Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/YPQrwZYqV2eQKMguP0mLTXudc4w.roa
File: YPQrwZYqV2eQKMguP0mLTXudc4w.roa (raw, json)
Hash identifier: rHCj9/YM0hme0eYCqPZCV/UI/l2GxCZXsdN98M8N6jY=
Subject key identifier: 60:F4:2B:C1:96:2A:57:67:90:28:C8:2E:3F:49:8B:4D:7B:9D:73:8C
Certificate issuer: /CN=311d62b7fd9fcfc87dfea987515767c838e21bb9
Certificate serial: 018CC26D49DD06F16F8E32605270767D40A4
Authority key identifier: 31:1D:62:B7:FD:9F:CF:C8:7D:FE:A9:87:51:57:67:C8:38:E2:1B:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MR1it_2fz8h9_qmHUVdnyDjiG7k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/YPQrwZYqV2eQKMguP0mLTXudc4w.roa
Signing time: Mon 01 Jan 2024 00:29:51 +0000
ROA not before: Mon 01 Jan 2024 00:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 193.105.232.0/24 maxlen: 24
37.49.232.0/23 maxlen: 24
37.49.236.0/22 maxlen: 24
185.1.144.0/24 maxlen: 24
77.95.71.0/24 maxlen: 24
77.95.70.0/23 maxlen: 24
2001:7f8:54::/48 maxlen: 64
2001:7f8:47:47::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/MR1it_2fz8h9_qmHUVdnyDjiG7k.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/MR1it_2fz8h9_qmHUVdnyDjiG7k.mft
rsync://rpki.ripe.net/repository/DEFAULT/MR1it_2fz8h9_qmHUVdnyDjiG7k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 15:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:49:dd:06:f1:6f:8e:32:60:52:70:76:7d:40:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=311d62b7fd9fcfc87dfea987515767c838e21bb9
Validity
Not Before: Jan 1 00:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60f42bc1962a57679028c82e3f498b4d7b9d738c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:78:f7:81:ba:2f:1c:58:69:c0:bf:f5:0a:d9:
85:f1:21:05:db:5a:dd:18:f8:7f:44:e4:91:f3:88:
32:07:e2:e6:ae:6b:a8:fd:c6:96:d2:47:3c:3a:40:
5f:96:7c:4c:5b:c9:cc:18:1c:aa:b9:50:85:fc:de:
bf:8f:f2:d2:e5:01:94:53:35:f1:71:06:1e:a3:96:
57:fa:4a:5a:70:82:02:e0:71:2e:42:2c:13:71:d6:
35:9c:2f:17:12:e7:83:10:ea:14:68:c8:2f:63:be:
12:0a:bc:5d:37:5e:dc:6b:cd:c1:d3:94:73:5d:41:
5d:2e:27:17:df:5b:26:aa:e3:39:88:0c:07:4a:90:
ba:a0:7c:a4:f8:b4:87:fb:ad:ba:95:03:02:24:90:
8e:0d:d2:f2:bb:86:3d:c9:6b:16:d5:86:16:21:b6:
ba:7b:1e:78:82:5b:6d:02:d0:2f:d1:52:af:a2:ae:
6f:c0:d4:0b:fe:db:e2:e8:27:8a:d5:54:0b:61:7e:
09:3b:4f:72:5f:54:97:b1:d0:3e:d9:fc:b6:7a:31:
a2:a3:ee:06:0c:08:01:e9:9d:88:27:9a:63:02:75:
f1:a5:cf:c6:2e:c7:32:a1:fb:7e:40:9f:5c:c3:ed:
46:1b:b3:78:31:74:1c:34:30:e5:f0:c1:d8:e3:43:
7b:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:F4:2B:C1:96:2A:57:67:90:28:C8:2E:3F:49:8B:4D:7B:9D:73:8C
X509v3 Authority Key Identifier:
keyid:31:1D:62:B7:FD:9F:CF:C8:7D:FE:A9:87:51:57:67:C8:38:E2:1B:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MR1it_2fz8h9_qmHUVdnyDjiG7k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/YPQrwZYqV2eQKMguP0mLTXudc4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/MR1it_2fz8h9_qmHUVdnyDjiG7k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.232.0/23
37.49.236.0/22
77.95.70.0/23
185.1.144.0/24
193.105.232.0/24
IPv6:
2001:7f8:47:47::/64
2001:7f8:54::/48
Signature Algorithm: sha256WithRSAEncryption
b4:65:ec:46:f6:1a:b2:be:9b:0f:7a:03:06:7c:f1:eb:41:dd:
7b:f2:29:2e:d5:20:5b:7d:2c:4c:b9:1b:9c:06:c1:2a:df:f7:
f1:b8:2d:5b:74:52:e5:a4:07:09:61:e3:1c:a7:d8:b5:97:ae:
22:21:2b:dd:10:48:04:d5:ba:69:9b:16:6d:ff:16:4d:c1:63:
a4:53:43:e5:83:e4:e2:82:5a:1e:6a:6a:0a:80:3b:be:7c:c3:
3c:27:58:ae:a3:16:2f:43:c5:e1:ca:aa:d6:4e:e8:54:45:2e:
e8:4b:65:12:15:65:7c:2f:84:ed:79:4f:2a:19:20:1f:9d:b2:
04:1d:35:d2:80:c6:51:f7:03:61:3b:6e:70:61:33:35:3f:f5:
1e:12:0c:ba:83:49:35:b6:fd:11:1e:42:dc:f5:e8:b2:7e:2c:
5c:9c:82:5e:f4:00:6c:51:20:de:03:57:98:7d:eb:5a:c8:58:
5a:e0:a5:21:01:1e:42:f5:e9:3e:e7:98:65:29:f4:4a:f6:93:
59:31:dc:17:51:f9:0f:28:a0:50:b5:97:6d:74:44:8f:c2:96:
0a:06:17:25:65:a7:9e:8e:4f:85:a7:95:3e:18:90:ce:2c:6f:
84:a0:9d:50:da:02:68:ae:a3:11:bd:fb:71:2b:8b:64:a9:22:
52:59:43:20
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYzCbUndBvFvjjJgUnB2fUCkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMWQ2MmI3ZmQ5ZmNmYzg3ZGZlYTk4NzUxNTc2N2M4Mzhl
MjFiYjkwHhcNMjQwMTAxMDAyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGY0MmJjMTk2MmE1NzY3OTAyOGM4MmUzZjQ5OGI0ZDdiOWQ3MzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnj3gbovHFhpwL/1CtmF8SEF21rd
GPh/ROSR84gyB+Lmrmuo/caW0kc8OkBflnxMW8nMGByquVCF/N6/j/LS5QGUUzXx
cQYeo5ZX+kpacIIC4HEuQiwTcdY1nC8XEueDEOoUaMgvY74SCrxdN17ca83B05Rz
XUFdLicX31smquM5iAwHSpC6oHyk+LSH+626lQMCJJCODdLyu4Y9yWsW1YYWIba6
ex54glttAtAv0VKvoq5vwNQL/tvi6CeK1VQLYX4JO09yX1SXsdA+2fy2ejGio+4G
DAgB6Z2IJ5pjAnXxpc/GLscyoft+QJ9cw+1GG7N4MXQcNDDl8MHY40N7rQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFGD0K8GWKldnkCjILj9Ji017nXOMMB8GA1UdIwQY
MBaAFDEdYrf9n8/Iff6ph1FXZ8g44hu5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVIxaXRfMmZ6OGg5X3FtSFVWZG55RGppRzdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy81NzY4OGUtYTk2NC00OTMzLTg2MzEt
ODUwZjM0OTA2MjI5LzEvWVBRcndaWXFWMmVRS01ndVAwbUxUWHVkYzR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy81NzY4OGUtYTk2NC00OTMzLTg2MzEtODUwZjM0OTA2MjI5
LzEvTVIxaXRfMmZ6OGg5X3FtSFVWZG55RGppRzdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAkBAIAATAeAwQBJTHoAwQC
JTHsAwQBTV9GAwQAuQGQAwQAwWnoMBoEAgACMBQDCQAgAQf4AEcARwMHACABB/gA
VDANBgkqhkiG9w0BAQsFAAOCAQEAtGXsRvYasr6bD3oDBnzx60Hde/IpLtUgW30s
TLkbnAbBKt/38bgtW3RS5aQHCWHjHKfYtZeuIiEr3RBIBNW6aZsWbf8WTcFjpFND
5YPk4oJaHmpqCoA7vnzDPCdYrqMWL0PF4cqq1k7oVEUu6EtlEhVlfC+E7XlPKhkg
H52yBB010oDGUfcDYTtucGEzNT/1HhIMuoNJNbb9ER5C3PXosn4sXJyCXvQAbFEg
3gNXmH3rWshYWuClIQEeQvXpPueYZSn0SvaTWTHcF1H5DyigULWXbXREj8KWCgYX
JWWnno5PhaeVPhiQzixvhKCdUNoCaK6jEb37cSuLZKkiUllDIA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:32:13 2024 by rpki-client on console-fra.rpki-client.org