Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/cb27a0-94d2-49aa-85ea-ae91e4662d93/1/YA2knZBu4eCfckA4blXB6sNuHgY.roa
File: YA2knZBu4eCfckA4blXB6sNuHgY.roa (raw, json)
Hash identifier: shDh2slGwfDF1H72vnxsQTQ+XE9meHhIbU3+zi7hhrg=
Subject key identifier: 60:0D:A4:9D:90:6E:E1:E0:9F:72:40:38:6E:55:C1:EA:C3:6E:1E:06
Certificate issuer: /CN=a40a081fba8fb33efb46259ef93f6878d70150eb
Certificate serial: 01941FFA5E1106A6FA54AC2A1D783FB74237
Authority key identifier: A4:0A:08:1F:BA:8F:B3:3E:FB:46:25:9E:F9:3F:68:78:D7:01:50:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pAoIH7qPsz77RiWe-T9oeNcBUOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/cb27a0-94d2-49aa-85ea-ae91e4662d93/1/YA2knZBu4eCfckA4blXB6sNuHgY.roa
Signing time: Wed 01 Jan 2025 03:48:09 +0000
ROA not before: Wed 01 Jan 2025 03:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 55002
IP address blocks: 195.234.204.0/24 maxlen: 24
195.234.205.0/24 maxlen: 24
195.234.206.0/24 maxlen: 24
195.234.207.0/24 maxlen: 24
2001:67c:2620::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/cb27a0-94d2-49aa-85ea-ae91e4662d93/1/pAoIH7qPsz77RiWe-T9oeNcBUOs.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/cb27a0-94d2-49aa-85ea-ae91e4662d93/1/pAoIH7qPsz77RiWe-T9oeNcBUOs.mft
rsync://rpki.ripe.net/repository/DEFAULT/pAoIH7qPsz77RiWe-T9oeNcBUOs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 20:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:5e:11:06:a6:fa:54:ac:2a:1d:78:3f:b7:42:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a40a081fba8fb33efb46259ef93f6878d70150eb
Validity
Not Before: Jan 1 03:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=600da49d906ee1e09f7240386e55c1eac36e1e06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:02:21:6c:c7:8a:1a:ed:91:33:06:3e:db:c5:
f9:e7:29:44:37:09:3f:be:ab:bd:f1:17:61:0f:de:
dc:a7:3c:06:2b:a4:2e:35:e6:f5:00:2b:45:fd:70:
a1:28:a4:e4:f5:4a:c4:33:63:94:b8:6f:ca:38:e2:
ae:2e:f9:33:62:cf:af:1d:b6:a3:47:d4:9e:24:01:
de:61:6e:54:df:13:c3:9d:24:fa:ff:9a:66:44:61:
4c:d8:39:36:ad:d2:68:13:91:67:3c:3c:47:f4:03:
c9:f1:08:27:ae:c5:07:fb:46:e9:3e:7d:17:c3:1d:
1e:d8:cb:ff:e9:8b:f2:50:fb:89:c6:7b:ea:56:a8:
f7:34:14:08:7a:18:3e:59:f2:36:65:51:5c:89:98:
82:d2:ae:63:74:bc:a0:45:86:14:5b:b3:31:2e:91:
1e:9b:b6:b4:86:a2:e3:5b:a3:6c:ac:a9:56:dd:ff:
55:0c:18:96:64:cd:0a:27:93:50:cf:42:47:f1:85:
09:b3:02:3a:e6:fe:d2:b5:79:78:1e:e5:56:9d:85:
4c:6d:f2:9f:dc:0a:fe:bc:a2:23:37:c1:b4:57:f8:
b9:dc:10:00:45:9e:28:fd:ab:32:09:13:c5:7f:86:
a6:0c:30:cf:f7:79:d7:29:50:d2:cc:8c:1d:af:0e:
a7:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:0D:A4:9D:90:6E:E1:E0:9F:72:40:38:6E:55:C1:EA:C3:6E:1E:06
X509v3 Authority Key Identifier:
keyid:A4:0A:08:1F:BA:8F:B3:3E:FB:46:25:9E:F9:3F:68:78:D7:01:50:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pAoIH7qPsz77RiWe-T9oeNcBUOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/cb27a0-94d2-49aa-85ea-ae91e4662d93/1/YA2knZBu4eCfckA4blXB6sNuHgY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/cb27a0-94d2-49aa-85ea-ae91e4662d93/1/pAoIH7qPsz77RiWe-T9oeNcBUOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.204.0/22
IPv6:
2001:67c:2620::/48
Signature Algorithm: sha256WithRSAEncryption
7d:5c:67:6b:99:e6:11:ab:55:2b:a2:96:c2:c0:6f:2d:b5:f6:
07:70:e9:63:6c:fb:ee:ff:a2:4f:94:60:05:84:fe:a7:9f:22:
35:20:3d:46:62:6f:f6:25:ae:06:91:ed:8e:53:fe:f4:79:20:
e5:76:12:f5:9e:fc:a7:e8:90:19:09:66:5b:31:23:8b:6b:f9:
30:f3:fa:5d:c0:99:b7:ac:3b:5d:1c:fd:17:71:f5:13:5a:64:
1f:8d:46:f6:c3:94:d2:80:bd:87:b9:fa:27:9f:14:b3:2f:49:
29:39:cc:3e:4d:48:14:2d:05:9f:e4:8b:65:7c:c8:bc:18:56:
51:f5:d8:99:6c:05:9e:62:61:3c:d8:21:9d:a1:97:07:ae:7b:
6e:e3:54:8a:ef:e0:a7:3f:f2:ce:3c:82:35:aa:d3:d4:50:2b:
9c:a7:03:c3:1d:a7:fa:3e:23:39:08:d5:ae:7f:5e:3a:a0:fa:
06:92:bd:c8:ac:3e:68:df:3d:ea:52:a6:e1:fa:70:c7:f0:63:
1a:8f:8d:d8:ca:89:ec:cd:0d:6e:33:cd:80:0a:38:a3:40:b3:
f8:23:b2:1e:3c:63:83:5f:21:d1:28:27:9d:5a:15:3d:57:d8:
74:33:65:38:e7:f3:46:e4:e8:97:ca:65:11:e3:0b:19:6f:d6:
f7:c8:d0:60
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQf+l4RBqb6VKwqHXg/t0I3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MGEwODFmYmE4ZmIzM2VmYjQ2MjU5ZWY5M2Y2ODc4ZDcw
MTUwZWIwHhcNMjUwMTAxMDM0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDBkYTQ5ZDkwNmVlMWUwOWY3MjQwMzg2ZTU1YzFlYWMzNmUxZTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwIhbMeKGu2RMwY+28X55ylENwk/
vqu98RdhD97cpzwGK6QuNeb1ACtF/XChKKTk9UrEM2OUuG/KOOKuLvkzYs+vHbaj
R9SeJAHeYW5U3xPDnST6/5pmRGFM2Dk2rdJoE5FnPDxH9APJ8QgnrsUH+0bpPn0X
wx0e2Mv/6YvyUPuJxnvqVqj3NBQIehg+WfI2ZVFciZiC0q5jdLygRYYUW7MxLpEe
m7a0hqLjW6NsrKlW3f9VDBiWZM0KJ5NQz0JH8YUJswI65v7StXl4HuVWnYVMbfKf
3Ar+vKIjN8G0V/i53BAARZ4o/asyCRPFf4amDDDP93nXKVDSzIwdrw6nrQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGANpJ2QbuHgn3JAOG5VwerDbh4GMB8GA1UdIwQY
MBaAFKQKCB+6j7M++0Ylnvk/aHjXAVDrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEFvSUg3cVBzejc3UmlXZS1UOW9lTmNCVU9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9jYjI3YTAtOTRkMi00OWFhLTg1ZWEt
YWU5MWU0NjYyZDkzLzEvWUEya25aQnU0ZUNmY2tBNGJsWEI2c051SGdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9jYjI3YTAtOTRkMi00OWFhLTg1ZWEtYWU5MWU0NjYyZDkz
LzEvcEFvSUg3cVBzejc3UmlXZS1UOW9lTmNCVU9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCw+rMMA8E
AgACMAkDBwAgAQZ8JiAwDQYJKoZIhvcNAQELBQADggEBAH1cZ2uZ5hGrVSuilsLA
by219gdw6WNs++7/ok+UYAWE/qefIjUgPUZib/YlrgaR7Y5T/vR5IOV2EvWe/Kfo
kBkJZlsxI4tr+TDz+l3AmbesO10c/Rdx9RNaZB+NRvbDlNKAvYe5+iefFLMvSSk5
zD5NSBQtBZ/ki2V8yLwYVlH12JlsBZ5iYTzYIZ2hlweue27jVIrv4Kc/8s48gjWq
09RQK5ynA8Mdp/o+IzkI1a5/Xjqg+gaSvcisPmjfPepSpuH6cMfwYxqPjdjKiezN
DW4zzYAKOKNAs/gjsh48Y4NfIdEoJ51aFT1X2HQzZTjn80bk6JfKZRHjCxlv1vfI
0GA=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:39 2025 by rpki-client