Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/YxT7gw8KU1vau_5Ci_G0TvuM4sc.roa
File: YxT7gw8KU1vau_5Ci_G0TvuM4sc.roa (raw, json)
Hash identifier: 3y+k5WUm/JBUV5+OyJEPIlwpfSsGOWrC95eyw9/cLpM=
Subject key identifier: 63:14:FB:83:0F:0A:53:5B:DA:BB:FE:42:8B:F1:B4:4E:FB:8C:E2:C7
Certificate issuer: /CN=a65046d85ecf201fbef51e8bea1c4ed33f95b268
Certificate serial: 018CC794BD0569B3E158B6D6973FA0A028FF
Authority key identifier: A6:50:46:D8:5E:CF:20:1F:BE:F5:1E:8B:EA:1C:4E:D3:3F:95:B2:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/plBG2F7PIB--9R6L6hxO0z-Vsmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/YxT7gw8KU1vau_5Ci_G0TvuM4sc.roa
Signing time: Tue 02 Jan 2024 00:31:02 +0000
ROA not before: Tue 02 Jan 2024 00:31:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59836
IP address blocks: 185.69.118.0/24 maxlen: 24
185.69.116.0/24 maxlen: 24
194.35.1.0/24 maxlen: 24
194.35.8.0/24 maxlen: 24
194.35.5.0/24 maxlen: 24
194.35.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/plBG2F7PIB--9R6L6hxO0z-Vsmg.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/plBG2F7PIB--9R6L6hxO0z-Vsmg.mft
rsync://rpki.ripe.net/repository/DEFAULT/plBG2F7PIB--9R6L6hxO0z-Vsmg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:bd:05:69:b3:e1:58:b6:d6:97:3f:a0:a0:28:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a65046d85ecf201fbef51e8bea1c4ed33f95b268
Validity
Not Before: Jan 2 00:31:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6314fb830f0a535bdabbfe428bf1b44efb8ce2c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c5:31:54:17:c2:dc:92:7e:da:c8:d9:ae:55:
5c:69:b6:5f:08:20:6d:c4:3b:e4:aa:7f:0b:ea:ea:
08:10:23:00:f3:63:bb:b7:44:c1:1f:68:fa:c4:57:
6b:8e:bb:9f:34:6a:5f:23:5e:4a:6a:f2:65:8f:83:
ea:81:d7:65:ab:13:21:60:94:32:50:c0:ef:17:99:
93:7a:b1:28:15:55:38:9b:ab:d0:18:7b:c3:a8:91:
5e:70:24:24:c7:ea:c5:ac:c7:3f:05:2f:c8:29:46:
e0:f0:36:f1:db:56:cb:0f:1f:ed:9e:83:25:4b:3f:
e1:8d:98:86:1c:ef:57:91:93:bd:82:e8:7c:b7:b6:
c7:f5:c8:3c:7d:5e:c0:0c:63:ae:ad:9c:92:9b:6a:
d6:2c:cb:61:14:0c:78:cf:6c:50:ee:3c:dd:ee:1a:
f3:98:f1:db:a9:94:59:fa:25:2f:ab:69:0e:6c:c8:
28:78:35:56:46:87:f9:25:a1:1a:2b:fc:b2:ac:c1:
99:4f:a4:0e:68:3e:99:c2:d5:f0:34:68:a5:8d:fb:
f1:69:51:05:e8:ea:88:bd:f5:cd:a9:e6:2e:6d:8c:
35:2f:d7:4a:72:13:a8:b4:61:9f:a7:f0:7f:a8:57:
b8:3c:51:0a:cf:ca:f9:02:de:63:b5:a2:7f:10:b9:
cb:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:14:FB:83:0F:0A:53:5B:DA:BB:FE:42:8B:F1:B4:4E:FB:8C:E2:C7
X509v3 Authority Key Identifier:
keyid:A6:50:46:D8:5E:CF:20:1F:BE:F5:1E:8B:EA:1C:4E:D3:3F:95:B2:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/plBG2F7PIB--9R6L6hxO0z-Vsmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/YxT7gw8KU1vau_5Ci_G0TvuM4sc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/plBG2F7PIB--9R6L6hxO0z-Vsmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.69.116.0/24
185.69.118.0/24
194.35.1.0/24
194.35.5.0/24
194.35.8.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:58:c1:b2:2f:51:f0:8c:5e:b3:03:86:30:f5:0e:a8:ae:2c:
5b:8f:f7:16:00:91:8c:2b:45:d1:38:21:c2:e5:be:bb:b7:8f:
63:6f:3e:6c:db:a3:26:28:a0:ac:e0:77:d3:fb:82:8f:0f:22:
22:3d:5f:20:bb:05:9f:99:a4:af:de:4f:81:17:11:af:ec:fe:
4d:b4:a2:b2:56:02:d1:45:7f:d9:d6:24:aa:ea:e6:c1:38:bc:
e2:ce:4f:50:dc:b1:84:47:ab:ef:13:0a:50:a0:37:cd:9c:bb:
7d:9b:fb:31:f7:18:1d:09:43:18:19:f5:7f:91:51:c2:8b:11:
12:ec:02:89:ba:ff:ac:64:34:59:e4:7b:9d:4e:2b:84:95:64:
64:05:6f:85:7c:e1:78:ab:75:79:d6:ef:1c:c3:41:9d:da:89:
a3:eb:58:9c:9e:dd:ec:53:41:99:ef:98:ba:5a:0f:8b:f2:87:
5d:ec:4a:e0:68:3b:b3:15:16:42:22:83:d1:a9:42:62:ff:e3:
75:08:bf:2a:1a:5b:6b:d0:e3:c9:1e:2a:9f:3d:2e:93:f3:01:
01:d8:f8:3a:de:91:e7:48:1c:f7:12:46:8a:82:fa:12:70:cc:
68:4f:33:cc:be:f5:8d:1f:f2:9e:cb:aa:b1:4f:9c:81:af:6b:
1b:a4:b5:89
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzHlL0FabPhWLbWlz+goCj/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NTA0NmQ4NWVjZjIwMWZiZWY1MWU4YmVhMWM0ZWQzM2Y5
NWIyNjgwHhcNMjQwMTAyMDAzMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzE0ZmI4MzBmMGE1MzViZGFiYmZlNDI4YmYxYjQ0ZWZiOGNlMmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusUxVBfC3JJ+2sjZrlVcabZfCCBt
xDvkqn8L6uoIECMA82O7t0TBH2j6xFdrjrufNGpfI15KavJlj4PqgddlqxMhYJQy
UMDvF5mTerEoFVU4m6vQGHvDqJFecCQkx+rFrMc/BS/IKUbg8Dbx21bLDx/tnoMl
Sz/hjZiGHO9XkZO9guh8t7bH9cg8fV7ADGOurZySm2rWLMthFAx4z2xQ7jzd7hrz
mPHbqZRZ+iUvq2kObMgoeDVWRof5JaEaK/yyrMGZT6QOaD6ZwtXwNGiljfvxaVEF
6OqIvfXNqeYubYw1L9dKchOotGGfp/B/qFe4PFEKz8r5At5jtaJ/ELnLvwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGMU+4MPClNb2rv+QovxtE77jOLHMB8GA1UdIwQY
MBaAFKZQRthezyAfvvUei+ocTtM/lbJoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGxCRzJGN1BJQi0tOVI2TDZoeE8wei1Wc21nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYmQ3YzEtODFmYS00NTUzLTg1MDUt
YmNjZDMyYWY5N2ZlLzEvWXhUN2d3OEtVMXZhdV81Q2lfRzBUdnVNNHNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8zYmQ3YzEtODFmYS00NTUzLTg1MDUtYmNjZDMyYWY5N2Zl
LzEvcGxCRzJGN1BJQi0tOVI2TDZoeE8wei1Wc21nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAuUV0AwQA
uUV2AwQAwiMBAwQAwiMFAwQBwiMIMA0GCSqGSIb3DQEBCwUAA4IBAQChWMGyL1Hw
jF6zA4Yw9Q6orixbj/cWAJGMK0XROCHC5b67t49jbz5s26MmKKCs4HfT+4KPDyIi
PV8guwWfmaSv3k+BFxGv7P5NtKKyVgLRRX/Z1iSq6ubBOLzizk9Q3LGER6vvEwpQ
oDfNnLt9m/sx9xgdCUMYGfV/kVHCixES7AKJuv+sZDRZ5HudTiuElWRkBW+FfOF4
q3V51u8cw0Gd2omj61icnt3sU0GZ75i6Wg+L8odd7ErgaDuzFRZCIoPRqUJi/+N1
CL8qGltr0OPJHiqfPS6T8wEB2Pg63pHnSBz3EkaKgvoScMxoTzPMvvWNH/Key6qx
T5yBr2sbpLWJ
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:25:34 2024 by rpki-client on console-ams.rpki-client.org