Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/YsmNHo3us-T-6yXZRfbmKXjHToM.roa
File: YsmNHo3us-T-6yXZRfbmKXjHToM.roa (raw, json)
Hash identifier: Cif67zzlb2BXrjrpxxf0G1ostFhud8xGR0qxRkkjkls=
Subject key identifier: 62:C9:8D:1E:8D:EE:B3:E4:FE:EB:25:D9:45:F6:E6:29:78:C7:4E:83
Certificate issuer: /CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Certificate serial: 018CC5DBECFE71B0A2F9CA37B9C0D4BB877A
Authority key identifier: 14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/YsmNHo3us-T-6yXZRfbmKXjHToM.roa
Signing time: Mon 01 Jan 2024 16:29:33 +0000
ROA not before: Mon 01 Jan 2024 16:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39855
IP address blocks: 195.226.205.0/24 maxlen: 24
213.249.76.0/22 maxlen: 24
213.249.74.0/23 maxlen: 24
213.249.73.0/24 maxlen: 24
213.249.82.0/23 maxlen: 24
213.249.81.0/24 maxlen: 24
213.249.84.0/22 maxlen: 24
213.249.88.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/FL7g69BrS4EvnhNxbiXxw8PRTMY.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/FL7g69BrS4EvnhNxbiXxw8PRTMY.mft
rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:ec:fe:71:b0:a2:f9:ca:37:b9:c0:d4:bb:87:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Validity
Not Before: Jan 1 16:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62c98d1e8deeb3e4feeb25d945f6e62978c74e83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:75:f6:b1:18:c0:7c:4f:0d:ee:2c:fe:2d:d6:
ac:08:96:16:a5:df:96:e8:e0:cc:c1:7c:eb:df:83:
9c:39:a3:8f:89:75:7f:c0:8b:5a:f4:10:e8:09:ed:
12:1f:17:aa:90:71:1d:22:a2:4f:38:29:0a:c4:65:
3a:03:79:44:70:8b:7e:c2:e8:0e:22:cd:cc:a3:54:
a1:59:0e:1e:69:78:40:b1:9e:61:4b:2a:80:41:0a:
71:a9:f0:db:56:96:32:3b:e4:44:96:d9:4b:3a:2f:
88:a3:67:05:4b:49:f9:79:88:29:38:a4:f9:a3:2e:
c6:33:eb:a2:b4:48:51:d1:50:c9:00:f3:7a:3d:53:
f1:24:a7:47:65:22:1e:d4:45:cc:9a:58:b0:fc:60:
c0:9a:4a:fb:8b:bb:b2:36:47:d2:ad:fd:f8:30:64:
75:58:b3:71:9e:e1:25:a6:69:f6:41:f2:76:0a:ab:
91:16:4a:68:8a:25:97:dc:20:83:cd:8a:15:21:27:
f0:d9:38:4f:9b:63:ac:0c:19:4e:7a:8f:fb:1f:34:
ef:c0:02:80:81:e2:cb:4a:6f:71:d1:ea:7e:17:21:
b1:82:2f:08:87:b5:67:c3:db:60:ac:3a:4d:59:40:
e4:9b:e1:6e:09:5a:be:66:3e:94:6f:e9:b5:3f:02:
c6:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:C9:8D:1E:8D:EE:B3:E4:FE:EB:25:D9:45:F6:E6:29:78:C7:4E:83
X509v3 Authority Key Identifier:
keyid:14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/YsmNHo3us-T-6yXZRfbmKXjHToM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/FL7g69BrS4EvnhNxbiXxw8PRTMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.226.205.0/24
213.249.73.0-213.249.79.255
213.249.81.0-213.249.91.255
Signature Algorithm: sha256WithRSAEncryption
06:40:99:03:9b:81:6b:6d:c9:e8:f3:7c:91:5b:00:41:dd:05:
57:39:92:1a:18:1d:fc:2a:cb:32:97:87:1a:ad:38:05:12:24:
c6:45:47:93:88:fe:12:be:bb:51:e1:e6:35:b8:73:81:5d:89:
70:e2:1c:ff:02:37:54:a4:e7:e1:3c:b9:2e:fc:56:a1:86:e3:
2d:f7:5d:e7:c8:f2:2d:79:7c:b8:56:82:1b:0b:b0:6c:ef:26:
4c:6f:3f:02:b2:e7:7a:fa:8b:98:32:16:a4:5b:27:0e:23:2d:
b7:26:d4:bc:a3:f7:ae:2a:c4:74:40:0b:09:6b:10:1e:b9:23:
f9:21:70:f4:36:a4:be:e8:0e:d4:5c:88:2f:06:22:b2:e2:0a:
f4:3c:f4:78:00:8f:02:23:5a:42:b8:fb:1c:e8:c6:e7:17:32:
ba:ae:c4:3a:13:09:d7:8c:45:f9:15:ec:96:1e:1e:36:42:dc:
c0:ac:fa:43:9e:98:73:71:19:45:34:98:17:5b:0d:be:29:e3:
a2:d4:13:58:94:a1:d5:9f:d3:b5:43:3b:ce:c6:ce:56:a6:cd:
ff:81:74:06:f5:75:6c:ae:8b:25:b8:ce:c8:c1:2c:e9:db:07:
a9:02:a2:49:86:aa:e3:17:4a:c9:82:87:04:00:6b:36:91:e0:
e8:4c:2b:01
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzF2+z+cbCi+co3ucDUu4d6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YmVlMGViZDA2YjRiODEyZjllMTM3MTZlMjVmMWMzYzNk
MTRjYzYwHhcNMjQwMTAxMTYyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmM5OGQxZThkZWViM2U0ZmVlYjI1ZDk0NWY2ZTYyOTc4Yzc0ZTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHX2sRjAfE8N7iz+LdasCJYWpd+W
6ODMwXzr34OcOaOPiXV/wIta9BDoCe0SHxeqkHEdIqJPOCkKxGU6A3lEcIt+wugO
Is3Mo1ShWQ4eaXhAsZ5hSyqAQQpxqfDbVpYyO+REltlLOi+Io2cFS0n5eYgpOKT5
oy7GM+uitEhR0VDJAPN6PVPxJKdHZSIe1EXMmliw/GDAmkr7i7uyNkfSrf34MGR1
WLNxnuElpmn2QfJ2CquRFkpoiiWX3CCDzYoVISfw2ThPm2OsDBlOeo/7HzTvwAKA
geLLSm9x0ep+FyGxgi8Ih7Vnw9tgrDpNWUDkm+FuCVq+Zj6Ub+m1PwLGSwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFGLJjR6N7rPk/usl2UX25il4x06DMB8GA1UdIwQY
MBaAFBS+4OvQa0uBL54TcW4l8cPD0UzGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkw3ZzY5QnJTNEV2bmhOeGJpWHh3OFBSVE1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xNjFjM2YtYjgzZC00NWIxLWFhOGUt
ZDFiYjZiNGRkNzAxLzEvWXNtTkhvM3VzLVQtNnlYWlJmYm1LWGpIVG9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xNjFjM2YtYjgzZC00NWIxLWFhOGUtZDFiYjZiNGRkNzAx
LzEvRkw3ZzY5QnJTNEV2bmhOeGJpWHh3OFBSVE1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQAw+LNMAwD
BADV+UkDBATV+UAwDAMEANX5UQMEAtX5WDANBgkqhkiG9w0BAQsFAAOCAQEABkCZ
A5uBa23J6PN8kVsAQd0FVzmSGhgd/CrLMpeHGq04BRIkxkVHk4j+Er67UeHmNbhz
gV2JcOIc/wI3VKTn4Ty5LvxWoYbjLfdd58jyLXl8uFaCGwuwbO8mTG8/ArLnevqL
mDIWpFsnDiMttybUvKP3rirEdEALCWsQHrkj+SFw9DakvugO1FyILwYisuIK9Dz0
eACPAiNaQrj7HOjG5xcyuq7EOhMJ14xF+RXslh4eNkLcwKz6Q56Yc3EZRTSYF1sN
vinjotQTWJSh1Z/TtUM7zsbOVqbN/4F0BvV1bK6LJbjOyMEs6dsHqQKiSYaq4xdK
yYKHBABrNpHg6EwrAQ==
-----END CERTIFICATE-----
Generated at Thu May 2 06:44:33 2024 by rpki-client on console-fra.rpki-client.org