Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/688425-14cb-4fd6-8f27-deccfa3ea635/1/YAKZAlEPmn3HgjBAUhLRTlZy24M.roa
File: YAKZAlEPmn3HgjBAUhLRTlZy24M.roa (raw, json)
Hash identifier: ugHREqlEUc7qPe94KQxypKKC4AYGcunT9t0dH00wL7c=
Subject key identifier: 60:02:99:02:51:0F:9A:7D:C7:82:30:40:52:12:D1:4E:56:72:DB:83
Certificate issuer: /CN=33ea08efa9b3f78c9ef9db767adc21dd61834e0f
Certificate serial: 018CC26CF7E199C0DF2BC8C8BC8A165AC457
Authority key identifier: 33:EA:08:EF:A9:B3:F7:8C:9E:F9:DB:76:7A:DC:21:DD:61:83:4E:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M-oI76mz94ye-dt2etwh3WGDTg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/688425-14cb-4fd6-8f27-deccfa3ea635/1/YAKZAlEPmn3HgjBAUhLRTlZy24M.roa
Signing time: Mon 01 Jan 2024 00:29:30 +0000
ROA not before: Mon 01 Jan 2024 00:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198944
IP address blocks: 185.247.100.0/22 maxlen: 22
185.82.228.0/22 maxlen: 22
81.161.96.0/23 maxlen: 23
185.137.112.0/23 maxlen: 23
185.137.114.0/23 maxlen: 23
2a03:6960::/32 maxlen: 32
2001:67c:2a68::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/688425-14cb-4fd6-8f27-deccfa3ea635/1/M-oI76mz94ye-dt2etwh3WGDTg8.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/688425-14cb-4fd6-8f27-deccfa3ea635/1/M-oI76mz94ye-dt2etwh3WGDTg8.mft
rsync://rpki.ripe.net/repository/DEFAULT/M-oI76mz94ye-dt2etwh3WGDTg8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:f7:e1:99:c0:df:2b:c8:c8:bc:8a:16:5a:c4:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33ea08efa9b3f78c9ef9db767adc21dd61834e0f
Validity
Not Before: Jan 1 00:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60029902510f9a7dc78230405212d14e5672db83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:19:eb:a3:73:bc:11:44:09:14:8b:10:7f:6d:
22:df:38:59:d7:36:d9:90:85:b3:89:e5:c9:04:34:
1e:36:65:ff:f2:9a:0e:55:13:1b:ed:75:a9:33:9c:
05:9d:48:5e:91:02:2b:77:1a:89:2b:a0:4c:ec:69:
ca:0a:32:30:fd:ee:37:d1:f4:63:76:f8:fb:5a:27:
e0:de:a2:53:c0:27:aa:e9:f5:7b:40:9b:0e:c4:bf:
1b:79:23:68:f3:8d:bf:46:c7:fe:5a:32:31:a7:80:
50:b9:1c:3c:4c:17:a3:df:fa:10:f6:b7:d4:17:4d:
5d:2b:1a:60:79:fe:b4:b1:c0:7c:56:9c:bb:a6:21:
41:d9:b6:22:2e:ac:38:fc:45:1c:2c:9c:6d:17:a7:
fe:93:c4:37:4a:32:4e:e2:d1:ef:da:7f:f7:c6:0f:
c7:0b:2b:0b:ed:bb:3a:96:8e:d1:86:58:0b:af:2c:
03:59:40:62:f3:7c:21:61:a4:20:80:09:05:b5:12:
df:9c:89:5c:13:72:77:19:9e:44:e5:db:34:d3:2f:
e9:c1:16:a6:2e:26:39:25:dd:29:78:4f:65:dd:a2:
2a:45:65:05:c4:e4:32:5b:ff:5c:cc:4b:96:39:e4:
32:65:1b:22:72:a4:11:32:fc:c3:4b:b3:b2:59:c8:
6c:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:02:99:02:51:0F:9A:7D:C7:82:30:40:52:12:D1:4E:56:72:DB:83
X509v3 Authority Key Identifier:
keyid:33:EA:08:EF:A9:B3:F7:8C:9E:F9:DB:76:7A:DC:21:DD:61:83:4E:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M-oI76mz94ye-dt2etwh3WGDTg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/688425-14cb-4fd6-8f27-deccfa3ea635/1/YAKZAlEPmn3HgjBAUhLRTlZy24M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/688425-14cb-4fd6-8f27-deccfa3ea635/1/M-oI76mz94ye-dt2etwh3WGDTg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.96.0/23
185.82.228.0/22
185.137.112.0/22
185.247.100.0/22
IPv6:
2001:67c:2a68::/48
2a03:6960::/32
Signature Algorithm: sha256WithRSAEncryption
8c:ce:b7:fa:0b:8d:29:c2:9f:39:57:3d:63:1b:f7:94:9d:b7:
9b:68:ab:75:30:55:3c:c2:54:df:fb:ba:30:d1:a5:85:ac:66:
e4:18:c9:31:c0:f5:e2:4a:59:0b:d7:52:1a:ea:b4:db:01:60:
7b:ad:5e:a7:d7:c5:f4:43:99:54:b2:d3:1d:6f:6c:1b:7c:9d:
02:5d:4c:c5:29:50:1a:68:15:f4:36:21:75:9a:24:54:26:4b:
86:5f:2d:a7:ae:40:11:9b:2f:b8:43:f1:77:fb:35:3b:e8:a2:
ae:6f:18:3e:5e:c6:7c:3c:98:1a:24:f0:72:83:45:69:6b:7c:
65:52:15:f1:ca:2b:5e:d8:8f:f7:97:9c:97:ad:1d:f9:60:ce:
45:7d:97:4e:d3:12:62:54:41:7c:1a:0d:8f:82:79:75:27:00:
8e:11:2e:e1:90:b0:fa:6c:1a:05:21:1c:44:23:7d:0d:98:88:
ec:50:61:0b:22:1e:4c:32:73:7c:39:f5:3a:6d:85:0d:1b:05:
e0:2d:06:1f:c2:c1:c0:3c:97:65:ec:5e:35:19:bc:59:3a:24:
fe:8c:c1:88:51:b2:2b:a3:db:bf:0d:7b:c4:d5:bd:1f:09:7e:
1a:76:08:32:a3:8c:dc:79:13:9d:16:54:91:62:90:a3:f7:92:
5c:7f:4e:9b
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzCbPfhmcDfK8jIvIoWWsRXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzZWEwOGVmYTliM2Y3OGM5ZWY5ZGI3NjdhZGMyMWRkNjE4
MzRlMGYwHhcNMjQwMTAxMDAyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDAyOTkwMjUxMGY5YTdkYzc4MjMwNDA1MjEyZDE0ZTU2NzJkYjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixnro3O8EUQJFIsQf20i3zhZ1zbZ
kIWzieXJBDQeNmX/8poOVRMb7XWpM5wFnUhekQIrdxqJK6BM7GnKCjIw/e430fRj
dvj7Wifg3qJTwCeq6fV7QJsOxL8beSNo842/Rsf+WjIxp4BQuRw8TBej3/oQ9rfU
F01dKxpgef60scB8Vpy7piFB2bYiLqw4/EUcLJxtF6f+k8Q3SjJO4tHv2n/3xg/H
CysL7bs6lo7RhlgLrywDWUBi83whYaQggAkFtRLfnIlcE3J3GZ5E5ds00y/pwRam
LiY5Jd0peE9l3aIqRWUFxOQyW/9czEuWOeQyZRsicqQRMvzDS7OyWchsBwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFGACmQJRD5p9x4IwQFIS0U5WctuDMB8GA1UdIwQY
MBaAFDPqCO+ps/eMnvnbdnrcId1hg04PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTS1vSTc2bXo5NHllLWR0MmV0d2gzV0dEVGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82ODg0MjUtMTRjYi00ZmQ2LThmMjct
ZGVjY2ZhM2VhNjM1LzEvWUFLWkFsRVBtbjNIZ2pCQVVoTFJUbFp5MjRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82ODg0MjUtMTRjYi00ZmQ2LThmMjctZGVjY2ZhM2VhNjM1
LzEvTS1vSTc2bXo5NHllLWR0MmV0d2gzV0dEVGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAeBAIAATAYAwQBUaFgAwQC
uVLkAwQCuYlwAwQCufdkMBYEAgACMBADBwAgAQZ8KmgDBQAqA2lgMA0GCSqGSIb3
DQEBCwUAA4IBAQCMzrf6C40pwp85Vz1jG/eUnbebaKt1MFU8wlTf+7ow0aWFrGbk
GMkxwPXiSlkL11Ia6rTbAWB7rV6n18X0Q5lUstMdb2wbfJ0CXUzFKVAaaBX0NiF1
miRUJkuGXy2nrkARmy+4Q/F3+zU76KKubxg+XsZ8PJgaJPByg0Vpa3xlUhXxyite
2I/3l5yXrR35YM5FfZdO0xJiVEF8Gg2Pgnl1JwCOES7hkLD6bBoFIRxEI30NmIjs
UGELIh5MMnN8OfU6bYUNGwXgLQYfwsHAPJdl7F41GbxZOiT+jMGIUbIro9u/DXvE
1b0fCX4adggyo4zceROdFlSRYpCj95Jcf06b
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:19:59 2024 by rpki-client on console-ams.rpki-client.org