Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/c244b3-8fc1-4685-8fb2-46a8b191a374/1/y6QQu7gfGnBUHQE51z7NX8duv70.roa
File: y6QQu7gfGnBUHQE51z7NX8duv70.roa (raw, json)
Hash identifier: eluolQfQdWW88Dv3B6g3En1oJAOTzFpVc/OdIOV/1B0=
Subject key identifier: CB:A4:10:BB:B8:1F:1A:70:54:1D:01:39:D7:3E:CD:5F:C7:6E:BF:BD
Certificate issuer: /CN=704ab9688427073ff7e179de5af002e09f236013
Certificate serial: 018CC56E49DF86ED84BE255D134579F91DAC
Authority key identifier: 70:4A:B9:68:84:27:07:3F:F7:E1:79:DE:5A:F0:02:E0:9F:23:60:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cEq5aIQnBz_34XneWvAC4J8jYBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/c244b3-8fc1-4685-8fb2-46a8b191a374/1/y6QQu7gfGnBUHQE51z7NX8duv70.roa
Signing time: Mon 01 Jan 2024 14:29:48 +0000
ROA not before: Mon 01 Jan 2024 14:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52102
IP address blocks: 5.102.136.0/24 maxlen: 24
5.102.136.0/23 maxlen: 23
5.102.138.0/23 maxlen: 23
5.102.138.0/24 maxlen: 24
5.102.137.0/24 maxlen: 24
5.102.139.0/24 maxlen: 24
5.102.143.0/24 maxlen: 24
5.102.142.0/24 maxlen: 24
5.102.142.0/23 maxlen: 23
5.102.140.0/24 maxlen: 24
5.102.140.0/23 maxlen: 23
5.102.141.0/24 maxlen: 24
91.221.230.0/23 maxlen: 24
91.221.230.0/24 maxlen: 24
91.221.231.0/24 maxlen: 24
2a04:8880::/32 maxlen: 32
2a04:8881::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/c244b3-8fc1-4685-8fb2-46a8b191a374/1/cEq5aIQnBz_34XneWvAC4J8jYBM.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/c244b3-8fc1-4685-8fb2-46a8b191a374/1/cEq5aIQnBz_34XneWvAC4J8jYBM.mft
rsync://rpki.ripe.net/repository/DEFAULT/cEq5aIQnBz_34XneWvAC4J8jYBM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:49:df:86:ed:84:be:25:5d:13:45:79:f9:1d:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=704ab9688427073ff7e179de5af002e09f236013
Validity
Not Before: Jan 1 14:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cba410bbb81f1a70541d0139d73ecd5fc76ebfbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:83:52:62:72:4b:46:c6:60:d0:e1:ae:eb:ae:
a4:65:52:e4:63:2b:e6:0c:30:3b:84:99:59:35:76:
8d:66:56:f7:19:21:af:91:e4:8a:6e:39:94:9b:0c:
91:42:27:d7:32:80:f8:cb:86:d9:b4:eb:42:aa:31:
f7:ec:3a:fb:b2:6a:bf:40:6a:dd:1c:63:9c:5b:46:
a6:e1:39:55:b5:ca:15:a1:30:20:48:a0:f4:35:a0:
85:e5:be:b8:b8:3a:a0:0b:a2:77:aa:81:31:b1:0e:
ab:30:f9:76:5f:5f:4a:b6:37:65:da:fb:bd:3e:85:
0b:f2:b5:3c:20:b8:6f:fa:1b:28:f4:f5:db:2d:6a:
f7:44:7c:c1:d3:7c:4b:ab:fc:d3:4c:1d:20:de:36:
ea:72:0c:42:5a:b3:e4:a6:a5:58:04:ea:cc:e8:e2:
0f:85:14:c5:bc:6a:24:dc:58:bf:37:8c:86:40:0b:
92:0c:ec:f1:ee:a4:1e:f7:5f:52:d1:bb:b4:53:2d:
c9:da:a2:8b:5d:34:56:9e:17:e1:f4:03:3e:52:5f:
19:d8:f6:66:7a:59:ee:03:d7:7b:fd:eb:37:47:43:
27:f6:72:68:7b:84:15:13:6a:54:dd:de:bd:00:2e:
b3:af:dc:ad:ea:3b:3b:12:9b:fe:14:35:06:98:f8:
26:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:A4:10:BB:B8:1F:1A:70:54:1D:01:39:D7:3E:CD:5F:C7:6E:BF:BD
X509v3 Authority Key Identifier:
keyid:70:4A:B9:68:84:27:07:3F:F7:E1:79:DE:5A:F0:02:E0:9F:23:60:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cEq5aIQnBz_34XneWvAC4J8jYBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/c244b3-8fc1-4685-8fb2-46a8b191a374/1/y6QQu7gfGnBUHQE51z7NX8duv70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/c244b3-8fc1-4685-8fb2-46a8b191a374/1/cEq5aIQnBz_34XneWvAC4J8jYBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.136.0/21
91.221.230.0/23
IPv6:
2a04:8880::/31
Signature Algorithm: sha256WithRSAEncryption
24:f9:f5:a8:ad:32:ed:25:12:9b:f1:4c:3a:bf:63:a5:e1:fd:
f9:21:db:b0:b7:c4:94:de:2d:86:45:2b:d3:01:f6:52:61:b5:
8d:4c:18:72:ed:47:45:a2:92:5b:57:36:8c:06:5a:42:f7:8f:
08:3b:b9:59:df:6e:99:6c:17:80:1a:2e:06:6c:22:ad:21:eb:
08:c1:09:7f:2a:21:fa:c9:39:ca:5a:47:47:36:78:d2:fe:6b:
79:b1:1c:69:82:0c:3c:62:0c:bd:44:b4:a0:c7:3f:22:b0:cf:
ca:26:3d:8b:e7:84:43:7f:88:6f:50:28:64:c6:13:5b:54:37:
a7:f9:64:e8:2a:2e:73:61:2f:ce:98:39:3f:e0:59:bf:5a:26:
a1:f6:af:dc:b6:0a:c4:db:c6:ae:b8:25:96:ee:47:9f:15:93:
22:a7:e3:dd:f2:69:0a:fc:f0:56:a7:4e:8a:4a:c9:77:ce:42:
eb:28:e8:c9:58:af:9e:f9:63:e9:4f:f7:1f:7f:ea:12:af:b3:
db:1a:78:7f:2d:c1:1e:12:ce:eb:60:93:7d:52:bf:db:0e:07:
62:94:d4:95:2d:48:9d:7a:25:2a:6f:89:17:9f:d0:54:bf:bd:
78:51:95:af:30:01:91:65:a9:68:80:26:5a:11:be:90:6b:a0:
d9:70:d2:d6
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzFbknfhu2EviVdE0V5+R2sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNGFiOTY4ODQyNzA3M2ZmN2UxNzlkZTVhZjAwMmUwOWYy
MzYwMTMwHhcNMjQwMTAxMTQyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmE0MTBiYmI4MWYxYTcwNTQxZDAxMzlkNzNlY2Q1ZmM3NmViZmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwoNSYnJLRsZg0OGu666kZVLkYyvm
DDA7hJlZNXaNZlb3GSGvkeSKbjmUmwyRQifXMoD4y4bZtOtCqjH37Dr7smq/QGrd
HGOcW0am4TlVtcoVoTAgSKD0NaCF5b64uDqgC6J3qoExsQ6rMPl2X19Ktjdl2vu9
PoUL8rU8ILhv+hso9PXbLWr3RHzB03xLq/zTTB0g3jbqcgxCWrPkpqVYBOrM6OIP
hRTFvGok3Fi/N4yGQAuSDOzx7qQe919S0bu0Uy3J2qKLXTRWnhfh9AM+Ul8Z2PZm
elnuA9d7/es3R0Mn9nJoe4QVE2pU3d69AC6zr9yt6js7Epv+FDUGmPgmtwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMukELu4HxpwVB0BOdc+zV/Hbr+9MB8GA1UdIwQY
MBaAFHBKuWiEJwc/9+F53lrwAuCfI2ATMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0VxNWFJUW5Cel8zNFhuZVd2QUM0SjhqWUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9jMjQ0YjMtOGZjMS00Njg1LThmYjIt
NDZhOGIxOTFhMzc0LzEveTZRUXU3Z2ZHbkJVSFFFNTF6N05YOGR1djcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9jMjQ0YjMtOGZjMS00Njg1LThmYjItNDZhOGIxOTFhMzc0
LzEvY0VxNWFJUW5Cel8zNFhuZVd2QUM0SjhqWUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDBWaIAwQB
W93mMA0EAgACMAcDBQEqBIiAMA0GCSqGSIb3DQEBCwUAA4IBAQAk+fWorTLtJRKb
8Uw6v2Ol4f35Iduwt8SU3i2GRSvTAfZSYbWNTBhy7UdFopJbVzaMBlpC948IO7lZ
326ZbBeAGi4GbCKtIesIwQl/KiH6yTnKWkdHNnjS/mt5sRxpggw8Ygy9RLSgxz8i
sM/KJj2L54RDf4hvUChkxhNbVDen+WToKi5zYS/OmDk/4Fm/Wiah9q/ctgrE28au
uCWW7kefFZMip+Pd8mkK/PBWp06KSsl3zkLrKOjJWK+e+WPpT/cff+oSr7PbGnh/
LcEeEs7rYJN9Ur/bDgdilNSVLUideiUqb4kXn9BUv714UZWvMAGRZalogCZaEb6Q
a6DZcNLW
-----END CERTIFICATE-----
Generated at Sat Jun 1 23:13:12 2024 by rpki-client on console-ams.rpki-client.org