Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/yJaOHYlgBSVnRqE-ORtbNVM9i8w.roa
File: yJaOHYlgBSVnRqE-ORtbNVM9i8w.roa (raw, json)
Hash identifier: GZaUOc6iTm4snLv8/ACLT4/sP/NlZko1p+q8Ea73UME=
Subject key identifier: C8:96:8E:1D:89:60:05:25:67:46:A1:3E:39:1B:5B:35:53:3D:8B:CC
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 0191AE4D3BF295C7209736937B4CFBCA9690
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/yJaOHYlgBSVnRqE-ORtbNVM9i8w.roa
Signing time: Sun 01 Sep 2024 15:56:22 +0000
ROA not before: Sun 01 Sep 2024 15:56:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213107
IP address blocks: 185.86.14.0/24 maxlen: 24
185.88.175.0/24 maxlen: 24
185.98.63.0/24 maxlen: 24
185.185.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 13:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ae:4d:3b:f2:95:c7:20:97:36:93:7b:4c:fb:ca:96:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Sep 1 15:56:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8968e1d896005256746a13e391b5b35533d8bcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:28:53:5d:97:77:7c:ff:d9:a8:82:60:2b:01:
62:84:8b:7b:7a:90:30:2c:48:99:42:41:49:2f:9d:
fc:dc:4b:e3:13:7c:60:55:4f:d2:6b:12:e3:53:f8:
e6:0a:e9:10:2a:23:b1:91:20:a7:09:f0:a9:a8:63:
96:e6:37:d4:3b:6a:14:24:7a:a2:96:0b:cc:5e:a1:
9d:eb:64:9a:9f:3b:67:02:32:0f:29:e9:17:be:bd:
8d:da:3b:6e:ed:b1:f8:b7:d8:29:0e:c8:ab:3a:73:
c9:b3:e2:9b:de:59:6e:27:d0:f6:2f:dd:be:c6:b1:
d0:4a:5b:ad:93:a6:f4:4b:b3:50:99:20:08:f8:2f:
d4:a6:55:27:41:c3:cb:03:15:fb:09:82:a6:78:2e:
a5:b6:20:05:f3:c5:54:c7:ff:fb:af:60:53:b8:f5:
4c:4f:50:dc:7c:54:db:a3:41:43:cd:69:aa:ee:a3:
b4:b2:97:01:c8:f0:c0:55:39:8f:1c:27:0e:4c:33:
16:fa:04:79:4b:3e:b7:e6:23:b1:fe:2f:ed:8b:1c:
f2:4a:40:8b:1b:0c:4c:31:a3:01:30:e5:8b:f9:96:
43:af:37:72:c6:7b:05:48:f2:3c:7d:b7:f2:1b:b2:
91:fb:66:2e:0d:e2:60:07:a9:a3:e7:c4:4f:aa:1c:
7f:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:96:8E:1D:89:60:05:25:67:46:A1:3E:39:1B:5B:35:53:3D:8B:CC
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/yJaOHYlgBSVnRqE-ORtbNVM9i8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.14.0/24
185.88.175.0/24
185.98.63.0/24
185.185.232.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:0c:06:38:8a:f6:42:c6:df:d1:9c:60:d2:b1:e0:b4:b8:d9:
d1:45:48:3c:0d:e8:b2:5a:0d:84:9d:bd:cf:59:06:f7:cf:8e:
44:e8:5c:99:de:ff:9d:97:61:10:ba:14:65:68:ce:f6:f8:34:
b5:8d:e2:5a:b2:6f:22:77:7b:56:91:07:c4:4b:f1:a8:f3:7c:
44:d5:fd:54:d8:99:2e:82:f4:a6:9d:3d:45:b3:de:9f:4a:a2:
7a:d6:08:51:c4:ec:35:83:4e:94:92:0b:bb:d5:43:79:f6:65:
c9:e9:29:13:20:54:a2:6b:8c:52:c2:36:0f:50:ef:d6:3c:d0:
7e:99:e3:94:ea:bf:e1:05:c4:a2:7d:ab:49:86:c2:c0:4c:f3:
41:5a:cd:6f:34:13:1e:d9:da:e6:55:7e:3c:0c:17:4c:7e:f7:
f9:80:96:48:f7:00:84:80:92:0e:59:0f:80:d1:99:ec:16:af:
19:d7:39:54:32:fd:40:49:2e:b8:2b:5a:10:ad:8c:03:89:44:
4b:44:64:8d:75:c1:12:18:13:9c:50:33:6c:bd:3a:ce:0e:49:
5d:c4:30:df:e0:14:56:7a:1d:f0:b8:0e:2f:24:5c:01:d7:5f:
80:a7:4f:fb:7e:60:4b:07:39:7e:0e:4d:fa:c6:a9:7d:d0:c0:
7b:87:bd:d5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZGuTTvylccglzaTe0z7ypaQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjQwOTAxMTU1NjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODk2OGUxZDg5NjAwNTI1Njc0NmExM2UzOTFiNWIzNTUzM2Q4YmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxihTXZd3fP/ZqIJgKwFihIt7epAw
LEiZQkFJL5383EvjE3xgVU/SaxLjU/jmCukQKiOxkSCnCfCpqGOW5jfUO2oUJHqi
lgvMXqGd62SanztnAjIPKekXvr2N2jtu7bH4t9gpDsirOnPJs+Kb3lluJ9D2L92+
xrHQSlutk6b0S7NQmSAI+C/UplUnQcPLAxX7CYKmeC6ltiAF88VUx//7r2BTuPVM
T1DcfFTbo0FDzWmq7qO0spcByPDAVTmPHCcOTDMW+gR5Sz635iOx/i/tixzySkCL
GwxMMaMBMOWL+ZZDrzdyxnsFSPI8fbfyG7KR+2YuDeJgB6mj58RPqhx/5wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMiWjh2JYAUlZ0ahPjkbWzVTPYvMMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEveUphT0hZbGdCU1ZuUnFFLU9SdGJOVk05aTh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuVYOAwQA
uVivAwQAuWI/AwQAubnoMA0GCSqGSIb3DQEBCwUAA4IBAQCuDAY4ivZCxt/RnGDS
seC0uNnRRUg8DeiyWg2Enb3PWQb3z45E6FyZ3v+dl2EQuhRlaM72+DS1jeJasm8i
d3tWkQfES/Go83xE1f1U2JkugvSmnT1Fs96fSqJ61ghRxOw1g06Ukgu71UN59mXJ
6SkTIFSia4xSwjYPUO/WPNB+meOU6r/hBcSifatJhsLATPNBWs1vNBMe2drmVX48
DBdMfvf5gJZI9wCEgJIOWQ+A0ZnsFq8Z1zlUMv1ASS64K1oQrYwDiURLRGSNdcES
GBOcUDNsvTrODkldxDDf4BRWeh3wuA4vJFwB11+Ap0/7fmBLBzl+Dk36xql90MB7
h73V
-----END CERTIFICATE-----
Generated at Mon Nov 25 21:56:23 2024 by rpki-client on console-ams.rpki-client.org