Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/YwqU9X7eEXoMzxlwdCoxoOEowYg.roa
File: YwqU9X7eEXoMzxlwdCoxoOEowYg.roa (raw, json)
Hash identifier: xWYeLed9wXSvUfgpptkpWl2x1npXHBTCe4n1pGA4W+E=
Subject key identifier: 63:0A:94:F5:7E:DE:11:7A:0C:CF:19:70:74:2A:31:A0:E1:28:C1:88
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 018CC492DA42047C8BF32BFA5E8F396943C2
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/YwqU9X7eEXoMzxlwdCoxoOEowYg.roa
Signing time: Mon 01 Jan 2024 10:30:07 +0000
ROA not before: Mon 01 Jan 2024 10:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50892
IP address blocks: 5.160.17.0/24 maxlen: 24
5.160.22.0/24 maxlen: 24
5.160.20.0/24 maxlen: 24
5.160.18.0/24 maxlen: 24
5.160.23.0/24 maxlen: 24
5.160.21.0/24 maxlen: 24
5.160.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.mft
rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:da:42:04:7c:8b:f3:2b:fa:5e:8f:39:69:43:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jan 1 10:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=630a94f57ede117a0ccf1970742a31a0e128c188
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:2a:6d:91:ec:3b:b2:fb:45:50:1d:f5:1a:34:
6f:aa:bb:d0:b3:09:f2:78:26:f4:cd:b6:a1:69:9b:
85:6a:31:c3:f6:20:fa:42:8b:bc:45:7e:8b:b8:55:
e0:25:d5:78:8e:cc:86:d7:3f:b1:18:61:4b:64:19:
58:ff:bc:b6:bc:d9:a5:3c:cd:2e:13:b6:e1:3b:fe:
7b:60:c3:ff:d1:78:3b:c6:bf:d7:55:6b:b3:7b:20:
b8:5b:4e:6d:76:b8:b0:8f:08:a8:b6:30:2e:d1:f0:
2a:6a:29:67:53:78:da:e5:d7:dc:91:59:1c:16:e2:
bb:89:7d:3c:cc:ff:16:a8:ff:60:4f:90:91:4c:a8:
26:a1:f3:f9:e5:e7:8d:c1:85:0d:c4:51:74:62:2d:
72:7e:65:90:37:7a:55:cd:b4:62:90:56:6b:d5:da:
07:be:e7:f7:08:52:85:44:d9:2d:78:65:b6:af:11:
55:c1:9a:26:8f:74:d8:2d:f9:ad:e9:f4:f4:5f:54:
45:43:ec:2d:07:94:1f:59:25:63:ff:7b:c8:67:9a:
76:94:f7:3f:3a:19:2c:4b:fc:dc:6f:9b:8d:43:6c:
f3:c0:71:4f:58:1f:08:eb:0a:2c:ca:fe:8b:f2:96:
ec:37:b1:ee:0c:fd:0c:4f:df:f1:aa:29:68:98:f1:
87:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:0A:94:F5:7E:DE:11:7A:0C:CF:19:70:74:2A:31:A0:E1:28:C1:88
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/YwqU9X7eEXoMzxlwdCoxoOEowYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.17.0-5.160.23.255
Signature Algorithm: sha256WithRSAEncryption
a0:76:2f:94:59:50:1a:ef:ea:5a:38:c0:e3:09:fa:9e:5e:0b:
b1:2b:20:e4:6c:c8:8f:23:b5:89:dc:d9:e7:59:fb:eb:7c:d8:
3f:ce:ca:1a:39:e3:dc:cb:05:0e:98:7f:dd:1f:39:cd:50:da:
58:73:4a:67:b0:0b:f9:98:b3:b5:b8:2b:85:ab:9c:e3:3f:4a:
aa:cc:3a:ec:49:86:a5:dd:3b:b8:96:8d:84:f0:8d:d0:5e:a0:
17:0c:76:d0:f9:0b:27:ce:2a:93:bf:54:05:56:09:eb:b0:73:
8e:38:bd:63:ef:5f:5d:50:99:fa:0a:9d:f1:6a:94:0d:90:27:
09:82:19:eb:98:0b:d4:8d:02:0f:f4:e5:d9:53:cd:ca:1a:0a:
07:25:62:eb:c2:1e:8f:7f:da:2f:08:09:a5:0a:1d:ad:ac:dd:
1e:6f:b3:20:42:48:d1:d9:d6:3a:0e:51:e6:5f:f7:1a:6c:25:
7f:ce:4c:c2:28:ba:e4:09:69:3a:db:4f:7f:11:7b:81:fd:7f:
80:31:a8:7d:e3:de:f1:84:0b:43:a3:cd:a4:03:8b:16:6c:57:
90:98:0a:3d:01:16:25:7f:32:b2:5e:0c:61:a2:72:ea:a3:aa:
11:a9:22:ea:bb:66:f3:0a:7e:3f:4e:96:c1:26:2f:b7:25:91:
28:a3:35:1c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzEktpCBHyL8yv6Xo85aUPCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjQwMTAxMTAzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzBhOTRmNTdlZGUxMTdhMGNjZjE5NzA3NDJhMzFhMGUxMjhjMTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuiptkew7svtFUB31GjRvqrvQswny
eCb0zbahaZuFajHD9iD6Qou8RX6LuFXgJdV4jsyG1z+xGGFLZBlY/7y2vNmlPM0u
E7bhO/57YMP/0Xg7xr/XVWuzeyC4W05tdriwjwiotjAu0fAqailnU3ja5dfckVkc
FuK7iX08zP8WqP9gT5CRTKgmofP55eeNwYUNxFF0Yi1yfmWQN3pVzbRikFZr1doH
vuf3CFKFRNkteGW2rxFVwZomj3TYLfmt6fT0X1RFQ+wtB5QfWSVj/3vIZ5p2lPc/
OhksS/zcb5uNQ2zzwHFPWB8I6wosyv6L8pbsN7HuDP0MT9/xqilomPGHXwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGMKlPV+3hF6DM8ZcHQqMaDhKMGIMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvWXdxVTlYN2VFWG9Nenhsd2RDb3hvT0Vvd1lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAFoBED
BAMFoBAwDQYJKoZIhvcNAQELBQADggEBAKB2L5RZUBrv6lo4wOMJ+p5eC7ErIORs
yI8jtYnc2edZ++t82D/Oyho549zLBQ6Yf90fOc1Q2lhzSmewC/mYs7W4K4WrnOM/
SqrMOuxJhqXdO7iWjYTwjdBeoBcMdtD5CyfOKpO/VAVWCeuwc444vWPvX11QmfoK
nfFqlA2QJwmCGeuYC9SNAg/05dlTzcoaCgclYuvCHo9/2i8ICaUKHa2s3R5vsyBC
SNHZ1joOUeZf9xpsJX/OTMIouuQJaTrbT38Re4H9f4AxqH3j3vGEC0OjzaQDixZs
V5CYCj0BFiV/MrJeDGGicuqjqhGpIuq7ZvMKfj9OlsEmL7clkSijNRw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:05:22 2024 by rpki-client on console-fra.rpki-client.org