Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/f39a49-59ea-4c4f-98fc-53aab42f476e/1/RYX7E7EsDbSF_lCtaLN-OHrHqoI.roa
File: RYX7E7EsDbSF_lCtaLN-OHrHqoI.roa (raw, json)
Hash identifier: 8b8FHbKEgcFGY1FIqSa+LcjrvTCcZDUhvEjj5iH3dYs=
Subject key identifier: 45:85:FB:13:B1:2C:0D:B4:85:FE:50:AD:68:B3:7E:38:7A:C7:AA:82
Certificate issuer: /CN=8a3fe0b9c630a33e171a0a5c793f340b43446932
Certificate serial: 018CC34926D1BC4E5D40EC3CAF365E464CF1
Authority key identifier: 8A:3F:E0:B9:C6:30:A3:3E:17:1A:0A:5C:79:3F:34:0B:43:44:69:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ij_gucYwoz4XGgpceT80C0NEaTI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/f39a49-59ea-4c4f-98fc-53aab42f476e/1/RYX7E7EsDbSF_lCtaLN-OHrHqoI.roa
Signing time: Mon 01 Jan 2024 04:30:00 +0000
ROA not before: Mon 01 Jan 2024 04:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207198
IP address blocks: 213.194.192.0/20 maxlen: 20
185.163.40.0/22 maxlen: 22
213.194.208.0/22 maxlen: 22
2a0a:a800::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/f39a49-59ea-4c4f-98fc-53aab42f476e/1/ij_gucYwoz4XGgpceT80C0NEaTI.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/f39a49-59ea-4c4f-98fc-53aab42f476e/1/ij_gucYwoz4XGgpceT80C0NEaTI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ij_gucYwoz4XGgpceT80C0NEaTI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:26:d1:bc:4e:5d:40:ec:3c:af:36:5e:46:4c:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a3fe0b9c630a33e171a0a5c793f340b43446932
Validity
Not Before: Jan 1 04:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4585fb13b12c0db485fe50ad68b37e387ac7aa82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:9f:f5:f0:a4:4a:d0:b4:4d:6f:d4:18:f1:32:
4a:1f:3e:52:0a:ac:22:67:1c:86:ab:05:99:51:a7:
ad:81:36:bc:0c:48:4f:81:b4:f6:5c:5d:b4:c0:cf:
b0:82:55:3c:e0:9c:96:98:18:71:78:69:6f:b1:ea:
8f:b7:bc:75:d6:56:0b:6d:61:7b:99:34:2c:00:c4:
24:ed:2b:eb:e4:c8:78:79:8d:bd:be:dd:b8:c8:6e:
47:73:11:97:ab:c8:6f:46:cc:91:73:3a:56:47:98:
7d:05:89:b8:14:19:6c:9d:d1:87:10:ce:e5:8d:22:
f3:0e:e4:d4:99:09:44:eb:96:18:eb:4d:39:44:07:
44:67:34:7d:a7:44:68:8b:dc:3e:8e:25:73:a4:f1:
62:f4:de:7b:a7:01:ef:70:4f:91:24:2e:a3:a6:66:
be:88:a5:ad:3c:da:16:7b:d9:71:4a:f4:02:49:cf:
2b:1a:3c:12:2f:e8:c8:23:8c:de:cb:18:04:b5:58:
3d:28:5d:6c:34:e7:74:c6:a9:d2:69:59:1a:3d:f7:
00:a1:3b:31:d5:4f:a8:2b:ab:67:8e:65:44:9b:76:
08:e5:27:95:1a:db:4d:21:1a:5a:00:b0:17:0a:69:
b0:24:b2:9d:e0:17:d9:29:81:b8:61:c7:95:e1:85:
c6:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:85:FB:13:B1:2C:0D:B4:85:FE:50:AD:68:B3:7E:38:7A:C7:AA:82
X509v3 Authority Key Identifier:
keyid:8A:3F:E0:B9:C6:30:A3:3E:17:1A:0A:5C:79:3F:34:0B:43:44:69:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ij_gucYwoz4XGgpceT80C0NEaTI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/f39a49-59ea-4c4f-98fc-53aab42f476e/1/RYX7E7EsDbSF_lCtaLN-OHrHqoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/f39a49-59ea-4c4f-98fc-53aab42f476e/1/ij_gucYwoz4XGgpceT80C0NEaTI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.163.40.0/22
213.194.192.0-213.194.211.255
IPv6:
2a0a:a800::/29
Signature Algorithm: sha256WithRSAEncryption
93:92:52:b6:9b:3f:9b:e5:96:78:bd:78:15:7e:66:15:4c:f8:
07:95:33:52:3c:bd:eb:27:5a:bd:cf:7d:02:99:e0:d6:e3:19:
3e:3e:16:04:6b:4f:9b:d8:94:be:c8:88:96:99:23:11:37:e4:
c0:06:7b:2c:56:fa:38:c7:a9:da:a0:16:c8:85:fe:eb:83:87:
1a:cd:80:0a:70:cf:03:8c:99:be:40:35:c2:ac:12:48:d6:42:
39:c9:ce:65:f3:99:77:20:6b:2d:76:e6:c2:cd:63:bf:35:c5:
a2:33:5c:ff:de:3d:d3:43:bd:d1:29:80:c1:bb:77:ae:79:69:
be:99:1c:80:f2:47:c8:ee:54:35:5b:59:a0:91:b2:64:5e:e6:
18:74:48:21:4d:78:78:c7:90:6a:90:24:e0:f0:ee:90:86:30:
a4:d1:d2:c2:51:92:b4:ec:a2:85:e9:43:d3:b3:b8:8a:6b:9d:
a2:13:3d:f1:5d:ea:52:c5:ce:2d:df:06:02:c2:be:19:a4:85:
15:90:5d:eb:60:a3:fe:18:60:12:a4:b4:c7:b9:a9:6c:36:cd:
f6:b6:38:f4:61:c5:c5:d5:6e:08:6c:f4:19:3d:24:93:aa:62:
3c:6d:d3:a1:a5:7d:ae:26:98:91:d1:00:44:5a:51:d1:37:6d:
a1:20:88:47
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzDSSbRvE5dQOw8rzZeRkzxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhM2ZlMGI5YzYzMGEzM2UxNzFhMGE1Yzc5M2YzNDBiNDM0
NDY5MzIwHhcNMjQwMTAxMDQzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTg1ZmIxM2IxMmMwZGI0ODVmZTUwYWQ2OGIzN2UzODdhYzdhYTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZ/18KRK0LRNb9QY8TJKHz5SCqwi
ZxyGqwWZUaetgTa8DEhPgbT2XF20wM+wglU84JyWmBhxeGlvseqPt7x11lYLbWF7
mTQsAMQk7Svr5Mh4eY29vt24yG5HcxGXq8hvRsyRczpWR5h9BYm4FBlsndGHEM7l
jSLzDuTUmQlE65YY6005RAdEZzR9p0Roi9w+jiVzpPFi9N57pwHvcE+RJC6jpma+
iKWtPNoWe9lxSvQCSc8rGjwSL+jII4zeyxgEtVg9KF1sNOd0xqnSaVkaPfcAoTsx
1U+oK6tnjmVEm3YI5SeVGttNIRpaALAXCmmwJLKd4BfZKYG4YceV4YXGfwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFEWF+xOxLA20hf5QrWizfjh6x6qCMB8GA1UdIwQY
MBaAFIo/4LnGMKM+FxoKXHk/NAtDRGkyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWpfZ3VjWXdvejRYR2dwY2VUODBDME5FYVRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9mMzlhNDktNTllYS00YzRmLTk4ZmMt
NTNhYWI0MmY0NzZlLzEvUllYN0U3RXNEYlNGX2xDdGFMTi1PSHJIcW9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9mMzlhNDktNTllYS00YzRmLTk4ZmMtNTNhYWI0MmY0NzZl
LzEvaWpfZ3VjWXdvejRYR2dwY2VUODBDME5FYVRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCuaMoMAwD
BAbVwsADBALVwtAwDQQCAAIwBwMFAyoKqAAwDQYJKoZIhvcNAQELBQADggEBAJOS
UrabP5vllni9eBV+ZhVM+AeVM1I8vesnWr3PfQKZ4NbjGT4+FgRrT5vYlL7IiJaZ
IxE35MAGeyxW+jjHqdqgFsiF/uuDhxrNgApwzwOMmb5ANcKsEkjWQjnJzmXzmXcg
ay125sLNY781xaIzXP/ePdNDvdEpgMG7d655ab6ZHIDyR8juVDVbWaCRsmRe5hh0
SCFNeHjHkGqQJODw7pCGMKTR0sJRkrTsooXpQ9OzuIprnaITPfFd6lLFzi3fBgLC
vhmkhRWQXetgo/4YYBKktMe5qWw2zfa2OPRhxcXVbghs9Bk9JJOqYjxt06Glfa4m
mJHRAERaUdE3baEgiEc=
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:27:35 2024 by rpki-client on console-ams.rpki-client.org