Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/yGnM0iEyWIdJrL8r-o6xAhhQiX8.roa
File: yGnM0iEyWIdJrL8r-o6xAhhQiX8.roa (raw, json)
Hash identifier: wcSR4CYuKHKbcZt7JNqMyKVWwsabfNWbUtV+m0PKwHM=
Subject key identifier: C8:69:CC:D2:21:32:58:87:49:AC:BF:2B:FA:8E:B1:02:18:50:89:7F
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 018CC56E0F015A4A5E24C3E7E17AE2C8609A
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/yGnM0iEyWIdJrL8r-o6xAhhQiX8.roa
Signing time: Mon 01 Jan 2024 14:29:33 +0000
ROA not before: Mon 01 Jan 2024 14:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39838
IP address blocks: 217.26.188.0/22 maxlen: 22
77.247.120.0/22 maxlen: 22
89.42.112.0/23 maxlen: 23
89.45.208.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:0f:01:5a:4a:5e:24:c3:e7:e1:7a:e2:c8:60:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 1 14:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c869ccd22132588749acbf2bfa8eb1021850897f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:aa:a3:9a:cf:69:ea:5a:6a:85:ab:44:55:9a:
d3:94:1e:ba:24:b5:cd:1e:25:75:9b:fc:87:4f:0f:
cf:34:f0:f7:64:ff:c2:fa:63:28:46:90:5b:66:3b:
2b:19:ac:a9:a6:39:cd:8f:9b:c1:4b:b9:8e:9e:2e:
21:a8:3c:4f:3c:fa:02:27:47:95:c5:50:bb:99:c1:
46:b2:e2:3a:39:f5:c4:53:e9:45:7d:44:b6:28:94:
50:0b:75:af:51:4c:44:d5:46:93:cd:95:2c:01:62:
a7:29:9b:4d:f7:88:84:1a:10:ee:73:19:3e:4e:81:
7c:02:68:b0:7e:eb:5b:0c:1e:48:95:a0:c9:ca:fc:
65:5d:ff:7c:98:b6:f8:02:05:35:38:a6:76:ff:fc:
27:8b:b6:b9:78:b3:9c:54:62:40:42:89:b9:2e:65:
f1:45:a8:b0:b3:ae:c4:95:1f:3c:0a:54:8e:0c:76:
39:41:d0:ab:b3:f4:16:1e:d1:47:eb:3d:ee:ed:b0:
9a:a8:fb:e4:cf:dc:ea:08:e0:ae:15:fc:d1:84:8c:
5c:f9:28:dc:e6:f9:cc:85:15:2f:2a:45:1c:c5:44:
83:19:51:ee:a1:09:e9:a0:09:ba:2f:65:eb:0f:05:
13:6c:cc:7b:b0:08:96:83:ea:2c:da:d1:2c:3a:f2:
f3:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:69:CC:D2:21:32:58:87:49:AC:BF:2B:FA:8E:B1:02:18:50:89:7F
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/yGnM0iEyWIdJrL8r-o6xAhhQiX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.247.120.0/22
89.42.112.0/23
89.45.208.0/23
217.26.188.0/22
Signature Algorithm: sha256WithRSAEncryption
71:ec:0c:05:da:02:cb:d9:27:0a:a3:6e:fe:fc:ea:07:36:b3:
9b:48:52:f4:c7:13:7f:38:1b:0f:c2:71:4f:60:6b:a0:28:9c:
86:98:b2:4b:1e:ad:82:3c:0b:61:b4:6f:13:47:41:3d:e7:c7:
ae:a3:40:c1:76:06:82:b2:ca:55:72:34:49:21:92:79:a3:f2:
41:6b:67:9d:c8:81:76:17:31:2d:06:70:6d:30:ca:c0:99:88:
ab:d4:79:fc:b1:92:2f:dd:01:ed:17:cb:d5:83:68:43:a1:ab:
b5:b5:e1:77:3f:21:9a:7c:4d:f5:51:5d:8a:fe:77:72:b9:bd:
a5:2c:a3:31:1e:9d:4f:a0:45:aa:67:b8:c7:37:08:f5:12:a8:
1e:62:ac:7c:5c:27:2a:81:ce:55:e5:fc:d8:48:79:73:51:47:
0a:b7:87:aa:ea:19:77:51:2f:bc:25:1e:50:4c:45:3d:48:9b:
53:12:e6:19:07:df:0b:9b:77:41:62:9d:b3:53:1f:c0:0b:05:
bc:88:9c:13:68:41:2c:48:6b:5f:7d:37:1c:27:0a:17:d7:ce:
b4:d1:ca:88:8b:ee:8c:a4:cc:ab:c1:68:29:1a:40:04:3a:30:
d9:79:07:3a:8b:c7:15:f8:86:30:c7:2a:b1:8c:93:ca:8b:1c:
82:dd:8d:c0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzFbg8BWkpeJMPn4XriyGCaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwMTAxMTQyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODY5Y2NkMjIxMzI1ODg3NDlhY2JmMmJmYThlYjEwMjE4NTA4OTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKqjms9p6lpqhatEVZrTlB66JLXN
HiV1m/yHTw/PNPD3ZP/C+mMoRpBbZjsrGayppjnNj5vBS7mOni4hqDxPPPoCJ0eV
xVC7mcFGsuI6OfXEU+lFfUS2KJRQC3WvUUxE1UaTzZUsAWKnKZtN94iEGhDucxk+
ToF8AmiwfutbDB5IlaDJyvxlXf98mLb4AgU1OKZ2//wni7a5eLOcVGJAQom5LmXx
Raiws67ElR88ClSODHY5QdCrs/QWHtFH6z3u7bCaqPvkz9zqCOCuFfzRhIxc+Sjc
5vnMhRUvKkUcxUSDGVHuoQnpoAm6L2XrDwUTbMx7sAiWg+os2tEsOvLzjQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMhpzNIhMliHSay/K/qOsQIYUIl/MB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEveUduTTBpRXlXSWRKckw4ci1vNnhBaGhRaVg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCTfd4AwQB
WSpwAwQBWS3QAwQC2Rq8MA0GCSqGSIb3DQEBCwUAA4IBAQBx7AwF2gLL2ScKo27+
/OoHNrObSFL0xxN/OBsPwnFPYGugKJyGmLJLHq2CPAthtG8TR0E958euo0DBdgaC
sspVcjRJIZJ5o/JBa2edyIF2FzEtBnBtMMrAmYir1Hn8sZIv3QHtF8vVg2hDoau1
teF3PyGafE31UV2K/ndyub2lLKMxHp1PoEWqZ7jHNwj1EqgeYqx8XCcqgc5V5fzY
SHlzUUcKt4eq6hl3US+8JR5QTEU9SJtTEuYZB98Lm3dBYp2zUx/ACwW8iJwTaEEs
SGtffTccJwoX18600cqIi+6MpMyrwWgpGkAEOjDZeQc6i8cV+IYwxyqxjJPKixyC
3Y3A
-----END CERTIFICATE-----
Generated at Fri May 3 02:23:15 2024 by rpki-client on console-fra.rpki-client.org