Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/86e40c-1563-40ea-8f4e-a178332533e0/1/ynamKDho6r95ir3pGxFIhgXqr7k.roa
File: ynamKDho6r95ir3pGxFIhgXqr7k.roa (raw, json)
Hash identifier: zHyFt+YZDbGRAnhXnfxM1PBMIlXxioxo2M3MejVgI9A=
Subject key identifier: CA:76:A6:28:38:68:EA:BF:79:8A:BD:E9:1B:11:48:86:05:EA:AF:B9
Certificate issuer: /CN=a757f87f86e93b25ef4c0433664bbe72da98fbfe
Certificate serial: 01918D1FE1DB845E1EAE2315901375D38332
Authority key identifier: A7:57:F8:7F:86:E9:3B:25:EF:4C:04:33:66:4B:BE:72:DA:98:FB:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p1f4f4bpOyXvTAQzZku-ctqY-_4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/86e40c-1563-40ea-8f4e-a178332533e0/1/ynamKDho6r95ir3pGxFIhgXqr7k.roa
Signing time: Mon 26 Aug 2024 05:19:22 +0000
ROA not before: Mon 26 Aug 2024 05:19:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24806
IP address blocks: 81.2.192.0/18 maxlen: 32
185.28.100.0/22 maxlen: 32
185.129.136.0/22 maxlen: 32
195.181.208.0/20 maxlen: 32
2001:15e8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/86e40c-1563-40ea-8f4e-a178332533e0/1/p1f4f4bpOyXvTAQzZku-ctqY-_4.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/86e40c-1563-40ea-8f4e-a178332533e0/1/p1f4f4bpOyXvTAQzZku-ctqY-_4.mft
rsync://rpki.ripe.net/repository/DEFAULT/p1f4f4bpOyXvTAQzZku-ctqY-_4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Sep 2024 20:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8d:1f:e1:db:84:5e:1e:ae:23:15:90:13:75:d3:83:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a757f87f86e93b25ef4c0433664bbe72da98fbfe
Validity
Not Before: Aug 26 05:19:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca76a6283868eabf798abde91b11488605eaafb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:5e:52:fc:ac:0f:8b:63:97:b8:38:b8:31:67:
ef:e9:1a:3a:b6:d0:3b:1d:f0:b0:e7:2b:8b:a6:bb:
45:25:0b:ad:c9:a0:e4:23:c7:d4:4b:99:7c:40:00:
a6:25:6c:d6:fe:e5:ee:f7:d9:69:9e:86:29:b3:df:
1f:c6:88:bd:77:5b:c7:85:6b:5d:50:60:3e:c3:03:
47:ad:b5:fd:29:1f:00:d9:71:4b:c1:8d:36:28:46:
3a:92:28:56:cb:9b:9f:1e:02:da:dc:4b:28:4f:83:
74:4a:8c:89:1b:0e:ef:ec:2b:20:c8:78:d9:a5:b8:
1c:fc:cc:7c:60:2c:e7:a2:2c:65:ed:59:a6:12:5f:
38:90:3e:41:4a:35:ed:f4:9f:02:e4:30:e3:c5:7d:
da:a5:c2:4c:16:62:57:42:a0:5b:df:dc:b2:71:6f:
ad:e4:e8:22:d9:fa:46:7d:ec:f9:32:d1:c6:f3:44:
4a:da:65:3a:e6:07:fc:43:b9:71:f6:1a:c8:98:c7:
db:c7:4d:cb:4a:dc:9f:71:6f:32:94:16:f1:6e:a2:
66:70:c1:ed:1d:a9:55:00:49:d7:af:bb:96:83:78:
44:c6:7a:4f:d3:78:0d:8f:4c:88:85:6c:51:4b:a6:
50:e6:bc:87:5a:ac:55:c3:c2:b6:46:13:b5:42:10:
b5:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:76:A6:28:38:68:EA:BF:79:8A:BD:E9:1B:11:48:86:05:EA:AF:B9
X509v3 Authority Key Identifier:
keyid:A7:57:F8:7F:86:E9:3B:25:EF:4C:04:33:66:4B:BE:72:DA:98:FB:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p1f4f4bpOyXvTAQzZku-ctqY-_4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/86e40c-1563-40ea-8f4e-a178332533e0/1/ynamKDho6r95ir3pGxFIhgXqr7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/86e40c-1563-40ea-8f4e-a178332533e0/1/p1f4f4bpOyXvTAQzZku-ctqY-_4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.2.192.0/18
185.28.100.0/22
185.129.136.0/22
195.181.208.0/20
IPv6:
2001:15e8::/32
Signature Algorithm: sha256WithRSAEncryption
6a:32:1a:af:6b:e6:56:84:e6:82:1b:77:ac:ad:2f:ac:ad:dc:
16:03:e1:44:ea:f5:0b:0d:2d:a1:b4:69:e3:11:53:04:c0:71:
c7:0a:8d:8c:a5:8d:18:2d:4a:5f:c7:11:7e:04:c4:ca:c6:d5:
ff:a1:05:01:c9:58:0f:b4:b8:b9:df:21:5e:f5:2d:a1:63:24:
8c:98:d2:91:8b:6f:94:b7:73:6c:b7:6f:bd:27:77:1d:e2:2d:
74:74:fa:8a:8d:fc:25:e4:07:c3:4e:2c:a4:e2:46:68:52:dd:
6c:90:fe:eb:83:71:80:55:57:4e:cb:55:67:62:03:3b:b3:52:
fd:ca:f0:38:ca:39:e3:3e:31:1e:97:ae:e5:32:8f:30:b9:a5:
00:f9:cc:a0:a7:a1:6b:da:52:1a:d2:9b:53:d9:9a:17:8f:fe:
5a:3b:fd:77:70:46:a4:13:68:1f:36:64:e6:ff:16:67:4b:57:
f9:e9:36:3b:41:1b:bf:24:ef:45:21:63:26:94:28:ce:ac:86:
d6:f8:b9:57:6f:c6:28:74:cb:26:b2:f8:c6:f7:8d:8c:20:cf:
75:43:4b:d1:e5:94:a1:88:a2:ef:9f:44:f6:cf:07:73:19:cd:
95:59:8c:4c:24:da:7e:a0:89:81:3a:33:bd:56:41:10:9f:74:
04:41:d2:09
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZGNH+HbhF4eriMVkBN104MyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NTdmODdmODZlOTNiMjVlZjRjMDQzMzY2NGJiZTcyZGE5
OGZiZmUwHhcNMjQwODI2MDUxOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTc2YTYyODM4NjhlYWJmNzk4YWJkZTkxYjExNDg4NjA1ZWFhZmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx15S/KwPi2OXuDi4MWfv6Ro6ttA7
HfCw5yuLprtFJQutyaDkI8fUS5l8QACmJWzW/uXu99lpnoYps98fxoi9d1vHhWtd
UGA+wwNHrbX9KR8A2XFLwY02KEY6kihWy5ufHgLa3EsoT4N0SoyJGw7v7CsgyHjZ
pbgc/Mx8YCznoixl7VmmEl84kD5BSjXt9J8C5DDjxX3apcJMFmJXQqBb39yycW+t
5Ogi2fpGfez5MtHG80RK2mU65gf8Q7lx9hrImMfbx03LStyfcW8ylBbxbqJmcMHt
HalVAEnXr7uWg3hExnpP03gNj0yIhWxRS6ZQ5ryHWqxVw8K2RhO1QhC1xwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMp2pig4aOq/eYq96RsRSIYF6q+5MB8GA1UdIwQY
MBaAFKdX+H+G6Tsl70wEM2ZLvnLamPv+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDFmNGY0YnBPeVh2VEFRelprdS1jdHFZLV80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy84NmU0MGMtMTU2My00MGVhLThmNGUt
YTE3ODMzMjUzM2UwLzEveW5hbUtEaG82cjk1aXIzcEd4RkloZ1hxcjdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy84NmU0MGMtMTU2My00MGVhLThmNGUtYTE3ODMzMjUzM2Uw
LzEvcDFmNGY0YnBPeVh2VEFRelprdS1jdHFZLV80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGUQLAAwQC
uRxkAwQCuYGIAwQEw7XQMA0EAgACMAcDBQAgARXoMA0GCSqGSIb3DQEBCwUAA4IB
AQBqMhqva+ZWhOaCG3esrS+srdwWA+FE6vULDS2htGnjEVMEwHHHCo2MpY0YLUpf
xxF+BMTKxtX/oQUByVgPtLi53yFe9S2hYySMmNKRi2+Ut3Nst2+9J3cd4i10dPqK
jfwl5AfDTiyk4kZoUt1skP7rg3GAVVdOy1VnYgM7s1L9yvA4yjnjPjEel67lMo8w
uaUA+cygp6Fr2lIa0ptT2ZoXj/5aO/13cEakE2gfNmTm/xZnS1f56TY7QRu/JO9F
IWMmlCjOrIbW+LlXb8YodMsmsvjG942MIM91Q0vR5ZShiKLvn0T2zwdzGc2VWYxM
JNp+oImBOjO9VkEQn3QEQdIJ
-----END CERTIFICATE-----
Generated at Wed Sep 18 23:24:30 2024 by rpki-client on console-ams.rpki-client.org