Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/61a693-836a-4122-b929-e2a9205a9d2a/1/Y1fSWggqA8AMMM58Ab-VrAQZu5Y.roa
File: Y1fSWggqA8AMMM58Ab-VrAQZu5Y.roa (raw, json)
Hash identifier: 3m7wZH74M8ZomeBHik+rWNGF4NEVg62Kr8mQAWszhKs=
Subject key identifier: 63:57:D2:5A:08:2A:03:C0:0C:30:CE:7C:01:BF:95:AC:04:19:BB:96
Certificate issuer: /CN=beab1ee7c4dad29d127d565d1b9379465c288937
Certificate serial: 018CC3B731C45BE43609740AA98CD14DDD9C
Authority key identifier: BE:AB:1E:E7:C4:DA:D2:9D:12:7D:56:5D:1B:93:79:46:5C:28:89:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vqse58Ta0p0SfVZdG5N5RlwoiTc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/61a693-836a-4122-b929-e2a9205a9d2a/1/Y1fSWggqA8AMMM58Ab-VrAQZu5Y.roa
Signing time: Mon 01 Jan 2024 06:30:12 +0000
ROA not before: Mon 01 Jan 2024 06:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3226
IP address blocks: 217.29.176.0/20 maxlen: 20
92.55.0.0/18 maxlen: 18
91.146.0.0/18 maxlen: 18
87.250.0.0/19 maxlen: 19
217.14.192.0/20 maxlen: 20
217.114.144.0/20 maxlen: 20
92.241.224.0/19 maxlen: 19
2a00:4580::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/61a693-836a-4122-b929-e2a9205a9d2a/1/vqse58Ta0p0SfVZdG5N5RlwoiTc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/61a693-836a-4122-b929-e2a9205a9d2a/1/vqse58Ta0p0SfVZdG5N5RlwoiTc.mft
rsync://rpki.ripe.net/repository/DEFAULT/vqse58Ta0p0SfVZdG5N5RlwoiTc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:31:c4:5b:e4:36:09:74:0a:a9:8c:d1:4d:dd:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=beab1ee7c4dad29d127d565d1b9379465c288937
Validity
Not Before: Jan 1 06:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6357d25a082a03c00c30ce7c01bf95ac0419bb96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:f9:8a:e9:da:ad:cf:33:83:af:12:f3:97:03:
39:c4:67:25:f7:14:eb:a9:f3:fd:55:3d:76:fd:70:
c4:03:51:19:46:4e:77:a4:4f:9b:0e:2f:31:52:69:
4d:ab:9d:38:b5:4d:ef:bc:6c:f2:55:cf:06:f0:07:
57:58:d9:2f:2a:a3:60:6e:98:a2:6e:96:11:b5:ff:
14:72:f6:a6:50:75:ce:e3:86:ca:75:4c:a4:86:bf:
ad:4c:5c:e9:56:0e:48:e8:56:10:69:3c:d4:41:e4:
45:7a:d6:e2:78:6f:11:b3:23:00:ee:fc:e9:a6:ce:
33:ef:fb:92:35:46:e0:73:33:3d:6f:23:f7:15:4b:
3a:8d:33:b6:02:ab:0d:26:e4:be:94:11:55:3b:ab:
11:8e:e9:8f:8e:db:05:26:f7:7c:39:f0:99:cc:97:
21:a4:5b:34:3c:14:92:c1:d5:96:f0:29:99:4b:8d:
3d:f7:62:d9:01:81:3c:5f:a8:18:d4:0a:61:40:65:
57:29:fa:48:a7:10:a6:33:87:8e:ec:74:bb:60:d9:
6a:86:41:f6:1c:fd:51:8a:f6:08:66:0b:88:15:d8:
a2:92:9b:a2:af:ec:84:88:17:86:87:83:4b:18:d7:
02:0b:98:c9:5f:0e:d7:ba:01:b4:5d:d2:e3:55:2f:
52:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:57:D2:5A:08:2A:03:C0:0C:30:CE:7C:01:BF:95:AC:04:19:BB:96
X509v3 Authority Key Identifier:
keyid:BE:AB:1E:E7:C4:DA:D2:9D:12:7D:56:5D:1B:93:79:46:5C:28:89:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vqse58Ta0p0SfVZdG5N5RlwoiTc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/61a693-836a-4122-b929-e2a9205a9d2a/1/Y1fSWggqA8AMMM58Ab-VrAQZu5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/61a693-836a-4122-b929-e2a9205a9d2a/1/vqse58Ta0p0SfVZdG5N5RlwoiTc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.250.0.0/19
91.146.0.0/18
92.55.0.0/18
92.241.224.0/19
217.14.192.0/20
217.29.176.0/20
217.114.144.0/20
IPv6:
2a00:4580::/30
Signature Algorithm: sha256WithRSAEncryption
1f:4c:51:f2:47:fc:72:84:83:f1:1b:ff:f9:c1:f3:6c:e2:55:
ae:f1:fe:76:e3:aa:18:07:a4:ac:f0:41:95:95:c6:64:cb:c5:
97:16:90:c7:c7:8f:2d:86:ce:49:a0:6d:23:88:15:fc:fe:e4:
ed:27:42:30:e3:20:f6:f6:64:27:6d:01:b2:2d:22:a9:0d:05:
d4:95:96:77:22:9a:76:c4:ff:f6:29:f7:42:9a:78:8a:77:fb:
34:c3:8e:ae:9e:d8:a0:bd:3f:5f:2e:04:d2:35:17:b6:da:6a:
dd:ef:7d:1f:5f:4d:2c:68:be:af:b0:64:84:ac:1c:8c:5a:32:
ce:ab:b2:1e:82:37:4d:8c:b6:2b:6f:6e:1b:72:34:aa:b7:0b:
2f:3d:3e:d4:a4:77:c2:81:23:eb:aa:c2:24:62:1b:07:c4:cb:
4c:49:01:30:11:dd:c7:87:86:3c:c2:93:d5:bf:26:03:86:7e:
61:19:aa:6c:a4:18:3e:f1:b8:82:2f:d7:03:8a:1e:8c:3f:28:
73:91:47:e2:7c:f2:a1:1c:8e:be:10:2e:f9:9d:af:c5:99:0a:
95:bc:58:39:ef:99:99:7f:00:7b:b4:56:21:9c:1e:4e:5e:58:
95:c9:94:4e:d3:54:47:b2:8d:07:c8:df:2e:a1:0d:4a:5d:51:
9f:57:45:9a
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzDtzHEW+Q2CXQKqYzRTd2cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlYWIxZWU3YzRkYWQyOWQxMjdkNTY1ZDFiOTM3OTQ2NWMy
ODg5MzcwHhcNMjQwMTAxMDYzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzU3ZDI1YTA4MmEwM2MwMGMzMGNlN2MwMWJmOTVhYzA0MTliYjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5/mK6dqtzzODrxLzlwM5xGcl9xTr
qfP9VT12/XDEA1EZRk53pE+bDi8xUmlNq504tU3vvGzyVc8G8AdXWNkvKqNgbpii
bpYRtf8UcvamUHXO44bKdUykhr+tTFzpVg5I6FYQaTzUQeRFetbieG8RsyMA7vzp
ps4z7/uSNUbgczM9byP3FUs6jTO2AqsNJuS+lBFVO6sRjumPjtsFJvd8OfCZzJch
pFs0PBSSwdWW8CmZS40992LZAYE8X6gY1AphQGVXKfpIpxCmM4eO7HS7YNlqhkH2
HP1RivYIZguIFdiikpuir+yEiBeGh4NLGNcCC5jJXw7XugG0XdLjVS9S2wIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFGNX0loIKgPADDDOfAG/lawEGbuWMB8GA1UdIwQY
MBaAFL6rHufE2tKdEn1WXRuTeUZcKIk3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnFzZTU4VGEwcDBTZlZaZEc1TjVSbHdvaVRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS82MWE2OTMtODM2YS00MTIyLWI5Mjkt
ZTJhOTIwNWE5ZDJhLzEvWTFmU1dnZ3FBOEFNTU01OEFiLVZyQVFadTVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS82MWE2OTMtODM2YS00MTIyLWI5MjktZTJhOTIwNWE5ZDJh
LzEvdnFzZTU4VGEwcDBTZlZaZEc1TjVSbHdvaVRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQFV/oAAwQG
W5IAAwQGXDcAAwQFXPHgAwQE2Q7AAwQE2R2wAwQE2XKQMA0EAgACMAcDBQIqAEWA
MA0GCSqGSIb3DQEBCwUAA4IBAQAfTFHyR/xyhIPxG//5wfNs4lWu8f5246oYB6Ss
8EGVlcZky8WXFpDHx48ths5JoG0jiBX8/uTtJ0Iw4yD29mQnbQGyLSKpDQXUlZZ3
Ipp2xP/2KfdCmniKd/s0w46untigvT9fLgTSNRe22mrd730fX00saL6vsGSErByM
WjLOq7IegjdNjLYrb24bcjSqtwsvPT7UpHfCgSPrqsIkYhsHxMtMSQEwEd3Hh4Y8
wpPVvyYDhn5hGapspBg+8biCL9cDih6MPyhzkUfifPKhHI6+EC75na/FmQqVvFg5
75mZfwB7tFYhnB5OXliVyZRO01RHso0HyN8uoQ1KXVGfV0Wa
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:25:43 2024 by rpki-client on console-fra.rpki-client.org