Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/70599d-c474-4123-a743-a201dfabdab1/1/YOftns8u94o_VkfdH8gcSqfisBk.roa
File: YOftns8u94o_VkfdH8gcSqfisBk.roa (raw, json)
Hash identifier: RPN/PH2EauGkep3Im0fIN9PII5Q3z9y4Ww/pMCatZfM=
Subject key identifier: 60:E7:ED:9E:CF:2E:F7:8A:3F:56:47:DD:1F:C8:1C:4A:A7:E2:B0:19
Certificate issuer: /CN=51afbc1462455e9869d48b257b18e23be77aa6c3
Certificate serial: 018EA3B9121ED9D872BABD164EFEAA20E44E
Authority key identifier: 51:AF:BC:14:62:45:5E:98:69:D4:8B:25:7B:18:E2:3B:E7:7A:A6:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ua-8FGJFXphp1IslexjiO-d6psM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/70599d-c474-4123-a743-a201dfabdab1/1/YOftns8u94o_VkfdH8gcSqfisBk.roa
Signing time: Wed 03 Apr 2024 11:29:58 +0000
ROA not before: Wed 03 Apr 2024 11:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213241
IP address blocks: 87.238.226.0/24 maxlen: 24
89.42.52.0/23 maxlen: 24
89.47.38.0/23 maxlen: 24
94.139.34.0/23 maxlen: 24
94.139.38.0/24 maxlen: 24
185.39.9.0/24 maxlen: 24
185.185.230.0/24 maxlen: 24
2a13:1fc0::/48 maxlen: 48
2a13:1fc0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/70599d-c474-4123-a743-a201dfabdab1/1/Ua-8FGJFXphp1IslexjiO-d6psM.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/70599d-c474-4123-a743-a201dfabdab1/1/Ua-8FGJFXphp1IslexjiO-d6psM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ua-8FGJFXphp1IslexjiO-d6psM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a3:b9:12:1e:d9:d8:72:ba:bd:16:4e:fe:aa:20:e4:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51afbc1462455e9869d48b257b18e23be77aa6c3
Validity
Not Before: Apr 3 11:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60e7ed9ecf2ef78a3f5647dd1fc81c4aa7e2b019
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:7c:ab:b8:19:b7:dc:42:27:49:21:00:9b:0e:
0e:38:f8:01:6e:78:e7:10:7f:ef:a2:a8:b1:b2:c8:
16:cc:3e:09:62:3a:42:9f:4c:21:c2:05:f8:f5:81:
0a:e9:42:09:f4:4f:2c:f9:76:52:ea:34:3f:64:07:
5d:c6:e2:67:c5:12:5f:d8:3c:e0:3f:43:7d:d9:47:
68:0b:6b:80:48:6e:1f:0e:77:f7:6e:d3:cf:45:65:
08:4d:9a:68:a8:76:dc:30:be:6a:bf:3b:21:0f:e8:
06:b9:49:71:74:02:7c:b6:24:f1:d1:84:4f:e8:ff:
74:e8:b5:bc:7a:9f:76:da:38:47:ac:b9:d8:25:96:
8f:94:41:0d:4d:e5:94:f2:9c:61:53:00:17:11:40:
18:ea:02:e3:01:8c:1f:67:2e:1c:a7:99:a0:b4:34:
fb:00:8b:5c:bc:5c:2d:5f:9a:4e:44:c3:d7:05:8d:
f1:33:68:ef:96:31:b3:7a:31:23:60:3b:18:61:6f:
85:29:e9:d7:08:52:17:18:3e:18:e3:35:27:80:86:
6e:46:a7:6d:63:f1:82:fc:73:0c:f5:b8:2a:c0:7e:
18:0f:ac:05:81:e4:a9:b1:95:9c:0d:f8:fe:24:00:
20:64:07:91:e5:4f:4e:ee:24:7e:78:b5:99:1b:ac:
2b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:E7:ED:9E:CF:2E:F7:8A:3F:56:47:DD:1F:C8:1C:4A:A7:E2:B0:19
X509v3 Authority Key Identifier:
keyid:51:AF:BC:14:62:45:5E:98:69:D4:8B:25:7B:18:E2:3B:E7:7A:A6:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ua-8FGJFXphp1IslexjiO-d6psM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/70599d-c474-4123-a743-a201dfabdab1/1/YOftns8u94o_VkfdH8gcSqfisBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/70599d-c474-4123-a743-a201dfabdab1/1/Ua-8FGJFXphp1IslexjiO-d6psM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.238.226.0/24
89.42.52.0/23
89.47.38.0/23
94.139.34.0/23
94.139.38.0/24
185.39.9.0/24
185.185.230.0/24
IPv6:
2a13:1fc0::/47
Signature Algorithm: sha256WithRSAEncryption
45:92:53:71:46:28:a8:8b:a3:65:ad:4b:bb:f6:3a:47:97:fe:
79:5a:92:c9:1d:2e:c6:cc:d6:2e:de:57:98:d0:6a:17:9b:5e:
39:03:8b:50:33:0f:3f:35:76:e3:d9:ea:75:2d:1c:c0:e3:18:
31:fd:c3:92:64:76:e5:00:1e:81:25:5b:e5:d0:2b:1d:15:ee:
ed:11:1d:6e:08:07:49:2a:e7:fc:31:9f:90:c6:d8:04:ad:67:
79:52:4b:1b:05:ba:b4:2f:99:bc:09:3f:8c:ad:9e:7d:18:41:
aa:61:f2:9d:b0:2f:ae:93:9e:fe:4c:00:d2:54:4f:0d:bf:4d:
0b:c9:52:43:cf:0e:a7:db:9f:b6:c3:3e:23:27:de:98:ef:e9:
47:cb:e5:de:65:ae:c4:7b:25:cf:49:11:86:bf:35:04:32:fe:
f1:3a:3f:ec:44:81:9e:44:72:fe:40:d7:0e:1e:ea:5c:73:58:
bb:bc:b1:6a:96:55:1a:1d:e3:97:f5:2c:b9:f1:f1:f3:ac:af:
e8:e7:a5:97:a2:70:25:b6:cb:1d:4d:f2:c2:ef:7b:fa:c2:5d:
a1:7c:cf:d0:a3:39:71:52:65:d2:60:db:23:5d:4b:7d:0a:21:
26:9f:ab:e3:9c:81:e7:33:0d:9c:1b:7d:47:59:4c:25:43:f3:
11:93:1b:19
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAY6juRIe2dhyur0WTv6qIOROMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxYWZiYzE0NjI0NTVlOTg2OWQ0OGIyNTdiMThlMjNiZTc3
YWE2YzMwHhcNMjQwNDAzMTEyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGU3ZWQ5ZWNmMmVmNzhhM2Y1NjQ3ZGQxZmM4MWM0YWE3ZTJiMDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnyruBm33EInSSEAmw4OOPgBbnjn
EH/voqixssgWzD4JYjpCn0whwgX49YEK6UIJ9E8s+XZS6jQ/ZAddxuJnxRJf2Dzg
P0N92UdoC2uASG4fDnf3btPPRWUITZpoqHbcML5qvzshD+gGuUlxdAJ8tiTx0YRP
6P906LW8ep922jhHrLnYJZaPlEENTeWU8pxhUwAXEUAY6gLjAYwfZy4cp5mgtDT7
AItcvFwtX5pORMPXBY3xM2jvljGzejEjYDsYYW+FKenXCFIXGD4Y4zUngIZuRqdt
Y/GC/HMM9bgqwH4YD6wFgeSpsZWcDfj+JAAgZAeR5U9O7iR+eLWZG6wrXQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFGDn7Z7PLveKP1ZH3R/IHEqn4rAZMB8GA1UdIwQY
MBaAFFGvvBRiRV6YadSLJXsY4jvneqbDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWEtOEZHSkZYcGhwMUlzbGV4amlPLWQ2cHNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83MDU5OWQtYzQ3NC00MTIzLWE3NDMt
YTIwMWRmYWJkYWIxLzEvWU9mdG5zOHU5NG9fVmtmZEg4Z2NTcWZpc0JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny83MDU5OWQtYzQ3NC00MTIzLWE3NDMtYTIwMWRmYWJkYWIx
LzEvVWEtOEZHSkZYcGhwMUlzbGV4amlPLWQ2cHNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAwBAIAATAqAwQAV+7iAwQB
WSo0AwQBWS8mAwQBXosiAwQAXosmAwQAuScJAwQAubnmMA8EAgACMAkDBwEqEx/A
AAAwDQYJKoZIhvcNAQELBQADggEBAEWSU3FGKKiLo2WtS7v2OkeX/nlakskdLsbM
1i7eV5jQahebXjkDi1AzDz81duPZ6nUtHMDjGDH9w5JkduUAHoElW+XQKx0V7u0R
HW4IB0kq5/wxn5DG2AStZ3lSSxsFurQvmbwJP4ytnn0YQaph8p2wL66Tnv5MANJU
Tw2/TQvJUkPPDqfbn7bDPiMn3pjv6UfL5d5lrsR7Jc9JEYa/NQQy/vE6P+xEgZ5E
cv5A1w4e6lxzWLu8sWqWVRod45f1LLnx8fOsr+jnpZeicCW2yx1N8sLve/rCXaF8
z9CjOXFSZdJg2yNdS30KISafq+OcgeczDZwbfUdZTCVD8xGTGxk=
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:46:47 2024 by rpki-client on console-ams.rpki-client.org