Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/da81cb-1972-4c9b-9dab-e8f3a66ef558/1/yoEggA1BuhBenw64TkmYlTayvz8.roa
File: yoEggA1BuhBenw64TkmYlTayvz8.roa (raw, json)
Hash identifier: Uq8upQpOfFweU83E2nfCLkppqASL+pToz/hGmtm5ry8=
Subject key identifier: CA:81:20:80:0D:41:BA:10:5E:9F:0E:B8:4E:49:98:95:36:B2:BF:3F
Certificate issuer: /CN=0c037dd22b7aabe282225afb256b8d9dcbeba353
Certificate serial: 018FDE7A45115B1448368FC819971029171D
Authority key identifier: 0C:03:7D:D2:2B:7A:AB:E2:82:22:5A:FB:25:6B:8D:9D:CB:EB:A3:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DAN90it6q-KCIlr7JWuNncvro1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/da81cb-1972-4c9b-9dab-e8f3a66ef558/1/yoEggA1BuhBenw64TkmYlTayvz8.roa
Signing time: Mon 03 Jun 2024 14:21:45 +0000
ROA not before: Mon 03 Jun 2024 14:21:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50023
IP address blocks: 85.204.48.0/22 maxlen: 24
109.68.10.0/23 maxlen: 24
109.68.12.0/22 maxlen: 24
185.14.212.0/22 maxlen: 24
185.137.64.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/da81cb-1972-4c9b-9dab-e8f3a66ef558/1/DAN90it6q-KCIlr7JWuNncvro1M.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/da81cb-1972-4c9b-9dab-e8f3a66ef558/1/DAN90it6q-KCIlr7JWuNncvro1M.mft
rsync://rpki.ripe.net/repository/DEFAULT/DAN90it6q-KCIlr7JWuNncvro1M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:de:7a:45:11:5b:14:48:36:8f:c8:19:97:10:29:17:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c037dd22b7aabe282225afb256b8d9dcbeba353
Validity
Not Before: Jun 3 14:21:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca8120800d41ba105e9f0eb84e49989536b2bf3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:40:90:76:dc:20:54:20:10:95:36:8b:a9:8a:
a1:28:8b:ba:88:db:2b:94:e1:43:8b:5e:95:34:80:
86:13:c5:5c:61:54:11:8f:54:b8:ce:66:ed:9f:d8:
94:c9:d1:58:a4:66:90:7b:8b:0f:33:8c:fa:db:c4:
5a:a8:43:fa:61:e2:4b:fd:d9:84:72:4a:4d:a9:ec:
37:80:45:38:7d:40:4f:e0:89:f5:24:56:6b:cd:37:
fe:12:98:20:d3:af:da:6d:13:fa:25:0d:f1:1c:e8:
7c:dd:87:2d:8b:b5:29:60:38:49:8d:d1:dc:c5:90:
aa:af:5c:b2:57:c6:29:14:e3:eb:5c:4a:3f:af:8e:
a6:40:ff:0d:84:88:9a:2e:97:7d:94:fa:74:3d:7a:
ca:33:19:17:ad:d4:df:2d:cc:79:dc:3d:b6:86:a4:
77:d0:e2:8e:27:d9:e5:15:db:c1:98:60:50:5f:8f:
d1:42:6e:95:0f:03:b8:30:ab:ad:fa:5e:30:20:37:
f4:4d:4f:e4:a2:39:8a:bf:8f:ce:21:e8:71:82:21:
fe:8f:2a:eb:6e:80:1a:94:97:5a:68:ce:5d:35:14:
10:c2:6a:09:77:83:c5:d4:e0:5b:e6:ad:76:ef:11:
e0:29:9f:f9:d0:81:be:d6:67:6c:97:8d:83:cf:ba:
df:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:81:20:80:0D:41:BA:10:5E:9F:0E:B8:4E:49:98:95:36:B2:BF:3F
X509v3 Authority Key Identifier:
keyid:0C:03:7D:D2:2B:7A:AB:E2:82:22:5A:FB:25:6B:8D:9D:CB:EB:A3:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DAN90it6q-KCIlr7JWuNncvro1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/da81cb-1972-4c9b-9dab-e8f3a66ef558/1/yoEggA1BuhBenw64TkmYlTayvz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/da81cb-1972-4c9b-9dab-e8f3a66ef558/1/DAN90it6q-KCIlr7JWuNncvro1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.48.0/22
109.68.10.0-109.68.15.255
185.14.212.0/22
185.137.64.0/22
Signature Algorithm: sha256WithRSAEncryption
55:ac:12:68:79:f9:da:34:6a:34:80:b1:a9:ef:b8:fe:b0:23:
83:84:10:6b:e8:ca:cf:93:dd:65:29:77:88:83:fd:4c:68:24:
fc:50:38:a8:7c:af:67:38:3c:14:79:78:be:ea:73:aa:c1:36:
79:e4:d3:32:0d:a2:4b:5e:26:17:ce:5a:c8:a9:07:85:d1:31:
3c:c2:10:22:aa:c3:1b:b2:99:12:d2:20:ce:e2:d2:01:c9:94:
fc:d2:22:9d:02:5b:e3:a8:cd:f5:90:d9:d8:8c:80:0a:c1:7f:
e6:8f:90:04:08:00:13:ff:37:00:2f:be:69:d8:2c:10:71:d1:
f1:a8:72:5e:e5:b8:52:bd:5f:cc:b2:39:d8:8b:84:99:68:4d:
dc:d6:a9:cf:89:22:f8:3d:cf:f2:74:c7:d5:55:15:5b:40:2c:
bc:67:09:c3:a0:ac:53:ba:79:8d:c7:8e:20:4a:e5:d2:40:78:
bb:92:d3:79:ce:da:ed:66:d6:4e:e2:a2:64:8f:b1:66:80:d5:
e7:e7:c7:8c:06:24:5d:2e:e1:04:e2:28:99:69:e4:73:4e:dc:
af:f0:01:59:b8:22:4a:10:ea:11:70:9c:d0:52:9b:17:08:21:
7a:02:05:5e:10:d5:e5:11:77:3b:54:31:fd:97:73:3c:8a:a9:
1b:0f:98:b5
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY/eekURWxRINo/IGZcQKRcdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMDM3ZGQyMmI3YWFiZTI4MjIyNWFmYjI1NmI4ZDlkY2Jl
YmEzNTMwHhcNMjQwNjAzMTQyMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTgxMjA4MDBkNDFiYTEwNWU5ZjBlYjg0ZTQ5OTg5NTM2YjJiZjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4UCQdtwgVCAQlTaLqYqhKIu6iNsr
lOFDi16VNICGE8VcYVQRj1S4zmbtn9iUydFYpGaQe4sPM4z628RaqEP6YeJL/dmE
ckpNqew3gEU4fUBP4In1JFZrzTf+Epgg06/abRP6JQ3xHOh83Ycti7UpYDhJjdHc
xZCqr1yyV8YpFOPrXEo/r46mQP8NhIiaLpd9lPp0PXrKMxkXrdTfLcx53D22hqR3
0OKOJ9nlFdvBmGBQX4/RQm6VDwO4MKut+l4wIDf0TU/kojmKv4/OIehxgiH+jyrr
boAalJdaaM5dNRQQwmoJd4PF1OBb5q127xHgKZ/50IG+1mdsl42Dz7rfewIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFMqBIIANQboQXp8OuE5JmJU2sr8/MB8GA1UdIwQY
MBaAFAwDfdIreqvigiJa+yVrjZ3L66NTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREFOOTBpdDZxLUtDSWxyN0pXdU5uY3ZybzFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9kYTgxY2ItMTk3Mi00YzliLTlkYWIt
ZThmM2E2NmVmNTU4LzEveW9FZ2dBMUJ1aEJlbnc2NFRrbVlsVGF5dno4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9kYTgxY2ItMTk3Mi00YzliLTlkYWItZThmM2E2NmVmNTU4
LzEvREFOOTBpdDZxLUtDSWxyN0pXdU5uY3ZybzFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCVcwwMAwD
BAFtRAoDBARtRAADBAK5DtQDBAK5iUAwDQYJKoZIhvcNAQELBQADggEBAFWsEmh5
+do0ajSAsanvuP6wI4OEEGvoys+T3WUpd4iD/UxoJPxQOKh8r2c4PBR5eL7qc6rB
Nnnk0zINokteJhfOWsipB4XRMTzCECKqwxuymRLSIM7i0gHJlPzSIp0CW+OozfWQ
2diMgArBf+aPkAQIABP/NwAvvmnYLBBx0fGocl7luFK9X8yyOdiLhJloTdzWqc+J
Ivg9z/J0x9VVFVtALLxnCcOgrFO6eY3HjiBK5dJAeLuS03nO2u1m1k7iomSPsWaA
1efnx4wGJF0u4QTiKJlp5HNO3K/wAVm4IkoQ6hFwnNBSmxcIIXoCBV4Q1eURdztU
Mf2XczyKqRsPmLU=
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:10:56 2024 by rpki-client on console-fra.rpki-client.org