Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/084d33-9fed-4620-b46c-88a63148026f/1/YJ3Rr4XJvkiUdQZiHFDEoArPlgg.roa
File: YJ3Rr4XJvkiUdQZiHFDEoArPlgg.roa (raw, json)
Hash identifier: BzGYb+xJdbxL9pBjvrsz+Mu8CrZewPiQfYbPVAmxsZ0=
Subject key identifier: 60:9D:D1:AF:85:C9:BE:48:94:75:06:62:1C:50:C4:A0:0A:CF:96:08
Certificate issuer: /CN=fe5dbc41b11e77bc44bd2c735554b5b4258d0c33
Certificate serial: 018CC94E52838085382EB6088349A8B6B69B
Authority key identifier: FE:5D:BC:41:B1:1E:77:BC:44:BD:2C:73:55:54:B5:B4:25:8D:0C:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_l28QbEed7xEvSxzVVS1tCWNDDM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/084d33-9fed-4620-b46c-88a63148026f/1/YJ3Rr4XJvkiUdQZiHFDEoArPlgg.roa
Signing time: Tue 02 Jan 2024 08:33:22 +0000
ROA not before: Tue 02 Jan 2024 08:33:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48933
IP address blocks: 193.36.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/084d33-9fed-4620-b46c-88a63148026f/1/_l28QbEed7xEvSxzVVS1tCWNDDM.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/084d33-9fed-4620-b46c-88a63148026f/1/_l28QbEed7xEvSxzVVS1tCWNDDM.mft
rsync://rpki.ripe.net/repository/DEFAULT/_l28QbEed7xEvSxzVVS1tCWNDDM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 20:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:52:83:80:85:38:2e:b6:08:83:49:a8:b6:b6:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe5dbc41b11e77bc44bd2c735554b5b4258d0c33
Validity
Not Before: Jan 2 08:33:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=609dd1af85c9be48947506621c50c4a00acf9608
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e1:ba:c0:cb:df:f0:18:53:76:e7:1d:c2:ef:
0f:98:7e:67:b4:8e:5a:98:01:22:a0:ad:8f:cf:4c:
1b:62:26:cf:89:c3:38:90:53:72:89:fa:84:0a:24:
8b:88:88:ab:15:99:8e:38:3b:36:f0:0a:70:a1:1c:
f2:43:01:5f:67:9a:4c:a8:c2:bb:22:39:81:de:24:
70:9c:9c:ef:5d:67:6b:9e:59:d0:20:5b:a4:1e:85:
66:e4:80:db:95:a8:6e:9e:b6:c7:6e:ae:18:d6:0f:
c6:dc:be:6e:2a:92:39:10:fe:f2:af:6a:08:70:c5:
3d:54:5c:38:17:89:ef:3b:ed:78:91:3d:c1:f9:8c:
20:52:29:d0:87:52:07:a5:bf:ac:04:bf:be:23:e5:
f5:76:ee:cc:33:c1:93:9d:b4:fc:52:1a:b7:ab:28:
be:91:ba:fa:a7:f5:d6:9a:a4:dd:c5:e1:53:8a:bc:
d2:8e:b6:e9:6d:6d:02:55:be:c7:66:ec:89:4f:0e:
76:37:b1:d1:a6:a2:22:57:35:63:9c:01:27:04:9d:
a1:87:1f:3e:59:c1:de:5e:27:37:8b:a7:21:e2:13:
7b:5c:4a:ae:67:7f:9c:3e:e0:49:44:93:49:e4:c4:
bf:67:94:b7:0c:89:c4:6d:8e:7f:96:81:df:b4:de:
bc:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:9D:D1:AF:85:C9:BE:48:94:75:06:62:1C:50:C4:A0:0A:CF:96:08
X509v3 Authority Key Identifier:
keyid:FE:5D:BC:41:B1:1E:77:BC:44:BD:2C:73:55:54:B5:B4:25:8D:0C:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_l28QbEed7xEvSxzVVS1tCWNDDM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/084d33-9fed-4620-b46c-88a63148026f/1/YJ3Rr4XJvkiUdQZiHFDEoArPlgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/084d33-9fed-4620-b46c-88a63148026f/1/_l28QbEed7xEvSxzVVS1tCWNDDM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.36.35.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:d9:75:30:6e:34:d5:de:94:14:8d:e5:83:9c:98:bc:b9:b3:
82:a8:14:08:dc:4a:cf:fa:32:0f:5f:e8:db:11:3d:98:3e:eb:
4b:40:67:f4:67:44:f2:b5:0f:8b:8a:0e:ee:af:db:54:d0:65:
1f:4b:1d:cd:a9:ee:be:ea:a4:76:fa:b1:8a:80:c3:15:df:4c:
60:ce:17:2b:18:ba:c5:7a:e8:b2:ca:8c:81:18:cb:d2:5a:3f:
d1:87:c2:51:d9:03:f0:77:0e:cc:a8:85:9b:c3:8a:c4:ed:4a:
fc:57:cc:4a:6f:a5:8c:43:f2:63:35:02:d6:5b:6f:03:15:b0:
26:b0:fa:70:89:4c:49:08:32:9d:9b:7e:3c:fa:e7:ba:39:3f:
f2:22:01:0f:82:f7:94:c4:70:37:ab:21:56:8e:3b:5c:4d:7a:
73:6c:a5:80:62:d2:87:56:74:d3:9a:8c:fc:0a:a7:ac:bc:70:
de:90:57:c8:20:79:f6:77:c6:0b:aa:24:45:8f:a9:ca:66:74:
22:b3:84:e7:14:69:bb:71:b2:8a:b9:4d:04:cd:5a:c5:83:b0:
4c:e2:e2:aa:a6:fd:6a:17:c9:e8:88:aa:d4:72:96:7e:6a:ba:
f1:9f:b6:dd:f6:c5:2f:36:57:39:db:74:77:e0:be:6f:f4:a7:
77:79:3e:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTlKDgIU4LrYIg0motrabMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNWRiYzQxYjExZTc3YmM0NGJkMmM3MzU1NTRiNWI0MjU4
ZDBjMzMwHhcNMjQwMTAyMDgzMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDlkZDFhZjg1YzliZTQ4OTQ3NTA2NjIxYzUwYzRhMDBhY2Y5NjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOG6wMvf8BhTducdwu8PmH5ntI5a
mAEioK2Pz0wbYibPicM4kFNyifqECiSLiIirFZmOODs28ApwoRzyQwFfZ5pMqMK7
IjmB3iRwnJzvXWdrnlnQIFukHoVm5IDblahunrbHbq4Y1g/G3L5uKpI5EP7yr2oI
cMU9VFw4F4nvO+14kT3B+YwgUinQh1IHpb+sBL++I+X1du7MM8GTnbT8Uhq3qyi+
kbr6p/XWmqTdxeFTirzSjrbpbW0CVb7HZuyJTw52N7HRpqIiVzVjnAEnBJ2hhx8+
WcHeXic3i6ch4hN7XEquZ3+cPuBJRJNJ5MS/Z5S3DInEbY5/loHftN68aQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGCd0a+Fyb5IlHUGYhxQxKAKz5YIMB8GA1UdIwQY
MBaAFP5dvEGxHne8RL0sc1VUtbQljQwzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2wyOFFiRWVkN3hFdlN4elZWUzF0Q1dORERNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8wODRkMzMtOWZlZC00NjIwLWI0NmMt
ODhhNjMxNDgwMjZmLzEvWUozUnI0WEp2a2lVZFFaaUhGREVvQXJQbGdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8wODRkMzMtOWZlZC00NjIwLWI0NmMtODhhNjMxNDgwMjZm
LzEvX2wyOFFiRWVkN3hFdlN4elZWUzF0Q1dORERNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSQjMA0G
CSqGSIb3DQEBCwUAA4IBAQBt2XUwbjTV3pQUjeWDnJi8ubOCqBQI3ErP+jIPX+jb
ET2YPutLQGf0Z0TytQ+Lig7ur9tU0GUfSx3Nqe6+6qR2+rGKgMMV30xgzhcrGLrF
euiyyoyBGMvSWj/Rh8JR2QPwdw7MqIWbw4rE7Ur8V8xKb6WMQ/JjNQLWW28DFbAm
sPpwiUxJCDKdm348+ue6OT/yIgEPgveUxHA3qyFWjjtcTXpzbKWAYtKHVnTTmoz8
CqesvHDekFfIIHn2d8YLqiRFj6nKZnQis4TnFGm7cbKKuU0EzVrFg7BM4uKqpv1q
F8noiKrUcpZ+arrxn7bd9sUvNlc523R34L5v9Kd3eT5I
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:00:53 2024 by rpki-client on console-ams.rpki-client.org