Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/4448a7-1ac1-46ad-a727-d96393af2f20/1/YisDqKMNYCcr4Y2iTSl0FBvdeR8.roa
File: YisDqKMNYCcr4Y2iTSl0FBvdeR8.roa (raw, json)
Hash identifier: Rk6nXlcnc04yMlNJeRB+muWPGNZjLe7zHlg6AwG7XNw=
Subject key identifier: 62:2B:03:A8:A3:0D:60:27:2B:E1:8D:A2:4D:29:74:14:1B:DD:79:1F
Certificate issuer: /CN=4c6b6371b945a35e9df308ff43803e2617851069
Certificate serial: 0192B3842D617CD79473268C690631B9AB68
Authority key identifier: 4C:6B:63:71:B9:45:A3:5E:9D:F3:08:FF:43:80:3E:26:17:85:10:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TGtjcblFo16d8wj_Q4A-JheFEGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/4448a7-1ac1-46ad-a727-d96393af2f20/1/YisDqKMNYCcr4Y2iTSl0FBvdeR8.roa
Signing time: Tue 22 Oct 2024 09:17:16 +0000
ROA not before: Tue 22 Oct 2024 09:17:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3240
IP address blocks: 194.182.108.0/24 maxlen: 24
195.231.128.0/20 maxlen: 20
195.231.144.0/20 maxlen: 20
195.231.160.0/19 maxlen: 19
195.231.224.0/19 maxlen: 19
2a10:cf80:1000::/48 maxlen: 48
2a10:cf80:2000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/4448a7-1ac1-46ad-a727-d96393af2f20/1/TGtjcblFo16d8wj_Q4A-JheFEGk.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/4448a7-1ac1-46ad-a727-d96393af2f20/1/TGtjcblFo16d8wj_Q4A-JheFEGk.mft
rsync://rpki.ripe.net/repository/DEFAULT/TGtjcblFo16d8wj_Q4A-JheFEGk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b3:84:2d:61:7c:d7:94:73:26:8c:69:06:31:b9:ab:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c6b6371b945a35e9df308ff43803e2617851069
Validity
Not Before: Oct 22 09:17:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=622b03a8a30d60272be18da24d2974141bdd791f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ed:5e:fa:3c:b7:44:8d:ee:63:5e:a0:2a:5e:
c0:70:8e:59:3f:b8:20:3f:60:5c:2e:cf:fd:7e:7a:
6b:83:4b:4e:43:cf:b7:5e:7c:bb:4d:bc:86:c5:ed:
3c:5f:36:88:02:9c:b3:a7:1c:06:41:70:5c:60:bb:
a6:eb:9d:1d:40:11:9d:9d:12:e1:cf:96:67:e6:aa:
39:c5:1b:df:88:3d:e9:41:4f:24:b6:6a:95:72:ef:
45:4d:ce:6d:ac:60:3b:d2:64:92:7f:39:3c:e5:17:
93:af:cd:66:dd:09:da:68:b2:85:fe:72:59:98:e6:
b1:70:3d:09:f5:f4:32:d9:45:d1:9f:8a:5c:08:48:
bb:e5:a8:9c:91:53:6b:06:dc:2b:da:50:be:1c:35:
e5:0e:23:38:e2:8b:fa:0d:4b:9a:12:90:bc:d4:c5:
43:31:db:40:9b:37:61:99:55:2e:a7:79:cb:5d:39:
eb:ce:90:81:a5:02:97:d3:5c:b0:cd:5a:a4:c0:71:
e9:de:84:7a:f6:56:6a:e3:ba:f1:d4:a5:40:ad:2a:
66:90:e9:35:ad:44:ff:d7:d2:a7:c8:be:93:57:48:
9e:91:6e:59:2d:9c:7b:eb:e4:77:5e:81:79:bb:a7:
52:4d:4b:54:21:2a:c2:f4:dc:aa:95:d6:08:ae:71:
53:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:2B:03:A8:A3:0D:60:27:2B:E1:8D:A2:4D:29:74:14:1B:DD:79:1F
X509v3 Authority Key Identifier:
keyid:4C:6B:63:71:B9:45:A3:5E:9D:F3:08:FF:43:80:3E:26:17:85:10:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TGtjcblFo16d8wj_Q4A-JheFEGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/4448a7-1ac1-46ad-a727-d96393af2f20/1/YisDqKMNYCcr4Y2iTSl0FBvdeR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/4448a7-1ac1-46ad-a727-d96393af2f20/1/TGtjcblFo16d8wj_Q4A-JheFEGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.182.108.0/24
195.231.128.0/18
195.231.224.0/19
IPv6:
2a10:cf80:1000::/48
2a10:cf80:2000::/48
Signature Algorithm: sha256WithRSAEncryption
3e:8f:89:34:23:e7:af:71:c9:4e:ed:a6:50:e0:a5:ca:1b:17:
f9:aa:37:dd:25:78:43:05:e7:fe:91:c0:97:b4:0e:a2:ec:a4:
51:55:88:d6:46:3b:eb:d4:05:e3:cf:de:6c:eb:4c:f5:9a:2e:
03:01:8e:b3:a2:f5:53:18:46:af:96:1b:01:41:65:2d:8d:53:
f4:13:a3:36:20:a9:e8:47:b5:22:b9:45:23:bc:01:6d:b5:05:
2b:04:0a:d4:1b:3a:8a:76:d4:1a:5a:14:35:aa:d9:a7:a8:69:
6e:0f:25:15:80:78:90:58:36:46:cc:6a:7b:98:eb:4b:3f:a6:
d8:b1:57:21:6f:86:6e:2a:d5:6b:ef:9d:e9:c5:8c:33:21:57:
3d:15:cb:02:2e:d1:e0:3f:fa:67:47:8e:e5:ee:e6:84:65:dd:
62:62:d9:c9:61:de:82:66:62:d1:f0:90:54:5d:37:fd:56:3d:
c0:0d:b8:bb:b4:c7:44:4f:d3:de:5c:ca:5e:74:dc:26:d3:4b:
17:ac:7a:47:2e:b8:da:00:f7:71:3e:55:99:cb:df:65:b1:3d:
4a:e7:f6:21:da:2c:79:8e:97:7b:f9:c4:9b:0f:4b:1a:31:84:
1f:aa:6f:8e:9e:c1:7b:4f:86:dd:16:c6:02:eb:1b:b0:9f:b9:
c4:4c:89:f1
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZKzhC1hfNeUcyaMaQYxuatoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNmI2MzcxYjk0NWEzNWU5ZGYzMDhmZjQzODAzZTI2MTc4
NTEwNjkwHhcNMjQxMDIyMDkxNzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjJiMDNhOGEzMGQ2MDI3MmJlMThkYTI0ZDI5NzQxNDFiZGQ3OTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3e1e+jy3RI3uY16gKl7AcI5ZP7gg
P2BcLs/9fnprg0tOQ8+3Xny7TbyGxe08XzaIApyzpxwGQXBcYLum650dQBGdnRLh
z5Zn5qo5xRvfiD3pQU8ktmqVcu9FTc5trGA70mSSfzk85ReTr81m3QnaaLKF/nJZ
mOaxcD0J9fQy2UXRn4pcCEi75aickVNrBtwr2lC+HDXlDiM44ov6DUuaEpC81MVD
MdtAmzdhmVUup3nLXTnrzpCBpQKX01ywzVqkwHHp3oR69lZq47rx1KVArSpmkOk1
rUT/19KnyL6TV0iekW5ZLZx76+R3XoF5u6dSTUtUISrC9NyqldYIrnFTnwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFGIrA6ijDWAnK+GNok0pdBQb3XkfMB8GA1UdIwQY
MBaAFExrY3G5RaNenfMI/0OAPiYXhRBpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEd0amNibEZvMTZkOHdqX1E0QS1KaGVGRUdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS80NDQ4YTctMWFjMS00NmFkLWE3Mjct
ZDk2MzkzYWYyZjIwLzEvWWlzRHFLTU5ZQ2NyNFkyaVRTbDBGQnZkZVI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS80NDQ4YTctMWFjMS00NmFkLWE3MjctZDk2MzkzYWYyZjIw
LzEvVEd0amNibEZvMTZkOHdqX1E0QS1KaGVGRUdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQAwrZsAwQG
w+eAAwQFw+fgMBgEAgACMBIDBwAqEM+AEAADBwAqEM+AIAAwDQYJKoZIhvcNAQEL
BQADggEBAD6PiTQj569xyU7tplDgpcobF/mqN90leEMF5/6RwJe0DqLspFFViNZG
O+vUBePP3mzrTPWaLgMBjrOi9VMYRq+WGwFBZS2NU/QTozYgqehHtSK5RSO8AW21
BSsECtQbOop21BpaFDWq2aeoaW4PJRWAeJBYNkbManuY60s/ptixVyFvhm4q1Wvv
nenFjDMhVz0VywIu0eA/+mdHjuXu5oRl3WJi2clh3oJmYtHwkFRdN/1WPcANuLu0
x0RP095cyl503CbTSxesekcuuNoA93E+VZnL32WxPUrn9iHaLHmOl3v5xJsPSxox
hB+qb46ewXtPht0WxgLrG7CfucRMifE=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:18:02 2024 by rpki-client on console-fra.rpki-client.org