Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/YMLxgzYMsgedPqIHGDHKayNcfIo.roa
File: YMLxgzYMsgedPqIHGDHKayNcfIo.roa (raw, json)
Hash identifier: uIgz8gapkDjb/SSWNqL8iJ7uIokm10656vksWYuuLGQ=
Subject key identifier: 60:C2:F1:83:36:0C:B2:07:9D:3E:A2:07:18:31:CA:6B:23:5C:7C:8A
Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2
Certificate serial: 018ECC4487A794AC26895672B09D358A2AEF
Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/YMLxgzYMsgedPqIHGDHKayNcfIo.roa
Signing time: Thu 11 Apr 2024 08:27:06 +0000
ROA not before: Thu 11 Apr 2024 08:27:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207408
IP address blocks: 45.11.183.0/24 maxlen: 24
194.76.227.0/24 maxlen: 24
2a0b:7140:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 08:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cc:44:87:a7:94:ac:26:89:56:72:b0:9d:35:8a:2a:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2
Validity
Not Before: Apr 11 08:27:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60c2f183360cb2079d3ea2071831ca6b235c7c8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:d1:7e:9b:ed:49:c5:d3:3f:91:16:2b:11:2d:
8a:c0:89:15:a5:ab:ae:7a:7b:ec:e2:1f:44:af:4f:
27:ce:1a:2b:7c:2a:02:d1:1e:48:b9:6c:09:97:db:
bb:5e:14:9e:03:26:f6:2a:60:a3:e4:04:3e:49:78:
16:a1:9a:3b:d8:fd:36:68:ff:9d:0a:4b:55:68:b6:
99:87:64:ab:14:4e:5b:90:7e:84:47:c1:c8:40:7f:
70:f4:09:65:db:06:b0:b0:25:29:21:ea:cc:9b:5d:
25:a0:11:9c:9a:4e:43:ac:1f:38:92:8c:d0:d6:75:
10:c4:b6:2f:3c:ff:bf:aa:2e:95:a8:f7:70:13:58:
72:0f:8e:e2:e3:b8:d3:e1:b1:52:e1:a0:d9:1f:ab:
57:8e:08:6c:bc:95:c7:e2:ba:75:c6:20:9d:bd:e7:
56:5c:6a:83:96:08:43:10:76:78:05:28:6e:25:29:
bb:99:10:3b:d7:d2:af:76:11:9f:83:66:e4:35:b6:
01:59:8b:a2:21:bc:89:a3:e5:9b:78:ea:80:57:39:
b9:28:da:cc:9c:4a:ca:01:05:2f:ac:04:1f:83:03:
0d:6a:45:a2:b7:42:d0:7a:83:3b:89:b4:e2:e6:22:
b1:4b:db:3a:84:80:40:4f:73:cb:3e:52:55:fc:cd:
49:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:C2:F1:83:36:0C:B2:07:9D:3E:A2:07:18:31:CA:6B:23:5C:7C:8A
X509v3 Authority Key Identifier:
keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/YMLxgzYMsgedPqIHGDHKayNcfIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.183.0/24
194.76.227.0/24
IPv6:
2a0b:7140:1::/48
Signature Algorithm: sha256WithRSAEncryption
65:72:54:5f:31:04:e7:34:db:8a:f1:aa:2d:b0:c6:13:5a:34:
2d:7e:0f:aa:19:8b:93:39:ea:d8:46:ba:3d:c4:61:fb:12:36:
f7:d9:f1:d1:72:aa:ab:29:e5:c0:5d:db:87:d1:7b:c1:41:b2:
25:ce:2e:54:06:0d:a4:c3:40:5a:4e:59:88:7b:40:ba:45:3d:
06:c4:f1:8d:2d:f8:d3:45:1d:18:8d:1e:ff:8f:3e:04:ce:1a:
e5:ac:2f:fc:ee:f6:02:82:cf:85:4f:c7:62:f4:aa:48:03:39:
c4:22:a6:d4:a9:0d:b4:18:ab:18:b1:f4:80:d0:29:8f:01:51:
c7:f5:16:f1:65:2d:45:5a:5a:a9:8d:4c:ad:5c:d6:d5:b0:67:
09:17:7d:ad:96:55:68:5d:f4:13:37:31:08:af:41:2a:73:87:
0e:cf:60:22:91:6c:0b:94:64:cc:4e:21:d0:00:77:c5:27:07:
b0:9b:fb:27:c5:b5:0f:29:3a:bd:81:6c:31:39:34:cc:85:f8:
fb:2a:30:df:07:3f:99:99:a6:f4:3e:04:52:fc:60:4b:2b:e5:
39:b8:13:31:53:af:51:94:04:d1:ea:f0:3d:77:b4:d6:ac:f2:
b7:4c:dd:ec:33:ab:49:c1:f8:98:db:ef:c0:1b:2d:18:64:06:
40:f2:d0:96
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAY7MRIenlKwmiVZysJ01iirvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OGQxMmYwOTUwNTNjMzU4NzZiODhiNDc2ODVkNjQzNTQy
MWZjZjIwHhcNMjQwNDExMDgyNzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGMyZjE4MzM2MGNiMjA3OWQzZWEyMDcxODMxY2E2YjIzNWM3YzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidF+m+1JxdM/kRYrES2KwIkVpauu
envs4h9Er08nzhorfCoC0R5IuWwJl9u7XhSeAyb2KmCj5AQ+SXgWoZo72P02aP+d
CktVaLaZh2SrFE5bkH6ER8HIQH9w9All2wawsCUpIerMm10loBGcmk5DrB84kozQ
1nUQxLYvPP+/qi6VqPdwE1hyD47i47jT4bFS4aDZH6tXjghsvJXH4rp1xiCdvedW
XGqDlghDEHZ4BShuJSm7mRA719KvdhGfg2bkNbYBWYuiIbyJo+WbeOqAVzm5KNrM
nErKAQUvrAQfgwMNakWit0LQeoM7ibTi5iKxS9s6hIBAT3PLPlJV/M1JyQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGDC8YM2DLIHnT6iBxgxymsjXHyKMB8GA1UdIwQY
MBaAFEWNEvCVBTw1h2uItHaF1kNUIfzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTkt
Mzk1NTk1OWVhZjgxLzEvWU1MeGd6WU1zZ2VkUHFJSEdESEtheU5jZklvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTktMzk1NTk1OWVhZjgx
LzEvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQALQu3AwQA
wkzjMA8EAgACMAkDBwAqC3FAAAEwDQYJKoZIhvcNAQELBQADggEBAGVyVF8xBOc0
24rxqi2wxhNaNC1+D6oZi5M56thGuj3EYfsSNvfZ8dFyqqsp5cBd24fRe8FBsiXO
LlQGDaTDQFpOWYh7QLpFPQbE8Y0t+NNFHRiNHv+PPgTOGuWsL/zu9gKCz4VPx2L0
qkgDOcQiptSpDbQYqxix9IDQKY8BUcf1FvFlLUVaWqmNTK1c1tWwZwkXfa2WVWhd
9BM3MQivQSpzhw7PYCKRbAuUZMxOIdAAd8UnB7Cb+yfFtQ8pOr2BbDE5NMyF+Psq
MN8HP5mZpvQ+BFL8YEsr5Tm4EzFTr1GUBNHq8D13tNas8rdM3ewzq0nB+Jjb78Ab
LRhkBkDy0JY=
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:42:25 2024 by rpki-client on console-ams.rpki-client.org