Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/Y5ryrzTX3RYUd43aqmNHkEcNEyg.roa
File: Y5ryrzTX3RYUd43aqmNHkEcNEyg.roa (raw, json)
Hash identifier: RLMlaBXvso3qPNP6kIWa8NcKR1Yo0GpvrJiluK+Ei6w=
Subject key identifier: 63:9A:F2:AF:34:D7:DD:16:14:77:8D:DA:AA:63:47:90:47:0D:13:28
Certificate issuer: /CN=b8e0f79841c0210d95b4ef56ff68441c2aa9fc0f
Certificate serial: 018CC80217F078AD5BC9F6E4439CA4E97B59
Authority key identifier: B8:E0:F7:98:41:C0:21:0D:95:B4:EF:56:FF:68:44:1C:2A:A9:FC:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uOD3mEHAIQ2VtO9W_2hEHCqp_A8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/Y5ryrzTX3RYUd43aqmNHkEcNEyg.roa
Signing time: Tue 02 Jan 2024 02:30:29 +0000
ROA not before: Tue 02 Jan 2024 02:30:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15589
IP address blocks: 81.200.130.0/23 maxlen: 23
81.200.132.0/22 maxlen: 22
81.200.136.0/22 maxlen: 22
81.200.136.0/23 maxlen: 23
81.200.139.0/24 maxlen: 24
81.200.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/uOD3mEHAIQ2VtO9W_2hEHCqp_A8.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/uOD3mEHAIQ2VtO9W_2hEHCqp_A8.mft
rsync://rpki.ripe.net/repository/DEFAULT/uOD3mEHAIQ2VtO9W_2hEHCqp_A8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:17:f0:78:ad:5b:c9:f6:e4:43:9c:a4:e9:7b:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8e0f79841c0210d95b4ef56ff68441c2aa9fc0f
Validity
Not Before: Jan 2 02:30:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=639af2af34d7dd1614778ddaaa634790470d1328
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:7f:0b:eb:3b:58:80:1d:a2:a2:18:c2:38:7d:
98:ed:9e:d7:4f:30:4d:ba:e9:d5:58:b0:08:50:d4:
74:db:a0:9a:4b:f7:b0:d5:75:9c:f2:4b:2e:c5:6c:
34:98:4e:9f:ac:5c:60:1a:7f:ae:76:2c:17:a6:6c:
50:5a:74:f9:94:31:89:47:5f:1c:63:4e:d3:d2:c5:
96:a7:79:6e:51:6a:ed:d5:44:91:89:d2:06:cf:db:
a6:24:43:3c:a4:17:cc:3c:77:f4:b2:ae:20:7a:cd:
1c:cf:e6:38:64:8b:a3:03:1c:47:7d:a2:9b:2c:e2:
36:5a:fb:a3:e2:1f:90:93:9f:a6:11:ad:35:9d:b2:
2e:8f:a5:68:50:fa:d3:e7:bd:b0:34:dc:1e:f6:2b:
3e:99:a7:7e:38:d7:65:0c:04:bc:eb:17:1e:8e:de:
c2:e6:97:e3:4a:a3:ca:34:16:25:74:8f:78:33:fb:
10:20:28:98:cc:cf:3e:8c:28:70:95:f4:24:93:c4:
b2:49:74:80:6c:c7:9f:18:c2:f6:f6:64:7b:3b:e2:
b4:4c:5a:83:05:19:59:43:5e:7c:90:af:63:be:1e:
15:0a:0b:15:ce:7a:cb:c3:42:99:fa:15:a8:22:5c:
61:a5:0e:85:9b:c0:68:70:e4:06:11:c7:43:06:7f:
c4:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:9A:F2:AF:34:D7:DD:16:14:77:8D:DA:AA:63:47:90:47:0D:13:28
X509v3 Authority Key Identifier:
keyid:B8:E0:F7:98:41:C0:21:0D:95:B4:EF:56:FF:68:44:1C:2A:A9:FC:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uOD3mEHAIQ2VtO9W_2hEHCqp_A8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/Y5ryrzTX3RYUd43aqmNHkEcNEyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/uOD3mEHAIQ2VtO9W_2hEHCqp_A8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.200.130.0-81.200.139.255
Signature Algorithm: sha256WithRSAEncryption
38:5b:a0:a9:2c:4a:65:97:b9:ff:ad:1c:ae:c2:01:36:ab:1d:
a9:07:88:a5:3a:7d:9d:e0:44:27:6f:1f:68:e8:da:4d:e3:27:
b9:48:3d:fd:5c:8e:18:98:7f:b9:c9:e0:b7:be:76:36:94:de:
74:6a:69:41:13:1a:01:7d:01:d8:6b:29:c6:02:f1:d1:fa:3b:
1e:15:48:82:62:b5:ac:7e:fc:8d:bc:bd:56:3c:88:97:88:42:
67:58:1b:cd:3f:1b:a1:cd:c5:1b:90:54:22:59:c8:9a:21:7e:
2f:21:e6:f1:03:f0:a3:ac:38:e3:10:30:16:2e:37:6a:a9:0d:
f3:89:5e:05:34:7f:24:b3:49:56:f7:fc:a8:d3:2b:b1:aa:b3:
5f:72:32:a3:96:d7:78:f4:38:e6:c1:ba:13:46:90:1c:c0:f7:
d3:69:4d:56:fd:d6:82:77:2a:86:21:16:7e:00:8d:51:a7:83:
86:a1:ae:7a:44:d7:d8:87:43:a8:97:5c:8b:d0:85:d4:7a:49:
ba:fe:90:18:33:19:78:78:68:34:d4:c8:cb:5d:70:4a:0a:9f:
e4:89:3c:f4:78:36:6c:04:67:ca:68:03:6e:2d:3e:eb:ea:5e:
ac:92:dc:db:28:82:2f:f9:24:64:d5:53:47:d5:74:71:cb:b5:
45:7b:70:0f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzIAhfweK1byfbkQ5yk6XtZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ZTBmNzk4NDFjMDIxMGQ5NWI0ZWY1NmZmNjg0NDFjMmFh
OWZjMGYwHhcNMjQwMTAyMDIzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzlhZjJhZjM0ZDdkZDE2MTQ3NzhkZGFhYTYzNDc5MDQ3MGQxMzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiX8L6ztYgB2iohjCOH2Y7Z7XTzBN
uunVWLAIUNR026CaS/ew1XWc8ksuxWw0mE6frFxgGn+udiwXpmxQWnT5lDGJR18c
Y07T0sWWp3luUWrt1USRidIGz9umJEM8pBfMPHf0sq4ges0cz+Y4ZIujAxxHfaKb
LOI2Wvuj4h+Qk5+mEa01nbIuj6VoUPrT572wNNwe9is+mad+ONdlDAS86xcejt7C
5pfjSqPKNBYldI94M/sQICiYzM8+jChwlfQkk8SySXSAbMefGML29mR7O+K0TFqD
BRlZQ158kK9jvh4VCgsVznrLw0KZ+hWoIlxhpQ6Fm8BocOQGEcdDBn/EWwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGOa8q80190WFHeN2qpjR5BHDRMoMB8GA1UdIwQY
MBaAFLjg95hBwCENlbTvVv9oRBwqqfwPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU9EM21FSEFJUTJWdE85V18yaEVIQ3FwX0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9jOWU3MDQtOTU4ZC00MTNmLThhY2Mt
NmVhM2NiZmQzYTg0LzEvWTVyeXJ6VFgzUllVZDQzYXFtTkhrRWNORXlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9jOWU3MDQtOTU4ZC00MTNmLThhY2MtNmVhM2NiZmQzYTg0
LzEvdU9EM21FSEFJUTJWdE85V18yaEVIQ3FwX0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAFRyIID
BAJRyIgwDQYJKoZIhvcNAQELBQADggEBADhboKksSmWXuf+tHK7CATarHakHiKU6
fZ3gRCdvH2jo2k3jJ7lIPf1cjhiYf7nJ4Le+djaU3nRqaUETGgF9AdhrKcYC8dH6
Ox4VSIJitax+/I28vVY8iJeIQmdYG80/G6HNxRuQVCJZyJohfi8h5vED8KOsOOMQ
MBYuN2qpDfOJXgU0fySzSVb3/KjTK7Gqs19yMqOW13j0OObBuhNGkBzA99NpTVb9
1oJ3KoYhFn4AjVGng4ahrnpE19iHQ6iXXIvQhdR6Sbr+kBgzGXh4aDTUyMtdcEoK
n+SJPPR4NmwEZ8poA24tPuvqXqyS3Nsogi/5JGTVU0fVdHHLtUV7cA8=
-----END CERTIFICATE-----
Generated at Fri Jun 7 13:03:59 2024 by rpki-client on console-ams.rpki-client.org