Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/c1c1ce-ea59-4dcf-bccc-3e7cadd88c70/1/YFn6-bY3YTivHFDcIacJDFzXuPg.roa
File: YFn6-bY3YTivHFDcIacJDFzXuPg.roa (raw, json)
Hash identifier: Frlt5pxu26dFEigv4JFrr/tG5WV9JOV0IbcLgt0n7TE=
Subject key identifier: 60:59:FA:F9:B6:37:61:38:AF:1C:50:DC:21:A7:09:0C:5C:D7:B8:F8
Certificate issuer: /CN=7f50077d2dd8a67a1ae8b6abd6bbb3489028a5bb
Certificate serial: 018CC79484E8C5261A1BFB838D5B0CD952BE
Authority key identifier: 7F:50:07:7D:2D:D8:A6:7A:1A:E8:B6:AB:D6:BB:B3:48:90:28:A5:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f1AHfS3Ypnoa6Lar1ruzSJAopbs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/c1c1ce-ea59-4dcf-bccc-3e7cadd88c70/1/YFn6-bY3YTivHFDcIacJDFzXuPg.roa
Signing time: Tue 02 Jan 2024 00:30:48 +0000
ROA not before: Tue 02 Jan 2024 00:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 766
IP address blocks: 212.128.64.0/19 maxlen: 19
212.128.0.0/18 maxlen: 18
158.99.0.0/16 maxlen: 16
212.128.128.0/17 maxlen: 17
185.205.148.0/22 maxlen: 22
193.144.0.0/14 maxlen: 14
192.187.24.0/23 maxlen: 23
130.206.0.0/16 maxlen: 16
192.148.201.0/24 maxlen: 24
192.148.204.0/22 maxlen: 22
192.148.202.0/23 maxlen: 23
2001:720::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/c1c1ce-ea59-4dcf-bccc-3e7cadd88c70/1/f1AHfS3Ypnoa6Lar1ruzSJAopbs.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/c1c1ce-ea59-4dcf-bccc-3e7cadd88c70/1/f1AHfS3Ypnoa6Lar1ruzSJAopbs.mft
rsync://rpki.ripe.net/repository/DEFAULT/f1AHfS3Ypnoa6Lar1ruzSJAopbs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:84:e8:c5:26:1a:1b:fb:83:8d:5b:0c:d9:52:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f50077d2dd8a67a1ae8b6abd6bbb3489028a5bb
Validity
Not Before: Jan 2 00:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6059faf9b6376138af1c50dc21a7090c5cd7b8f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:0f:c8:2f:20:c9:53:28:27:fd:61:e7:b8:ff:
32:ec:92:fc:f2:f8:74:e0:0c:f9:f6:a2:48:55:18:
a5:e3:c9:b8:99:52:52:39:ae:30:9c:37:5c:34:cb:
c2:23:02:1f:07:e8:13:7a:d3:85:5e:6b:85:59:7f:
14:c8:e4:3e:df:cd:bb:0a:b6:1f:9b:1c:8c:0a:89:
48:35:21:2a:33:60:f3:32:69:54:00:24:fa:7d:8f:
12:fa:52:5d:3f:f6:40:dd:0b:a7:00:b1:cd:e8:d4:
1f:92:15:77:d7:67:7a:40:ec:70:38:23:82:e2:4b:
74:0d:83:53:b4:88:82:2a:ba:0b:71:e6:19:56:38:
2f:b5:d7:39:8a:61:7a:fd:a0:6e:b3:e5:6c:e6:18:
af:90:31:88:d3:de:54:8c:f4:01:8c:5b:1a:35:11:
1a:ad:ec:16:37:77:9f:03:84:4a:fd:60:5a:0c:6b:
6d:03:5a:18:92:12:9a:c4:f6:09:9a:21:b4:a0:34:
63:63:62:13:cc:64:79:5c:af:a7:6f:45:16:8d:b3:
19:11:04:d7:9e:3d:62:69:b1:c2:4f:c1:e2:73:7a:
49:d7:07:10:62:86:56:7b:b4:c7:9b:24:09:d1:b7:
76:3a:ca:64:2b:9e:9e:66:7a:df:e2:7f:57:ab:62:
ed:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:59:FA:F9:B6:37:61:38:AF:1C:50:DC:21:A7:09:0C:5C:D7:B8:F8
X509v3 Authority Key Identifier:
keyid:7F:50:07:7D:2D:D8:A6:7A:1A:E8:B6:AB:D6:BB:B3:48:90:28:A5:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1AHfS3Ypnoa6Lar1ruzSJAopbs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/c1c1ce-ea59-4dcf-bccc-3e7cadd88c70/1/YFn6-bY3YTivHFDcIacJDFzXuPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/c1c1ce-ea59-4dcf-bccc-3e7cadd88c70/1/f1AHfS3Ypnoa6Lar1ruzSJAopbs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.206.0.0/16
158.99.0.0/16
185.205.148.0/22
192.148.201.0-192.148.207.255
192.187.24.0/23
193.144.0.0/14
212.128.0.0-212.128.95.255
212.128.128.0/17
IPv6:
2001:720::/32
Signature Algorithm: sha256WithRSAEncryption
15:8d:c0:54:35:16:37:fa:bd:96:28:a3:d1:94:d5:fe:11:f1:
e8:0c:d5:75:77:0a:f4:46:c9:27:ff:fd:71:3c:e5:ed:53:cf:
73:2e:3f:ec:aa:fd:ca:58:62:97:f1:82:d5:12:e9:6c:61:7d:
f1:87:35:35:65:2e:d0:8b:e8:7c:9e:9c:5f:53:4e:95:d5:14:
3b:b8:79:06:33:85:66:e0:e1:fc:63:91:5f:43:ef:57:c1:d8:
37:56:71:c4:8c:15:bf:cc:e3:18:25:97:fd:40:0b:57:be:40:
68:8a:76:07:77:2c:2b:ff:0e:32:88:8b:cc:39:bd:f3:69:11:
ef:8b:b3:54:73:4d:c2:91:0c:fc:d3:2f:cb:5e:bf:85:22:1f:
a7:2d:b6:af:9a:69:1c:f7:64:a4:c9:cb:69:9d:97:1b:83:b9:
84:63:28:32:01:b8:19:1a:23:02:c1:39:f2:68:34:dc:5e:52:
f1:c9:5b:c0:79:bb:18:c6:d4:86:c1:91:39:61:08:64:3e:7b:
16:ef:09:6e:3a:49:2b:27:e2:2a:f9:16:cf:07:56:2d:b1:24:
b4:4d:ba:0a:cf:ba:55:39:fb:75:8b:fd:ee:d6:5a:cd:e3:92:
b8:79:24:71:5d:bb:87:3b:1f:d1:48:1a:f4:a3:89:d8:c5:7f:
7d:f1:b3:c7
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYzHlIToxSYaG/uDjVsM2VK+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNTAwNzdkMmRkOGE2N2ExYWU4YjZhYmQ2YmJiMzQ4OTAy
OGE1YmIwHhcNMjQwMTAyMDAzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDU5ZmFmOWI2Mzc2MTM4YWYxYzUwZGMyMWE3MDkwYzVjZDdiOGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQ/ILyDJUygn/WHnuP8y7JL88vh0
4Az59qJIVRil48m4mVJSOa4wnDdcNMvCIwIfB+gTetOFXmuFWX8UyOQ+3827CrYf
mxyMColINSEqM2DzMmlUACT6fY8S+lJdP/ZA3QunALHN6NQfkhV312d6QOxwOCOC
4kt0DYNTtIiCKroLceYZVjgvtdc5imF6/aBus+Vs5hivkDGI095UjPQBjFsaNREa
rewWN3efA4RK/WBaDGttA1oYkhKaxPYJmiG0oDRjY2ITzGR5XK+nb0UWjbMZEQTX
nj1iabHCT8Hic3pJ1wcQYoZWe7THmyQJ0bd2OspkK56eZnrf4n9Xq2LtxwIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFGBZ+vm2N2E4rxxQ3CGnCQxc17j4MB8GA1UdIwQY
MBaAFH9QB30t2KZ6Gui2q9a7s0iQKKW7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjFBSGZTM1lwbm9hNkxhcjFydXpTSkFvcGJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9jMWMxY2UtZWE1OS00ZGNmLWJjY2Mt
M2U3Y2FkZDg4YzcwLzEvWUZuNi1iWTNZVGl2SEZEY0lhY0pERnpYdVBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9jMWMxY2UtZWE1OS00ZGNmLWJjY2MtM2U3Y2FkZDg4Yzcw
LzEvZjFBSGZTM1lwbm9hNkxhcjFydXpTSkFvcGJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwMAgs4DAwCe
YwMEArnNlDAMAwQAwJTJAwQEwJTAAwQBwLsYAwMCwZAwCwMDB9SAAwQF1IBAAwQH
1ICAMA0EAgACMAcDBQAgAQcgMA0GCSqGSIb3DQEBCwUAA4IBAQAVjcBUNRY3+r2W
KKPRlNX+EfHoDNV1dwr0Rskn//1xPOXtU89zLj/sqv3KWGKX8YLVEulsYX3xhzU1
ZS7Qi+h8npxfU06V1RQ7uHkGM4Vm4OH8Y5FfQ+9Xwdg3VnHEjBW/zOMYJZf9QAtX
vkBoinYHdywr/w4yiIvMOb3zaRHvi7NUc03CkQz80y/LXr+FIh+nLbavmmkc92Sk
yctpnZcbg7mEYygyAbgZGiMCwTnyaDTcXlLxyVvAebsYxtSGwZE5YQhkPnsW7wlu
OkkrJ+Iq+RbPB1YtsSS0TboKz7pVOft1i/3u1lrN45K4eSRxXbuHOx/RSBr0o4nY
xX998bPH
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:36:59 2024 by rpki-client on console-ams.rpki-client.org