Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/YZr22wospq5rjTGQ7ki-GmoOgFQ.roa
File: YZr22wospq5rjTGQ7ki-GmoOgFQ.roa (raw, json)
Hash identifier: WUAyIZiayv1YKfn5jm8UhFD8eeXhT6RmKxJsH6k+6XY=
Subject key identifier: 61:9A:F6:DB:0A:2C:A6:AE:6B:8D:31:90:EE:48:BE:1A:6A:0E:80:54
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 018E2CA22ED2F8D757F7F1D3A97AA4839F18
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/YZr22wospq5rjTGQ7ki-GmoOgFQ.roa
Signing time: Mon 11 Mar 2024 08:30:10 +0000
ROA not before: Mon 11 Mar 2024 08:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212087
IP address blocks: 84.232.114.0/24 maxlen: 24
84.232.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 05:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2c:a2:2e:d2:f8:d7:57:f7:f1:d3:a9:7a:a4:83:9f:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Mar 11 08:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=619af6db0a2ca6ae6b8d3190ee48be1a6a0e8054
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:76:74:c6:4f:7b:cf:60:c2:8e:77:74:da:57:
c3:dd:8d:9c:4e:0e:ce:c3:9e:2f:cd:56:c2:77:97:
f6:5c:fd:9c:04:bd:6e:b3:25:e3:44:dc:be:9b:27:
9c:fe:4d:fc:86:79:3c:b9:ad:0f:97:56:52:26:47:
8a:58:33:c9:b2:5a:8f:e1:02:72:82:4e:b1:39:38:
89:94:97:e9:8b:5e:01:fa:63:e8:22:d7:d5:b9:bd:
68:f3:86:f6:fb:a8:c3:7d:0a:00:cf:5c:eb:75:db:
cd:e4:2c:51:dd:0f:d4:b7:d4:a3:fb:ab:2d:a2:e8:
39:30:45:10:24:3d:91:25:4d:b3:36:01:1a:74:55:
f0:85:31:c2:0e:86:12:bb:ec:fc:f2:2f:a1:f0:e5:
92:ae:b4:98:40:22:34:12:ca:ef:0f:4b:9f:0d:05:
7f:69:23:1f:67:32:ae:b3:70:4b:45:fb:6e:50:e2:
09:36:a9:f2:48:90:86:57:94:03:45:bb:eb:f5:9a:
ff:23:d9:8c:23:ad:87:d3:1e:3f:45:7b:01:51:b5:
07:90:15:a3:74:a1:71:a0:bd:6d:f4:79:4c:a6:9f:
1f:9e:2c:a2:be:b6:d6:35:27:f6:83:0d:fc:e2:6f:
08:7b:14:8f:1f:ea:b6:85:08:53:68:59:bb:5e:fe:
6c:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:9A:F6:DB:0A:2C:A6:AE:6B:8D:31:90:EE:48:BE:1A:6A:0E:80:54
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/YZr22wospq5rjTGQ7ki-GmoOgFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.232.114.0/24
84.232.121.0/24
Signature Algorithm: sha256WithRSAEncryption
41:e8:9b:d6:95:88:39:d2:c1:b0:7b:b1:ba:cf:0a:c2:8b:1a:
aa:0e:fd:3d:7c:af:f3:68:74:30:dc:aa:30:85:56:d0:bc:07:
03:d5:b5:d7:f2:4e:08:59:8b:be:89:03:86:53:5f:cd:f2:01:
17:b1:8e:3e:78:a5:89:0e:d5:6a:3b:6f:72:f2:7d:67:41:15:
41:29:7b:ad:28:53:46:e1:14:25:3e:56:ff:b3:46:44:26:28:
c3:bb:7d:be:b7:e9:3d:46:6d:65:ec:d2:d4:db:0f:21:8a:b9:
52:b4:b8:0f:9e:ae:3f:46:eb:b0:2a:f0:89:b6:ff:33:9a:bb:
54:89:b8:fc:a5:12:d2:b9:11:de:18:61:ea:9e:5c:ef:64:d8:
65:98:a5:35:51:ee:64:2c:bc:7c:43:e7:3a:70:77:51:e1:fe:
62:01:75:69:5f:24:63:49:b3:55:93:e6:d0:8b:ad:da:22:66:
38:36:2b:e2:f3:46:f5:63:2f:d2:d5:3b:63:b2:41:05:9b:34:
d5:61:79:f0:fb:7e:a8:49:ba:2b:5f:39:30:af:af:bb:39:52:
36:33:5c:4d:12:92:db:b6:82:3b:97:76:8e:85:93:f6:5c:8a:
3b:9a:9e:ae:2b:b0:14:bb:38:08:94:53:f1:3f:73:32:d1:21:
b3:c3:99:c1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4soi7S+NdX9/HTqXqkg58YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjQwMzExMDgzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTlhZjZkYjBhMmNhNmFlNmI4ZDMxOTBlZTQ4YmUxYTZhMGU4MDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXZ0xk97z2DCjnd02lfD3Y2cTg7O
w54vzVbCd5f2XP2cBL1usyXjRNy+myec/k38hnk8ua0Pl1ZSJkeKWDPJslqP4QJy
gk6xOTiJlJfpi14B+mPoItfVub1o84b2+6jDfQoAz1zrddvN5CxR3Q/Ut9Sj+6st
oug5MEUQJD2RJU2zNgEadFXwhTHCDoYSu+z88i+h8OWSrrSYQCI0EsrvD0ufDQV/
aSMfZzKus3BLRftuUOIJNqnySJCGV5QDRbvr9Zr/I9mMI62H0x4/RXsBUbUHkBWj
dKFxoL1t9HlMpp8fniyivrbWNSf2gw384m8IexSPH+q2hQhTaFm7Xv5sBQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGGa9tsKLKaua40xkO5IvhpqDoBUMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvWVpyMjJ3b3NwcTVyalRHUTdraS1HbW9PZ0ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVOhyAwQA
VOh5MA0GCSqGSIb3DQEBCwUAA4IBAQBB6JvWlYg50sGwe7G6zwrCixqqDv09fK/z
aHQw3KowhVbQvAcD1bXX8k4IWYu+iQOGU1/N8gEXsY4+eKWJDtVqO29y8n1nQRVB
KXutKFNG4RQlPlb/s0ZEJijDu32+t+k9Rm1l7NLU2w8hirlStLgPnq4/RuuwKvCJ
tv8zmrtUibj8pRLSuRHeGGHqnlzvZNhlmKU1Ue5kLLx8Q+c6cHdR4f5iAXVpXyRj
SbNVk+bQi63aImY4Nivi80b1Yy/S1TtjskEFmzTVYXnw+36oSborXzkwr6+7OVI2
M1xNEpLbtoI7l3aOhZP2XIo7mp6uK7AUuzgIlFPxP3My0SGzw5nB
-----END CERTIFICATE-----
Generated at Wed May 22 10:39:25 2024 by rpki-client on console-ams.rpki-client.org