Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4c1f59-0c12-4153-a15c-715f9cd63086/1/ymYLq6XYAcgX6lVIcy6xeM04wZ0.roa
File: ymYLq6XYAcgX6lVIcy6xeM04wZ0.roa (raw, json)
Hash identifier: 94PKzGI7+Hy40A0hqP2/MIxaDtdjnv/Zxyw9xR6HjpM=
Subject key identifier: CA:66:0B:AB:A5:D8:01:C8:17:EA:55:48:73:2E:B1:78:CD:38:C1:9D
Certificate issuer: /CN=4c988b93ab7a2999a3255eeae4e18ab23b2e0f3e
Certificate serial: 018CC94D9A5F847401D92B4A50CDB84CD6AB
Authority key identifier: 4C:98:8B:93:AB:7A:29:99:A3:25:5E:EA:E4:E1:8A:B2:3B:2E:0F:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TJiLk6t6KZmjJV7q5OGKsjsuDz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4c1f59-0c12-4153-a15c-715f9cd63086/1/ymYLq6XYAcgX6lVIcy6xeM04wZ0.roa
Signing time: Tue 02 Jan 2024 08:32:35 +0000
ROA not before: Tue 02 Jan 2024 08:32:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49101
IP address blocks: 46.36.32.0/19 maxlen: 24
2a02:25b0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/4c1f59-0c12-4153-a15c-715f9cd63086/1/TJiLk6t6KZmjJV7q5OGKsjsuDz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/4c1f59-0c12-4153-a15c-715f9cd63086/1/TJiLk6t6KZmjJV7q5OGKsjsuDz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/TJiLk6t6KZmjJV7q5OGKsjsuDz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:9a:5f:84:74:01:d9:2b:4a:50:cd:b8:4c:d6:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c988b93ab7a2999a3255eeae4e18ab23b2e0f3e
Validity
Not Before: Jan 2 08:32:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca660baba5d801c817ea5548732eb178cd38c19d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0f:4d:4c:29:1b:e1:a5:34:0d:7b:58:7c:fc:
94:b8:81:94:f8:9c:25:a6:19:39:54:58:be:70:e2:
0d:35:17:fd:c5:84:83:ce:9b:c1:03:5a:bb:24:8b:
61:17:17:db:6f:89:d5:98:8c:1f:89:da:e4:40:d6:
0e:aa:e9:97:b8:34:ed:49:22:86:f1:34:d2:13:ed:
1e:1b:46:71:b3:34:60:ae:45:55:dc:f4:9b:f2:e0:
1d:55:5b:a2:b6:da:c6:18:ad:85:d2:62:8a:0a:8e:
2f:2c:54:ab:d4:3d:33:bd:f5:f8:13:53:81:1a:0d:
20:4a:8f:54:9f:4c:de:02:a9:34:50:5f:37:7f:69:
7a:70:56:2a:a4:6a:4e:d4:f2:66:95:14:bc:7c:f9:
b7:a3:d4:64:d5:d2:06:da:f7:87:f4:86:29:80:fe:
be:5f:67:1c:35:74:80:2a:1c:43:93:c2:df:6f:0f:
60:e8:59:ff:e1:ad:69:36:e6:79:57:c2:ad:10:e1:
c8:89:27:a9:4d:63:76:c2:74:25:15:2f:d4:4c:9c:
e0:de:d7:2d:7a:f8:94:cd:4b:e1:06:14:23:ce:5f:
7f:31:b9:c4:2c:4a:bb:ba:08:36:ec:a7:48:17:1f:
c7:30:41:53:6d:c9:8e:e5:8e:17:03:0c:9a:21:e7:
4f:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:66:0B:AB:A5:D8:01:C8:17:EA:55:48:73:2E:B1:78:CD:38:C1:9D
X509v3 Authority Key Identifier:
keyid:4C:98:8B:93:AB:7A:29:99:A3:25:5E:EA:E4:E1:8A:B2:3B:2E:0F:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TJiLk6t6KZmjJV7q5OGKsjsuDz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4c1f59-0c12-4153-a15c-715f9cd63086/1/ymYLq6XYAcgX6lVIcy6xeM04wZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4c1f59-0c12-4153-a15c-715f9cd63086/1/TJiLk6t6KZmjJV7q5OGKsjsuDz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.36.32.0/19
IPv6:
2a02:25b0::/32
Signature Algorithm: sha256WithRSAEncryption
55:93:68:47:96:13:e4:c5:b5:81:95:83:5e:42:6d:32:5d:6a:
b7:8d:ef:13:ed:ae:a5:50:cb:87:72:3c:4f:49:13:30:15:65:
f8:a9:ad:55:57:bd:64:7a:8c:15:8b:08:34:8a:1f:0b:45:b6:
6c:cb:06:17:f5:64:a3:73:78:a7:2c:1f:1d:1c:0b:3b:c1:7a:
06:89:89:d5:fb:76:f7:67:bb:9e:ec:e1:c1:67:59:0e:59:1a:
86:a1:96:cc:a9:ef:e9:5b:a9:69:ea:eb:c0:8f:78:3b:4a:9b:
3b:db:4c:7d:9c:ac:a1:e5:d5:05:ff:7d:0f:89:47:78:c6:a0:
78:22:27:f9:d3:be:6c:51:6e:bc:86:e7:96:04:4a:1c:30:a1:
4c:f8:3b:f1:b0:f1:15:18:11:bd:de:95:68:8b:28:3f:46:57:
c1:67:a9:c9:3f:7f:02:b2:79:86:e8:63:0a:cc:ea:d5:e7:ed:
74:53:85:33:41:36:bf:e9:4b:cd:37:3b:8a:f5:b4:59:10:8e:
f4:00:f1:69:04:9f:60:0a:c3:93:7d:19:90:84:e7:ce:7a:4c:
93:41:09:00:61:bb:9d:b4:3a:01:de:c8:fc:2a:21:35:e3:1b:
81:42:f7:c7:9b:fe:b8:22:6c:54:92:08:9e:ad:83:25:1c:ef:
dd:25:0d:55
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTZpfhHQB2StKUM24TNarMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjOTg4YjkzYWI3YTI5OTlhMzI1NWVlYWU0ZTE4YWIyM2Iy
ZTBmM2UwHhcNMjQwMTAyMDgzMjM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTY2MGJhYmE1ZDgwMWM4MTdlYTU1NDg3MzJlYjE3OGNkMzhjMTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxw9NTCkb4aU0DXtYfPyUuIGU+Jwl
phk5VFi+cOINNRf9xYSDzpvBA1q7JIthFxfbb4nVmIwfidrkQNYOqumXuDTtSSKG
8TTSE+0eG0ZxszRgrkVV3PSb8uAdVVuittrGGK2F0mKKCo4vLFSr1D0zvfX4E1OB
Gg0gSo9Un0zeAqk0UF83f2l6cFYqpGpO1PJmlRS8fPm3o9Rk1dIG2veH9IYpgP6+
X2ccNXSAKhxDk8Lfbw9g6Fn/4a1pNuZ5V8KtEOHIiSepTWN2wnQlFS/UTJzg3tct
eviUzUvhBhQjzl9/MbnELEq7ugg27KdIFx/HMEFTbcmO5Y4XAwyaIedPpwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMpmC6ul2AHIF+pVSHMusXjNOMGdMB8GA1UdIwQY
MBaAFEyYi5OreimZoyVe6uThirI7Lg8+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEppTGs2dDZLWm1qSlY3cTVPR0tzanN1RHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80YzFmNTktMGMxMi00MTUzLWExNWMt
NzE1ZjljZDYzMDg2LzEveW1ZTHE2WFlBY2dYNmxWSWN5NnhlTTA0d1owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80YzFmNTktMGMxMi00MTUzLWExNWMtNzE1ZjljZDYzMDg2
LzEvVEppTGs2dDZLWm1qSlY3cTVPR0tzanN1RHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFLiQgMA0E
AgACMAcDBQAqAiWwMA0GCSqGSIb3DQEBCwUAA4IBAQBVk2hHlhPkxbWBlYNeQm0y
XWq3je8T7a6lUMuHcjxPSRMwFWX4qa1VV71keowViwg0ih8LRbZsywYX9WSjc3in
LB8dHAs7wXoGiYnV+3b3Z7ue7OHBZ1kOWRqGoZbMqe/pW6lp6uvAj3g7Sps720x9
nKyh5dUF/30PiUd4xqB4Iif5075sUW68hueWBEocMKFM+DvxsPEVGBG93pVoiyg/
RlfBZ6nJP38CsnmG6GMKzOrV5+10U4UzQTa/6UvNNzuK9bRZEI70APFpBJ9gCsOT
fRmQhOfOekyTQQkAYbudtDoB3sj8KiE14xuBQvfHm/64ImxUkgierYMlHO/dJQ1V
-----END CERTIFICATE-----
Generated at Sat Jun 8 07:06:56 2024 by rpki-client on console-fra.rpki-client.org