Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/YvO-0OLN1uDK5t-OIFEnDqGspuU.roa
File: YvO-0OLN1uDK5t-OIFEnDqGspuU.roa (raw, json)
Hash identifier: lgP24ptYbIcti4fK9nNdGyjivRsPV9l+lx47sI4WIjI=
Subject key identifier: 62:F3:BE:D0:E2:CD:D6:E0:CA:E6:DF:8E:20:51:27:0E:A1:AC:A6:E5
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 018CC794F131D677E63845ABA26A133BC615
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/YvO-0OLN1uDK5t-OIFEnDqGspuU.roa
Signing time: Tue 02 Jan 2024 00:31:16 +0000
ROA not before: Tue 02 Jan 2024 00:31:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213296
IP address blocks: 194.28.158.0/24 maxlen: 24
194.28.156.0/24 maxlen: 24
194.104.4.0/24 maxlen: 24
194.104.6.0/24 maxlen: 24
194.104.5.0/24 maxlen: 24
212.69.132.0/24 maxlen: 24
212.69.134.0/24 maxlen: 24
212.69.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.mft
rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:f1:31:d6:77:e6:38:45:ab:a2:6a:13:3b:c6:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Jan 2 00:31:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62f3bed0e2cdd6e0cae6df8e2051270ea1aca6e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:20:a4:59:36:f3:78:11:a0:45:f8:39:31:6a:
fa:39:76:0c:64:28:ae:1c:87:99:fc:f5:a0:27:28:
0b:ff:12:0c:a8:0e:60:a0:71:96:48:0d:55:c0:1e:
a3:59:8d:54:0a:b2:78:ff:c6:16:1e:19:46:06:fe:
72:89:fb:b3:f1:53:b4:e4:cf:89:00:e4:a9:b7:3a:
68:b7:9b:bd:d3:37:5e:a5:5c:8e:89:04:36:d9:9d:
9b:e0:5f:6b:6b:69:af:f7:a1:fc:f9:ed:6c:dd:d1:
59:6a:7d:a4:c4:1d:48:32:e3:f8:11:02:25:0c:a7:
51:f1:4e:25:74:31:cd:d7:7e:48:04:5d:d0:5f:d1:
ac:89:44:94:d3:c4:09:1e:bc:49:f0:59:18:de:b3:
50:b6:ef:44:11:ea:0c:32:5c:5f:ad:cd:e5:cf:20:
cd:0f:d0:e4:7f:83:6d:9c:4b:9b:88:f6:b5:ca:19:
5d:41:cd:38:38:47:72:9c:50:1f:3f:4c:0f:01:21:
75:8e:e6:5a:3b:25:7f:ad:7b:5b:61:d6:0c:e2:55:
ac:a8:2c:01:1c:a2:4f:ef:b8:58:eb:dc:65:25:91:
e8:16:05:87:83:9e:56:46:f5:a3:13:54:5c:95:11:
d7:c8:b7:71:2e:8a:33:12:b1:fb:50:dc:df:f8:ca:
3c:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:F3:BE:D0:E2:CD:D6:E0:CA:E6:DF:8E:20:51:27:0E:A1:AC:A6:E5
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/YvO-0OLN1uDK5t-OIFEnDqGspuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.28.156.0/24
194.28.158.0/24
194.104.4.0-194.104.6.255
212.69.132.0-212.69.134.255
Signature Algorithm: sha256WithRSAEncryption
24:5b:8a:85:d7:30:2d:c2:5e:96:d7:6f:c1:78:09:4a:35:c0:
47:75:4e:45:1d:33:b2:6d:a8:dd:b6:fd:be:9c:b5:73:92:43:
6b:7c:f4:31:ac:6f:8a:75:39:3a:ef:9a:7b:7e:88:a1:f7:21:
28:ab:ff:4a:47:3f:a7:59:fe:41:da:b4:de:0b:10:bd:5b:f4:
f5:b6:be:4a:ff:62:a0:f1:84:a4:a6:9b:1d:22:37:d1:5c:04:
cc:cb:e3:eb:fb:57:f5:83:cc:7c:fe:17:b9:06:9c:f7:56:81:
ac:8e:66:ec:ba:db:29:a3:3b:ea:45:f2:38:fb:f9:a1:d0:61:
96:80:0a:c4:98:47:d9:f5:ff:9f:72:47:7e:5c:b0:d1:74:6a:
01:c0:92:b6:0f:f2:16:c1:a1:26:63:3a:68:57:5b:74:8f:7c:
0f:47:67:11:08:ea:01:c3:08:06:9c:4c:22:e1:75:2a:cc:4b:
d9:99:89:db:c5:e5:2a:a6:4d:98:f4:53:42:df:20:dc:2e:34:
cb:0a:a8:de:b7:c9:b9:f9:7d:6b:4d:6f:53:68:0d:c4:67:ee:
02:a2:26:ae:4a:af:16:c0:52:ec:9f:9b:7e:26:4e:09:79:0a:
62:39:7d:95:e9:3b:a5:24:8d:96:b0:12:c5:4b:f7:c1:08:d6:
f4:2e:81:e8
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzHlPEx1nfmOEWromoTO8YVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjQwMTAyMDAzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmYzYmVkMGUyY2RkNmUwY2FlNmRmOGUyMDUxMjcwZWExYWNhNmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSCkWTbzeBGgRfg5MWr6OXYMZCiu
HIeZ/PWgJygL/xIMqA5goHGWSA1VwB6jWY1UCrJ4/8YWHhlGBv5yifuz8VO05M+J
AOSptzpot5u90zdepVyOiQQ22Z2b4F9ra2mv96H8+e1s3dFZan2kxB1IMuP4EQIl
DKdR8U4ldDHN135IBF3QX9GsiUSU08QJHrxJ8FkY3rNQtu9EEeoMMlxfrc3lzyDN
D9Dkf4NtnEubiPa1yhldQc04OEdynFAfP0wPASF1juZaOyV/rXtbYdYM4lWsqCwB
HKJP77hY69xlJZHoFgWHg55WRvWjE1RclRHXyLdxLoozErH7UNzf+Mo8CQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFGLzvtDizdbgyubfjiBRJw6hrKblMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvWXZPLTBPTE4xdURLNXQtT0lGRW5EcUdzcHVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQAwhycAwQA
whyeMAwDBALCaAQDBADCaAYwDAMEAtRFhAMEANRFhjANBgkqhkiG9w0BAQsFAAOC
AQEAJFuKhdcwLcJeltdvwXgJSjXAR3VORR0zsm2o3bb9vpy1c5JDa3z0MaxvinU5
Ou+ae36IofchKKv/Skc/p1n+Qdq03gsQvVv09ba+Sv9ioPGEpKabHSI30VwEzMvj
6/tX9YPMfP4XuQac91aBrI5m7LrbKaM76kXyOPv5odBhloAKxJhH2fX/n3JHflyw
0XRqAcCStg/yFsGhJmM6aFdbdI98D0dnEQjqAcMIBpxMIuF1KsxL2ZmJ28XlKqZN
mPRTQt8g3C40ywqo3rfJufl9a01vU2gNxGfuAqImrkqvFsBS7J+bfiZOCXkKYjl9
lek7pSSNlrASxUv3wQjW9C6B6A==
-----END CERTIFICATE-----
Generated at Fri May 10 00:52:49 2024 by rpki-client on console-ams.rpki-client.org