Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/Yi42xy7xwSC9Mz4ie1JHpYpCkNs.roa
File: Yi42xy7xwSC9Mz4ie1JHpYpCkNs.roa (raw, json)
Hash identifier: /NO4oAAn57oLJvbGPvE6JhCXOIdZoKwu1k/xOre+u4Q=
Subject key identifier: 62:2E:36:C7:2E:F1:C1:20:BD:33:3E:22:7B:52:47:A5:8A:42:90:DB
Certificate issuer: /CN=28164a5757fdd5725a60844f2ae7ef73b107a4c0
Certificate serial: 018CC424FDCD8B4958F5B3179C1659E91CC3
Authority key identifier: 28:16:4A:57:57:FD:D5:72:5A:60:84:4F:2A:E7:EF:73:B1:07:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/Yi42xy7xwSC9Mz4ie1JHpYpCkNs.roa
Signing time: Mon 01 Jan 2024 08:30:07 +0000
ROA not before: Mon 01 Jan 2024 08:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206377
IP address blocks: 185.178.180.0/22 maxlen: 22
2a0a:6780::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 01:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:fd:cd:8b:49:58:f5:b3:17:9c:16:59:e9:1c:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28164a5757fdd5725a60844f2ae7ef73b107a4c0
Validity
Not Before: Jan 1 08:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=622e36c72ef1c120bd333e227b5247a58a4290db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a9:5f:7a:ac:0d:4b:25:37:ea:f8:81:fb:e4:
d0:5d:48:d9:3f:42:ba:20:a1:f1:2f:29:4d:a3:51:
83:1a:4d:92:19:58:e1:aa:78:9e:7b:41:30:90:b1:
b8:5e:0f:74:0d:20:08:a9:4a:3c:6c:10:31:ab:c0:
93:72:76:33:43:a5:39:3c:e0:ed:98:06:13:e9:85:
2c:1d:21:d8:df:b3:7d:41:a7:20:1e:fa:13:7d:ac:
3c:38:f9:ba:11:4c:65:1b:cf:8d:46:4d:f5:b7:ed:
78:42:c3:c9:02:50:b5:c7:fb:e4:be:34:d3:59:65:
6a:07:6f:fb:6a:7b:2d:ab:68:98:e9:71:12:66:d0:
24:be:57:ee:32:2c:15:c0:04:ac:c1:74:21:c7:8f:
9d:38:c0:f6:d6:81:a5:a4:5d:60:c5:09:f3:25:48:
61:f4:86:7d:6f:88:c4:4d:6d:09:36:5f:19:73:ac:
ab:e0:b2:ee:4b:aa:ba:80:91:38:c3:c8:7c:6f:26:
fc:28:4c:55:b0:b0:71:d0:a0:bf:79:b1:87:04:2c:
a4:a1:08:61:f9:24:cc:c2:72:11:0b:3d:a9:65:67:
64:33:c1:a2:81:73:bc:2b:6b:cd:c1:cf:e5:3d:80:
cc:95:08:d9:89:4b:76:ab:ae:92:00:56:63:65:9c:
8c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:2E:36:C7:2E:F1:C1:20:BD:33:3E:22:7B:52:47:A5:8A:42:90:DB
X509v3 Authority Key Identifier:
keyid:28:16:4A:57:57:FD:D5:72:5A:60:84:4F:2A:E7:EF:73:B1:07:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/Yi42xy7xwSC9Mz4ie1JHpYpCkNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.178.180.0/22
IPv6:
2a0a:6780::/29
Signature Algorithm: sha256WithRSAEncryption
6c:8d:4e:48:df:3b:60:25:44:49:92:03:02:67:09:75:cb:17:
dc:16:b2:e7:f0:f4:0b:69:25:1f:b2:5a:aa:6e:ce:36:cf:ee:
02:29:a9:75:67:c3:b7:43:13:42:a1:77:38:46:cf:dd:5a:34:
ef:dd:52:25:df:f6:2b:8e:c2:10:40:63:82:f8:13:97:73:2d:
70:99:28:50:94:84:05:02:22:ae:fc:2d:76:78:28:d4:6b:b6:
20:59:e8:e4:9f:dc:f6:82:30:1f:e8:08:f9:4d:2a:cc:50:7a:
8c:f3:8e:6f:f6:1f:76:b9:53:97:03:5d:9c:7e:0b:3e:6f:5a:
b6:2e:46:97:70:d3:52:dd:7a:01:f1:60:54:f5:66:d1:db:d6:
81:20:6b:40:84:ba:3e:dd:a1:76:98:20:bb:cf:74:53:fb:88:
78:35:18:90:d4:cc:71:49:9a:96:46:da:53:61:4a:9f:c2:a4:
9d:67:06:c7:18:35:c4:c1:5d:dd:e4:37:28:c3:5c:0f:ee:f6:
44:56:06:9a:b2:0c:1b:ba:63:04:c1:d3:7d:c4:ca:ec:35:1a:
ea:d0:a6:ea:b1:b0:02:0c:65:ce:76:70:84:6b:fe:f7:3b:06:
9b:42:71:ab:b5:12:d3:42:f6:0f:6d:24:fa:a9:25:9c:59:08:
5c:31:cd:89
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJP3Ni0lY9bMXnBZZ6RzDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTY0YTU3NTdmZGQ1NzI1YTYwODQ0ZjJhZTdlZjczYjEw
N2E0YzAwHhcNMjQwMTAxMDgzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjJlMzZjNzJlZjFjMTIwYmQzMzNlMjI3YjUyNDdhNThhNDI5MGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKlfeqwNSyU36viB++TQXUjZP0K6
IKHxLylNo1GDGk2SGVjhqniee0EwkLG4Xg90DSAIqUo8bBAxq8CTcnYzQ6U5PODt
mAYT6YUsHSHY37N9QacgHvoTfaw8OPm6EUxlG8+NRk31t+14QsPJAlC1x/vkvjTT
WWVqB2/7anstq2iY6XESZtAkvlfuMiwVwASswXQhx4+dOMD21oGlpF1gxQnzJUhh
9IZ9b4jETW0JNl8Zc6yr4LLuS6q6gJE4w8h8byb8KExVsLBx0KC/ebGHBCykoQhh
+STMwnIRCz2pZWdkM8GigXO8K2vNwc/lPYDMlQjZiUt2q66SAFZjZZyMswIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGIuNscu8cEgvTM+IntSR6WKQpDbMB8GA1UdIwQY
MBaAFCgWSldX/dVyWmCETyrn73OxB6TAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85NTUzNWItZTYzMC00NTdmLThhMDEt
YWVhZTViYmMzOTIwLzEvWWk0Mnh5N3h3U0M5TXo0aWUxSkhwWXBDa05zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85NTUzNWItZTYzMC00NTdmLThhMDEtYWVhZTViYmMzOTIw
LzEvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubK0MA0E
AgACMAcDBQMqCmeAMA0GCSqGSIb3DQEBCwUAA4IBAQBsjU5I3ztgJURJkgMCZwl1
yxfcFrLn8PQLaSUfslqqbs42z+4CKal1Z8O3QxNCoXc4Rs/dWjTv3VIl3/YrjsIQ
QGOC+BOXcy1wmShQlIQFAiKu/C12eCjUa7YgWejkn9z2gjAf6Aj5TSrMUHqM845v
9h92uVOXA12cfgs+b1q2LkaXcNNS3XoB8WBU9WbR29aBIGtAhLo+3aF2mCC7z3RT
+4h4NRiQ1MxxSZqWRtpTYUqfwqSdZwbHGDXEwV3d5Dcow1wP7vZEVgaasgwbumME
wdN9xMrsNRrq0KbqsbACDGXOdnCEa/73OwabQnGrtRLTQvYPbST6qSWcWQhcMc2J
-----END CERTIFICATE-----
Generated at Sun Jun 2 06:19:32 2024 by rpki-client on console-ams.rpki-client.org