Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/0954b3-280a-4ca6-b84d-311304a9a211/1/y4_wgVzwUNX_K2PSeU-Nys7BM58.roa
File: y4_wgVzwUNX_K2PSeU-Nys7BM58.roa (raw, json)
Hash identifier: V1u6tfe1lPofb980Khn7LGZjnfw/LKmwaIIzLoIkp7M=
Subject key identifier: CB:8F:F0:81:5C:F0:50:D5:FF:2B:63:D2:79:4F:8D:CA:CE:C1:33:9F
Certificate issuer: /CN=ee024e46a746bf3b3af3dec081ce7ebc441100a3
Certificate serial: 018E5C5C6D97945DE9F59DE51DF3CED046E3
Authority key identifier: EE:02:4E:46:A7:46:BF:3B:3A:F3:DE:C0:81:CE:7E:BC:44:11:00:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7gJORqdGvzs6897Agc5-vEQRAKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/0954b3-280a-4ca6-b84d-311304a9a211/1/y4_wgVzwUNX_K2PSeU-Nys7BM58.roa
Signing time: Wed 20 Mar 2024 14:55:44 +0000
ROA not before: Wed 20 Mar 2024 14:55:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21385
IP address blocks: 81.92.160.0/20 maxlen: 24
86.110.64.0/19 maxlen: 24
185.55.120.0/22 maxlen: 24
193.110.24.0/22 maxlen: 24
212.82.160.0/19 maxlen: 24
217.151.80.0/20 maxlen: 24
2001:1b18::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/0954b3-280a-4ca6-b84d-311304a9a211/1/7gJORqdGvzs6897Agc5-vEQRAKM.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/0954b3-280a-4ca6-b84d-311304a9a211/1/7gJORqdGvzs6897Agc5-vEQRAKM.mft
rsync://rpki.ripe.net/repository/DEFAULT/7gJORqdGvzs6897Agc5-vEQRAKM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5c:5c:6d:97:94:5d:e9:f5:9d:e5:1d:f3:ce:d0:46:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee024e46a746bf3b3af3dec081ce7ebc441100a3
Validity
Not Before: Mar 20 14:55:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb8ff0815cf050d5ff2b63d2794f8dcacec1339f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:d9:91:df:61:a7:44:2f:89:1a:fd:e2:2b:f1:
30:13:a4:02:b4:e0:ac:72:87:00:61:2b:94:f6:87:
47:f2:18:97:bc:d2:5f:85:76:6e:82:fb:ba:af:8d:
16:b3:d3:f9:ff:a2:5d:07:fd:9f:be:31:18:c3:94:
1c:a6:d3:61:8f:8b:32:95:57:53:39:4d:dd:07:b0:
f6:a1:e9:14:bc:60:c8:6d:c7:f4:95:2c:83:f5:d6:
4d:49:a7:b7:dc:45:30:14:b8:b7:c2:39:5b:ab:4f:
f7:dc:73:3d:69:39:e2:ad:ae:33:56:aa:d8:09:28:
83:c1:fb:f4:22:c0:7a:14:02:a7:14:85:eb:83:c1:
28:6c:3c:4c:14:eb:d7:3b:6e:0e:54:c6:c9:5d:06:
bf:dd:21:24:e0:26:e4:fe:82:ee:6b:05:d2:a8:7b:
14:a8:81:86:5c:72:28:21:70:e5:13:eb:69:a7:04:
9f:85:2d:88:be:b8:9b:c2:b5:c4:6c:1d:27:8d:c8:
3d:f7:33:82:e2:c6:46:74:37:58:1b:ae:15:c3:d3:
38:58:b6:91:f1:4f:d4:97:8e:4c:3c:05:c5:59:27:
60:80:cb:96:0c:e9:c5:5a:17:2e:3c:82:0c:da:a9:
c8:7b:23:cb:46:c0:28:50:d7:38:f3:56:36:4b:fb:
49:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:8F:F0:81:5C:F0:50:D5:FF:2B:63:D2:79:4F:8D:CA:CE:C1:33:9F
X509v3 Authority Key Identifier:
keyid:EE:02:4E:46:A7:46:BF:3B:3A:F3:DE:C0:81:CE:7E:BC:44:11:00:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7gJORqdGvzs6897Agc5-vEQRAKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/0954b3-280a-4ca6-b84d-311304a9a211/1/y4_wgVzwUNX_K2PSeU-Nys7BM58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/0954b3-280a-4ca6-b84d-311304a9a211/1/7gJORqdGvzs6897Agc5-vEQRAKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.92.160.0/20
86.110.64.0/19
185.55.120.0/22
193.110.24.0/22
212.82.160.0/19
217.151.80.0/20
IPv6:
2001:1b18::/32
Signature Algorithm: sha256WithRSAEncryption
22:2b:1a:d2:26:31:14:34:fd:1e:b0:ec:0d:92:93:fe:9d:17:
19:7e:56:56:91:3d:4a:23:e1:bc:94:6c:c9:69:07:f0:84:04:
ee:3a:d9:44:0c:39:f0:d4:f8:3a:43:bc:8b:0c:c7:64:e2:39:
33:d6:42:c2:73:0d:aa:11:b9:8d:2c:b4:c7:ce:c3:cc:02:b6:
11:65:ff:a2:3e:94:c3:7e:31:bf:c4:32:16:41:9c:71:5d:59:
0e:5c:9a:20:3d:71:d4:0a:08:70:1d:9a:b8:f9:14:45:60:3f:
42:da:a7:c2:20:e1:71:e4:71:1c:19:6b:ab:96:bf:4d:e1:d6:
47:c6:c3:9b:cb:5a:b4:7c:1b:76:82:00:25:84:fa:c2:4f:8f:
60:5d:f3:a1:63:ed:5d:90:6f:32:b4:49:83:62:7a:fd:d9:c3:
d9:d1:51:29:af:e7:d0:60:cb:43:58:f3:1b:05:93:83:83:a4:
92:0b:74:bf:75:3b:f8:94:16:0f:c3:72:05:89:4c:68:42:02:
05:fc:3d:53:7c:97:79:bd:f2:71:b3:cf:54:2e:78:e1:a9:a8:
7b:41:12:0f:18:a7:ab:e5:dd:61:e6:9f:e1:da:c3:a8:8e:c5:
f6:39:6f:af:2b:7c:93:62:c7:09:20:93:80:91:36:58:bf:4e:
92:21:1b:0f
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAY5cXG2XlF3p9Z3lHfPO0EbjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMDI0ZTQ2YTc0NmJmM2IzYWYzZGVjMDgxY2U3ZWJjNDQx
MTAwYTMwHhcNMjQwMzIwMTQ1NTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjhmZjA4MTVjZjA1MGQ1ZmYyYjYzZDI3OTRmOGRjYWNlYzEzMzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNmR32GnRC+JGv3iK/EwE6QCtOCs
cocAYSuU9odH8hiXvNJfhXZugvu6r40Ws9P5/6JdB/2fvjEYw5QcptNhj4sylVdT
OU3dB7D2oekUvGDIbcf0lSyD9dZNSae33EUwFLi3wjlbq0/33HM9aTnira4zVqrY
CSiDwfv0IsB6FAKnFIXrg8EobDxMFOvXO24OVMbJXQa/3SEk4Cbk/oLuawXSqHsU
qIGGXHIoIXDlE+tppwSfhS2IvribwrXEbB0njcg99zOC4sZGdDdYG64Vw9M4WLaR
8U/Ul45MPAXFWSdggMuWDOnFWhcuPIIM2qnIeyPLRsAoUNc481Y2S/tJeQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFMuP8IFc8FDV/ytj0nlPjcrOwTOfMB8GA1UdIwQY
MBaAFO4CTkanRr87OvPewIHOfrxEEQCjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2dKT1JxZEd2enM2ODk3QWdjNS12RVFSQUtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8wOTU0YjMtMjgwYS00Y2E2LWI4NGQt
MzExMzA0YTlhMjExLzEveTRfd2dWendVTlhfSzJQU2VVLU55czdCTTU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8wOTU0YjMtMjgwYS00Y2E2LWI4NGQtMzExMzA0YTlhMjEx
LzEvN2dKT1JxZEd2enM2ODk3QWdjNS12RVFSQUtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQEUVygAwQF
Vm5AAwQCuTd4AwQCwW4YAwQF1FKgAwQE2ZdQMA0EAgACMAcDBQAgARsYMA0GCSqG
SIb3DQEBCwUAA4IBAQAiKxrSJjEUNP0esOwNkpP+nRcZflZWkT1KI+G8lGzJaQfw
hATuOtlEDDnw1Pg6Q7yLDMdk4jkz1kLCcw2qEbmNLLTHzsPMArYRZf+iPpTDfjG/
xDIWQZxxXVkOXJogPXHUCghwHZq4+RRFYD9C2qfCIOFx5HEcGWurlr9N4dZHxsOb
y1q0fBt2ggAlhPrCT49gXfOhY+1dkG8ytEmDYnr92cPZ0VEpr+fQYMtDWPMbBZOD
g6SSC3S/dTv4lBYPw3IFiUxoQgIF/D1TfJd5vfJxs89ULnjhqah7QRIPGKer5d1h
5p/h2sOojsX2OW+vK3yTYscJIJOAkTZYv06SIRsP
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:15:03 2024 by rpki-client on console-fra.rpki-client.org