Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/4ec217-e8d7-4e80-87cd-039de784d941/1/yAQi_JmZBYvY9Knr3ls8S3CRUls.roa
File: yAQi_JmZBYvY9Knr3ls8S3CRUls.roa (raw, json)
Hash identifier: A7usJXlUxK6zOrYK5gG5oqFRotiVPH23BXEtQz+qTh4=
Subject key identifier: C8:04:22:FC:99:99:05:8B:D8:F4:A9:EB:DE:5B:3C:4B:70:91:52:5B
Certificate issuer: /CN=7292226567da72dd86883cadd5f3de6ffd5b3573
Certificate serial: 018CC2DB0454AF6B20D7273DC11DD1486A7A
Authority key identifier: 72:92:22:65:67:DA:72:DD:86:88:3C:AD:D5:F3:DE:6F:FD:5B:35:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cpIiZWfact2GiDyt1fPeb_1bNXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/4ec217-e8d7-4e80-87cd-039de784d941/1/yAQi_JmZBYvY9Knr3ls8S3CRUls.roa
Signing time: Mon 01 Jan 2024 02:29:42 +0000
ROA not before: Mon 01 Jan 2024 02:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56911
IP address blocks: 176.119.217.0/24 maxlen: 24
45.117.232.0/22 maxlen: 22
2a07:9340::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/4ec217-e8d7-4e80-87cd-039de784d941/1/cpIiZWfact2GiDyt1fPeb_1bNXM.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/4ec217-e8d7-4e80-87cd-039de784d941/1/cpIiZWfact2GiDyt1fPeb_1bNXM.mft
rsync://rpki.ripe.net/repository/DEFAULT/cpIiZWfact2GiDyt1fPeb_1bNXM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 20:24:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:04:54:af:6b:20:d7:27:3d:c1:1d:d1:48:6a:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7292226567da72dd86883cadd5f3de6ffd5b3573
Validity
Not Before: Jan 1 02:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c80422fc9999058bd8f4a9ebde5b3c4b7091525b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:3b:cf:df:fa:9c:8a:51:9c:d3:02:09:67:8b:
8d:a2:b2:d6:1d:44:68:c4:67:10:d9:5f:35:c7:0a:
6d:49:7c:15:bc:6a:ba:95:6a:b4:b4:ba:31:08:c9:
f9:88:10:b2:26:f0:08:3a:d6:cf:cf:a1:bc:40:e7:
9e:e5:21:a0:de:eb:8f:c5:db:19:d0:e1:0e:a6:4b:
5b:df:00:af:bf:cb:85:0c:43:0a:3d:64:bc:da:37:
4b:2b:fd:4d:b7:0c:73:8d:2e:87:1c:e5:71:31:60:
66:45:06:25:b7:a0:8a:19:23:e2:6e:9b:14:a4:ff:
26:5d:80:42:19:c0:12:e3:9f:4c:2e:61:6a:18:65:
b1:81:0d:7a:d0:9f:ad:18:0a:15:9c:5f:f9:d0:ed:
94:fe:3b:fe:2a:72:51:55:5b:01:69:86:2b:c7:a9:
8a:0c:a0:32:d5:36:0a:b4:7b:54:93:7a:fd:24:0d:
3f:3e:f2:6a:72:6f:47:b2:0d:79:a7:e6:19:cc:3d:
7c:03:49:b0:bf:a8:a8:3f:a3:f3:24:18:28:71:93:
b0:dc:5d:94:37:bb:7e:ef:3d:25:f6:42:2e:35:f0:
70:0d:94:8b:63:ca:af:9f:df:83:4e:24:3e:9e:d4:
37:77:66:34:af:d5:28:e4:47:06:0a:e6:cd:99:b3:
f0:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:04:22:FC:99:99:05:8B:D8:F4:A9:EB:DE:5B:3C:4B:70:91:52:5B
X509v3 Authority Key Identifier:
keyid:72:92:22:65:67:DA:72:DD:86:88:3C:AD:D5:F3:DE:6F:FD:5B:35:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cpIiZWfact2GiDyt1fPeb_1bNXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/4ec217-e8d7-4e80-87cd-039de784d941/1/yAQi_JmZBYvY9Knr3ls8S3CRUls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/4ec217-e8d7-4e80-87cd-039de784d941/1/cpIiZWfact2GiDyt1fPeb_1bNXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.117.232.0/22
176.119.217.0/24
IPv6:
2a07:9340::/32
Signature Algorithm: sha256WithRSAEncryption
c1:70:0b:3e:19:42:8e:6e:83:6b:fd:54:1a:56:39:31:8f:dc:
7c:5a:20:6d:84:49:1c:83:45:1c:57:7c:90:ab:45:8f:75:a8:
3e:6e:ef:51:cd:b6:73:17:c9:96:30:bc:30:b3:0b:40:73:d7:
28:2d:88:f0:62:81:84:79:51:03:27:24:a4:6e:58:ad:8b:2b:
db:a2:db:1b:55:c3:e1:72:f6:1f:5f:7f:23:b4:1d:f9:a9:66:
e2:83:65:16:94:0f:56:2b:c6:43:3a:c5:10:f0:1e:5c:23:5e:
4c:1a:79:fa:84:dd:2b:99:c5:a0:0f:fb:89:e6:01:34:b1:f7:
c4:6e:be:53:c6:bf:07:02:3f:aa:f1:98:07:0c:c0:18:18:f3:
e4:b0:5f:f4:95:98:75:23:7d:83:d3:29:5e:b3:4d:0f:b1:b4:
ea:a5:ff:aa:29:18:50:e3:0a:76:99:76:53:db:43:72:f7:ae:
9d:14:e0:06:8d:0a:a9:9c:92:dc:fb:2e:52:c4:68:47:57:63:
2b:5d:70:4b:d1:89:38:b4:99:3d:29:1b:87:9e:d6:7b:3a:b9:
01:7b:6e:a4:a6:11:81:68:40:b1:a6:25:72:55:67:51:e7:40:
65:96:ef:3f:11:1c:60:1e:03:28:ba:57:2a:63:69:e9:89:a4:
01:80:93:47
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzC2wRUr2sg1yc9wR3RSGp6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyOTIyMjY1NjdkYTcyZGQ4Njg4M2NhZGQ1ZjNkZTZmZmQ1
YjM1NzMwHhcNMjQwMTAxMDIyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODA0MjJmYzk5OTkwNThiZDhmNGE5ZWJkZTViM2M0YjcwOTE1MjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjvP3/qcilGc0wIJZ4uNorLWHURo
xGcQ2V81xwptSXwVvGq6lWq0tLoxCMn5iBCyJvAIOtbPz6G8QOee5SGg3uuPxdsZ
0OEOpktb3wCvv8uFDEMKPWS82jdLK/1NtwxzjS6HHOVxMWBmRQYlt6CKGSPibpsU
pP8mXYBCGcAS459MLmFqGGWxgQ160J+tGAoVnF/50O2U/jv+KnJRVVsBaYYrx6mK
DKAy1TYKtHtUk3r9JA0/PvJqcm9Hsg15p+YZzD18A0mwv6ioP6PzJBgocZOw3F2U
N7t+7z0l9kIuNfBwDZSLY8qvn9+DTiQ+ntQ3d2Y0r9Uo5EcGCubNmbPwIQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMgEIvyZmQWL2PSp695bPEtwkVJbMB8GA1UdIwQY
MBaAFHKSImVn2nLdhog8rdXz3m/9WzVzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3BJaVpXZmFjdDJHaUR5dDFmUGViXzFiTlhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC80ZWMyMTctZThkNy00ZTgwLTg3Y2Qt
MDM5ZGU3ODRkOTQxLzEveUFRaV9KbVpCWXZZOUtucjNsczhTM0NSVWxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC80ZWMyMTctZThkNy00ZTgwLTg3Y2QtMDM5ZGU3ODRkOTQx
LzEvY3BJaVpXZmFjdDJHaUR5dDFmUGViXzFiTlhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLXXoAwQA
sHfZMA0EAgACMAcDBQAqB5NAMA0GCSqGSIb3DQEBCwUAA4IBAQDBcAs+GUKOboNr
/VQaVjkxj9x8WiBthEkcg0UcV3yQq0WPdag+bu9RzbZzF8mWMLwwswtAc9coLYjw
YoGEeVEDJySkblitiyvbotsbVcPhcvYfX38jtB35qWbig2UWlA9WK8ZDOsUQ8B5c
I15MGnn6hN0rmcWgD/uJ5gE0sffEbr5Txr8HAj+q8ZgHDMAYGPPksF/0lZh1I32D
0yles00PsbTqpf+qKRhQ4wp2mXZT20Ny966dFOAGjQqpnJLc+y5SxGhHV2MrXXBL
0Yk4tJk9KRuHntZ7OrkBe26kphGBaECxpiVyVWdR50Bllu8/ERxgHgMoulcqY2np
iaQBgJNH
-----END CERTIFICATE-----
Generated at Wed Jun 26 02:53:08 2024 by rpki-client on console-ams.rpki-client.org