Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/y1KZ2UZBEU7zZpHmYn8E3FpCaPM.roa
File: y1KZ2UZBEU7zZpHmYn8E3FpCaPM.roa (raw, json)
Hash identifier: Zty8cRKHtijK19wTvoU9pOzhQrG5mTCQAxIvthJQpY0=
Subject key identifier: CB:52:99:D9:46:41:11:4E:F3:66:91:E6:62:7F:04:DC:5A:42:68:F3
Certificate issuer: /CN=2588b1b560f998eccd3a6eff40543b59204d67b8
Certificate serial: 018EC2DC63E8A7B5CEA23D1E98E1B57B3209
Authority key identifier: 25:88:B1:B5:60:F9:98:EC:CD:3A:6E:FF:40:54:3B:59:20:4D:67:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JYixtWD5mOzNOm7_QFQ7WSBNZ7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/y1KZ2UZBEU7zZpHmYn8E3FpCaPM.roa
Signing time: Tue 09 Apr 2024 12:36:47 +0000
ROA not before: Tue 09 Apr 2024 12:36:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198013
IP address blocks: 94.185.96.0/19 maxlen: 19
94.185.97.0/24 maxlen: 24
94.185.98.0/24 maxlen: 24
94.185.99.0/24 maxlen: 24
94.185.100.0/24 maxlen: 24
94.185.101.0/24 maxlen: 24
94.185.102.0/24 maxlen: 24
94.185.103.0/24 maxlen: 24
94.185.104.0/22 maxlen: 22
94.185.104.0/24 maxlen: 24
94.185.105.0/24 maxlen: 24
94.185.106.0/24 maxlen: 24
94.185.107.0/24 maxlen: 24
94.185.108.0/24 maxlen: 24
94.185.109.0/24 maxlen: 24
94.185.110.0/24 maxlen: 24
94.185.112.0/24 maxlen: 24
94.185.113.0/24 maxlen: 24
94.185.116.0/24 maxlen: 24
94.185.123.0/24 maxlen: 24
2a03:4580::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/JYixtWD5mOzNOm7_QFQ7WSBNZ7g.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/JYixtWD5mOzNOm7_QFQ7WSBNZ7g.mft
rsync://rpki.ripe.net/repository/DEFAULT/JYixtWD5mOzNOm7_QFQ7WSBNZ7g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c2:dc:63:e8:a7:b5:ce:a2:3d:1e:98:e1:b5:7b:32:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2588b1b560f998eccd3a6eff40543b59204d67b8
Validity
Not Before: Apr 9 12:36:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb5299d94641114ef36691e6627f04dc5a4268f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ad:d5:a3:20:fe:bf:1d:3e:06:b4:db:c7:44:
5a:ae:69:90:fe:8e:fa:f9:2c:a2:35:32:bb:03:d2:
83:93:be:d3:eb:64:79:bb:da:eb:0a:5e:14:48:fe:
b2:b3:2b:a4:60:59:3c:dc:f4:38:91:2d:44:74:3f:
71:58:bb:ff:95:09:73:ce:3d:16:57:71:3a:2f:f0:
8f:34:c6:f4:5d:e5:0d:be:2d:d2:cf:46:be:ef:c2:
64:a0:78:23:4e:c0:e3:a0:2d:e5:d1:92:82:f1:fd:
ce:12:ad:71:18:c5:1f:6c:f5:9b:ae:1d:05:47:61:
28:7a:06:1d:8b:8f:41:9e:f2:35:db:d2:4a:9a:8e:
32:57:53:35:63:05:50:86:4a:fc:09:ed:52:1a:2f:
4c:cb:2e:58:65:28:58:d3:27:d0:11:5b:2c:e1:8d:
e1:74:50:80:e8:38:30:0c:f7:e7:c3:e2:82:11:9a:
0a:40:5a:a1:bf:7a:4f:75:67:d0:4e:4c:98:33:c7:
69:82:bc:f3:88:10:27:4e:b2:a4:89:21:89:73:ab:
a3:21:93:96:0b:02:19:d5:88:17:43:81:f2:c7:4d:
4a:68:6f:bb:c6:72:2b:cd:c7:04:cf:01:1e:95:40:
87:96:91:fe:6b:b9:fc:3a:4a:57:82:15:ad:d8:81:
e3:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:52:99:D9:46:41:11:4E:F3:66:91:E6:62:7F:04:DC:5A:42:68:F3
X509v3 Authority Key Identifier:
keyid:25:88:B1:B5:60:F9:98:EC:CD:3A:6E:FF:40:54:3B:59:20:4D:67:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JYixtWD5mOzNOm7_QFQ7WSBNZ7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/y1KZ2UZBEU7zZpHmYn8E3FpCaPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/JYixtWD5mOzNOm7_QFQ7WSBNZ7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.185.96.0/19
IPv6:
2a03:4580::/32
Signature Algorithm: sha256WithRSAEncryption
14:ef:c9:e6:b3:e2:79:e1:22:a1:a9:9e:10:01:eb:bf:71:c0:
0e:1e:b7:0b:55:9a:b3:be:39:df:ed:86:a0:22:7c:c0:9b:11:
3c:31:91:46:8a:7d:2d:84:ac:1d:a1:a7:66:82:7a:b3:96:56:
58:72:04:19:48:4e:d2:16:67:f8:7a:65:50:e7:59:17:1f:f9:
24:12:fa:76:e8:f3:1f:dc:80:31:39:37:5b:a0:b5:6f:59:5d:
21:d4:f4:52:06:f6:36:52:bb:84:56:b6:e7:6f:cc:b8:a3:c4:
15:4f:fa:e4:ac:e4:23:17:4b:65:5a:41:54:48:63:68:7f:68:
a8:af:cb:a0:7f:a3:3b:5f:57:b4:36:0f:3b:77:73:3f:44:41:
50:5c:18:27:c9:ec:9c:18:b0:82:8a:ec:8d:36:4f:6f:cb:59:
fc:9b:75:0e:25:07:2d:84:37:78:e4:c3:8f:14:04:64:1d:20:
55:ad:38:97:c4:0e:0f:8b:81:e6:85:a2:d3:c2:39:d4:ce:f5:
bf:c1:6e:45:78:1e:d8:98:bf:51:39:27:cc:5d:df:53:c6:56:
fc:f1:4e:30:b1:43:26:94:c3:1a:6b:69:93:d9:fd:fe:46:26:
18:30:d0:5f:1b:66:f9:29:e7:87:38:c7:25:6e:6b:ba:2f:fc:
67:70:b8:c6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY7C3GPop7XOoj0emOG1ezIJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ODhiMWI1NjBmOTk4ZWNjZDNhNmVmZjQwNTQzYjU5MjA0
ZDY3YjgwHhcNMjQwNDA5MTIzNjQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjUyOTlkOTQ2NDExMTRlZjM2NjkxZTY2MjdmMDRkYzVhNDI2OGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwK3VoyD+vx0+BrTbx0RarmmQ/o76
+SyiNTK7A9KDk77T62R5u9rrCl4USP6ysyukYFk83PQ4kS1EdD9xWLv/lQlzzj0W
V3E6L/CPNMb0XeUNvi3Sz0a+78JkoHgjTsDjoC3l0ZKC8f3OEq1xGMUfbPWbrh0F
R2EoegYdi49BnvI129JKmo4yV1M1YwVQhkr8Ce1SGi9Myy5YZShY0yfQEVss4Y3h
dFCA6DgwDPfnw+KCEZoKQFqhv3pPdWfQTkyYM8dpgrzziBAnTrKkiSGJc6ujIZOW
CwIZ1YgXQ4Hyx01KaG+7xnIrzccEzwEelUCHlpH+a7n8OkpXghWt2IHjKQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMtSmdlGQRFO82aR5mJ/BNxaQmjzMB8GA1UdIwQY
MBaAFCWIsbVg+ZjszTpu/0BUO1kgTWe4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSllpeHRXRDVtT3pOT203X1FGUTdXU0JOWjdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8xOGQ2ZDUtNmM4Ni00MmMxLTg0ZjEt
OTlhMDE4OTg4OGI1LzEveTFLWjJVWkJFVTd6WnBIbVluOEUzRnBDYVBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8xOGQ2ZDUtNmM4Ni00MmMxLTg0ZjEtOTlhMDE4OTg4OGI1
LzEvSllpeHRXRDVtT3pOT203X1FGUTdXU0JOWjdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFXrlgMA0E
AgACMAcDBQAqA0WAMA0GCSqGSIb3DQEBCwUAA4IBAQAU78nms+J54SKhqZ4QAeu/
ccAOHrcLVZqzvjnf7YagInzAmxE8MZFGin0thKwdoadmgnqzllZYcgQZSE7SFmf4
emVQ51kXH/kkEvp26PMf3IAxOTdboLVvWV0h1PRSBvY2UruEVrbnb8y4o8QVT/rk
rOQjF0tlWkFUSGNof2ior8ugf6M7X1e0Ng87d3M/REFQXBgnyeycGLCCiuyNNk9v
y1n8m3UOJQcthDd45MOPFARkHSBVrTiXxA4Pi4HmhaLTwjnUzvW/wW5FeB7YmL9R
OSfMXd9Txlb88U4wsUMmlMMaa2mT2f3+RiYYMNBfG2b5KeeHOMclbmu6L/xncLjG
-----END CERTIFICATE-----
Generated at Sat Jun 1 18:45:59 2024 by rpki-client on console-fra.rpki-client.org