Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/yJdumWwVYiSKS8VI5gvTdgFpbeU.roa
File: yJdumWwVYiSKS8VI5gvTdgFpbeU.roa (raw, json)
Hash identifier: hBIzIO3zEnYPx7vs9kl6JN5yTUWVMJQ4gdpi7rOxflw=
Subject key identifier: C8:97:6E:99:6C:15:62:24:8A:4B:C5:48:E6:0B:D3:76:01:69:6D:E5
Certificate issuer: /CN=feb84d9f8f9e33156589a5ebf722203a899e0a51
Certificate serial: 018CC56E164ED73E07E50562189E0E0E5E2B
Authority key identifier: FE:B8:4D:9F:8F:9E:33:15:65:89:A5:EB:F7:22:20:3A:89:9E:0A:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_rhNn4-eMxVliaXr9yIgOomeClE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/yJdumWwVYiSKS8VI5gvTdgFpbeU.roa
Signing time: Mon 01 Jan 2024 14:29:35 +0000
ROA not before: Mon 01 Jan 2024 14:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207088
IP address blocks: 195.210.96.0/22 maxlen: 22
195.210.104.0/22 maxlen: 22
195.210.116.0/22 maxlen: 22
195.210.120.0/22 maxlen: 22
2a0a:a200::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/_rhNn4-eMxVliaXr9yIgOomeClE.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/_rhNn4-eMxVliaXr9yIgOomeClE.mft
rsync://rpki.ripe.net/repository/DEFAULT/_rhNn4-eMxVliaXr9yIgOomeClE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:16:4e:d7:3e:07:e5:05:62:18:9e:0e:0e:5e:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=feb84d9f8f9e33156589a5ebf722203a899e0a51
Validity
Not Before: Jan 1 14:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8976e996c1562248a4bc548e60bd37601696de5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:aa:41:bb:41:e2:7b:76:16:a9:ae:47:06:04:
5d:8d:77:54:d4:2d:1e:4d:78:d6:ab:38:2f:fd:b3:
d2:ac:e3:21:3b:88:94:32:38:6d:45:5b:fd:87:ce:
3e:ea:ac:ec:4b:08:81:c2:dd:28:df:85:05:32:19:
f1:a9:06:56:a0:7a:5f:7e:25:a6:d6:cc:1e:62:84:
76:7d:b1:3d:12:0b:06:75:75:0d:bb:75:1d:0f:bd:
15:46:d8:12:7d:1c:bf:03:db:2d:30:59:60:e1:e5:
63:ea:26:27:23:b2:05:65:51:6c:8e:5f:91:84:a4:
f0:25:b9:cc:f8:42:87:28:95:52:e1:e0:8a:11:7a:
e8:77:11:0a:58:4f:ac:b7:35:ec:21:16:8b:9f:f1:
1c:85:f8:91:c1:c3:90:a9:8b:51:22:f2:8d:f6:fd:
bf:ae:3c:98:f8:d4:37:97:4c:0f:42:d5:21:6c:e4:
c2:40:bf:99:e3:a9:a3:86:ad:35:a6:13:99:24:cb:
2a:93:cf:cf:05:a7:b0:2a:c6:8a:46:cc:af:ce:48:
52:23:4b:10:16:38:b3:6a:8a:3c:48:11:78:da:3d:
63:b6:79:c9:7b:e3:3b:da:64:a6:49:c4:a2:bc:6f:
68:b2:af:ee:db:db:31:ef:c2:8a:bd:a7:e4:c1:db:
25:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:97:6E:99:6C:15:62:24:8A:4B:C5:48:E6:0B:D3:76:01:69:6D:E5
X509v3 Authority Key Identifier:
keyid:FE:B8:4D:9F:8F:9E:33:15:65:89:A5:EB:F7:22:20:3A:89:9E:0A:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_rhNn4-eMxVliaXr9yIgOomeClE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/yJdumWwVYiSKS8VI5gvTdgFpbeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/614e5c-299b-4fd4-a0bc-af1cc2317e39/1/_rhNn4-eMxVliaXr9yIgOomeClE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.210.96.0/22
195.210.104.0/22
195.210.116.0-195.210.123.255
IPv6:
2a0a:a200::/29
Signature Algorithm: sha256WithRSAEncryption
3d:55:c6:a3:71:8a:88:98:ad:ef:64:01:c8:55:ba:f8:58:c3:
24:44:a6:8d:de:86:c7:6d:6b:28:3a:44:9f:b7:35:e7:65:c5:
a1:36:2e:61:60:56:e7:73:0c:f3:f7:d4:79:28:5c:c3:de:0b:
bc:0a:b1:a6:f9:d3:8e:76:02:22:4d:8e:97:02:07:b9:5a:bd:
17:d5:c3:2a:32:59:b5:cb:67:86:5b:2b:76:2d:84:de:db:e4:
b0:27:6a:24:30:66:20:cf:95:41:70:f4:44:be:7e:56:f6:53:
52:87:79:60:6a:ef:23:a1:9f:88:81:7f:9e:fd:a6:b8:61:cb:
08:d1:ef:33:fa:ec:29:9b:69:fe:bf:30:c5:8a:ec:8e:32:54:
73:1a:7e:00:dd:52:38:98:cf:a6:c5:94:23:39:22:84:04:f1:
ab:c2:ac:7e:7a:41:e0:13:5c:28:9f:11:99:17:1c:f2:02:44:
c9:d1:b2:2f:95:53:a4:bd:76:98:ea:47:0d:b5:05:4c:c1:66:
15:26:dd:78:79:43:42:62:9d:8b:14:a2:6f:a0:42:17:d7:15:
c0:a1:d4:99:37:d6:b5:95:d6:24:32:3f:66:63:11:0c:97:aa:
7a:cf:71:e4:00:1f:aa:2c:af:2b:18:30:0e:f7:c8:f3:96:c6:
5c:dc:95:1c
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzFbhZO1z4H5QViGJ4ODl4rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYjg0ZDlmOGY5ZTMzMTU2NTg5YTVlYmY3MjIyMDNhODk5
ZTBhNTEwHhcNMjQwMTAxMTQyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODk3NmU5OTZjMTU2MjI0OGE0YmM1NDhlNjBiZDM3NjAxNjk2ZGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsapBu0Hie3YWqa5HBgRdjXdU1C0e
TXjWqzgv/bPSrOMhO4iUMjhtRVv9h84+6qzsSwiBwt0o34UFMhnxqQZWoHpffiWm
1sweYoR2fbE9EgsGdXUNu3UdD70VRtgSfRy/A9stMFlg4eVj6iYnI7IFZVFsjl+R
hKTwJbnM+EKHKJVS4eCKEXrodxEKWE+stzXsIRaLn/EchfiRwcOQqYtRIvKN9v2/
rjyY+NQ3l0wPQtUhbOTCQL+Z46mjhq01phOZJMsqk8/PBaewKsaKRsyvzkhSI0sQ
Fjizaoo8SBF42j1jtnnJe+M72mSmScSivG9osq/u29sx78KKvafkwdslMQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFMiXbplsFWIkikvFSOYL03YBaW3lMB8GA1UdIwQY
MBaAFP64TZ+PnjMVZYml6/ciIDqJngpRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3JoTm40LWVNeFZsaWFYcjl5SWdPb21lQ2xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82MTRlNWMtMjk5Yi00ZmQ0LWEwYmMt
YWYxY2MyMzE3ZTM5LzEveUpkdW1Xd1ZZaVNLUzhWSTVndlRkZ0ZwYmVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82MTRlNWMtMjk5Yi00ZmQ0LWEwYmMtYWYxY2MyMzE3ZTM5
LzEvX3JoTm40LWVNeFZsaWFYcjl5SWdPb21lQ2xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCw9JgAwQC
w9JoMAwDBALD0nQDBALD0ngwDQQCAAIwBwMFAyoKogAwDQYJKoZIhvcNAQELBQAD
ggEBAD1VxqNxioiYre9kAchVuvhYwyREpo3ehsdtayg6RJ+3NedlxaE2LmFgVudz
DPP31HkoXMPeC7wKsab50452AiJNjpcCB7lavRfVwyoyWbXLZ4ZbK3YthN7b5LAn
aiQwZiDPlUFw9ES+flb2U1KHeWBq7yOhn4iBf579prhhywjR7zP67Cmbaf6/MMWK
7I4yVHMafgDdUjiYz6bFlCM5IoQE8avCrH56QeATXCifEZkXHPICRMnRsi+VU6S9
dpjqRw21BUzBZhUm3Xh5Q0JinYsUom+gQhfXFcCh1Jk31rWV1iQyP2ZjEQyXqnrP
ceQAH6osrysYMA73yPOWxlzclRw=
-----END CERTIFICATE-----
Generated at Sat May 4 00:09:37 2024 by rpki-client on console-fra.rpki-client.org