Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/300195-7e7b-4e99-a52d-caf4fa072682/1/YBxGAELZSIZLCYgk4kwOKjmGcIY.roa
File: YBxGAELZSIZLCYgk4kwOKjmGcIY.roa (raw, json)
Hash identifier: nPqqgpVKszTLaAEiuiA6VnTGWA3df/Gyz+JMdFDkn60=
Subject key identifier: 60:1C:46:00:42:D9:48:86:4B:09:88:24:E2:4C:0E:2A:39:86:70:86
Certificate issuer: /CN=159ba29a75ae1325c0382fb484b321d68d154384
Certificate serial: 018E11A663FAB8F0BCC91D646F657F4D2CB4
Authority key identifier: 15:9B:A2:9A:75:AE:13:25:C0:38:2F:B4:84:B3:21:D6:8D:15:43:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FZuimnWuEyXAOC-0hLMh1o0VQ4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/300195-7e7b-4e99-a52d-caf4fa072682/1/YBxGAELZSIZLCYgk4kwOKjmGcIY.roa
Signing time: Wed 06 Mar 2024 02:45:01 +0000
ROA not before: Wed 06 Mar 2024 02:45:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199334
IP address blocks: 159.255.146.0/24 maxlen: 24
185.176.132.0/24 maxlen: 24
2a13:c680::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/300195-7e7b-4e99-a52d-caf4fa072682/1/FZuimnWuEyXAOC-0hLMh1o0VQ4Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/300195-7e7b-4e99-a52d-caf4fa072682/1/FZuimnWuEyXAOC-0hLMh1o0VQ4Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/FZuimnWuEyXAOC-0hLMh1o0VQ4Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:11:a6:63:fa:b8:f0:bc:c9:1d:64:6f:65:7f:4d:2c:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=159ba29a75ae1325c0382fb484b321d68d154384
Validity
Not Before: Mar 6 02:45:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=601c460042d948864b098824e24c0e2a39867086
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b4:96:dd:f6:1e:f5:91:a2:29:e8:9f:37:f4:
ca:4a:12:97:ba:7c:90:3a:49:1b:55:cc:fb:08:ce:
b4:10:58:fd:9b:31:df:a1:47:c1:9a:29:2b:ba:b8:
e2:e7:af:61:fb:6d:7b:04:c9:eb:8d:1c:f8:7e:43:
af:67:09:e4:37:59:42:fc:9a:ab:a6:b5:1b:e5:7f:
d3:34:bf:8d:18:0d:f2:ff:1a:23:d1:c2:0d:2a:2d:
b1:7c:5a:4c:56:4d:7f:09:1a:bd:90:24:7a:5e:37:
00:c9:3d:d2:c4:3e:a1:68:8a:e2:a8:f0:20:35:8b:
9b:17:97:7b:b8:51:c9:6a:bd:64:f7:6d:91:87:ae:
a0:ab:5f:df:f9:9d:e9:02:d4:2e:09:5e:76:70:ec:
c2:f5:e8:27:e8:2f:e6:6e:d3:ce:20:63:40:20:95:
87:6b:92:14:ef:4a:f5:3f:65:e3:c4:d4:92:c6:99:
98:1d:9c:59:76:fa:f7:92:78:00:d7:c9:dd:e5:7a:
50:2c:49:30:73:7b:f8:34:52:10:13:e4:b6:49:db:
88:10:66:9a:db:92:97:7b:0a:9b:9f:34:0c:61:44:
42:46:9d:c0:ff:04:c1:78:19:be:90:90:39:fb:44:
4c:2d:e4:45:41:e9:1f:df:5d:8e:58:54:0a:5b:da:
98:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:1C:46:00:42:D9:48:86:4B:09:88:24:E2:4C:0E:2A:39:86:70:86
X509v3 Authority Key Identifier:
keyid:15:9B:A2:9A:75:AE:13:25:C0:38:2F:B4:84:B3:21:D6:8D:15:43:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FZuimnWuEyXAOC-0hLMh1o0VQ4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/300195-7e7b-4e99-a52d-caf4fa072682/1/YBxGAELZSIZLCYgk4kwOKjmGcIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/300195-7e7b-4e99-a52d-caf4fa072682/1/FZuimnWuEyXAOC-0hLMh1o0VQ4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.255.146.0/24
185.176.132.0/24
IPv6:
2a13:c680::/48
Signature Algorithm: sha256WithRSAEncryption
4d:e1:a1:26:5e:62:4b:a2:b1:a3:62:9a:34:9c:7d:23:18:6c:
71:fd:bb:6c:8c:22:e2:f5:c7:f3:26:b4:23:49:ca:0f:2b:c1:
65:01:55:fe:45:74:f1:bd:19:c3:4c:49:6e:75:39:18:35:46:
bf:a6:7e:cc:18:89:55:bc:a9:e2:b3:1f:25:8e:6d:bf:03:59:
29:c4:d0:01:6c:5b:0c:fb:a5:e3:dd:56:b4:aa:cc:c5:52:8d:
ec:7f:95:68:56:70:b6:22:77:47:29:af:12:d4:4d:e2:af:26:
5d:ae:cb:10:5c:3f:4b:9d:2b:ca:c4:22:e3:d6:c3:75:68:e7:
61:fa:18:3c:7a:a1:4a:02:eb:92:8c:0c:64:07:2d:19:3b:4b:
8c:43:db:cd:1d:1d:27:d5:2d:bf:a9:aa:1f:05:a7:c1:33:fe:
98:c5:76:79:0b:40:c7:cd:57:ff:12:dd:01:ae:88:82:b7:72:
82:ff:82:0a:15:ae:08:ee:24:ed:66:2d:e9:58:3c:6d:33:df:
6c:8e:d8:c0:4d:89:af:67:77:56:d5:2c:df:93:d0:05:79:f5:
08:ef:62:13:77:46:72:2b:af:8c:8d:21:32:a3:a8:d3:2f:9c:
86:e1:00:e5:db:bd:c5:e4:7e:3c:a0:41:b0:35:1d:1a:fe:74:
26:07:60:0b
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAY4RpmP6uPC8yR1kb2V/TSy0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1OWJhMjlhNzVhZTEzMjVjMDM4MmZiNDg0YjMyMWQ2OGQx
NTQzODQwHhcNMjQwMzA2MDI0NTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDFjNDYwMDQyZDk0ODg2NGIwOTg4MjRlMjRjMGUyYTM5ODY3MDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbSW3fYe9ZGiKeifN/TKShKXunyQ
OkkbVcz7CM60EFj9mzHfoUfBmikrurji569h+217BMnrjRz4fkOvZwnkN1lC/Jqr
prUb5X/TNL+NGA3y/xoj0cINKi2xfFpMVk1/CRq9kCR6XjcAyT3SxD6haIriqPAg
NYubF5d7uFHJar1k922Rh66gq1/f+Z3pAtQuCV52cOzC9egn6C/mbtPOIGNAIJWH
a5IU70r1P2XjxNSSxpmYHZxZdvr3kngA18nd5XpQLEkwc3v4NFIQE+S2SduIEGaa
25KXewqbnzQMYURCRp3A/wTBeBm+kJA5+0RMLeRFQekf312OWFQKW9qYeQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGAcRgBC2UiGSwmIJOJMDio5hnCGMB8GA1UdIwQY
MBaAFBWbopp1rhMlwDgvtISzIdaNFUOEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlp1aW1uV3VFeVhBT0MtMGhMTWgxbzBWUTRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8zMDAxOTUtN2U3Yi00ZTk5LWE1MmQt
Y2FmNGZhMDcyNjgyLzEvWUJ4R0FFTFpTSVpMQ1lnazRrd09Lam1HY0lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8zMDAxOTUtN2U3Yi00ZTk5LWE1MmQtY2FmNGZhMDcyNjgy
LzEvRlp1aW1uV3VFeVhBT0MtMGhMTWgxbzBWUTRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAn/+SAwQA
ubCEMA8EAgACMAkDBwAqE8aAAAAwDQYJKoZIhvcNAQELBQADggEBAE3hoSZeYkui
saNimjScfSMYbHH9u2yMIuL1x/MmtCNJyg8rwWUBVf5FdPG9GcNMSW51ORg1Rr+m
fswYiVW8qeKzHyWObb8DWSnE0AFsWwz7pePdVrSqzMVSjex/lWhWcLYid0cprxLU
TeKvJl2uyxBcP0udK8rEIuPWw3Vo52H6GDx6oUoC65KMDGQHLRk7S4xD280dHSfV
Lb+pqh8Fp8Ez/pjFdnkLQMfNV/8S3QGuiIK3coL/ggoVrgjuJO1mLelYPG0z32yO
2MBNia9nd1bVLN+T0AV59QjvYhN3RnIrr4yNITKjqNMvnIbhAOXbvcXkfjygQbA1
HRr+dCYHYAs=
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:14:58 2024 by rpki-client on console-fra.rpki-client.org