Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/2901ce-67e7-44f5-99ea-2373a1ba6d0b/1/yDU1rEJ62ylcENkxxq9-gc-Am2g.roa
File: yDU1rEJ62ylcENkxxq9-gc-Am2g.roa (raw, json)
Hash identifier: 7IZ7rxbnUahaLcCnP9skdbmiM7UlbVpGLatma5hP9yw=
Subject key identifier: C8:35:35:AC:42:7A:DB:29:5C:10:D9:31:C6:AF:7E:81:CF:80:9B:68
Certificate issuer: /CN=c062e6aa59466fe561a93abcd4dcdf3dea4dc267
Certificate serial: 019424454387D07530EE255BFBE0B78CAEB8
Authority key identifier: C0:62:E6:AA:59:46:6F:E5:61:A9:3A:BC:D4:DC:DF:3D:EA:4D:C2:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wGLmqllGb-VhqTq81NzfPepNwmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/2901ce-67e7-44f5-99ea-2373a1ba6d0b/1/yDU1rEJ62ylcENkxxq9-gc-Am2g.roa
Signing time: Wed 01 Jan 2025 23:48:26 +0000
ROA not before: Wed 01 Jan 2025 23:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198371
IP address blocks: 176.104.104.0/24 maxlen: 24
176.104.105.0/24 maxlen: 24
176.104.106.0/24 maxlen: 24
176.104.107.0/24 maxlen: 24
176.104.108.0/24 maxlen: 24
176.104.109.0/24 maxlen: 24
176.104.110.0/24 maxlen: 24
176.104.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/2901ce-67e7-44f5-99ea-2373a1ba6d0b/1/wGLmqllGb-VhqTq81NzfPepNwmc.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/2901ce-67e7-44f5-99ea-2373a1ba6d0b/1/wGLmqllGb-VhqTq81NzfPepNwmc.mft
rsync://rpki.ripe.net/repository/DEFAULT/wGLmqllGb-VhqTq81NzfPepNwmc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 17:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:43:87:d0:75:30:ee:25:5b:fb:e0:b7:8c:ae:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c062e6aa59466fe561a93abcd4dcdf3dea4dc267
Validity
Not Before: Jan 1 23:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c83535ac427adb295c10d931c6af7e81cf809b68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:1e:16:3d:70:7c:0a:4d:cc:33:f8:55:1f:bc:
2e:65:ca:73:ba:fb:e6:ea:5d:0f:2e:39:d0:c9:19:
d1:8a:1b:cb:54:9e:aa:49:bb:94:e5:c7:81:82:47:
9c:12:a1:34:0d:fe:f0:d2:4e:d4:70:c4:aa:2d:6e:
ea:e8:b1:13:68:6f:3f:ff:de:85:bb:ad:2a:2d:4a:
7a:a1:34:ce:a8:6f:fc:ee:11:03:da:d9:41:a1:2f:
df:0e:01:b9:6f:5c:db:f3:7b:3d:6d:4a:e6:31:14:
f2:e1:de:95:21:90:e6:84:35:f3:4e:a0:4f:3c:79:
0c:36:73:fe:f7:23:0a:d4:37:72:9a:c1:6f:23:54:
dd:2f:01:a1:04:23:bf:e5:dd:c4:c8:ec:00:5c:0c:
14:57:d1:58:01:72:6d:6e:38:76:66:c0:4d:2e:44:
50:0d:40:0d:25:e8:ac:46:b1:d0:90:43:31:f1:7e:
29:a8:e7:db:c6:5b:75:14:bd:bd:b2:de:82:87:5d:
fc:27:ae:66:49:6b:23:db:8a:2d:7d:67:16:2a:ec:
06:be:d0:37:88:0c:f3:5a:fe:4c:40:15:17:c4:78:
ea:07:e8:13:82:f4:49:42:71:42:1b:a0:66:86:ad:
8e:02:d6:1f:1c:20:e7:f0:35:8e:ec:0c:88:5a:d1:
ba:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:35:35:AC:42:7A:DB:29:5C:10:D9:31:C6:AF:7E:81:CF:80:9B:68
X509v3 Authority Key Identifier:
keyid:C0:62:E6:AA:59:46:6F:E5:61:A9:3A:BC:D4:DC:DF:3D:EA:4D:C2:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wGLmqllGb-VhqTq81NzfPepNwmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/2901ce-67e7-44f5-99ea-2373a1ba6d0b/1/yDU1rEJ62ylcENkxxq9-gc-Am2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/2901ce-67e7-44f5-99ea-2373a1ba6d0b/1/wGLmqllGb-VhqTq81NzfPepNwmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.104.104.0/21
Signature Algorithm: sha256WithRSAEncryption
27:3c:0e:3f:e7:04:00:27:62:0f:99:93:df:cc:88:f5:4e:c6:
b5:ba:4b:8b:9e:39:e9:99:87:fd:3f:5a:a4:10:9a:90:dd:fd:
6a:66:d6:44:10:e0:39:dd:03:9c:ed:47:6d:db:de:97:66:e2:
88:f2:47:57:cc:da:e6:ea:01:c6:bb:b9:7c:92:67:28:5c:14:
8b:c7:d9:59:01:57:8c:66:cc:11:ac:dc:a0:25:c0:d3:fa:ec:
ce:61:38:67:9d:c3:03:08:6d:8b:83:e9:98:4b:ca:81:91:03:
18:d0:d2:47:fa:09:c1:07:99:1e:72:07:e5:68:dd:90:44:c6:
08:9b:54:89:0b:66:01:67:b1:ae:d5:0c:8d:96:2d:41:63:80:
5f:94:60:47:2c:2f:25:7d:41:ce:9a:ac:95:df:cd:14:e9:a8:
11:91:7b:b8:d4:1e:2e:db:97:eb:98:8b:2c:4b:63:7f:21:09:
55:4b:e8:6e:83:2c:d2:78:b6:9f:4f:27:07:f8:d4:08:67:9a:
ca:39:55:f9:67:12:56:3e:40:12:94:07:a3:ad:6d:02:d1:9d:
10:31:bc:1a:12:d6:77:31:f1:df:bb:74:34:b3:57:88:96:d4:
12:c8:69:34:c2:b2:20:f1:9b:58:79:73:16:21:9a:44:00:a6:
3c:c7:53:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRUOH0HUw7iVb++C3jK64MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNjJlNmFhNTk0NjZmZTU2MWE5M2FiY2Q0ZGNkZjNkZWE0
ZGMyNjcwHhcNMjUwMTAxMjM0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODM1MzVhYzQyN2FkYjI5NWMxMGQ5MzFjNmFmN2U4MWNmODA5YjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnR4WPXB8Ck3MM/hVH7wuZcpzuvvm
6l0PLjnQyRnRihvLVJ6qSbuU5ceBgkecEqE0Df7w0k7UcMSqLW7q6LETaG8//96F
u60qLUp6oTTOqG/87hED2tlBoS/fDgG5b1zb83s9bUrmMRTy4d6VIZDmhDXzTqBP
PHkMNnP+9yMK1DdymsFvI1TdLwGhBCO/5d3EyOwAXAwUV9FYAXJtbjh2ZsBNLkRQ
DUANJeisRrHQkEMx8X4pqOfbxlt1FL29st6Ch138J65mSWsj24otfWcWKuwGvtA3
iAzzWv5MQBUXxHjqB+gTgvRJQnFCG6Bmhq2OAtYfHCDn8DWO7AyIWtG6GQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMg1NaxCetspXBDZMcavfoHPgJtoMB8GA1UdIwQY
MBaAFMBi5qpZRm/lYak6vNTc3z3qTcJnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0dMbXFsbEdiLVZocVRxODFOemZQZXBOd21jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yOTAxY2UtNjdlNy00NGY1LTk5ZWEt
MjM3M2ExYmE2ZDBiLzEveURVMXJFSjYyeWxjRU5reHhxOS1nYy1BbTJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yOTAxY2UtNjdlNy00NGY1LTk5ZWEtMjM3M2ExYmE2ZDBi
LzEvd0dMbXFsbEdiLVZocVRxODFOemZQZXBOd21jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsGhoMA0G
CSqGSIb3DQEBCwUAA4IBAQAnPA4/5wQAJ2IPmZPfzIj1Tsa1ukuLnjnpmYf9P1qk
EJqQ3f1qZtZEEOA53QOc7Udt296XZuKI8kdXzNrm6gHGu7l8kmcoXBSLx9lZAVeM
ZswRrNygJcDT+uzOYThnncMDCG2Lg+mYS8qBkQMY0NJH+gnBB5kecgflaN2QRMYI
m1SJC2YBZ7Gu1QyNli1BY4BflGBHLC8lfUHOmqyV380U6agRkXu41B4u25frmIss
S2N/IQlVS+hugyzSeLafTycH+NQIZ5rKOVX5ZxJWPkASlAejrW0C0Z0QMbwaEtZ3
MfHfu3Q0s1eIltQSyGk0wrIg8ZtYeXMWIZpEAKY8x1M6
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:44:10 2025 by rpki-client