Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/YwmzZLLJCng6bpBoFWNZjDgohow.roa
File: YwmzZLLJCng6bpBoFWNZjDgohow.roa (raw, json)
Hash identifier: I2Gzn2VInO6h2NsJu/nUg4ZNu6zHdATSXNQmcS1v6Xo=
Subject key identifier: 63:09:B3:64:B2:C9:0A:78:3A:6E:90:68:15:63:59:8C:38:28:86:8C
Certificate issuer: /CN=6eab53640b0931924b73f760925845150a6ccca5
Certificate serial: 0192ADE7B7848D5D43061F503FCDF4C8D82C
Authority key identifier: 6E:AB:53:64:0B:09:31:92:4B:73:F7:60:92:58:45:15:0A:6C:CC:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bqtTZAsJMZJLc_dgklhFFQpszKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/YwmzZLLJCng6bpBoFWNZjDgohow.roa
Signing time: Mon 21 Oct 2024 07:08:16 +0000
ROA not before: Mon 21 Oct 2024 07:08:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50920
IP address blocks: 62.93.84.0/24 maxlen: 24
62.93.87.0/24 maxlen: 24
82.192.6.0/24 maxlen: 24
85.13.58.0/24 maxlen: 24
176.61.160.0/21 maxlen: 24
217.16.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/bqtTZAsJMZJLc_dgklhFFQpszKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/bqtTZAsJMZJLc_dgklhFFQpszKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/bqtTZAsJMZJLc_dgklhFFQpszKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ad:e7:b7:84:8d:5d:43:06:1f:50:3f:cd:f4:c8:d8:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6eab53640b0931924b73f760925845150a6ccca5
Validity
Not Before: Oct 21 07:08:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6309b364b2c90a783a6e90681563598c3828868c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:4a:7e:f7:1f:de:a6:b1:fb:d8:dc:67:6f:e5:
05:87:75:80:da:e4:c7:29:d6:22:55:6f:db:cb:d2:
42:4d:7b:05:6a:6a:41:f6:3c:75:2e:f7:81:36:3f:
b7:46:e0:9b:14:32:ac:39:df:67:09:eb:20:4c:17:
92:7d:c5:c7:0c:dc:03:c7:09:ef:ab:69:b3:27:69:
e6:7d:49:6f:75:81:ee:b2:89:30:0b:67:ef:07:ca:
47:7d:40:66:37:67:68:cf:e4:84:ca:bd:9f:46:f2:
4c:d2:00:38:5b:e4:4b:8c:6a:87:d7:e4:70:de:e1:
bd:0f:c5:ba:d6:3c:5f:4d:aa:4c:3a:56:0a:02:07:
89:b3:00:9d:57:57:0d:6e:af:6f:f9:61:5e:78:df:
fb:fb:19:c0:4b:72:c8:09:a4:9b:61:a7:b4:f9:c4:
ba:12:76:fd:1e:95:98:f4:ce:78:c5:23:10:ce:08:
97:b2:5a:7d:0d:0a:58:09:53:7d:59:78:2a:7d:e5:
e4:d6:e5:bf:2c:3a:19:48:2a:ec:6c:d7:39:ad:d0:
c9:d0:89:fc:99:de:2a:71:52:15:db:4e:f8:85:03:
52:7b:7d:3b:89:a3:f6:a6:e1:03:9b:50:5a:0a:9c:
9b:09:c3:ec:6f:21:ef:2f:a4:2e:85:19:be:40:10:
bb:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:09:B3:64:B2:C9:0A:78:3A:6E:90:68:15:63:59:8C:38:28:86:8C
X509v3 Authority Key Identifier:
keyid:6E:AB:53:64:0B:09:31:92:4B:73:F7:60:92:58:45:15:0A:6C:CC:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bqtTZAsJMZJLc_dgklhFFQpszKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/YwmzZLLJCng6bpBoFWNZjDgohow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/bqtTZAsJMZJLc_dgklhFFQpszKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.93.84.0/24
62.93.87.0/24
82.192.6.0/24
85.13.58.0/24
176.61.160.0/21
217.16.119.0/24
Signature Algorithm: sha256WithRSAEncryption
74:b3:c2:ba:d9:05:a9:ee:40:cd:36:3f:c2:74:9f:5e:7c:84:
e4:5d:1f:70:10:87:9a:de:8e:a7:82:fb:25:c3:94:66:7e:0f:
e4:3e:5f:92:67:e7:3b:b5:cb:ad:98:02:40:ab:71:6f:81:64:
24:e2:7e:e5:32:e7:a7:7e:2e:c8:48:24:04:fa:f8:0a:35:b2:
af:17:4d:65:fe:f8:3a:57:22:da:21:8c:59:48:a5:6d:da:64:
96:c8:59:3d:66:b6:65:f1:40:2f:7b:d3:4d:a7:2b:79:6f:7d:
b0:79:4e:f4:22:02:01:f0:e3:04:95:ea:57:b6:6b:6d:3b:71:
64:9c:29:dd:9c:b6:7e:dc:0c:c9:de:86:3d:a5:a5:68:3a:25:
e8:9d:20:51:a7:1b:27:c8:61:a9:7e:63:00:50:1f:0f:61:20:
73:f4:8f:39:c4:a6:fe:3e:55:61:77:b9:fc:5a:d6:c0:5d:0b:
d7:79:b8:09:86:cc:f9:4e:df:92:96:36:d1:e6:cf:27:75:7e:
d7:99:15:0e:8f:0b:75:0c:4d:60:cb:47:4e:c4:a4:9d:d7:6e:
7f:48:fb:bf:ec:72:91:b6:1e:25:99:ff:11:60:02:f8:db:42:
3e:32:8e:37:60:12:b6:1e:90:1a:6a:02:82:4e:ae:46:48:d8:
4b:0e:cc:c2
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZKt57eEjV1DBh9QP830yNgsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlYWI1MzY0MGIwOTMxOTI0YjczZjc2MDkyNTg0NTE1MGE2
Y2NjYTUwHhcNMjQxMDIxMDcwODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzA5YjM2NGIyYzkwYTc4M2E2ZTkwNjgxNTYzNTk4YzM4Mjg4NjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0p+9x/eprH72Nxnb+UFh3WA2uTH
KdYiVW/by9JCTXsFampB9jx1LveBNj+3RuCbFDKsOd9nCesgTBeSfcXHDNwDxwnv
q2mzJ2nmfUlvdYHusokwC2fvB8pHfUBmN2doz+SEyr2fRvJM0gA4W+RLjGqH1+Rw
3uG9D8W61jxfTapMOlYKAgeJswCdV1cNbq9v+WFeeN/7+xnAS3LICaSbYae0+cS6
Enb9HpWY9M54xSMQzgiXslp9DQpYCVN9WXgqfeXk1uW/LDoZSCrsbNc5rdDJ0In8
md4qcVIV2074hQNSe307iaP2puEDm1BaCpybCcPsbyHvL6QuhRm+QBC7XQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGMJs2SyyQp4Om6QaBVjWYw4KIaMMB8GA1UdIwQY
MBaAFG6rU2QLCTGSS3P3YJJYRRUKbMylMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnF0VFpBc0pNWkpMY19kZ2tsaEZGUXBzektVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8yYTM4ZTYtMjk0ZS00ZmEzLWE1YTAt
NTMwNDYzMjM5NTFmLzEvWXdtelpMTEpDbmc2YnBCb0ZXTlpqRGdvaG93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8yYTM4ZTYtMjk0ZS00ZmEzLWE1YTAtNTMwNDYzMjM5NTFm
LzEvYnF0VFpBc0pNWkpMY19kZ2tsaEZGUXBzektVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAPl1UAwQA
Pl1XAwQAUsAGAwQAVQ06AwQDsD2gAwQA2RB3MA0GCSqGSIb3DQEBCwUAA4IBAQB0
s8K62QWp7kDNNj/CdJ9efITkXR9wEIea3o6ngvslw5Rmfg/kPl+SZ+c7tcutmAJA
q3FvgWQk4n7lMuenfi7ISCQE+vgKNbKvF01l/vg6VyLaIYxZSKVt2mSWyFk9ZrZl
8UAve9NNpyt5b32weU70IgIB8OMElepXtmttO3FknCndnLZ+3AzJ3oY9paVoOiXo
nSBRpxsnyGGpfmMAUB8PYSBz9I85xKb+PlVhd7n8WtbAXQvXebgJhsz5Tt+SljbR
5s8ndX7XmRUOjwt1DE1gy0dOxKSd125/SPu/7HKRth4lmf8RYAL420I+Mo43YBK2
HpAaagKCTq5GSNhLDszC
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:15:48 2024 by rpki-client on console-ams.rpki-client.org