Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/f891c4-19ac-437c-b782-e1487a54c1e5/1/YgVJPj-ZvVdQH_Iyvexw0BTHonY.roa
File: YgVJPj-ZvVdQH_Iyvexw0BTHonY.roa (raw, json)
Hash identifier: 5AjsEHivWAvdyvaVHlP2RZWcwe6zVqVmDRzB3JudYnw=
Subject key identifier: 62:05:49:3E:3F:99:BD:57:50:1F:F2:32:BD:EC:70:D0:14:C7:A2:76
Certificate issuer: /CN=94a32e445c24ded9b85212d479b88008165ebdba
Certificate serial: 018D64A8BCAC6C942D600DC0C191FD3F21BE
Authority key identifier: 94:A3:2E:44:5C:24:DE:D9:B8:52:12:D4:79:B8:80:08:16:5E:BD:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lKMuRFwk3tm4UhLUebiACBZevbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/f891c4-19ac-437c-b782-e1487a54c1e5/1/YgVJPj-ZvVdQH_Iyvexw0BTHonY.roa
Signing time: Thu 01 Feb 2024 12:33:16 +0000
ROA not before: Thu 01 Feb 2024 12:33:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201080
IP address blocks: 37.60.155.0/24 maxlen: 24
37.60.156.0/23 maxlen: 23
37.60.157.0/24 maxlen: 24
37.60.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/f891c4-19ac-437c-b782-e1487a54c1e5/1/lKMuRFwk3tm4UhLUebiACBZevbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/f891c4-19ac-437c-b782-e1487a54c1e5/1/lKMuRFwk3tm4UhLUebiACBZevbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/lKMuRFwk3tm4UhLUebiACBZevbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:64:a8:bc:ac:6c:94:2d:60:0d:c0:c1:91:fd:3f:21:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94a32e445c24ded9b85212d479b88008165ebdba
Validity
Not Before: Feb 1 12:33:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6205493e3f99bd57501ff232bdec70d014c7a276
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:9c:d9:ab:83:2f:51:f1:ef:be:88:45:8f:38:
de:28:4d:e5:27:7c:44:16:4e:2a:28:45:c1:0e:ea:
3d:26:db:f7:c1:32:d1:52:8f:98:13:e5:ee:83:6c:
01:cf:4d:97:81:17:14:66:f9:67:5e:06:02:70:bb:
9d:79:f3:53:f7:13:2c:08:e6:b8:a2:d5:d5:8d:5b:
5d:f2:9b:00:83:1c:5f:f6:97:ab:55:73:60:08:9c:
6f:1e:bd:2d:29:74:a3:30:91:e1:d1:20:d4:63:e0:
e5:89:76:6c:fc:30:1f:5c:13:f7:0b:4b:5c:5a:4a:
bb:9f:b5:8e:07:b8:3a:09:31:fa:82:b6:df:57:6c:
41:8c:f5:ca:3f:be:6a:4e:82:46:a9:6a:aa:d2:c3:
34:1a:a9:db:04:59:84:1d:8c:81:6a:4e:4f:ab:15:
51:23:37:51:7e:f7:22:f9:05:a0:51:39:12:e3:87:
e1:7f:c4:11:e3:a6:7e:41:23:55:ed:82:ab:f2:34:
6b:20:64:2b:a5:bf:8c:d9:f7:0a:b2:a7:6e:c2:a7:
6e:0f:bd:52:ea:ab:f3:4f:a0:72:ab:c2:93:2b:dd:
0c:e5:7b:be:6e:d3:48:d0:64:64:54:f6:a5:f7:db:
b5:f1:55:f2:40:62:f5:7f:ff:62:36:3d:b7:5c:3f:
f2:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:05:49:3E:3F:99:BD:57:50:1F:F2:32:BD:EC:70:D0:14:C7:A2:76
X509v3 Authority Key Identifier:
keyid:94:A3:2E:44:5C:24:DE:D9:B8:52:12:D4:79:B8:80:08:16:5E:BD:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lKMuRFwk3tm4UhLUebiACBZevbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f891c4-19ac-437c-b782-e1487a54c1e5/1/YgVJPj-ZvVdQH_Iyvexw0BTHonY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f891c4-19ac-437c-b782-e1487a54c1e5/1/lKMuRFwk3tm4UhLUebiACBZevbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.60.155.0-37.60.158.255
Signature Algorithm: sha256WithRSAEncryption
3f:d5:a7:53:f0:92:d2:da:9d:12:c4:8f:6d:7c:bf:5f:3d:5c:
92:76:f1:6e:22:6a:35:07:c2:76:e9:ec:af:06:b9:00:56:e4:
b9:ff:18:c9:2c:90:aa:67:64:8d:29:a2:11:16:7a:07:5a:d3:
66:ec:6a:2e:c9:df:52:08:bb:bb:57:ba:11:04:ce:3e:e4:df:
75:fb:f8:d3:42:bd:61:31:81:d2:a1:94:3a:65:0e:fe:d0:9d:
f5:ba:d3:69:3f:e8:1e:79:67:14:38:4e:af:d5:d1:16:da:9c:
33:d0:93:2c:2b:36:b3:6c:6e:50:22:e3:29:57:22:9c:52:c7:
44:0a:2a:b8:84:4d:c5:a1:5c:ec:42:e1:90:14:0b:bd:de:66:
40:b3:df:87:31:cc:9a:81:05:cc:9d:7a:d8:f6:e8:c2:20:ab:
62:6a:83:30:ce:24:1a:e8:a4:6d:16:c6:fa:9a:70:29:e8:f7:
43:ff:8a:f9:3f:48:b8:d7:15:67:73:2f:6c:c0:36:fa:3d:0e:
d7:6a:e3:4e:ed:9c:77:98:de:1c:94:fe:af:12:47:e1:b8:71:
8a:f8:cd:3f:89:58:af:0a:1c:8c:c2:d3:bd:86:ae:85:db:12:
16:34:7e:dd:cb:8f:c1:91:c3:21:99:5f:a9:d3:9d:51:46:e6:
38:00:9a:1c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY1kqLysbJQtYA3AwZH9PyG+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0YTMyZTQ0NWMyNGRlZDliODUyMTJkNDc5Yjg4MDA4MTY1
ZWJkYmEwHhcNMjQwMjAxMTIzMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjA1NDkzZTNmOTliZDU3NTAxZmYyMzJiZGVjNzBkMDE0YzdhMjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5zZq4MvUfHvvohFjzjeKE3lJ3xE
Fk4qKEXBDuo9Jtv3wTLRUo+YE+Xug2wBz02XgRcUZvlnXgYCcLudefNT9xMsCOa4
otXVjVtd8psAgxxf9perVXNgCJxvHr0tKXSjMJHh0SDUY+DliXZs/DAfXBP3C0tc
Wkq7n7WOB7g6CTH6grbfV2xBjPXKP75qToJGqWqq0sM0GqnbBFmEHYyBak5PqxVR
IzdRfvci+QWgUTkS44fhf8QR46Z+QSNV7YKr8jRrIGQrpb+M2fcKsqduwqduD71S
6qvzT6Byq8KTK90M5Xu+btNI0GRkVPal99u18VXyQGL1f/9iNj23XD/yKQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGIFST4/mb1XUB/yMr3scNAUx6J2MB8GA1UdIwQY
MBaAFJSjLkRcJN7ZuFIS1Hm4gAgWXr26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEtNdVJGd2szdG00VWhMVWViaUFDQlpldmJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9mODkxYzQtMTlhYy00MzdjLWI3ODIt
ZTE0ODdhNTRjMWU1LzEvWWdWSlBqLVp2VmRRSF9JeXZleHcwQlRIb25ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9mODkxYzQtMTlhYy00MzdjLWI3ODItZTE0ODdhNTRjMWU1
LzEvbEtNdVJGd2szdG00VWhMVWViaUFDQlpldmJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAlPJsD
BAAlPJ4wDQYJKoZIhvcNAQELBQADggEBAD/Vp1PwktLanRLEj218v189XJJ28W4i
ajUHwnbp7K8GuQBW5Ln/GMkskKpnZI0pohEWegda02bsai7J31IIu7tXuhEEzj7k
33X7+NNCvWExgdKhlDplDv7QnfW602k/6B55ZxQ4Tq/V0RbanDPQkywrNrNsblAi
4ylXIpxSx0QKKriETcWhXOxC4ZAUC73eZkCz34cxzJqBBcydetj26MIgq2JqgzDO
JBropG0WxvqacCno90P/ivk/SLjXFWdzL2zANvo9Dtdq407tnHeY3hyU/q8SR+G4
cYr4zT+JWK8KHIzC072GroXbEhY0ft3Lj8GRwyGZX6nTnVFG5jgAmhw=
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:10:33 2024 by rpki-client on console-fra.rpki-client.org