6rViPmviFwNsE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 17:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:95:3c:0f:39:b6:a0:a5:53:e2:62:95:4a:e4:f7:66:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec4af6fdc16d68ae26aa0eab5623e6be217036c1
Validity
Not Before: Mar 31 15:58:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb52fdbf6bd53beab8e91854904f0dedbcabdce5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:14:2c:4c:c4:52:0b:e7:51:74:dc:d9:4d:f1:
6c:02:5e:c5:c8:4a:b3:a2:82:36:93:f4:65:36:4a:
a0:94:c8:47:10:ba:cb:19:d2:55:cc:59:33:53:5e:
22:a6:3d:17:92:c4:87:09:09:cb:4d:ef:ab:95:9c:
cd:29:37:0e:3d:f4:6d:5f:03:d8:ee:4e:b4:19:a7:
d0:75:56:bb:4d:64:b6:83:f2:e8:77:91:b6:df:4a:
d2:97:a1:b8:0c:9d:aa:78:20:4b:05:7d:43:25:15:
b9:8f:75:e6:9a:32:99:a7:74:9a:b1:e6:c8:75:ef:
6c:eb:85:79:15:3c:aa:6f:97:62:42:de:d0:f2:17:
ad:1a:1e:6b:b9:c3:a1:76:5b:99:4b:40:59:f5:6d:
63:48:5f:f7:f0:51:6b:e6:1d:86:37:53:dc:d0:0a:
9e:ec:01:30:5c:62:eb:0c:9b:c3:e1:c2:de:0d:18:
c6:82:08:74:73:a2:29:e4:79:5f:3f:48:3f:37:7f:
08:14:5c:02:29:1a:a8:c9:e2:86:6b:e5:67:a6:73:
78:f8:e9:16:de:24:e4:6e:73:36:4b:b1:6c:5c:e5:
68:29:e1:b7:a5:ae:a0:b8:cc:bc:40:69:ca:10:c9:
29:e5:a7:7c:9b:91:6e:7e:b9:36:7d:cd:67:4d:ed:
66:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:52:FD:BF:6B:D5:3B:EA:B8:E9:18:54:90:4F:0D:ED:BC:AB:DC:E5
X509v3 Authority Key Identifier:
keyid:EC:4A:F6:FD:C1:6D:68:AE:26:AA:0E:AB:56:23:E6:BE:21:70:36:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7Er2_cFtaK4mqg6rViPmviFwNsE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/7dc85c-b0a1-48d9-9870-3825bf33e4ec/1/y1L9v2vVO-q46RhUkE8N7byr3OU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/7dc85c-b0a1-48d9-9870-3825bf33e4ec/1/7Er2_cFtaK4mqg6rViPmviFwNsE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.26.0/24
92.119.56.0/24
92.119.59.0/24
185.73.113.0/24
185.73.115.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:c7:c0:54:36:d6:95:b6:50:2b:b4:f0:26:e6:6c:bb:a9:98:
ee:f3:4e:69:bb:68:38:06:54:65:d7:1b:8b:2a:74:98:75:d7:
09:65:8a:34:94:e0:61:fb:b4:be:88:e1:53:cc:f9:88:db:eb:
66:e5:5e:98:6d:c5:98:a6:02:3d:e9:1a:83:5c:6f:b7:82:f3:
24:cb:2f:96:6e:02:6e:42:00:1e:10:95:dc:19:4f:5c:0d:14:
c5:bb:2a:01:f9:00:41:78:a4:a7:bd:d7:38:e5:08:62:c0:8e:
8c:c5:81:95:8a:7a:00:0e:0f:d1:f2:4a:4b:ea:5c:6d:e4:02:
cb:27:70:52:90:59:da:c4:81:c0:c6:f9:0e:5b:27:3b:ce:fd:
bd:a6:49:71:23:ef:af:aa:47:65:df:6e:e3:61:c0:89:c3:08:
a4:0f:86:f2:fd:40:89:ec:c2:f1:a4:bd:d7:34:cf:0d:30:55:
77:65:4d:d9:b6:88:c0:21:31:0b:45:ae:43:ae:39:2d:0d:94:
1b:b2:fc:69:b7:ca:b2:bb:4d:f4:fc:54:99:48:29:e1:1a:0e:
9f:00:b5:69:1d:1f:b6:7b:bc:71:72:e7:e0:64:18:f6:6b:32:
cd:9e:60:3b:2e:81:82:18:3e:f5:fd:1d:fc:4b:8b:6c:5e:21:
cf:48:33:96
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY6VPA85tqClU+JilUrk92a9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNGFmNmZkYzE2ZDY4YWUyNmFhMGVhYjU2MjNlNmJlMjE3
MDM2YzEwHhcNMjQwMzMxMTU1ODQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjUyZmRiZjZiZDUzYmVhYjhlOTE4NTQ5MDRmMGRlZGJjYWJkY2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhQsTMRSC+dRdNzZTfFsAl7FyEqz
ooI2k/RlNkqglMhHELrLGdJVzFkzU14ipj0XksSHCQnLTe+rlZzNKTcOPfRtXwPY
7k60GafQdVa7TWS2g/Lod5G230rSl6G4DJ2qeCBLBX1DJRW5j3XmmjKZp3SasebI
de9s64V5FTyqb5diQt7Q8hetGh5rucOhdluZS0BZ9W1jSF/38FFr5h2GN1Pc0Aqe
7AEwXGLrDJvD4cLeDRjGggh0c6Ip5HlfP0g/N38IFFwCKRqoyeKGa+VnpnN4+OkW
3iTkbnM2S7FsXOVoKeG3pa6guMy8QGnKEMkp5ad8m5Fufrk2fc1nTe1m4wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMtS/b9r1TvquOkYVJBPDe28q9zlMB8GA1UdIwQY
MBaAFOxK9v3BbWiuJqoOq1Yj5r4hcDbBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0VyMl9jRnRhSzRtcWc2clZpUG12aUZ3TnNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC83ZGM4NWMtYjBhMS00OGQ5LTk4NzAt
MzgyNWJmMzNlNGVjLzEveTFMOXYydlZPLXE0NlJoVWtFOE43YnlyM09VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC83ZGM4NWMtYjBhMS00OGQ5LTk4NzAtMzgyNWJmMzNlNGVj
LzEvN0VyMl9jRnRhSzRtcWc2clZpUG12aUZ3TnNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABT0aAwQA
XHc4AwQAXHc7AwQAuUlxAwQAuUlzMA0GCSqGSIb3DQEBCwUAA4IBAQB6x8BUNtaV
tlArtPAm5my7qZju805pu2g4BlRl1xuLKnSYddcJZYo0lOBh+7S+iOFTzPmI2+tm
5V6YbcWYpgI96RqDXG+3gvMkyy+WbgJuQgAeEJXcGU9cDRTFuyoB+QBBeKSnvdc4
5QhiwI6MxYGVinoADg/R8kpL6lxt5ALLJ3BSkFnaxIHAxvkOWyc7zv29pklxI++v
qkdl327jYcCJwwikD4by/UCJ7MLxpL3XNM8NMFV3ZU3ZtojAITELRa5DrjktDZQb
svxpt8qyu030/FSZSCnhGg6fALVpHR+2e7xxcufgZBj2azLNnmA7LoGCGD71/R38
S4tsXiHPSDOW
-----END CERTIFICATE-----
Generated at Sat May 18 01:52:27 2024 by rpki-client on console-fra.rpki-client.org