Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/4989ba-9af3-4e3d-845d-eb977164a7e4/1/Yp56FONBGOQSX3T0s6VQvQ7_ILg.roa
File: Yp56FONBGOQSX3T0s6VQvQ7_ILg.roa (raw, json)
Hash identifier: Y1SjFvgwwVJz78xigK+kqjYU8zcaVkgvWxWJnZ2scFw=
Subject key identifier: 62:9E:7A:14:E3:41:18:E4:12:5F:74:F4:B3:A5:50:BD:0E:FF:20:B8
Certificate issuer: /CN=0a77196340d2144b8ca7b0778984bb04bc1cb378
Certificate serial: 018CC349166186E1C4C6C566325FC57621E4
Authority key identifier: 0A:77:19:63:40:D2:14:4B:8C:A7:B0:77:89:84:BB:04:BC:1C:B3:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CncZY0DSFEuMp7B3iYS7BLwcs3g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/4989ba-9af3-4e3d-845d-eb977164a7e4/1/Yp56FONBGOQSX3T0s6VQvQ7_ILg.roa
Signing time: Mon 01 Jan 2024 04:29:56 +0000
ROA not before: Mon 01 Jan 2024 04:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21140
IP address blocks: 185.212.90.0/24 maxlen: 24
185.212.88.0/23 maxlen: 23
185.212.91.0/24 maxlen: 24
2a0b:7540::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/4989ba-9af3-4e3d-845d-eb977164a7e4/1/CncZY0DSFEuMp7B3iYS7BLwcs3g.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/4989ba-9af3-4e3d-845d-eb977164a7e4/1/CncZY0DSFEuMp7B3iYS7BLwcs3g.mft
rsync://rpki.ripe.net/repository/DEFAULT/CncZY0DSFEuMp7B3iYS7BLwcs3g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:16:61:86:e1:c4:c6:c5:66:32:5f:c5:76:21:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a77196340d2144b8ca7b0778984bb04bc1cb378
Validity
Not Before: Jan 1 04:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=629e7a14e34118e4125f74f4b3a550bd0eff20b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:7a:e5:d7:97:1b:38:7b:97:f1:47:81:05:31:
63:6f:83:54:7d:10:d5:35:9d:a7:10:d8:1f:9b:79:
34:93:0e:48:87:32:76:0b:9b:3d:fa:a9:c1:02:ed:
a9:31:43:28:03:6e:75:40:cd:bc:78:8a:7f:46:8c:
b6:30:3f:2a:71:88:f7:e4:03:b9:ce:03:30:14:ae:
55:2e:90:5e:fc:f4:92:25:9e:5c:d4:77:ed:47:c9:
ed:62:43:01:9d:3b:3f:6e:81:1d:cd:92:be:0b:eb:
f7:83:b1:c4:79:c9:59:15:0c:37:b7:e2:f3:9d:98:
d1:b7:6a:bb:bc:50:c7:79:c1:28:ae:f7:35:90:ae:
fb:e0:4e:c8:2f:3d:bc:9b:93:df:ba:53:f6:7d:d1:
01:67:d4:f8:f1:3a:a0:23:33:95:d4:9c:82:e9:5d:
ec:29:84:2a:9f:4e:ef:b4:22:94:0d:4a:86:c8:e6:
e3:80:f8:15:b4:20:a0:fa:8f:56:90:ef:a1:96:3d:
db:51:0d:82:b3:b4:53:5f:ee:03:c9:c9:49:ec:a0:
30:c6:a7:06:81:a7:e5:a1:c1:e3:e2:83:a7:e6:99:
84:7a:3e:c1:f9:de:ed:49:14:0b:ac:d9:14:b7:f0:
e5:96:c8:0e:7d:bb:e7:f8:21:b9:33:3e:77:cd:56:
11:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:9E:7A:14:E3:41:18:E4:12:5F:74:F4:B3:A5:50:BD:0E:FF:20:B8
X509v3 Authority Key Identifier:
keyid:0A:77:19:63:40:D2:14:4B:8C:A7:B0:77:89:84:BB:04:BC:1C:B3:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CncZY0DSFEuMp7B3iYS7BLwcs3g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/4989ba-9af3-4e3d-845d-eb977164a7e4/1/Yp56FONBGOQSX3T0s6VQvQ7_ILg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/4989ba-9af3-4e3d-845d-eb977164a7e4/1/CncZY0DSFEuMp7B3iYS7BLwcs3g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.212.88.0/22
IPv6:
2a0b:7540::/29
Signature Algorithm: sha256WithRSAEncryption
2f:55:2b:a4:3b:35:b0:62:21:a9:8b:77:ec:04:3a:ad:7e:66:
0a:4f:dd:62:40:b1:75:52:d5:0a:bf:a9:60:c0:6c:a4:51:d5:
fe:4c:a5:4c:fe:ad:a2:40:d7:ec:f5:e4:e7:37:d3:71:8f:ae:
f5:50:1f:c6:6c:01:79:7f:94:53:35:f3:cb:f4:e8:04:cb:b7:
95:47:50:23:11:20:91:6c:94:15:f5:d5:ba:a8:25:a2:70:de:
b9:fb:c0:77:61:0d:91:f0:dd:c2:8d:b4:eb:ab:b2:47:3c:bc:
c6:d9:c3:6a:37:e3:9c:ac:88:7f:fe:ad:b5:58:c3:29:aa:61:
52:3d:44:e2:29:e9:30:18:95:d6:5d:6b:05:98:21:60:f3:fb:
4f:0c:ee:d4:c2:54:4d:09:23:6a:ed:21:47:00:0f:da:27:df:
0f:fb:cc:21:23:0e:f6:03:28:4e:30:55:bc:de:4f:4b:01:e7:
45:11:da:ca:fb:49:ab:c5:bf:98:d2:de:ac:31:d0:94:fc:45:
0d:43:8f:2f:a1:9f:9a:b1:eb:f8:70:0c:91:63:74:e0:9d:5a:
e3:a0:ff:63:e3:a0:b8:4d:1f:63:01:e2:0d:70:7a:78:f1:26:
29:80:57:e3:ee:b9:e1:8b:d7:a8:25:04:3a:01:21:22:3a:af:
56:8d:be:ef
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDSRZhhuHExsVmMl/FdiHkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNzcxOTYzNDBkMjE0NGI4Y2E3YjA3Nzg5ODRiYjA0YmMx
Y2IzNzgwHhcNMjQwMTAxMDQyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjllN2ExNGUzNDExOGU0MTI1Zjc0ZjRiM2E1NTBiZDBlZmYyMGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3rl15cbOHuX8UeBBTFjb4NUfRDV
NZ2nENgfm3k0kw5IhzJ2C5s9+qnBAu2pMUMoA251QM28eIp/Roy2MD8qcYj35AO5
zgMwFK5VLpBe/PSSJZ5c1HftR8ntYkMBnTs/boEdzZK+C+v3g7HEeclZFQw3t+Lz
nZjRt2q7vFDHecEorvc1kK774E7ILz28m5PfulP2fdEBZ9T48TqgIzOV1JyC6V3s
KYQqn07vtCKUDUqGyObjgPgVtCCg+o9WkO+hlj3bUQ2Cs7RTX+4DyclJ7KAwxqcG
gaflocHj4oOn5pmEej7B+d7tSRQLrNkUt/DllsgOfbvn+CG5Mz53zVYR4QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGKeehTjQRjkEl909LOlUL0O/yC4MB8GA1UdIwQY
MBaAFAp3GWNA0hRLjKewd4mEuwS8HLN4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ25jWlkwRFNGRXVNcDdCM2lZUzdCTHdjczNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS80OTg5YmEtOWFmMy00ZTNkLTg0NWQt
ZWI5NzcxNjRhN2U0LzEvWXA1NkZPTkJHT1FTWDNUMHM2VlF2UTdfSUxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS80OTg5YmEtOWFmMy00ZTNkLTg0NWQtZWI5NzcxNjRhN2U0
LzEvQ25jWlkwRFNGRXVNcDdCM2lZUzdCTHdjczNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudRYMA0E
AgACMAcDBQMqC3VAMA0GCSqGSIb3DQEBCwUAA4IBAQAvVSukOzWwYiGpi3fsBDqt
fmYKT91iQLF1UtUKv6lgwGykUdX+TKVM/q2iQNfs9eTnN9Nxj671UB/GbAF5f5RT
NfPL9OgEy7eVR1AjESCRbJQV9dW6qCWicN65+8B3YQ2R8N3CjbTrq7JHPLzG2cNq
N+OcrIh//q21WMMpqmFSPUTiKekwGJXWXWsFmCFg8/tPDO7UwlRNCSNq7SFHAA/a
J98P+8whIw72AyhOMFW83k9LAedFEdrK+0mrxb+Y0t6sMdCU/EUNQ48voZ+asev4
cAyRY3TgnVrjoP9j46C4TR9jAeINcHp48SYpgFfj7rnhi9eoJQQ6ASEiOq9Wjb7v
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:30:59 2024 by rpki-client on console-ams.rpki-client.org