Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/yp4Aaee4CkXQq6i1ISJ9NOw-YqU.roa
File: yp4Aaee4CkXQq6i1ISJ9NOw-YqU.roa (raw, json)
Hash identifier: CvZygV9izRAniDR5eTdKs0kVM2mtX3Q1jfeBcO2bQSo=
Subject key identifier: CA:9E:00:69:E7:B8:0A:45:D0:AB:A8:B5:21:22:7D:34:EC:3E:62:A5
Certificate issuer: /CN=3474210c28413e26284822abe83ad6d7c0f764fa
Certificate serial: 018CC500E6C31EF59744A0ECEBAB0C1E17E6
Authority key identifier: 34:74:21:0C:28:41:3E:26:28:48:22:AB:E8:3A:D6:D7:C0:F7:64:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/yp4Aaee4CkXQq6i1ISJ9NOw-YqU.roa
Signing time: Mon 01 Jan 2024 12:30:19 +0000
ROA not before: Mon 01 Jan 2024 12:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47557
IP address blocks: 185.68.44.0/24 maxlen: 24
185.68.46.0/24 maxlen: 24
185.68.45.0/24 maxlen: 24
91.206.20.0/24 maxlen: 24
2a07:c880::/29 maxlen: 29
2a07:c883::/32 maxlen: 32
2a07:c881::/32 maxlen: 32
2a07:c882::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/NHQhDChBPiYoSCKr6DrW18D3ZPo.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/NHQhDChBPiYoSCKr6DrW18D3ZPo.mft
rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:e6:c3:1e:f5:97:44:a0:ec:eb:ab:0c:1e:17:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3474210c28413e26284822abe83ad6d7c0f764fa
Validity
Not Before: Jan 1 12:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca9e0069e7b80a45d0aba8b521227d34ec3e62a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f9:5b:66:3d:56:d1:71:5f:30:37:49:5d:e2:
83:c5:b5:40:88:cb:38:93:16:f1:99:93:d7:16:65:
57:50:28:06:16:59:c3:32:2e:b3:6b:53:74:41:26:
8a:83:c2:d4:22:9f:71:53:4f:60:e4:10:cf:d9:9f:
15:2a:9d:b5:89:96:a3:56:1d:0e:15:62:51:2d:60:
44:b3:7f:8e:32:83:32:3c:1c:ba:d5:07:49:38:7c:
e4:85:f0:73:20:2c:58:80:2e:f2:1f:3e:20:ab:a6:
2e:1b:93:8d:46:92:12:5a:0a:41:01:7d:e6:98:f4:
a2:ef:e2:a3:7e:98:ac:0e:8d:51:d1:2a:00:ba:12:
2d:0e:39:4e:d6:3e:17:41:b7:b8:b2:13:4e:60:0d:
61:22:a1:27:04:f8:88:da:25:b0:5a:4f:83:1e:83:
c1:85:80:58:1f:51:d2:67:e1:c4:ac:e0:a0:f0:b1:
ce:1e:06:ae:f8:ef:e2:bb:b6:d2:ca:9a:93:a0:58:
9c:87:42:67:45:b7:db:55:4c:92:0f:68:9e:d2:2d:
07:6a:e5:b0:ee:91:77:0d:16:27:aa:41:d8:b2:d1:
73:a5:90:d1:ed:1d:3a:1b:a9:be:83:3e:fe:bd:45:
28:12:de:eb:a5:72:9b:d2:bf:06:44:be:f3:54:c1:
87:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:9E:00:69:E7:B8:0A:45:D0:AB:A8:B5:21:22:7D:34:EC:3E:62:A5
X509v3 Authority Key Identifier:
keyid:34:74:21:0C:28:41:3E:26:28:48:22:AB:E8:3A:D6:D7:C0:F7:64:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/yp4Aaee4CkXQq6i1ISJ9NOw-YqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/NHQhDChBPiYoSCKr6DrW18D3ZPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.20.0/24
185.68.44.0-185.68.46.255
IPv6:
2a07:c880::/29
Signature Algorithm: sha256WithRSAEncryption
c9:bd:d1:90:bc:f0:a6:df:47:34:e6:5e:f0:c9:84:4f:bc:f3:
21:c6:e4:5b:ca:01:c7:c9:7d:0d:20:77:be:44:f5:e8:a4:c1:
ac:11:ff:af:3b:51:82:80:61:2d:5e:f0:49:80:9b:40:df:4d:
d9:4d:44:b3:b5:f4:07:80:ec:a5:85:d4:af:33:47:08:3e:2c:
a7:ab:63:79:6f:7e:f5:27:bd:41:bb:bc:48:7a:72:a3:84:e1:
10:90:f9:79:04:ea:e1:ff:a9:a6:a2:94:ed:4c:ea:aa:f3:b1:
5d:c9:b8:ed:9b:c1:d3:75:49:12:a2:44:fc:4e:6e:ac:84:fd:
7f:1f:e1:8f:99:48:1d:f9:98:8c:d9:0f:1b:28:5f:c0:88:d3:
27:91:bb:3e:9c:7a:f9:55:ff:2f:cc:d0:6f:44:64:e1:e1:dd:
15:aa:4d:d3:c9:fe:a3:95:fe:9f:4f:06:dc:d3:8f:52:02:38:
1d:c3:ff:6f:70:e0:ca:f2:35:04:b2:e4:15:97:31:81:1d:b0:
96:76:72:ad:88:04:dc:bd:65:7c:fa:8f:70:47:86:ba:4b:d1:
7f:48:63:3a:86:a0:43:b3:ca:56:f1:e8:1a:b1:e0:ee:fc:2a:
88:1e:ca:a1:79:5d:b2:32:d1:d3:05:b8:8b:e8:b8:c7:68:7f:
b4:cc:88:c3
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzFAObDHvWXRKDs66sMHhfmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NzQyMTBjMjg0MTNlMjYyODQ4MjJhYmU4M2FkNmQ3YzBm
NzY0ZmEwHhcNMjQwMTAxMTIzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTllMDA2OWU3YjgwYTQ1ZDBhYmE4YjUyMTIyN2QzNGVjM2U2MmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuflbZj1W0XFfMDdJXeKDxbVAiMs4
kxbxmZPXFmVXUCgGFlnDMi6za1N0QSaKg8LUIp9xU09g5BDP2Z8VKp21iZajVh0O
FWJRLWBEs3+OMoMyPBy61QdJOHzkhfBzICxYgC7yHz4gq6YuG5ONRpISWgpBAX3m
mPSi7+KjfpisDo1R0SoAuhItDjlO1j4XQbe4shNOYA1hIqEnBPiI2iWwWk+DHoPB
hYBYH1HSZ+HErOCg8LHOHgau+O/iu7bSypqToFich0JnRbfbVUySD2ie0i0HauWw
7pF3DRYnqkHYstFzpZDR7R06G6m+gz7+vUUoEt7rpXKb0r8GRL7zVMGHPwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFMqeAGnnuApF0KuotSEifTTsPmKlMB8GA1UdIwQY
MBaAFDR0IQwoQT4mKEgiq+g61tfA92T6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkhRaERDaEJQaVlvU0NLcjZEclcxOEQzWlBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8zZTk5MTYtNGY4YS00YjA4LTg5Yzkt
YjBjNzRiNzZlMTgyLzEveXA0QWFlZTRDa1hRcTZpMUlTSjlOT3ctWXFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8zZTk5MTYtNGY4YS00YjA4LTg5YzktYjBjNzRiNzZlMTgy
LzEvTkhRaERDaEJQaVlvU0NLcjZEclcxOEQzWlBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQAW84UMAwD
BAK5RCwDBAC5RC4wDQQCAAIwBwMFAyoHyIAwDQYJKoZIhvcNAQELBQADggEBAMm9
0ZC88KbfRzTmXvDJhE+88yHG5FvKAcfJfQ0gd75E9eikwawR/687UYKAYS1e8EmA
m0DfTdlNRLO19AeA7KWF1K8zRwg+LKerY3lvfvUnvUG7vEh6cqOE4RCQ+XkE6uH/
qaailO1M6qrzsV3JuO2bwdN1SRKiRPxObqyE/X8f4Y+ZSB35mIzZDxsoX8CI0yeR
uz6cevlV/y/M0G9EZOHh3RWqTdPJ/qOV/p9PBtzTj1ICOB3D/29w4MryNQSy5BWX
MYEdsJZ2cq2IBNy9ZXz6j3BHhrpL0X9IYzqGoEOzylbx6Bqx4O78KogeyqF5XbIy
0dMFuIvouMdof7TMiMM=
-----END CERTIFICATE-----
Generated at Mon May 20 04:49:45 2024 by rpki-client on console-fra.rpki-client.org