Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/1ed27c-2d8c-4080-a458-9f522a284595/1/Yj9aigCgAuDPGSi4xMpZvLtFYEw.roa
File: Yj9aigCgAuDPGSi4xMpZvLtFYEw.roa (raw, json)
Hash identifier: ZEBzKJfVDi6ZJrlJ3W1vvaI12woutIWPgFXQsDeY6ow=
Subject key identifier: 62:3F:5A:8A:00:A0:02:E0:CF:19:28:B8:C4:CA:59:BC:BB:45:60:4C
Certificate issuer: /CN=2ec121e1545df3e5bb86e9188f2825fad7477f75
Certificate serial: 018CC5002D87481D73895601C28D00B4D25D
Authority key identifier: 2E:C1:21:E1:54:5D:F3:E5:BB:86:E9:18:8F:28:25:FA:D7:47:7F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LsEh4VRd8-W7hukYjygl-tdHf3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/1ed27c-2d8c-4080-a458-9f522a284595/1/Yj9aigCgAuDPGSi4xMpZvLtFYEw.roa
Signing time: Mon 01 Jan 2024 12:29:32 +0000
ROA not before: Mon 01 Jan 2024 12:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57103
IP address blocks: 185.119.200.0/22 maxlen: 24
91.229.172.0/24 maxlen: 24
2a06:8bc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/1ed27c-2d8c-4080-a458-9f522a284595/1/LsEh4VRd8-W7hukYjygl-tdHf3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/1ed27c-2d8c-4080-a458-9f522a284595/1/LsEh4VRd8-W7hukYjygl-tdHf3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/LsEh4VRd8-W7hukYjygl-tdHf3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:2d:87:48:1d:73:89:56:01:c2:8d:00:b4:d2:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ec121e1545df3e5bb86e9188f2825fad7477f75
Validity
Not Before: Jan 1 12:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=623f5a8a00a002e0cf1928b8c4ca59bcbb45604c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:7a:b7:be:52:e0:51:ea:91:1d:d0:8c:11:bb:
cc:6a:8f:e8:b3:b6:00:6a:fd:6e:0e:1b:85:a5:7a:
8d:05:0a:70:c5:3a:57:7a:3b:55:46:37:9b:f6:2f:
ad:d8:91:8f:9d:16:4f:5b:b4:bc:be:39:62:49:69:
fd:5e:9f:4f:4b:81:fd:ab:fa:36:4d:97:a5:7a:ae:
32:c8:9e:d3:49:c6:05:9a:b6:29:01:15:67:00:a7:
cc:47:e1:38:84:ec:f8:c8:1b:43:48:28:6b:b6:74:
b7:b0:b0:30:98:1f:24:7d:93:7c:da:5a:68:e6:6a:
7a:ee:be:fc:83:e9:d3:a3:6a:f8:fb:d0:a9:74:42:
2e:a3:9f:99:9f:22:e3:d4:de:4e:d9:92:17:e0:6f:
d5:a1:e0:16:e5:ca:7e:77:c6:a0:ac:74:4c:b6:b0:
41:78:fd:69:8a:18:64:55:f9:b3:0d:9b:56:e6:0e:
ec:f5:99:0c:fd:44:b4:c2:70:f4:6d:38:bc:c7:cf:
3f:d1:c5:81:89:50:8e:e3:d2:fb:73:44:5f:01:db:
b0:ee:0a:22:ca:c2:68:1b:da:8c:47:e8:78:1e:be:
61:46:d8:e4:b0:47:5e:0c:e3:92:54:e9:0b:45:16:
92:d8:75:5d:35:7a:f9:93:0d:d7:7c:da:8c:c6:72:
81:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:3F:5A:8A:00:A0:02:E0:CF:19:28:B8:C4:CA:59:BC:BB:45:60:4C
X509v3 Authority Key Identifier:
keyid:2E:C1:21:E1:54:5D:F3:E5:BB:86:E9:18:8F:28:25:FA:D7:47:7F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LsEh4VRd8-W7hukYjygl-tdHf3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1ed27c-2d8c-4080-a458-9f522a284595/1/Yj9aigCgAuDPGSi4xMpZvLtFYEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1ed27c-2d8c-4080-a458-9f522a284595/1/LsEh4VRd8-W7hukYjygl-tdHf3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.172.0/24
185.119.200.0/22
IPv6:
2a06:8bc0::/29
Signature Algorithm: sha256WithRSAEncryption
78:22:c5:70:04:17:cd:df:1b:5e:10:e1:19:e2:9e:47:f0:10:
e0:b8:46:47:ce:7c:4c:57:c4:5a:91:98:1b:66:b8:e5:59:e0:
3a:94:9d:85:f3:0e:8a:fd:5f:2e:d9:fb:b7:46:b8:05:64:0f:
cc:e3:f3:7a:54:81:29:db:08:93:e4:14:43:18:d9:56:26:d7:
8b:bf:9a:50:10:d6:ab:26:f4:f1:35:d8:0d:90:eb:96:b8:6a:
aa:18:3c:28:91:23:31:77:31:db:af:50:3e:ba:84:9c:8f:e6:
04:e8:7f:bc:35:d9:3e:69:97:dc:6c:c9:d2:1e:6b:05:44:06:
b2:38:57:94:e4:7c:2f:35:ca:1d:0f:67:6e:9b:dc:c3:d0:15:
8a:a8:6e:f7:98:43:7f:39:7c:6d:b8:9a:57:26:f8:de:18:f1:
20:5b:9f:a1:ae:97:4c:6e:a8:7b:af:57:58:b1:9a:fd:3a:eb:
ef:66:d7:67:0d:be:6a:da:3a:68:b4:a9:8a:05:35:3e:6f:e8:
f4:a1:b7:36:c3:c4:05:e3:2a:90:a5:b4:6f:6a:73:b6:39:9c:
f8:8b:a2:63:de:94:56:e6:11:ac:8a:1f:19:f0:f1:07:39:32:
71:d5:42:8e:81:23:f8:04:2f:7d:ad:75:f7:61:68:8f:58:e3:
ad:0a:c2:d0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzFAC2HSB1ziVYBwo0AtNJdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlYzEyMWUxNTQ1ZGYzZTViYjg2ZTkxODhmMjgyNWZhZDc0
NzdmNzUwHhcNMjQwMTAxMTIyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjNmNWE4YTAwYTAwMmUwY2YxOTI4YjhjNGNhNTliY2JiNDU2MDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHq3vlLgUeqRHdCMEbvMao/os7YA
av1uDhuFpXqNBQpwxTpXejtVRjeb9i+t2JGPnRZPW7S8vjliSWn9Xp9PS4H9q/o2
TZeleq4yyJ7TScYFmrYpARVnAKfMR+E4hOz4yBtDSChrtnS3sLAwmB8kfZN82lpo
5mp67r78g+nTo2r4+9CpdEIuo5+ZnyLj1N5O2ZIX4G/VoeAW5cp+d8agrHRMtrBB
eP1pihhkVfmzDZtW5g7s9ZkM/US0wnD0bTi8x88/0cWBiVCO49L7c0RfAduw7goi
ysJoG9qMR+h4Hr5hRtjksEdeDOOSVOkLRRaS2HVdNXr5kw3XfNqMxnKB+QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGI/WooAoALgzxkouMTKWby7RWBMMB8GA1UdIwQY
MBaAFC7BIeFUXfPlu4bpGI8oJfrXR391MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHNFaDRWUmQ4LVc3aHVrWWp5Z2wtdGRIZjNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8xZWQyN2MtMmQ4Yy00MDgwLWE0NTgt
OWY1MjJhMjg0NTk1LzEvWWo5YWlnQ2dBdURQR1NpNHhNcFp2THRGWUV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8xZWQyN2MtMmQ4Yy00MDgwLWE0NTgtOWY1MjJhMjg0NTk1
LzEvTHNFaDRWUmQ4LVc3aHVrWWp5Z2wtdGRIZjNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW+WsAwQC
uXfIMA0EAgACMAcDBQMqBovAMA0GCSqGSIb3DQEBCwUAA4IBAQB4IsVwBBfN3xte
EOEZ4p5H8BDguEZHznxMV8RakZgbZrjlWeA6lJ2F8w6K/V8u2fu3RrgFZA/M4/N6
VIEp2wiT5BRDGNlWJteLv5pQENarJvTxNdgNkOuWuGqqGDwokSMxdzHbr1A+uoSc
j+YE6H+8Ndk+aZfcbMnSHmsFRAayOFeU5HwvNcodD2dum9zD0BWKqG73mEN/OXxt
uJpXJvjeGPEgW5+hrpdMbqh7r1dYsZr9OuvvZtdnDb5q2jpotKmKBTU+b+j0obc2
w8QF4yqQpbRvanO2OZz4i6Jj3pRW5hGsih8Z8PEHOTJx1UKOgSP4BC99rXX3YWiP
WOOtCsLQ
-----END CERTIFICATE-----
Generated at Sat Jun 8 06:28:43 2024 by rpki-client on console-ams.rpki-client.org