Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/YPl65i_ZAqJrso7fye8XXCwCou0.roa
File: YPl65i_ZAqJrso7fye8XXCwCou0.roa (raw, json)
Hash identifier: xoK7yuvbybyvXFNt6hFV7HcPi8yJ4HyTUHeYqJooH3U=
Subject key identifier: 60:F9:7A:E6:2F:D9:02:A2:6B:B2:8E:DF:C9:EF:17:5C:2C:02:A2:ED
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 018CC94DB901E20F0EE4B0A00561049D9D25
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/YPl65i_ZAqJrso7fye8XXCwCou0.roa
Signing time: Tue 02 Jan 2024 08:32:43 +0000
ROA not before: Tue 02 Jan 2024 08:32:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212949
IP address blocks: 94.176.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:b9:01:e2:0f:0e:e4:b0:a0:05:61:04:9d:9d:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 08:32:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60f97ae62fd902a26bb28edfc9ef175c2c02a2ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:cb:68:6f:76:1d:ce:55:45:04:30:e5:5b:33:
5a:f6:65:b1:75:28:46:28:70:02:da:7b:d8:53:b2:
28:19:32:a8:04:4d:4e:c4:5e:8c:25:cc:2e:71:51:
b4:6c:ec:d6:15:d0:28:16:0b:00:df:e1:82:f2:11:
1c:b4:71:d5:ad:b7:4c:3d:8d:80:d7:5c:e7:c8:3a:
b8:08:d2:f0:07:62:8d:f0:6b:ea:df:b9:66:1f:c4:
df:32:b5:a7:b2:4a:8a:00:3b:f7:ce:69:fb:53:d8:
46:64:56:97:c4:54:fc:6e:46:e8:7a:e2:96:55:94:
86:a6:c8:05:63:9f:d2:15:16:f8:d4:60:30:3b:45:
2a:8d:69:24:20:f0:98:87:97:1b:d0:fe:89:fb:ce:
27:73:78:3c:3a:40:b4:a8:75:33:fa:fa:ee:f7:bc:
4a:40:11:4e:5e:18:55:da:96:37:43:f9:7d:2e:37:
63:9c:cc:c6:89:6e:1e:aa:4b:0c:2e:2b:67:4e:78:
bd:d8:a9:f8:da:4d:b9:f1:54:cf:9c:a9:2f:93:9b:
af:87:2b:e8:79:b5:78:46:41:21:e8:1d:fe:38:65:
57:97:01:8c:6f:57:9f:e8:5c:21:9f:c9:27:28:37:
d6:23:f2:85:b1:05:13:1b:f6:b2:ac:f3:8f:77:4f:
c1:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:F9:7A:E6:2F:D9:02:A2:6B:B2:8E:DF:C9:EF:17:5C:2C:02:A2:ED
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/YPl65i_ZAqJrso7fye8XXCwCou0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.176.142.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:92:cc:80:0c:b2:3e:57:2b:54:23:cc:63:11:21:08:08:76:
30:9c:3c:6b:65:03:2b:bf:95:28:84:96:f3:9e:ed:3c:c1:42:
03:8e:53:33:2a:04:a6:db:e5:16:73:60:93:eb:96:6c:38:27:
8c:7c:04:7a:63:ac:fa:13:d5:9b:bf:c0:91:ca:2d:5b:47:bd:
75:a2:6b:f9:bd:78:fc:aa:65:49:24:23:60:8a:58:68:5a:59:
c6:f2:ad:df:91:bb:7a:7e:70:c2:0a:93:d1:6b:d3:cd:fd:99:
d7:9a:fd:bd:34:c6:3e:9b:9d:b9:d0:ee:09:b6:d4:a8:3f:79:
20:c5:cc:a4:d6:28:a0:38:16:f0:00:0e:50:f7:c3:d8:11:bb:
58:87:2a:72:01:01:e2:90:3f:4b:68:1d:06:7a:fc:5f:9b:2b:
c1:93:65:bf:6b:a5:66:77:e8:2f:ea:9e:6f:70:b3:33:9e:8c:
5e:5a:8b:b7:74:05:f3:78:d9:f4:b5:7c:59:59:d4:55:f7:07:
17:99:ab:a8:43:b6:3e:75:2a:6d:f5:a9:60:b9:57:15:9d:b9:
96:a2:76:48:65:ac:fd:bd:14:aa:73:f4:9a:a6:df:16:de:d5:
80:76:7d:79:f3:d3:8f:b2:96:48:bc:c3:65:65:71:2a:24:54:
b9:fc:b5:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTbkB4g8O5LCgBWEEnZ0lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjQwMTAyMDgzMjQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGY5N2FlNjJmZDkwMmEyNmJiMjhlZGZjOWVmMTc1YzJjMDJhMmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmstob3YdzlVFBDDlWzNa9mWxdShG
KHAC2nvYU7IoGTKoBE1OxF6MJcwucVG0bOzWFdAoFgsA3+GC8hEctHHVrbdMPY2A
11znyDq4CNLwB2KN8Gvq37lmH8TfMrWnskqKADv3zmn7U9hGZFaXxFT8bkboeuKW
VZSGpsgFY5/SFRb41GAwO0UqjWkkIPCYh5cb0P6J+84nc3g8OkC0qHUz+vru97xK
QBFOXhhV2pY3Q/l9LjdjnMzGiW4eqksMLitnTni92Kn42k258VTPnKkvk5uvhyvo
ebV4RkEh6B3+OGVXlwGMb1ef6Fwhn8knKDfWI/KFsQUTG/ayrPOPd0/B4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGD5euYv2QKia7KO38nvF1wsAqLtMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvWVBsNjVpX1pBcUpyc283ZnllOFhYQ3dDb3UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXrCOMA0G
CSqGSIb3DQEBCwUAA4IBAQBdksyADLI+VytUI8xjESEICHYwnDxrZQMrv5UohJbz
nu08wUIDjlMzKgSm2+UWc2CT65ZsOCeMfAR6Y6z6E9Wbv8CRyi1bR711omv5vXj8
qmVJJCNgilhoWlnG8q3fkbt6fnDCCpPRa9PN/ZnXmv29NMY+m5250O4JttSoP3kg
xcyk1iigOBbwAA5Q98PYEbtYhypyAQHikD9LaB0GevxfmyvBk2W/a6Vmd+gv6p5v
cLMznoxeWou3dAXzeNn0tXxZWdRV9wcXmauoQ7Y+dSpt9alguVcVnbmWonZIZaz9
vRSqc/Sapt8W3tWAdn1589OPspZIvMNlZXEqJFS5/LX1
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:18:56 2024 by rpki-client on console-fra.rpki-client.org