Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/Yq9epX5GlWuPAy78Ong-2DkpCM8.roa
File: Yq9epX5GlWuPAy78Ong-2DkpCM8.roa (raw, json)
Hash identifier: 2022wn3vwDW+AuWFYAwW02DUyrqDiAa49i/8izYp2ow=
Subject key identifier: 62:AF:5E:A5:7E:46:95:6B:8F:03:2E:FC:3A:78:3E:D8:39:29:08:CF
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 018CC492DF161E8C6AEA368628360C312DEC
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/Yq9epX5GlWuPAy78Ong-2DkpCM8.roa
Signing time: Mon 01 Jan 2024 10:30:08 +0000
ROA not before: Mon 01 Jan 2024 10:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60320
IP address blocks: 5.160.78.0/24 maxlen: 24
46.209.0.0/23 maxlen: 23
46.209.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.mft
rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:df:16:1e:8c:6a:ea:36:86:28:36:0c:31:2d:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jan 1 10:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62af5ea57e46956b8f032efc3a783ed8392908cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:4a:24:0e:a1:88:3a:28:09:41:85:e8:69:d3:
69:48:6d:c0:8f:e8:fe:ff:a6:ce:b5:88:63:80:31:
17:f6:f0:61:8f:14:61:a2:98:f7:b7:44:21:fc:ce:
e1:01:47:a3:21:b9:9a:b6:c2:a0:f9:8d:56:6a:8a:
19:2a:88:38:7a:78:c7:3f:46:87:8f:4d:99:44:33:
95:74:e2:35:e3:9e:9d:90:a9:b1:a4:1b:82:76:6e:
14:d1:7b:e8:4a:98:f9:9c:df:7b:d8:98:9f:05:a9:
66:9b:10:db:d5:d6:c5:1c:24:85:f4:09:dd:f1:3d:
d7:c8:63:d4:01:4d:d3:99:62:3f:ee:a0:4a:96:9e:
55:1c:41:a1:74:71:09:f7:79:65:dd:2d:79:d2:92:
c1:59:70:05:84:a8:27:cb:c8:20:fe:ac:1c:36:f5:
3e:08:f9:c1:2f:52:40:98:a2:2f:a9:d0:54:0f:47:
a8:70:75:96:fa:a7:eb:3b:e9:df:e4:61:e9:4f:39:
91:89:0a:22:d7:6f:c2:5a:89:c7:e5:00:8b:ae:ac:
75:0e:61:12:92:49:cb:47:47:ff:09:42:52:6d:e0:
40:b5:ac:c3:c8:b5:54:b1:34:a9:a2:50:d7:62:e5:
be:72:6f:62:ce:0a:1d:c7:9b:2e:75:fc:e1:58:0e:
69:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:AF:5E:A5:7E:46:95:6B:8F:03:2E:FC:3A:78:3E:D8:39:29:08:CF
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/Yq9epX5GlWuPAy78Ong-2DkpCM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.78.0/24
46.209.0.0/23
Signature Algorithm: sha256WithRSAEncryption
78:b7:11:af:0e:2c:c1:10:63:eb:2e:24:ab:f0:08:f2:1d:dd:
79:40:12:1b:b8:b8:52:f1:d8:f8:28:84:66:b0:fc:33:19:67:
eb:f3:76:4a:cd:93:25:84:d0:f2:ac:35:58:17:69:32:db:1a:
bc:31:ee:73:de:4d:70:f5:83:f5:81:f4:2e:0a:ae:62:ca:f4:
4d:20:ec:ba:c3:bf:b1:b1:20:55:ad:0c:a6:02:47:d2:03:68:
08:3d:05:8f:e3:1b:93:a3:b2:f1:5a:b1:f1:b0:93:55:08:b8:
a4:db:ff:fd:d2:03:f1:03:f4:af:5e:16:8d:d2:42:cc:e6:7a:
44:b5:9a:85:ff:09:f0:4e:9d:31:a4:ca:5f:1f:06:48:70:4d:
b8:e0:e8:61:e6:10:69:82:8b:8e:ed:8e:10:fe:c3:14:b7:d7:
61:1b:4d:2e:8f:bc:ec:04:68:2f:a9:58:3b:f5:6d:ce:b4:07:
a9:be:f8:e2:ae:91:54:35:47:b1:ea:f5:9f:62:79:00:96:38:
cd:ba:cd:dd:6f:b9:4a:59:ac:db:3e:fd:bd:97:a3:5c:b1:29:
26:ea:d4:bb:90:99:43:a4:0d:33:92:de:c6:f9:c4:5e:80:e7:
e9:c5:13:ca:db:5d:14:2f:fe:33:b7:54:37:f3:f6:a9:b6:a7:
45:b4:0f:ae
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEkt8WHoxq6jaGKDYMMS3sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjQwMTAxMTAzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmFmNWVhNTdlNDY5NTZiOGYwMzJlZmMzYTc4M2VkODM5MjkwOGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkokDqGIOigJQYXoadNpSG3Aj+j+
/6bOtYhjgDEX9vBhjxRhopj3t0Qh/M7hAUejIbmatsKg+Y1WaooZKog4enjHP0aH
j02ZRDOVdOI1456dkKmxpBuCdm4U0XvoSpj5nN972JifBalmmxDb1dbFHCSF9And
8T3XyGPUAU3TmWI/7qBKlp5VHEGhdHEJ93ll3S150pLBWXAFhKgny8gg/qwcNvU+
CPnBL1JAmKIvqdBUD0eocHWW+qfrO+nf5GHpTzmRiQoi12/CWonH5QCLrqx1DmES
kknLR0f/CUJSbeBAtazDyLVUsTSpolDXYuW+cm9izgodx5sudfzhWA5pKwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGKvXqV+RpVrjwMu/Dp4Ptg5KQjPMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvWXE5ZXBYNUdsV3VQQXk3OE9uZy0yRGtwQ004LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABaBOAwQB
LtEAMA0GCSqGSIb3DQEBCwUAA4IBAQB4txGvDizBEGPrLiSr8AjyHd15QBIbuLhS
8dj4KIRmsPwzGWfr83ZKzZMlhNDyrDVYF2ky2xq8Me5z3k1w9YP1gfQuCq5iyvRN
IOy6w7+xsSBVrQymAkfSA2gIPQWP4xuTo7LxWrHxsJNVCLik2//90gPxA/SvXhaN
0kLM5npEtZqF/wnwTp0xpMpfHwZIcE244Ohh5hBpgouO7Y4Q/sMUt9dhG00uj7zs
BGgvqVg79W3OtAepvvjirpFUNUex6vWfYnkAljjNus3db7lKWazbPv29l6NcsSkm
6tS7kJlDpA0zkt7G+cRegOfpxRPK210UL/4zt1Q38/aptqdFtA+u
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:02:25 2024 by rpki-client on console-ams.rpki-client.org