Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/Yvan5kWqINP99uWhOwgdv2YHjRo.roa
File: Yvan5kWqINP99uWhOwgdv2YHjRo.roa (raw, json)
Hash identifier: UaeKMo/4d7e6ZmZOByoOcgrAmy0Xz9jU9NCT5NYEcYw=
Subject key identifier: 62:F6:A7:E6:45:AA:20:D3:FD:F6:E5:A1:3B:08:1D:BF:66:07:8D:1A
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 018CCA298754307EE72D856036B52C3C4E02
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/Yvan5kWqINP99uWhOwgdv2YHjRo.roa
Signing time: Tue 02 Jan 2024 12:32:48 +0000
ROA not before: Tue 02 Jan 2024 12:32:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 142299
IP address blocks: 85.203.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:59:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:87:54:30:7e:e7:2d:85:60:36:b5:2c:3c:4e:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jan 2 12:32:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62f6a7e645aa20d3fdf6e5a13b081dbf66078d1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:32:de:71:c4:a3:33:a2:03:85:14:80:df:9b:
61:34:52:52:86:46:7f:d9:e9:4c:ce:c3:b1:e9:7e:
32:1d:a2:ab:82:73:49:0d:55:0f:ac:1c:ac:e6:45:
c2:20:04:cd:14:4c:b6:4e:a9:15:e3:b1:e1:cb:67:
a0:73:78:b1:f4:77:7d:b6:2a:a0:bc:ee:44:39:54:
c4:02:6b:40:11:12:c1:25:54:c0:bc:24:20:31:0e:
8e:3a:9c:32:6c:e4:5e:61:3a:00:cc:e4:15:db:81:
dd:e7:9a:74:24:48:2c:35:8d:b1:c3:b8:44:30:30:
a3:26:65:c5:09:46:5c:f3:90:50:13:b7:46:39:b1:
00:b5:4e:6e:2d:64:aa:16:6f:32:04:c8:27:2b:fb:
b1:cb:bc:c2:9d:11:30:27:5c:fb:05:14:d3:15:53:
cf:24:37:eb:b7:f4:2e:18:88:b1:99:4d:ea:07:22:
f3:a0:ab:15:d0:64:d4:fa:b9:83:58:0e:17:0d:a3:
c5:6d:ff:3a:5d:63:3e:cb:71:e1:45:cf:b2:db:5f:
1d:36:d4:2d:7f:c0:ba:99:03:70:c1:d9:7b:6c:76:
e3:3e:07:54:30:04:8d:f5:0b:6c:86:ec:1b:3e:9f:
04:d0:ee:7e:cd:83:e7:c3:b3:e0:89:d6:b5:38:68:
8a:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:F6:A7:E6:45:AA:20:D3:FD:F6:E5:A1:3B:08:1D:BF:66:07:8D:1A
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/Yvan5kWqINP99uWhOwgdv2YHjRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.4.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:fb:ba:4a:fd:e9:b8:f4:9f:2a:dd:b8:da:36:c2:13:cc:2e:
3c:7f:f2:af:52:0a:c1:80:14:7a:62:7a:f4:57:72:20:33:41:
76:17:87:40:a4:a9:4b:9a:59:18:fa:bc:19:dd:23:05:f1:1e:
e3:15:09:1c:cd:5e:e8:80:46:8d:09:60:6b:ee:8d:36:e4:6e:
fe:46:73:c4:c8:fa:ce:39:7d:fa:53:a7:a3:5b:c2:78:96:b7:
c2:78:f1:cd:67:51:22:cb:4e:84:c8:bd:49:ab:b8:b8:53:97:
bf:30:90:56:61:af:ad:6d:ae:cc:94:42:d1:ee:3b:fd:4f:61:
04:0c:25:db:c3:ea:d0:26:2c:a1:95:4f:a5:ed:36:38:b5:60:
30:f0:db:11:f1:3f:0c:e9:03:1e:b4:42:58:49:b0:8b:7c:09:
5f:da:78:96:e8:c8:19:bd:41:c1:09:1b:74:1e:2a:29:fb:bc:
89:c7:ef:52:29:26:75:56:6f:ae:2c:0f:0c:50:f8:f4:6a:32:
ca:8a:dd:2d:02:d4:69:f9:d4:b9:a7:48:90:1f:c0:c3:67:d1:
2f:d4:09:15:21:87:9a:64:c8:3a:cd:4c:01:ab:e4:cb:3c:e9:
1e:dc:90:f2:4c:9c:89:ae:47:7b:36:14:8b:0d:6d:7b:dc:4c:
5f:27:74:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKYdUMH7nLYVgNrUsPE4CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjQwMTAyMTIzMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmY2YTdlNjQ1YWEyMGQzZmRmNmU1YTEzYjA4MWRiZjY2MDc4ZDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2jLeccSjM6IDhRSA35thNFJShkZ/
2elMzsOx6X4yHaKrgnNJDVUPrBys5kXCIATNFEy2TqkV47Hhy2egc3ix9Hd9tiqg
vO5EOVTEAmtAERLBJVTAvCQgMQ6OOpwybOReYToAzOQV24Hd55p0JEgsNY2xw7hE
MDCjJmXFCUZc85BQE7dGObEAtU5uLWSqFm8yBMgnK/uxy7zCnREwJ1z7BRTTFVPP
JDfrt/QuGIixmU3qByLzoKsV0GTU+rmDWA4XDaPFbf86XWM+y3HhRc+y218dNtQt
f8C6mQNwwdl7bHbjPgdUMASN9QtshuwbPp8E0O5+zYPnw7Pgida1OGiKnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGL2p+ZFqiDT/fbloTsIHb9mB40aMB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvWXZhbjVrV3FJTlA5OXVXaE93Z2R2MllIalJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVcsEMA0G
CSqGSIb3DQEBCwUAA4IBAQCm+7pK/em49J8q3bjaNsITzC48f/KvUgrBgBR6Ynr0
V3IgM0F2F4dApKlLmlkY+rwZ3SMF8R7jFQkczV7ogEaNCWBr7o025G7+RnPEyPrO
OX36U6ejW8J4lrfCePHNZ1Eiy06EyL1Jq7i4U5e/MJBWYa+tba7MlELR7jv9T2EE
DCXbw+rQJiyhlU+l7TY4tWAw8NsR8T8M6QMetEJYSbCLfAlf2niW6MgZvUHBCRt0
Hiop+7yJx+9SKSZ1Vm+uLA8MUPj0ajLKit0tAtRp+dS5p0iQH8DDZ9Ev1AkVIYea
ZMg6zUwBq+TLPOke3JDyTJyJrkd7NhSLDW173ExfJ3RG
-----END CERTIFICATE-----
Generated at Thu May 2 23:20:56 2024 by rpki-client on console-ams.rpki-client.org