Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/YXbGGJ0by2a1Nwce_pA5gxu9FOY.roa
File: YXbGGJ0by2a1Nwce_pA5gxu9FOY.roa (raw, json)
Hash identifier: MJGYRo64TymurEfOPbqhe/SrvoKQh1997WHry56JIUQ=
Subject key identifier: 61:76:C6:18:9D:1B:CB:66:B5:37:07:1E:FE:90:39:83:1B:BD:14:E6
Certificate issuer: /CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Certificate serial: 018CC5DBED65A4E0D18F5B9F2ACCF02B922A
Authority key identifier: 14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/YXbGGJ0by2a1Nwce_pA5gxu9FOY.roa
Signing time: Mon 01 Jan 2024 16:29:33 +0000
ROA not before: Mon 01 Jan 2024 16:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42585
IP address blocks: 213.249.64.0/21 maxlen: 24
194.213.126.0/23 maxlen: 24
213.249.92.0/22 maxlen: 24
2a01:448::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/FL7g69BrS4EvnhNxbiXxw8PRTMY.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/FL7g69BrS4EvnhNxbiXxw8PRTMY.mft
rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 19:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:ed:65:a4:e0:d1:8f:5b:9f:2a:cc:f0:2b:92:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Validity
Not Before: Jan 1 16:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6176c6189d1bcb66b537071efe9039831bbd14e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c1:b8:27:13:b3:1c:83:78:c4:05:f2:12:07:
00:5e:04:74:6c:5b:8f:e4:40:f9:d6:8b:c7:92:59:
75:5a:81:24:d4:9c:ea:7e:53:e8:59:ea:c3:c0:ca:
52:3b:1a:29:95:eb:e7:53:52:ad:75:c1:4b:06:01:
32:2e:00:2d:2b:f3:9f:4d:ce:f3:1e:6e:2c:9e:54:
47:a0:31:45:f3:1c:f0:a6:75:80:9d:79:bd:17:dd:
97:24:6f:db:5b:c4:e2:a4:4f:f2:1b:c3:1d:2f:6e:
16:5b:a7:78:84:f2:aa:94:8f:a8:3d:6b:86:14:3c:
46:5f:80:2b:df:0d:3f:54:36:da:2f:2a:8a:a3:8d:
05:42:0a:ce:64:38:cb:db:db:54:6c:92:f0:a2:f7:
78:28:66:82:eb:73:98:da:32:d3:5f:a7:d3:24:90:
33:4e:85:44:dc:d3:9e:76:8b:b8:d1:cc:f1:12:b4:
0b:b9:5d:a0:d0:22:20:4b:ad:19:58:6b:a2:52:0b:
28:67:0a:6d:08:4e:28:c3:0f:7d:72:45:90:e0:36:
8b:e7:6b:32:14:ba:24:29:63:8b:42:5b:fe:c9:f1:
41:aa:2f:f9:76:76:42:53:49:4a:4c:ea:23:67:d1:
b3:60:b6:8e:77:48:69:9e:87:7c:8c:d2:aa:46:2b:
b5:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:76:C6:18:9D:1B:CB:66:B5:37:07:1E:FE:90:39:83:1B:BD:14:E6
X509v3 Authority Key Identifier:
keyid:14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/YXbGGJ0by2a1Nwce_pA5gxu9FOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/FL7g69BrS4EvnhNxbiXxw8PRTMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.213.126.0/23
213.249.64.0/21
213.249.92.0/22
IPv6:
2a01:448::/32
Signature Algorithm: sha256WithRSAEncryption
97:d7:1a:a0:45:f5:57:c4:5b:2b:81:d3:4d:24:7f:0e:49:f9:
89:37:3b:76:9b:a6:e5:bf:3d:f4:74:3f:8d:ed:1a:d5:60:0c:
3d:dd:b3:c2:af:18:b0:b1:3f:8a:bf:92:be:66:7d:f5:48:11:
fd:4a:02:b8:9a:1e:d2:82:27:8e:c7:c3:6e:ca:42:6a:1c:db:
a5:07:6f:7e:d2:cf:be:0e:ac:73:98:32:d0:fc:94:ba:5a:ff:
8d:72:09:5d:e9:d5:09:7c:07:ab:22:74:9d:bb:2d:58:9e:e5:
15:6f:da:f8:a5:73:55:ff:f9:40:57:b5:ff:49:ef:b3:8a:bb:
a4:0c:4f:26:6d:41:4b:e0:85:c4:f7:cc:73:32:ce:0c:cc:5c:
3c:6b:04:25:d9:a9:91:96:e0:15:a3:1a:c5:58:13:c2:84:78:
57:57:39:6a:21:a1:31:3c:0f:ee:27:d8:bd:42:24:dc:85:00:
eb:71:b6:93:e2:45:fb:10:a7:0f:e4:7d:2e:08:2c:a0:e8:ac:
86:76:0e:30:c1:cf:94:03:bd:2c:78:66:1a:73:1d:20:f8:76:
70:31:fb:66:c7:a5:d1:54:c8:6b:50:6d:9f:5a:c6:a3:2a:6c:
6d:54:1f:9e:b2:ff:df:cc:76:c3:77:cb:05:4c:2d:fa:38:ee:
dd:7e:5f:95
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzF2+1lpODRj1ufKszwK5IqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YmVlMGViZDA2YjRiODEyZjllMTM3MTZlMjVmMWMzYzNk
MTRjYzYwHhcNMjQwMTAxMTYyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTc2YzYxODlkMWJjYjY2YjUzNzA3MWVmZTkwMzk4MzFiYmQxNGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcG4JxOzHIN4xAXyEgcAXgR0bFuP
5ED51ovHkll1WoEk1JzqflPoWerDwMpSOxoplevnU1KtdcFLBgEyLgAtK/OfTc7z
Hm4snlRHoDFF8xzwpnWAnXm9F92XJG/bW8TipE/yG8MdL24WW6d4hPKqlI+oPWuG
FDxGX4Ar3w0/VDbaLyqKo40FQgrOZDjL29tUbJLwovd4KGaC63OY2jLTX6fTJJAz
ToVE3NOedou40czxErQLuV2g0CIgS60ZWGuiUgsoZwptCE4oww99ckWQ4DaL52sy
FLokKWOLQlv+yfFBqi/5dnZCU0lKTOojZ9GzYLaOd0hpnod8jNKqRiu1GwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGF2xhidG8tmtTcHHv6QOYMbvRTmMB8GA1UdIwQY
MBaAFBS+4OvQa0uBL54TcW4l8cPD0UzGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkw3ZzY5QnJTNEV2bmhOeGJpWHh3OFBSVE1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xNjFjM2YtYjgzZC00NWIxLWFhOGUt
ZDFiYjZiNGRkNzAxLzEvWVhiR0dKMGJ5MmExTndjZV9wQTVneHU5Rk9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xNjFjM2YtYjgzZC00NWIxLWFhOGUtZDFiYjZiNGRkNzAx
LzEvRkw3ZzY5QnJTNEV2bmhOeGJpWHh3OFBSVE1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBwtV+AwQD
1flAAwQC1flcMA0EAgACMAcDBQAqAQRIMA0GCSqGSIb3DQEBCwUAA4IBAQCX1xqg
RfVXxFsrgdNNJH8OSfmJNzt2m6blvz30dD+N7RrVYAw93bPCrxiwsT+Kv5K+Zn31
SBH9SgK4mh7SgieOx8NuykJqHNulB29+0s++DqxzmDLQ/JS6Wv+Ncgld6dUJfAer
InSduy1YnuUVb9r4pXNV//lAV7X/Se+zirukDE8mbUFL4IXE98xzMs4MzFw8awQl
2amRluAVoxrFWBPChHhXVzlqIaExPA/uJ9i9QiTchQDrcbaT4kX7EKcP5H0uCCyg
6KyGdg4wwc+UA70seGYacx0g+HZwMftmx6XRVMhrUG2fWsajKmxtVB+esv/fzHbD
d8sFTC36OO7dfl+V
-----END CERTIFICATE-----
Generated at Thu May 2 01:28:29 2024 by rpki-client on console-ams.rpki-client.org