Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/606ea9-4834-4b63-9e0a-f25604c4be82/1/YQ5n8l55IgCcKZEVQwgCXFunMEg.roa
File: YQ5n8l55IgCcKZEVQwgCXFunMEg.roa (raw, json)
Hash identifier: bEjdNXxFSG4dDWbbASoqfQRrOv4ljH6ak+g2OmCON5M=
Subject key identifier: 61:0E:67:F2:5E:79:22:00:9C:29:91:15:43:08:02:5C:5B:A7:30:48
Certificate issuer: /CN=dbd7fc50548287deaea7ce92099e47a04a70d451
Certificate serial: 018CC501225F38EF309A9F4E993A46D9A840
Authority key identifier: DB:D7:FC:50:54:82:87:DE:AE:A7:CE:92:09:9E:47:A0:4A:70:D4:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/29f8UFSCh96up86SCZ5HoEpw1FE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/606ea9-4834-4b63-9e0a-f25604c4be82/1/YQ5n8l55IgCcKZEVQwgCXFunMEg.roa
Signing time: Mon 01 Jan 2024 12:30:35 +0000
ROA not before: Mon 01 Jan 2024 12:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 185.73.224.0/24 maxlen: 24
2a10:f80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/606ea9-4834-4b63-9e0a-f25604c4be82/1/29f8UFSCh96up86SCZ5HoEpw1FE.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/606ea9-4834-4b63-9e0a-f25604c4be82/1/29f8UFSCh96up86SCZ5HoEpw1FE.mft
rsync://rpki.ripe.net/repository/DEFAULT/29f8UFSCh96up86SCZ5HoEpw1FE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:22:5f:38:ef:30:9a:9f:4e:99:3a:46:d9:a8:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbd7fc50548287deaea7ce92099e47a04a70d451
Validity
Not Before: Jan 1 12:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=610e67f25e7922009c2991154308025c5ba73048
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:2a:0b:39:98:6d:b2:a0:c1:3c:49:ea:86:c1:
6e:3d:e5:ac:a6:ad:30:1e:36:be:fe:01:25:13:4f:
65:92:ca:ad:1a:31:fc:3a:3f:8a:c6:36:ec:95:47:
76:20:a3:36:a3:28:0e:d6:7d:a2:90:1d:78:f5:93:
0b:26:38:e9:3b:68:39:8c:de:da:9a:15:bd:2a:72:
90:f5:a1:11:a2:bd:0a:8b:5e:76:ff:64:a4:d0:ad:
d6:eb:5c:4a:fd:a2:21:ff:db:9f:79:34:55:7f:49:
72:d6:c6:1d:3e:20:29:d2:15:e3:27:2d:2a:40:cf:
2b:aa:6e:fd:64:c1:cc:68:07:a7:24:87:bd:b9:9b:
f8:39:35:33:81:44:14:ed:fc:a2:6d:fb:ff:3b:4f:
00:4d:5b:cd:54:f1:1f:df:1c:0d:80:34:9f:0d:9a:
45:57:73:57:df:54:a6:57:4a:d6:78:66:d0:5f:96:
31:d5:24:e1:4f:86:74:d0:f1:8e:eb:c4:de:16:5d:
40:3d:18:4b:bb:b9:7a:c9:00:ca:ba:d8:58:ac:3d:
7b:7f:fc:1c:19:6e:05:ed:d5:63:8a:6d:66:fb:fe:
f5:8c:b2:8d:74:05:e3:a8:c0:80:35:f8:e4:aa:98:
55:31:2c:0b:3f:37:92:a9:ee:71:98:96:65:bd:ba:
dc:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:0E:67:F2:5E:79:22:00:9C:29:91:15:43:08:02:5C:5B:A7:30:48
X509v3 Authority Key Identifier:
keyid:DB:D7:FC:50:54:82:87:DE:AE:A7:CE:92:09:9E:47:A0:4A:70:D4:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29f8UFSCh96up86SCZ5HoEpw1FE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/606ea9-4834-4b63-9e0a-f25604c4be82/1/YQ5n8l55IgCcKZEVQwgCXFunMEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/606ea9-4834-4b63-9e0a-f25604c4be82/1/29f8UFSCh96up86SCZ5HoEpw1FE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.73.224.0/24
IPv6:
2a10:f80::/32
Signature Algorithm: sha256WithRSAEncryption
64:15:a7:13:09:4f:69:b9:5f:0f:a4:81:55:52:cf:be:33:02:
58:83:48:2b:8f:88:22:8a:f8:a1:6e:c1:7a:88:96:6d:9c:3f:
a5:2c:c9:14:ad:0e:13:cc:0e:e5:2a:c8:42:37:81:c2:14:1f:
9c:ec:c5:ac:6a:47:b0:5e:53:65:06:40:01:fe:c7:ab:c5:99:
21:d8:1f:20:46:40:9f:a6:11:82:b7:44:d0:34:a4:2a:52:f3:
30:91:7f:08:9d:b0:bd:ff:c3:33:5a:38:5a:84:dd:02:b1:c0:
ea:cf:35:b3:3e:20:60:f5:47:64:92:6d:21:5e:47:e5:7d:9a:
a8:43:84:f1:c8:c1:8c:ba:4a:ca:22:89:1b:0c:9a:d2:ee:af:
b1:a8:95:4d:51:25:4d:31:6f:2a:03:43:88:df:2b:ce:c9:b0:
91:41:10:da:78:bb:09:de:cf:57:b9:39:de:86:85:e2:62:a3:
f6:af:35:81:d9:1f:24:0d:77:50:ca:12:69:29:9d:be:c9:64:
41:4b:f6:1d:3d:f7:dd:08:f8:ec:95:60:68:f6:35:66:f4:4d:
f1:3f:bc:99:a0:03:7b:74:0e:a3:a3:24:d2:07:45:fa:33:26:
70:68:91:e1:3a:df:3c:aa:bb:53:6d:ba:a9:d7:7d:d9:15:f0:
e3:7d:ff:c3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFASJfOO8wmp9OmTpG2ahAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZDdmYzUwNTQ4Mjg3ZGVhZWE3Y2U5MjA5OWU0N2EwNGE3
MGQ0NTEwHhcNMjQwMTAxMTIzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTBlNjdmMjVlNzkyMjAwOWMyOTkxMTU0MzA4MDI1YzViYTczMDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyoLOZhtsqDBPEnqhsFuPeWspq0w
Hja+/gElE09lksqtGjH8Oj+KxjbslUd2IKM2oygO1n2ikB149ZMLJjjpO2g5jN7a
mhW9KnKQ9aERor0Ki152/2Sk0K3W61xK/aIh/9ufeTRVf0ly1sYdPiAp0hXjJy0q
QM8rqm79ZMHMaAenJIe9uZv4OTUzgUQU7fyibfv/O08ATVvNVPEf3xwNgDSfDZpF
V3NX31SmV0rWeGbQX5Yx1SThT4Z00PGO68TeFl1APRhLu7l6yQDKuthYrD17f/wc
GW4F7dVjim1m+/71jLKNdAXjqMCANfjkqphVMSwLPzeSqe5xmJZlvbrcmwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGEOZ/JeeSIAnCmRFUMIAlxbpzBIMB8GA1UdIwQY
MBaAFNvX/FBUgoferqfOkgmeR6BKcNRRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjlmOFVGU0NoOTZ1cDg2U0NaNUhvRXB3MUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS82MDZlYTktNDgzNC00YjYzLTllMGEt
ZjI1NjA0YzRiZTgyLzEvWVE1bjhsNTVJZ0NjS1pFVlF3Z0NYRnVuTUVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS82MDZlYTktNDgzNC00YjYzLTllMGEtZjI1NjA0YzRiZTgy
LzEvMjlmOFVGU0NoOTZ1cDg2U0NaNUhvRXB3MUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuUngMA0E
AgACMAcDBQAqEA+AMA0GCSqGSIb3DQEBCwUAA4IBAQBkFacTCU9puV8PpIFVUs++
MwJYg0grj4giivihbsF6iJZtnD+lLMkUrQ4TzA7lKshCN4HCFB+c7MWsakewXlNl
BkAB/serxZkh2B8gRkCfphGCt0TQNKQqUvMwkX8InbC9/8MzWjhahN0CscDqzzWz
PiBg9Udkkm0hXkflfZqoQ4TxyMGMukrKIokbDJrS7q+xqJVNUSVNMW8qA0OI3yvO
ybCRQRDaeLsJ3s9XuTnehoXiYqP2rzWB2R8kDXdQyhJpKZ2+yWRBS/YdPffdCPjs
lWBo9jVm9E3xP7yZoAN7dA6joyTSB0X6MyZwaJHhOt88qrtTbbqp133ZFfDjff/D
-----END CERTIFICATE-----
Generated at Thu May 2 08:18:25 2024 by rpki-client on console-ams.rpki-client.org