Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/86c539-621e-4460-a067-e0dc18e88229/1/YRHPXYS0ohCmsejB9ndck-2LSmc.roa
File: YRHPXYS0ohCmsejB9ndck-2LSmc.roa (raw, json)
Hash identifier: mBqwPWHHmrHhUo8UcoaOLcrxysMWXRMY3w+iiR+UePM=
Subject key identifier: 61:11:CF:5D:84:B4:A2:10:A6:B1:E8:C1:F6:77:5C:93:ED:8B:4A:67
Certificate issuer: /CN=a2916527fd91e9b3cf8e062bce06df5cbd4c4b1a
Certificate serial: 018CC72574C6FEEAD8B7EEE968F54039BD10
Authority key identifier: A2:91:65:27:FD:91:E9:B3:CF:8E:06:2B:CE:06:DF:5C:BD:4C:4B:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/opFlJ_2R6bPPjgYrzgbfXL1MSxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/86c539-621e-4460-a067-e0dc18e88229/1/YRHPXYS0ohCmsejB9ndck-2LSmc.roa
Signing time: Mon 01 Jan 2024 22:29:29 +0000
ROA not before: Mon 01 Jan 2024 22:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 37002
IP address blocks: 185.165.34.0/24 maxlen: 24
185.165.35.0/24 maxlen: 24
185.165.32.0/22 maxlen: 24
185.165.32.0/24 maxlen: 24
185.165.33.0/24 maxlen: 24
2a0b:dc00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/86c539-621e-4460-a067-e0dc18e88229/1/opFlJ_2R6bPPjgYrzgbfXL1MSxo.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/86c539-621e-4460-a067-e0dc18e88229/1/opFlJ_2R6bPPjgYrzgbfXL1MSxo.mft
rsync://rpki.ripe.net/repository/DEFAULT/opFlJ_2R6bPPjgYrzgbfXL1MSxo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:74:c6:fe:ea:d8:b7:ee:e9:68:f5:40:39:bd:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2916527fd91e9b3cf8e062bce06df5cbd4c4b1a
Validity
Not Before: Jan 1 22:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6111cf5d84b4a210a6b1e8c1f6775c93ed8b4a67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:7f:d5:60:fd:c9:43:14:6e:99:04:65:da:df:
87:e5:d1:83:4c:f7:43:a6:77:1d:71:4a:01:39:6d:
f3:08:4d:ee:8d:89:be:64:2f:c0:f9:85:de:b0:e6:
4f:6c:59:28:c7:74:9c:cd:53:50:d9:92:e7:fc:25:
de:3f:da:3c:d7:03:ef:14:fe:78:06:ee:eb:e7:4b:
21:d1:ab:c5:af:e2:2d:df:a4:5e:19:3a:a1:63:14:
45:3d:6d:e2:8f:5c:e4:66:aa:0b:d6:64:0a:c1:33:
47:00:e7:80:0a:51:b3:17:15:21:f1:7d:28:bf:63:
94:a3:71:c8:db:cc:a3:30:67:ba:77:7b:d1:f0:ad:
78:ff:74:bf:24:af:e3:45:0f:ec:5d:48:6b:f7:bd:
d7:e3:b5:8a:a1:1d:47:ad:15:f4:be:d1:b4:78:b0:
3d:44:97:0e:20:df:06:e7:8c:ad:99:30:3e:11:02:
d3:3c:23:b1:d4:30:e1:f9:a1:33:53:b6:49:63:02:
6f:aa:ab:68:af:3b:75:84:fa:10:3f:21:02:63:87:
4b:81:5d:d1:27:b6:a7:02:be:5e:9b:1a:a9:65:48:
8e:7d:1b:6f:61:07:09:c5:e2:44:2d:cc:56:49:a7:
b1:ff:6b:11:0b:ce:95:91:93:a4:26:7c:0d:9c:fa:
26:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:11:CF:5D:84:B4:A2:10:A6:B1:E8:C1:F6:77:5C:93:ED:8B:4A:67
X509v3 Authority Key Identifier:
keyid:A2:91:65:27:FD:91:E9:B3:CF:8E:06:2B:CE:06:DF:5C:BD:4C:4B:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/opFlJ_2R6bPPjgYrzgbfXL1MSxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86c539-621e-4460-a067-e0dc18e88229/1/YRHPXYS0ohCmsejB9ndck-2LSmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86c539-621e-4460-a067-e0dc18e88229/1/opFlJ_2R6bPPjgYrzgbfXL1MSxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.32.0/22
IPv6:
2a0b:dc00::/29
Signature Algorithm: sha256WithRSAEncryption
bd:9e:a9:9f:e3:82:0d:c7:f6:71:51:84:d8:50:70:cc:1e:0d:
c4:9f:ec:42:7c:4c:fd:d0:79:ea:f9:52:bf:59:a4:9a:29:b5:
39:35:d3:2c:32:bb:5f:47:ef:4d:c3:4b:3c:c9:95:1f:e5:0f:
fa:d0:1d:bc:53:9d:fc:0e:aa:62:1f:37:4c:e1:77:a5:7c:2b:
e0:11:86:d4:cd:a1:48:78:20:b2:52:49:46:fc:f3:68:2e:da:
2e:d8:04:48:90:36:ff:03:8e:92:67:7a:60:4f:3d:05:0f:4e:
ac:0d:32:36:f6:fc:ce:6a:c5:f2:27:2d:de:80:f0:1e:a0:dd:
ab:1c:ef:c7:6a:0c:41:98:15:93:73:d8:65:9b:f0:5b:de:80:
2c:bd:56:26:cc:da:25:10:53:dc:41:6c:b7:01:d8:e0:8d:95:
26:93:cc:57:80:27:dc:17:bb:b1:5a:68:75:ac:65:ad:78:97:
d5:6e:9d:9a:79:ef:9e:36:90:4a:53:21:e6:41:fa:e1:9c:cf:
98:16:95:e6:19:aa:58:45:86:e2:e8:57:02:e3:2b:a0:34:b7:
60:91:1f:e5:58:42:e6:01:f0:7e:e5:5f:f6:73:cc:3a:4d:a4:
4c:15:ea:fe:80:e0:a6:93:0a:54:a5:7e:0f:95:38:27:e3:df:
c4:e1:3f:f5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHJXTG/urYt+7paPVAOb0QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyOTE2NTI3ZmQ5MWU5YjNjZjhlMDYyYmNlMDZkZjVjYmQ0
YzRiMWEwHhcNMjQwMTAxMjIyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTExY2Y1ZDg0YjRhMjEwYTZiMWU4YzFmNjc3NWM5M2VkOGI0YTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqH/VYP3JQxRumQRl2t+H5dGDTPdD
pncdcUoBOW3zCE3ujYm+ZC/A+YXesOZPbFkox3SczVNQ2ZLn/CXeP9o81wPvFP54
Bu7r50sh0avFr+It36ReGTqhYxRFPW3ij1zkZqoL1mQKwTNHAOeAClGzFxUh8X0o
v2OUo3HI28yjMGe6d3vR8K14/3S/JK/jRQ/sXUhr973X47WKoR1HrRX0vtG0eLA9
RJcOIN8G54ytmTA+EQLTPCOx1DDh+aEzU7ZJYwJvqqtorzt1hPoQPyECY4dLgV3R
J7anAr5emxqpZUiOfRtvYQcJxeJELcxWSaex/2sRC86VkZOkJnwNnPomhwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGERz12EtKIQprHowfZ3XJPti0pnMB8GA1UdIwQY
MBaAFKKRZSf9kemzz44GK84G31y9TEsaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3BGbEpfMlI2YlBQamdZcnpnYmZYTDFNU3hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi84NmM1MzktNjIxZS00NDYwLWEwNjct
ZTBkYzE4ZTg4MjI5LzEvWVJIUFhZUzBvaENtc2VqQjluZGNrLTJMU21jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi84NmM1MzktNjIxZS00NDYwLWEwNjctZTBkYzE4ZTg4MjI5
LzEvb3BGbEpfMlI2YlBQamdZcnpnYmZYTDFNU3hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaUgMA0E
AgACMAcDBQMqC9wAMA0GCSqGSIb3DQEBCwUAA4IBAQC9nqmf44INx/ZxUYTYUHDM
Hg3En+xCfEz90Hnq+VK/WaSaKbU5NdMsMrtfR+9Nw0s8yZUf5Q/60B28U538Dqpi
HzdM4XelfCvgEYbUzaFIeCCyUklG/PNoLtou2ARIkDb/A46SZ3pgTz0FD06sDTI2
9vzOasXyJy3egPAeoN2rHO/HagxBmBWTc9hlm/Bb3oAsvVYmzNolEFPcQWy3Adjg
jZUmk8xXgCfcF7uxWmh1rGWteJfVbp2aee+eNpBKUyHmQfrhnM+YFpXmGapYRYbi
6FcC4yugNLdgkR/lWELmAfB+5V/2c8w6TaRMFer+gOCmkwpUpX4PlTgn49/E4T/1
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:46:44 2024 by rpki-client on console-ams.rpki-client.org