Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/278d5f-9ee6-4477-9fe0-8eae8b75e9ca/1/cYNE-hG5eywlCoZxuHfjH-2Ydzs.roa
File: cYNE-hG5eywlCoZxuHfjH-2Ydzs.roa (raw, json)
Hash identifier: UygBE1NvPgiGle6gGtCyPJnUMzsLawk6ooE/v00Od3g=
Subject key identifier: 71:83:44:FA:11:B9:7B:2C:25:0A:86:71:B8:77:E3:1F:ED:98:77:3B
Certificate issuer: /CN=568ae803b9ba38855401827b3eece14505a9c0f6
Certificate serial: 018CC56E702DA3ABF79D8DD4E5514ACAE808
Authority key identifier: 56:8A:E8:03:B9:BA:38:85:54:01:82:7B:3E:EC:E1:45:05:A9:C0:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VoroA7m6OIVUAYJ7PuzhRQWpwPY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/278d5f-9ee6-4477-9fe0-8eae8b75e9ca/1/cYNE-hG5eywlCoZxuHfjH-2Ydzs.roa
Signing time: Mon 01 Jan 2024 14:29:58 +0000
ROA not before: Mon 01 Jan 2024 14:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20764
IP address blocks: 79.141.208.0/20 maxlen: 20
80.64.96.0/20 maxlen: 20
80.64.98.28/32 maxlen: 32
81.27.240.0/20 maxlen: 20
185.5.160.0/22 maxlen: 22
81.27.253.0/24 maxlen: 24
2a00:1c28::/29 maxlen: 29
2a00:1c28::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/278d5f-9ee6-4477-9fe0-8eae8b75e9ca/1/VoroA7m6OIVUAYJ7PuzhRQWpwPY.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/278d5f-9ee6-4477-9fe0-8eae8b75e9ca/1/VoroA7m6OIVUAYJ7PuzhRQWpwPY.mft
rsync://rpki.ripe.net/repository/DEFAULT/VoroA7m6OIVUAYJ7PuzhRQWpwPY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 27 Jun 2024 05:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:70:2d:a3:ab:f7:9d:8d:d4:e5:51:4a:ca:e8:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=568ae803b9ba38855401827b3eece14505a9c0f6
Validity
Not Before: Jan 1 14:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=718344fa11b97b2c250a8671b877e31fed98773b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d1:ea:6b:76:58:36:bd:2d:d2:6b:e6:22:c9:
41:c1:e7:df:b8:59:c3:fc:6d:84:1a:85:bb:61:f4:
c5:c8:b4:5f:29:a2:a3:fb:f2:56:1f:18:e4:19:2e:
0f:24:6c:63:e3:cf:be:0c:c1:8c:d5:72:31:f5:f6:
61:95:6a:17:71:54:f1:fb:08:53:d6:3d:65:94:41:
26:30:ec:57:bd:78:98:4f:1e:1e:50:e9:52:dc:7f:
18:c5:be:cf:bd:a4:0f:9c:7d:33:4a:be:22:b7:07:
99:c2:76:17:7c:56:14:42:5b:7d:b5:aa:e1:bc:66:
7b:af:12:00:9d:8c:c5:d8:98:2d:09:a7:c4:e1:08:
73:70:54:ae:d7:d9:0b:f6:0b:fa:11:c2:d6:b3:92:
fc:4b:a2:4c:51:91:71:7d:5c:91:5e:59:8c:ee:31:
0a:10:95:2c:24:a7:13:c9:43:aa:31:55:36:ce:41:
60:5a:5b:8e:8c:9a:1c:76:1c:a7:be:23:2f:fb:2d:
d9:20:f1:80:28:50:5b:23:f1:ec:3d:e0:c1:b7:e5:
c0:84:2a:f5:55:88:ba:3f:88:08:ab:81:29:dd:ec:
63:2c:9e:ce:e7:c2:ba:ac:26:3b:43:71:61:c7:ad:
58:bd:87:d4:2a:f3:45:c7:eb:33:aa:89:1e:c2:42:
17:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:83:44:FA:11:B9:7B:2C:25:0A:86:71:B8:77:E3:1F:ED:98:77:3B
X509v3 Authority Key Identifier:
keyid:56:8A:E8:03:B9:BA:38:85:54:01:82:7B:3E:EC:E1:45:05:A9:C0:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VoroA7m6OIVUAYJ7PuzhRQWpwPY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/278d5f-9ee6-4477-9fe0-8eae8b75e9ca/1/cYNE-hG5eywlCoZxuHfjH-2Ydzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/278d5f-9ee6-4477-9fe0-8eae8b75e9ca/1/VoroA7m6OIVUAYJ7PuzhRQWpwPY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.141.208.0/20
80.64.96.0/20
81.27.240.0/20
185.5.160.0/22
IPv6:
2a00:1c28::/29
Signature Algorithm: sha256WithRSAEncryption
0f:15:54:ad:1d:cd:07:41:b8:45:b0:48:db:5e:ba:bb:e6:80:
a9:dc:63:38:4a:fd:bd:18:c4:67:a8:35:7f:54:8c:50:6c:8b:
a9:39:aa:62:fe:ba:42:f5:6a:bb:13:82:1c:aa:b4:82:b5:68:
34:5a:9a:69:66:2f:d4:9c:fa:32:eb:ea:b8:4a:ee:97:48:e0:
91:8c:73:70:31:38:94:c6:f8:35:5c:06:9e:02:a3:bd:10:be:
88:a0:5f:6b:a9:6c:83:98:75:63:fc:9b:a6:7b:b0:a1:b8:cd:
17:e8:47:9c:79:7c:e3:5d:ff:f9:44:5a:99:2e:24:eb:a9:0c:
be:36:fd:eb:b4:bd:34:55:f6:fb:2f:11:1d:4e:06:9a:d8:fb:
7d:0d:75:f2:d1:7a:a5:f1:24:33:2e:5e:43:4a:d5:f9:a3:b5:
52:10:74:5c:08:b8:be:4d:f4:87:dd:a2:6a:8b:f4:96:e8:34:
53:6a:fc:52:90:f6:97:fc:6e:9b:76:26:c1:fc:5e:8b:0b:d6:
89:a7:86:7a:60:13:98:11:a2:c3:a9:7f:92:81:8c:b8:08:e1:
d7:cd:80:d9:b3:58:ce:75:0d:8c:b5:8c:fc:12:84:62:6f:b5:
de:5e:6a:e9:20:be:80:98:11:af:e2:0a:09:59:fd:28:00:9f:
ef:61:8e:85
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzFbnAto6v3nY3U5VFKyugIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2OGFlODAzYjliYTM4ODU1NDAxODI3YjNlZWNlMTQ1MDVh
OWMwZjYwHhcNMjQwMTAxMTQyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTgzNDRmYTExYjk3YjJjMjUwYTg2NzFiODc3ZTMxZmVkOTg3NzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNHqa3ZYNr0t0mvmIslBweffuFnD
/G2EGoW7YfTFyLRfKaKj+/JWHxjkGS4PJGxj48++DMGM1XIx9fZhlWoXcVTx+whT
1j1llEEmMOxXvXiYTx4eUOlS3H8Yxb7PvaQPnH0zSr4itweZwnYXfFYUQlt9tarh
vGZ7rxIAnYzF2JgtCafE4QhzcFSu19kL9gv6EcLWs5L8S6JMUZFxfVyRXlmM7jEK
EJUsJKcTyUOqMVU2zkFgWluOjJocdhynviMv+y3ZIPGAKFBbI/HsPeDBt+XAhCr1
VYi6P4gIq4Ep3exjLJ7O58K6rCY7Q3Fhx61YvYfUKvNFx+szqokewkIXXQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHGDRPoRuXssJQqGcbh34x/tmHc7MB8GA1UdIwQY
MBaAFFaK6AO5ujiFVAGCez7s4UUFqcD2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm9yb0E3bTZPSVZVQVlKN1B1emhSUVdwd1BZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8yNzhkNWYtOWVlNi00NDc3LTlmZTAt
OGVhZThiNzVlOWNhLzEvY1lORS1oRzVleXdsQ29aeHVIZmpILTJZZHpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS8yNzhkNWYtOWVlNi00NDc3LTlmZTAtOGVhZThiNzVlOWNh
LzEvVm9yb0E3bTZPSVZVQVlKN1B1emhSUVdwd1BZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQET43QAwQE
UEBgAwQEURvwAwQCuQWgMA0EAgACMAcDBQMqABwoMA0GCSqGSIb3DQEBCwUAA4IB
AQAPFVStHc0HQbhFsEjbXrq75oCp3GM4Sv29GMRnqDV/VIxQbIupOapi/rpC9Wq7
E4IcqrSCtWg0WpppZi/UnPoy6+q4Su6XSOCRjHNwMTiUxvg1XAaeAqO9EL6IoF9r
qWyDmHVj/Jume7ChuM0X6EeceXzjXf/5RFqZLiTrqQy+Nv3rtL00Vfb7LxEdTgaa
2Pt9DXXy0Xql8SQzLl5DStX5o7VSEHRcCLi+TfSH3aJqi/SW6DRTavxSkPaX/G6b
dibB/F6LC9aJp4Z6YBOYEaLDqX+SgYy4COHXzYDZs1jOdQ2MtYz8EoRib7XeXmrp
IL6AmBGv4goJWf0oAJ/vYY6F
-----END CERTIFICATE-----
Generated at Wed Jun 26 10:03:49 2024 by rpki-client on console-fra.rpki-client.org