Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/YtgvT4Q4zR3HB74ybCRPMsnhkoE.roa
File: YtgvT4Q4zR3HB74ybCRPMsnhkoE.roa (raw, json)
Hash identifier: h1izGrz2w7L0X+E/vLel+gOjQdgYpR/Od/F7GBv9PdQ=
Subject key identifier: 62:D8:2F:4F:84:38:CD:1D:C7:07:BE:32:6C:24:4F:32:C9:E1:92:81
Certificate issuer: /CN=26a5aa918cbfeb3e12997f33890feb258907b343
Certificate serial: 018CC500E0A5FA36E345F9D80CF9433827D5
Authority key identifier: 26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/YtgvT4Q4zR3HB74ybCRPMsnhkoE.roa
Signing time: Mon 01 Jan 2024 12:30:18 +0000
ROA not before: Mon 01 Jan 2024 12:30:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29522
IP address blocks: 185.140.120.0/22 maxlen: 24
194.60.251.0/24 maxlen: 24
195.149.224.0/21 maxlen: 24
94.152.0.0/16 maxlen: 24
185.11.100.0/22 maxlen: 24
94.152.255.0/24 maxlen: 24
94.152.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.mft
rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:e0:a5:fa:36:e3:45:f9:d8:0c:f9:43:38:27:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26a5aa918cbfeb3e12997f33890feb258907b343
Validity
Not Before: Jan 1 12:30:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62d82f4f8438cd1dc707be326c244f32c9e19281
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:dd:65:48:8c:ae:b5:35:20:d6:7b:bb:85:d6:
69:e9:8d:02:f1:48:c4:ec:d6:64:85:72:6f:28:a0:
44:6c:9a:dc:1b:d9:9e:25:5e:4e:8b:33:bc:26:6a:
ab:57:59:e1:b1:98:48:01:01:23:21:4e:d2:96:ed:
e4:7b:5b:84:ba:f1:bb:e7:9e:08:15:23:0e:bf:1d:
3c:a3:07:03:3e:c5:6a:70:aa:f1:28:2b:f8:59:3b:
8f:b4:c7:73:4d:f2:29:95:8f:7a:67:2a:41:f6:16:
fb:ed:63:19:4b:ed:11:b7:8c:81:85:00:a8:58:d9:
65:74:11:1c:83:01:a0:fc:8c:60:55:48:7d:80:38:
3c:49:53:4a:21:2e:de:4f:11:46:68:99:5b:07:d8:
21:f3:77:85:77:00:fd:ff:1f:42:da:80:65:8f:26:
a6:4c:55:d6:0e:6b:c8:77:47:4a:2e:80:1b:85:03:
26:7e:fd:c8:c6:59:ee:18:67:0b:ba:f5:d8:02:9e:
47:a1:d2:15:ee:01:44:28:c7:1b:22:e9:99:a6:21:
da:f5:5c:b3:da:6e:6b:3e:b9:cc:83:10:7e:9a:bd:
f3:4b:f0:0b:fb:bd:d7:75:5f:2f:77:05:e5:a4:8d:
59:50:73:28:f8:b0:32:fe:61:1a:cd:04:c6:eb:f5:
89:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:D8:2F:4F:84:38:CD:1D:C7:07:BE:32:6C:24:4F:32:C9:E1:92:81
X509v3 Authority Key Identifier:
keyid:26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/YtgvT4Q4zR3HB74ybCRPMsnhkoE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.152.0.0/16
185.11.100.0/22
185.140.120.0/22
194.60.251.0/24
195.149.224.0/21
Signature Algorithm: sha256WithRSAEncryption
3c:8d:9c:86:cc:4c:98:ea:de:06:ba:c0:79:83:cc:8d:df:c6:
6d:a8:5c:72:6c:c1:c5:f8:5a:e5:46:e1:ec:ed:6e:f1:52:4b:
e3:eb:42:61:53:f5:69:c0:51:b8:a8:b0:fd:f2:fd:f3:7f:8a:
6a:96:7a:71:da:52:84:32:42:0e:e2:b7:94:f6:e8:8e:ab:73:
cc:40:76:cc:1a:04:1a:1b:10:3e:2d:ca:82:4d:b0:f7:28:44:
c9:f4:51:27:07:a1:cd:d0:78:17:72:a3:bc:5a:50:5c:ed:a2:
70:a8:8a:e3:bd:25:d9:65:45:d0:2f:53:1f:3d:7a:54:15:8f:
ba:ae:48:c8:1e:44:36:bb:fe:6a:96:0d:8a:a0:e3:25:d8:bf:
69:14:97:bc:19:02:f2:cf:2e:07:50:49:9a:2b:75:83:cd:96:
d5:d0:dd:58:38:fe:47:a0:67:26:1f:0d:c3:c5:c1:30:ad:2f:
32:0a:a4:9a:86:c0:d7:87:43:fe:ac:47:93:81:8b:56:5c:da:
a2:af:be:ad:f5:b9:bd:c9:35:4b:53:3c:62:2a:1c:db:b1:b1:
fc:d7:eb:0a:64:a4:97:d1:d9:46:9f:80:77:4a:99:e9:5a:68:
9f:1a:85:17:79:b3:16:37:d4:01:7c:6a:f0:e6:ce:0d:fe:86:
4f:79:7e:f7
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzFAOCl+jbjRfnYDPlDOCfVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YTVhYTkxOGNiZmViM2UxMjk5N2YzMzg5MGZlYjI1ODkw
N2IzNDMwHhcNMjQwMTAxMTIzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmQ4MmY0Zjg0MzhjZDFkYzcwN2JlMzI2YzI0NGYzMmM5ZTE5MjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAot1lSIyutTUg1nu7hdZp6Y0C8UjE
7NZkhXJvKKBEbJrcG9meJV5OizO8JmqrV1nhsZhIAQEjIU7Slu3ke1uEuvG7554I
FSMOvx08owcDPsVqcKrxKCv4WTuPtMdzTfIplY96ZypB9hb77WMZS+0Rt4yBhQCo
WNlldBEcgwGg/IxgVUh9gDg8SVNKIS7eTxFGaJlbB9gh83eFdwD9/x9C2oBljyam
TFXWDmvId0dKLoAbhQMmfv3IxlnuGGcLuvXYAp5HodIV7gFEKMcbIumZpiHa9Vyz
2m5rPrnMgxB+mr3zS/AL+73XdV8vdwXlpI1ZUHMo+LAy/mEazQTG6/WJVwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGLYL0+EOM0dxwe+MmwkTzLJ4ZKBMB8GA1UdIwQY
MBaAFCalqpGMv+s+Epl/M4kP6yWJB7NDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTIt
Mjk3ZTI4MmQ2NmE4LzEvWXRndlQ0UTR6UjNIQjc0eWJDUlBNc25oa29FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTItMjk3ZTI4MmQ2NmE4
LzEvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAATAdAwMAXpgDBAK5
C2QDBAK5jHgDBADCPPsDBAPDleAwDQYJKoZIhvcNAQELBQADggEBADyNnIbMTJjq
3ga6wHmDzI3fxm2oXHJswcX4WuVG4eztbvFSS+PrQmFT9WnAUbiosP3y/fN/imqW
enHaUoQyQg7it5T26I6rc8xAdswaBBobED4tyoJNsPcoRMn0UScHoc3QeBdyo7xa
UFztonCoiuO9JdllRdAvUx89elQVj7quSMgeRDa7/mqWDYqg4yXYv2kUl7wZAvLP
LgdQSZordYPNltXQ3Vg4/kegZyYfDcPFwTCtLzIKpJqGwNeHQ/6sR5OBi1Zc2qKv
vq31ub3JNUtTPGIqHNuxsfzX6wpkpJfR2UafgHdKmelaaJ8ahRd5sxY31AF8avDm
zg3+hk95fvc=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:40:52 2024 by rpki-client on console-ams.rpki-client.org