Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/a4640c-e69a-4337-b1aa-4cb0679ace7f/1/YvuniYG0LrMg6_6qfcXketXGbPw.roa
File: YvuniYG0LrMg6_6qfcXketXGbPw.roa (raw, json)
Hash identifier: 95EDDIPqr3Ht4uCmiiEUeJb2jFycTN8NuDErf0tDp88=
Subject key identifier: 62:FB:A7:89:81:B4:2E:B3:20:EB:FE:AA:7D:C5:E4:7A:D5:C6:6C:FC
Certificate issuer: /CN=64c5fd1dc0c457d9ec113d23bd4935c723e9ecf4
Certificate serial: 018CCA994A8B77BC05EA0A5B3BF8B74D7FEB
Authority key identifier: 64:C5:FD:1D:C0:C4:57:D9:EC:11:3D:23:BD:49:35:C7:23:E9:EC:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZMX9HcDEV9nsET0jvUk1xyPp7PQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/a4640c-e69a-4337-b1aa-4cb0679ace7f/1/YvuniYG0LrMg6_6qfcXketXGbPw.roa
Signing time: Tue 02 Jan 2024 14:34:52 +0000
ROA not before: Tue 02 Jan 2024 14:34:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211465
IP address blocks: 194.42.126.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/a4640c-e69a-4337-b1aa-4cb0679ace7f/1/ZMX9HcDEV9nsET0jvUk1xyPp7PQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/a4640c-e69a-4337-b1aa-4cb0679ace7f/1/ZMX9HcDEV9nsET0jvUk1xyPp7PQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZMX9HcDEV9nsET0jvUk1xyPp7PQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:4a:8b:77:bc:05:ea:0a:5b:3b:f8:b7:4d:7f:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64c5fd1dc0c457d9ec113d23bd4935c723e9ecf4
Validity
Not Before: Jan 2 14:34:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62fba78981b42eb320ebfeaa7dc5e47ad5c66cfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:8b:a3:71:81:35:09:a6:7d:f9:a0:9e:02:cc:
3a:70:a1:06:c1:d7:2f:9d:88:ab:41:85:be:e6:8e:
da:75:7c:52:49:b0:d6:70:34:98:ce:53:88:6a:37:
0b:55:73:4f:21:dc:e3:70:22:81:c2:89:f5:63:ee:
72:94:9e:64:79:80:f2:2c:68:ee:b8:46:04:01:9b:
d5:4f:05:13:56:04:aa:10:13:98:f1:11:bc:65:a9:
db:e2:31:3a:00:51:e0:21:e6:c6:e4:90:ba:c9:0c:
a3:a5:80:bc:eb:bc:df:70:24:3e:37:aa:a0:98:df:
f9:64:2f:31:47:14:f7:37:a8:ef:d0:ea:6a:54:c1:
ce:ab:6e:f8:0c:86:62:e0:49:26:c5:88:21:27:95:
9d:22:43:33:71:de:bd:4a:c6:47:0e:ea:3c:dd:91:
bd:e0:25:10:0e:44:5d:a1:8a:16:4c:ab:bb:46:05:
13:8a:1e:38:45:59:6d:7f:7f:e3:17:2e:f3:4b:7e:
ca:6b:96:98:c5:80:4c:93:c1:12:3c:83:03:aa:7d:
fb:d5:d1:cb:45:76:c5:eb:83:8f:82:66:2f:d8:a5:
52:06:69:6e:54:1f:f8:91:0c:5f:7b:93:c9:90:8d:
a8:7c:28:8b:79:11:69:39:41:3c:5d:72:6a:51:34:
75:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:FB:A7:89:81:B4:2E:B3:20:EB:FE:AA:7D:C5:E4:7A:D5:C6:6C:FC
X509v3 Authority Key Identifier:
keyid:64:C5:FD:1D:C0:C4:57:D9:EC:11:3D:23:BD:49:35:C7:23:E9:EC:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZMX9HcDEV9nsET0jvUk1xyPp7PQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/a4640c-e69a-4337-b1aa-4cb0679ace7f/1/YvuniYG0LrMg6_6qfcXketXGbPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/a4640c-e69a-4337-b1aa-4cb0679ace7f/1/ZMX9HcDEV9nsET0jvUk1xyPp7PQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.42.126.0/23
Signature Algorithm: sha256WithRSAEncryption
ba:4c:2b:f6:7b:de:61:df:1f:6e:75:bb:0a:bc:bb:65:d4:be:
db:9c:44:c5:99:f5:70:9c:36:d4:10:24:5d:bc:27:d6:89:83:
ff:6b:08:c4:75:19:19:63:29:b4:27:1d:c8:b0:8d:bd:7b:1b:
59:7f:4f:4e:c3:8d:ce:50:c8:f0:75:fa:3b:fd:d6:95:ae:71:
32:2b:38:c8:fe:f0:b5:ef:64:dd:6c:c6:e5:cf:fb:1c:4a:2c:
2b:99:9c:ef:5b:48:fc:37:33:b5:47:43:f0:9b:4a:dc:0f:39:
fc:51:40:e5:dc:bf:ad:d7:0c:60:fa:cf:58:5c:04:7e:b5:9e:
49:3c:44:d7:14:9b:ee:d4:a4:08:7a:da:34:43:67:a6:df:7d:
e8:f9:9a:85:94:08:db:51:13:a1:10:0b:9f:ce:78:15:18:57:
0c:e7:16:00:6b:64:4e:f2:c0:c7:e8:63:16:46:11:eb:9d:2d:
50:08:80:25:58:40:88:9e:a1:fc:ca:9a:bd:ee:80:b8:7b:0a:
21:b1:68:01:90:74:7a:0a:d1:cb:03:a8:16:95:ba:25:ed:34:
03:14:47:d8:ab:f6:8c:10:ef:62:90:11:f3:53:24:65:84:b5:
84:c6:4e:1d:9f:e7:2e:83:0a:0c:fd:8c:44:f1:0e:ca:68:2a:
be:7c:ad:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKmUqLd7wF6gpbO/i3TX/rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YzVmZDFkYzBjNDU3ZDllYzExM2QyM2JkNDkzNWM3MjNl
OWVjZjQwHhcNMjQwMTAyMTQzNDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmZiYTc4OTgxYjQyZWIzMjBlYmZlYWE3ZGM1ZTQ3YWQ1YzY2Y2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYujcYE1CaZ9+aCeAsw6cKEGwdcv
nYirQYW+5o7adXxSSbDWcDSYzlOIajcLVXNPIdzjcCKBwon1Y+5ylJ5keYDyLGju
uEYEAZvVTwUTVgSqEBOY8RG8Zanb4jE6AFHgIebG5JC6yQyjpYC867zfcCQ+N6qg
mN/5ZC8xRxT3N6jv0OpqVMHOq274DIZi4EkmxYghJ5WdIkMzcd69SsZHDuo83ZG9
4CUQDkRdoYoWTKu7RgUTih44RVltf3/jFy7zS37Ka5aYxYBMk8ESPIMDqn371dHL
RXbF64OPgmYv2KVSBmluVB/4kQxfe5PJkI2ofCiLeRFpOUE8XXJqUTR19wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGL7p4mBtC6zIOv+qn3F5HrVxmz8MB8GA1UdIwQY
MBaAFGTF/R3AxFfZ7BE9I71JNccj6ez0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk1YOUhjREVWOW5zRVQwanZVazF4eVBwN1BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9hNDY0MGMtZTY5YS00MzM3LWIxYWEt
NGNiMDY3OWFjZTdmLzEvWXZ1bmlZRzBMck1nNl82cWZjWGtldFhHYlB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9hNDY0MGMtZTY5YS00MzM3LWIxYWEtNGNiMDY3OWFjZTdm
LzEvWk1YOUhjREVWOW5zRVQwanZVazF4eVBwN1BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwip+MA0G
CSqGSIb3DQEBCwUAA4IBAQC6TCv2e95h3x9udbsKvLtl1L7bnETFmfVwnDbUECRd
vCfWiYP/awjEdRkZYym0Jx3IsI29extZf09Ow43OUMjwdfo7/daVrnEyKzjI/vC1
72TdbMblz/scSiwrmZzvW0j8NzO1R0Pwm0rcDzn8UUDl3L+t1wxg+s9YXAR+tZ5J
PETXFJvu1KQIeto0Q2em333o+ZqFlAjbUROhEAufzngVGFcM5xYAa2RO8sDH6GMW
RhHrnS1QCIAlWECInqH8ypq97oC4ewohsWgBkHR6CtHLA6gWlbol7TQDFEfYq/aM
EO9ikBHzUyRlhLWExk4dn+cugwoM/YxE8Q7KaCq+fK0T
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:27:32 2024 by rpki-client on console-ams.rpki-client.org