Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/0e0c90-717f-40ea-b17e-e6f9db74139d/1/Y_-vfLL2J88Y5F1d1jLM95Gsw6Y.roa
File: Y_-vfLL2J88Y5F1d1jLM95Gsw6Y.roa (raw, json)
Hash identifier: KkWnVd3PkRGGbRuQNEdI3QvRcPN+F3+rDERlpZoK1Hk=
Subject key identifier: 63:FF:AF:7C:B2:F6:27:CF:18:E4:5D:5D:D6:32:CC:F7:91:AC:C3:A6
Certificate issuer: /CN=1627573c68929ab2a4590e92a51abc40ea9e5817
Certificate serial: 019427B3E9C31ACADB68BB7571E4D3969A7B
Authority key identifier: 16:27:57:3C:68:92:9A:B2:A4:59:0E:92:A5:1A:BC:40:EA:9E:58:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FidXPGiSmrKkWQ6SpRq8QOqeWBc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/0e0c90-717f-40ea-b17e-e6f9db74139d/1/Y_-vfLL2J88Y5F1d1jLM95Gsw6Y.roa
Signing time: Thu 02 Jan 2025 15:48:09 +0000
ROA not before: Thu 02 Jan 2025 15:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43220
IP address blocks: 185.60.160.0/24 maxlen: 24
185.60.161.0/24 maxlen: 24
185.60.162.0/24 maxlen: 24
185.60.163.0/24 maxlen: 24
185.161.124.0/22 maxlen: 22
185.211.52.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/0e0c90-717f-40ea-b17e-e6f9db74139d/1/FidXPGiSmrKkWQ6SpRq8QOqeWBc.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/0e0c90-717f-40ea-b17e-e6f9db74139d/1/FidXPGiSmrKkWQ6SpRq8QOqeWBc.mft
rsync://rpki.ripe.net/repository/DEFAULT/FidXPGiSmrKkWQ6SpRq8QOqeWBc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:e9:c3:1a:ca:db:68:bb:75:71:e4:d3:96:9a:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1627573c68929ab2a4590e92a51abc40ea9e5817
Validity
Not Before: Jan 2 15:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=63ffaf7cb2f627cf18e45d5dd632ccf791acc3a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:11:83:32:e3:36:ce:a5:ee:f3:25:c7:42:e5:
e9:1d:42:c1:e9:18:bc:14:ac:02:6e:5b:d2:be:d1:
40:8d:89:6f:49:f8:0d:f3:97:cd:04:b1:a2:cd:d8:
6f:23:ac:08:9d:e9:ec:09:51:cd:49:f2:93:98:79:
4e:37:17:03:86:38:9d:72:8d:3e:aa:75:13:a8:e0:
f4:47:b6:23:26:a1:85:84:94:a6:3b:d2:77:4e:66:
79:7c:ef:3a:03:b2:eb:3f:ac:75:e9:f2:bf:d1:7f:
c8:90:54:21:d1:ce:49:93:48:8d:85:ff:fb:11:15:
c9:d6:e6:4f:b4:d6:9d:70:fc:e4:63:c6:65:55:2f:
bc:c9:bc:7f:a3:5b:84:58:86:20:45:af:c7:22:1c:
fd:5b:59:ff:e1:2a:53:e6:5c:a8:ca:de:50:14:fd:
5c:42:d7:24:5f:70:9a:f6:60:a5:5e:5f:d1:16:ea:
9e:29:cb:ed:4e:2a:c5:77:1a:83:9c:c8:80:ed:66:
4f:c4:67:75:6f:9d:95:eb:f4:27:c8:51:19:dd:2b:
89:6e:77:aa:5d:25:37:ac:54:e4:5c:39:d5:c7:38:
21:4d:a0:30:b7:bb:ba:e6:a5:3a:0f:19:23:80:dc:
10:41:f7:2c:56:22:4e:12:55:4f:e3:73:ac:42:ff:
1e:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:FF:AF:7C:B2:F6:27:CF:18:E4:5D:5D:D6:32:CC:F7:91:AC:C3:A6
X509v3 Authority Key Identifier:
keyid:16:27:57:3C:68:92:9A:B2:A4:59:0E:92:A5:1A:BC:40:EA:9E:58:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FidXPGiSmrKkWQ6SpRq8QOqeWBc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/0e0c90-717f-40ea-b17e-e6f9db74139d/1/Y_-vfLL2J88Y5F1d1jLM95Gsw6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/0e0c90-717f-40ea-b17e-e6f9db74139d/1/FidXPGiSmrKkWQ6SpRq8QOqeWBc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.60.160.0/22
185.161.124.0/22
185.211.52.0/22
Signature Algorithm: sha256WithRSAEncryption
32:6d:4c:a1:76:2d:0e:02:04:a8:b7:b4:4a:73:8f:5d:a2:13:
18:5d:55:68:52:67:2f:2e:fb:3c:bd:40:c7:27:95:c7:27:d9:
a6:d1:2f:b4:b0:3a:93:eb:dc:70:69:97:52:5b:71:98:4d:a7:
bf:f7:96:c6:e8:4e:5c:c4:6c:ca:ae:d9:0b:56:a4:7f:90:34:
ef:5f:05:ad:55:0c:23:04:73:9b:60:69:08:c0:3e:33:b8:a0:
30:40:6b:13:21:29:f0:e3:9f:11:52:9c:b9:dd:29:00:e5:70:
01:b5:dc:5d:4d:07:70:ee:13:e2:d5:08:34:77:57:17:32:d8:
08:5a:a8:4c:49:98:d4:16:31:c0:43:40:ca:e2:90:69:01:0e:
26:34:5c:de:68:c4:1e:fd:9a:ca:12:23:cc:5d:83:eb:e5:27:
8d:45:d6:56:e4:74:a8:d8:c3:6c:2c:37:8e:a5:6b:bc:e5:12:
f0:e5:3e:7d:74:20:fe:9a:c4:4c:0b:bb:07:a5:b0:7e:71:be:
0c:df:9c:8b:a9:db:ae:85:cf:b7:93:8c:2a:30:6a:eb:d2:80:
ac:60:fc:06:65:c7:bd:f0:8a:ba:28:ea:fa:ef:0f:ba:56:87:
a6:43:4f:22:02:99:60:98:6c:aa:ac:24:d7:9a:cf:6e:d1:7a:
f8:35:a3:5b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQns+nDGsrbaLt1ceTTlpp7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2Mjc1NzNjNjg5MjlhYjJhNDU5MGU5MmE1MWFiYzQwZWE5
ZTU4MTcwHhcNMjUwMTAyMTU0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2ZmYWY3Y2IyZjYyN2NmMThlNDVkNWRkNjMyY2NmNzkxYWNjM2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3RGDMuM2zqXu8yXHQuXpHULB6Ri8
FKwCblvSvtFAjYlvSfgN85fNBLGizdhvI6wInensCVHNSfKTmHlONxcDhjidco0+
qnUTqOD0R7YjJqGFhJSmO9J3TmZ5fO86A7LrP6x16fK/0X/IkFQh0c5Jk0iNhf/7
ERXJ1uZPtNadcPzkY8ZlVS+8ybx/o1uEWIYgRa/HIhz9W1n/4SpT5lyoyt5QFP1c
QtckX3Ca9mClXl/RFuqeKcvtTirFdxqDnMiA7WZPxGd1b52V6/QnyFEZ3SuJbneq
XSU3rFTkXDnVxzghTaAwt7u65qU6DxkjgNwQQfcsViJOElVP43OsQv8elQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGP/r3yy9ifPGORdXdYyzPeRrMOmMB8GA1UdIwQY
MBaAFBYnVzxokpqypFkOkqUavEDqnlgXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmlkWFBHaVNtcktrV1E2U3BScThRT3FlV0JjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8wZTBjOTAtNzE3Zi00MGVhLWIxN2Ut
ZTZmOWRiNzQxMzlkLzEvWV8tdmZMTDJKODhZNUYxZDFqTE05NUdzdzZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8wZTBjOTAtNzE3Zi00MGVhLWIxN2UtZTZmOWRiNzQxMzlk
LzEvRmlkWFBHaVNtcktrV1E2U3BScThRT3FlV0JjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuTygAwQC
uaF8AwQCudM0MA0GCSqGSIb3DQEBCwUAA4IBAQAybUyhdi0OAgSot7RKc49dohMY
XVVoUmcvLvs8vUDHJ5XHJ9mm0S+0sDqT69xwaZdSW3GYTae/95bG6E5cxGzKrtkL
VqR/kDTvXwWtVQwjBHObYGkIwD4zuKAwQGsTISnw458RUpy53SkA5XABtdxdTQdw
7hPi1Qg0d1cXMtgIWqhMSZjUFjHAQ0DK4pBpAQ4mNFzeaMQe/ZrKEiPMXYPr5SeN
RdZW5HSo2MNsLDeOpWu85RLw5T59dCD+msRMC7sHpbB+cb4M35yLqduuhc+3k4wq
MGrr0oCsYPwGZce98Iq6KOr67w+6VoemQ08iAplgmGyqrCTXms9u0Xr4NaNb
-----END CERTIFICATE-----
Generated at Tue Apr 15 11:56:50 2025 by rpki-client