Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/82445f-d1d7-46b0-af4f-766c06e5f075/1/YMzgkL3yFYwFAnghox6iuCqhSUY.roa
File: YMzgkL3yFYwFAnghox6iuCqhSUY.roa (raw, json)
Hash identifier: ayfwYdk06EwlkeXozs51gGw4qCgZAcCEwS46Dq1+hzY=
Subject key identifier: 60:CC:E0:90:BD:F2:15:8C:05:02:78:21:A3:1E:A2:B8:2A:A1:49:46
Certificate issuer: /CN=f8555a7883f92b9f9ba422a96b4e397bf5fb8fc7
Certificate serial: 018D3566E27CA3899F20CC3ACFC6F2A1D7F0
Authority key identifier: F8:55:5A:78:83:F9:2B:9F:9B:A4:22:A9:6B:4E:39:7B:F5:FB:8F:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-FVaeIP5K5-bpCKpa045e_X7j8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/82445f-d1d7-46b0-af4f-766c06e5f075/1/YMzgkL3yFYwFAnghox6iuCqhSUY.roa
Signing time: Tue 23 Jan 2024 08:19:11 +0000
ROA not before: Tue 23 Jan 2024 08:19:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15511
IP address blocks: 45.159.184.0/24 maxlen: 24
45.159.185.0/24 maxlen: 24
45.159.186.0/24 maxlen: 24
185.115.100.0/24 maxlen: 24
185.115.101.0/24 maxlen: 24
185.115.102.0/24 maxlen: 24
185.115.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/82445f-d1d7-46b0-af4f-766c06e5f075/1/1-FVaeIP5K5-bpCKpa045e_X7j8c.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/82445f-d1d7-46b0-af4f-766c06e5f075/1/1-FVaeIP5K5-bpCKpa045e_X7j8c.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-FVaeIP5K5-bpCKpa045e_X7j8c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:35:66:e2:7c:a3:89:9f:20:cc:3a:cf:c6:f2:a1:d7:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8555a7883f92b9f9ba422a96b4e397bf5fb8fc7
Validity
Not Before: Jan 23 08:19:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60cce090bdf2158c05027821a31ea2b82aa14946
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:06:b3:ee:db:90:23:98:ec:e4:21:72:8a:52:
71:49:ac:78:aa:2e:86:e4:6e:a0:2b:3f:6f:eb:1e:
7e:12:a2:c4:cb:de:71:d1:60:0f:28:2e:ac:05:7d:
76:8e:12:87:a0:9f:cf:46:46:60:61:7b:9a:01:17:
3e:eb:ad:3e:8f:e9:82:05:24:50:8c:cd:c9:ed:76:
8b:a0:1b:71:18:5b:8b:cc:9e:91:30:c4:ad:94:d5:
66:11:58:ae:80:01:f6:19:64:a5:89:79:86:c7:23:
83:bb:62:98:07:ac:0f:dc:c0:6a:ec:42:95:91:1d:
bf:78:99:47:e4:75:65:3f:54:9b:5b:51:38:7d:81:
39:3c:54:54:5b:ca:f8:18:f9:27:e5:70:95:0b:7f:
3b:6b:3d:bb:fc:d8:9c:95:68:f8:e5:3b:ba:17:55:
81:d5:69:ef:19:9d:5d:1f:4f:dd:79:ab:73:23:fd:
82:71:ac:6b:15:3f:89:77:ac:3b:88:47:1c:3a:73:
c0:cb:06:53:7d:29:11:28:73:fa:40:6a:f4:79:62:
3a:33:52:90:11:21:56:d4:30:06:1f:aa:cb:34:38:
d5:2d:64:11:8e:d5:08:0c:ec:a2:96:e8:78:de:ff:
9a:52:18:90:d2:6f:26:60:13:2b:fa:7c:d6:4b:bc:
e9:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:CC:E0:90:BD:F2:15:8C:05:02:78:21:A3:1E:A2:B8:2A:A1:49:46
X509v3 Authority Key Identifier:
keyid:F8:55:5A:78:83:F9:2B:9F:9B:A4:22:A9:6B:4E:39:7B:F5:FB:8F:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-FVaeIP5K5-bpCKpa045e_X7j8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/82445f-d1d7-46b0-af4f-766c06e5f075/1/YMzgkL3yFYwFAnghox6iuCqhSUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/82445f-d1d7-46b0-af4f-766c06e5f075/1/1-FVaeIP5K5-bpCKpa045e_X7j8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.184.0-45.159.186.255
185.115.100.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:91:19:63:e4:4f:3a:0c:ef:41:44:05:05:74:6c:be:c5:f1:
13:c3:12:4e:c0:45:0d:72:43:7c:1e:d4:91:3d:6a:ea:46:6e:
17:3c:02:a2:f0:9e:21:a0:d9:42:65:8f:34:3c:d7:5c:c3:89:
74:67:c0:19:aa:2c:76:c0:59:7b:e8:7c:e1:60:e9:c3:54:9d:
d2:32:a2:e3:7a:25:20:29:0f:fa:1d:bc:e7:51:94:b4:2f:e1:
e7:be:89:3c:dc:8a:e5:38:f8:93:1b:40:b0:2a:a2:f1:1a:e7:
4a:1e:8e:6f:23:bc:a6:27:42:fa:66:dc:40:48:73:7c:9f:af:
3d:11:19:38:ff:e2:d2:40:d0:e5:12:36:06:c9:10:55:54:25:
37:05:3a:db:31:63:9c:38:10:5d:ba:86:99:10:0c:fd:fe:8b:
79:ed:5c:36:d9:4e:a7:b3:52:5e:93:f0:a1:ec:0a:71:82:3d:
22:8f:75:6a:d3:2a:88:8b:90:e1:99:52:88:b1:a5:3f:f8:c4:
02:51:49:7a:69:a2:61:78:98:f5:21:e1:97:84:9d:b9:6d:d0:
ae:d3:b4:e6:5c:7e:04:a2:9d:af:8d:21:8e:06:55:d0:44:f4:
1a:98:e3:cf:f9:e5:41:a9:a1:3e:57:1d:5f:15:6d:8a:36:0b:
d0:da:6e:ec
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAY01ZuJ8o4mfIMw6z8byodfwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NTU1YTc4ODNmOTJiOWY5YmE0MjJhOTZiNGUzOTdiZjVm
YjhmYzcwHhcNMjQwMTIzMDgxOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGNjZTA5MGJkZjIxNThjMDUwMjc4MjFhMzFlYTJiODJhYTE0OTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQaz7tuQI5js5CFyilJxSax4qi6G
5G6gKz9v6x5+EqLEy95x0WAPKC6sBX12jhKHoJ/PRkZgYXuaARc+660+j+mCBSRQ
jM3J7XaLoBtxGFuLzJ6RMMStlNVmEViugAH2GWSliXmGxyODu2KYB6wP3MBq7EKV
kR2/eJlH5HVlP1SbW1E4fYE5PFRUW8r4GPkn5XCVC387az27/NiclWj45Tu6F1WB
1WnvGZ1dH0/deatzI/2CcaxrFT+Jd6w7iEccOnPAywZTfSkRKHP6QGr0eWI6M1KQ
ESFW1DAGH6rLNDjVLWQRjtUIDOyiluh43v+aUhiQ0m8mYBMr+nzWS7zprwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFGDM4JC98hWMBQJ4IaMeorgqoUlGMB8GA1UdIwQY
MBaAFPhVWniD+Sufm6QiqWtOOXv1+4/HMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1GVmFlSVA1SzUtYnBDS3BhMDQ1ZV9YN2o4Yy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2IvODI0NDVmLWQxZDctNDZiMC1hZjRm
LTc2NmMwNmU1ZjA3NS8xL1lNemdrTDN5Rll3RkFuZ2hveDZpdUNxaFNVWS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvM2IvODI0NDVmLWQxZDctNDZiMC1hZjRmLTc2NmMwNmU1ZjA3
NS8xLzEtRlZhZUlQNUs1LWJwQ0twYTA0NWVfWDdqOGMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLQYIKwYBBQUHAQcBAf8EHjAcMBoEAgABMBQwDAMEAy2f
uAMEAC2fugMEArlzZDANBgkqhkiG9w0BAQsFAAOCAQEAfpEZY+RPOgzvQUQFBXRs
vsXxE8MSTsBFDXJDfB7UkT1q6kZuFzwCovCeIaDZQmWPNDzXXMOJdGfAGaosdsBZ
e+h84WDpw1Sd0jKi43olICkP+h2851GUtC/h576JPNyK5Tj4kxtAsCqi8RrnSh6O
byO8pidC+mbcQEhzfJ+vPREZOP/i0kDQ5RI2BskQVVQlNwU62zFjnDgQXbqGmRAM
/f6Lee1cNtlOp7NSXpPwoewKcYI9Io91atMqiIuQ4ZlSiLGlP/jEAlFJemmiYXiY
9SHhl4SduW3QrtO05lx+BKKdr40hjgZV0ET0Gpjjz/nlQamhPlcdXxVtijYL0Npu
7A==
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:11:16 2024 by rpki-client on console-fra.rpki-client.org