Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/bdbfb0-f914-40d3-b2e2-b913e596707e/1/Y86co8wziacH5CK0Y7sWwN9X67I.roa
File: Y86co8wziacH5CK0Y7sWwN9X67I.roa (raw, json)
Hash identifier: XIi2LtLqpMgVQstmIk3jXNpalKjkBCSP1f9tK5DXczw=
Subject key identifier: 63:CE:9C:A3:CC:33:89:A7:07:E4:22:B4:63:BB:16:C0:DF:57:EB:B2
Certificate issuer: /CN=26a98b6125f5243e3ed835015967cddb97148df1
Certificate serial: 018CC5DBF47036D9063C5CD9EEBF5EF0D1C8
Authority key identifier: 26:A9:8B:61:25:F5:24:3E:3E:D8:35:01:59:67:CD:DB:97:14:8D:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JqmLYSX1JD4-2DUBWWfN25cUjfE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/bdbfb0-f914-40d3-b2e2-b913e596707e/1/Y86co8wziacH5CK0Y7sWwN9X67I.roa
Signing time: Mon 01 Jan 2024 16:29:35 +0000
ROA not before: Mon 01 Jan 2024 16:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59595
IP address blocks: 81.161.16.0/22 maxlen: 22
81.161.20.0/23 maxlen: 23
81.161.24.0/24 maxlen: 24
81.161.22.0/23 maxlen: 23
81.161.30.0/23 maxlen: 23
81.161.25.0/24 maxlen: 24
81.161.28.0/23 maxlen: 23
81.161.26.0/23 maxlen: 23
91.227.210.0/23 maxlen: 23
91.227.210.0/24 maxlen: 24
91.227.211.0/24 maxlen: 24
91.227.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/bdbfb0-f914-40d3-b2e2-b913e596707e/1/JqmLYSX1JD4-2DUBWWfN25cUjfE.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/bdbfb0-f914-40d3-b2e2-b913e596707e/1/JqmLYSX1JD4-2DUBWWfN25cUjfE.mft
rsync://rpki.ripe.net/repository/DEFAULT/JqmLYSX1JD4-2DUBWWfN25cUjfE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:f4:70:36:d9:06:3c:5c:d9:ee:bf:5e:f0:d1:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26a98b6125f5243e3ed835015967cddb97148df1
Validity
Not Before: Jan 1 16:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63ce9ca3cc3389a707e422b463bb16c0df57ebb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:3d:35:f8:71:1b:44:bf:31:6c:21:8f:88:30:
0f:8c:10:72:ef:c7:18:23:0a:c6:be:ec:d6:6f:81:
fd:d8:cf:39:66:4c:45:af:df:34:f2:cd:41:7c:a0:
15:a3:49:fe:49:f2:3c:e0:7f:24:86:5e:ad:c1:54:
8f:1e:ad:8d:55:88:4a:f2:1e:4d:0a:04:9e:fe:20:
a9:64:7e:44:fa:07:7f:2b:8f:9e:6a:e9:31:69:56:
60:f9:84:fa:14:58:de:bd:a1:87:43:b6:0f:7a:0f:
98:67:68:75:08:4f:4a:74:7d:f0:0d:ef:22:88:77:
35:83:ac:03:a7:93:4e:89:65:20:6d:aa:d0:7d:4f:
99:c7:78:78:b2:80:18:c6:a3:05:4f:9f:88:ce:8e:
0a:64:46:2c:46:e8:5e:a9:aa:1e:35:3d:91:57:e7:
d9:e1:b1:57:51:90:07:ce:25:99:8b:28:06:15:75:
fc:65:be:b1:24:92:34:40:65:80:7b:89:be:9f:ab:
17:86:3b:8c:b8:37:43:10:31:d0:1e:58:bf:25:74:
61:0c:1f:24:90:37:86:e4:33:a9:62:9a:da:e4:5f:
7a:c1:86:fd:cb:bf:1b:09:fd:6a:c4:83:d9:2f:59:
08:14:fd:f3:60:8a:ad:04:4d:a3:ee:25:3b:50:0c:
b6:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:CE:9C:A3:CC:33:89:A7:07:E4:22:B4:63:BB:16:C0:DF:57:EB:B2
X509v3 Authority Key Identifier:
keyid:26:A9:8B:61:25:F5:24:3E:3E:D8:35:01:59:67:CD:DB:97:14:8D:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JqmLYSX1JD4-2DUBWWfN25cUjfE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/bdbfb0-f914-40d3-b2e2-b913e596707e/1/Y86co8wziacH5CK0Y7sWwN9X67I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/bdbfb0-f914-40d3-b2e2-b913e596707e/1/JqmLYSX1JD4-2DUBWWfN25cUjfE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.16.0/20
91.227.210.0/23
91.227.228.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:2d:21:ba:ef:c1:18:a0:80:b9:86:6e:3e:23:0d:78:f7:26:
74:dc:57:5f:e7:28:14:fd:6f:37:88:f3:76:88:38:7e:78:77:
7c:da:73:a5:44:6a:85:4c:02:4e:bf:4c:a7:1c:50:2e:ce:49:
83:42:7a:44:61:bd:90:f4:c0:73:28:b2:43:96:e3:d7:ed:47:
29:52:c9:70:27:64:51:f3:a6:a9:14:53:57:8f:d4:da:de:55:
09:ef:41:85:8a:3f:a1:28:7b:6e:3e:d3:12:59:df:60:46:b2:
16:3a:eb:4b:80:b0:45:c8:6c:f0:e9:01:ab:80:1d:56:14:b8:
7e:e9:29:2d:8a:2c:d9:62:77:70:85:7a:05:88:b2:42:74:6e:
09:d9:bc:01:bf:2c:07:30:a9:86:73:96:c4:77:92:9a:ca:23:
25:db:55:8b:36:c4:98:fa:e8:f0:33:67:15:c1:ff:7f:63:a6:
30:e5:2d:3c:0e:5a:47:c4:cf:e1:c2:0b:b1:42:68:70:72:6c:
5e:e9:77:b8:0e:a1:27:aa:97:04:74:1a:d2:54:99:3d:3f:71:
22:3a:5b:1c:47:f8:9b:e8:44:ff:5b:bf:07:f2:2e:51:63:5b:
a7:57:d2:73:24:a5:78:73:c8:d6:22:3c:b3:24:40:6b:01:16:
56:56:95:f3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzF2/RwNtkGPFzZ7r9e8NHIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YTk4YjYxMjVmNTI0M2UzZWQ4MzUwMTU5NjdjZGRiOTcx
NDhkZjEwHhcNMjQwMTAxMTYyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2NlOWNhM2NjMzM4OWE3MDdlNDIyYjQ2M2JiMTZjMGRmNTdlYmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzD01+HEbRL8xbCGPiDAPjBBy78cY
IwrGvuzWb4H92M85ZkxFr9808s1BfKAVo0n+SfI84H8khl6twVSPHq2NVYhK8h5N
CgSe/iCpZH5E+gd/K4+eaukxaVZg+YT6FFjevaGHQ7YPeg+YZ2h1CE9KdH3wDe8i
iHc1g6wDp5NOiWUgbarQfU+Zx3h4soAYxqMFT5+Izo4KZEYsRuheqaoeNT2RV+fZ
4bFXUZAHziWZiygGFXX8Zb6xJJI0QGWAe4m+n6sXhjuMuDdDEDHQHli/JXRhDB8k
kDeG5DOpYpra5F96wYb9y78bCf1qxIPZL1kIFP3zYIqtBE2j7iU7UAy2mwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGPOnKPMM4mnB+QitGO7FsDfV+uyMB8GA1UdIwQY
MBaAFCapi2El9SQ+Ptg1AVlnzduXFI3xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnFtTFlTWDFKRDQtMkRVQldXZk4yNWNVamZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iZGJmYjAtZjkxNC00MGQzLWIyZTIt
YjkxM2U1OTY3MDdlLzEvWTg2Y284d3ppYWNINUNLMFk3c1d3TjlYNjdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9iZGJmYjAtZjkxNC00MGQzLWIyZTItYjkxM2U1OTY3MDdl
LzEvSnFtTFlTWDFKRDQtMkRVQldXZk4yNWNVamZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEUaEQAwQB
W+PSAwQAW+PkMA0GCSqGSIb3DQEBCwUAA4IBAQCKLSG678EYoIC5hm4+Iw149yZ0
3Fdf5ygU/W83iPN2iDh+eHd82nOlRGqFTAJOv0ynHFAuzkmDQnpEYb2Q9MBzKLJD
luPX7UcpUslwJ2RR86apFFNXj9Ta3lUJ70GFij+hKHtuPtMSWd9gRrIWOutLgLBF
yGzw6QGrgB1WFLh+6SktiizZYndwhXoFiLJCdG4J2bwBvywHMKmGc5bEd5KayiMl
21WLNsSY+ujwM2cVwf9/Y6Yw5S08DlpHxM/hwguxQmhwcmxe6Xe4DqEnqpcEdBrS
VJk9P3EiOlscR/ib6ET/W78H8i5RY1unV9JzJKV4c8jWIjyzJEBrARZWVpXz
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:59:31 2024 by rpki-client on console-fra.rpki-client.org