Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YSTpBhSK5__4lI2y2K7gCKaJ7Cw.roa
File: YSTpBhSK5__4lI2y2K7gCKaJ7Cw.roa (raw, json)
Hash identifier: lmsy2+7sLi8nzjE5ppK1MLibQ4JvyDaKSMDL+OLrYVg=
Subject key identifier: 61:24:E9:06:14:8A:E7:FF:F8:94:8D:B2:D8:AE:E0:08:A6:89:EC:2C
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 019420D5D1079B468048ED9FBFA1F003F47D
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YSTpBhSK5__4lI2y2K7gCKaJ7Cw.roa
Signing time: Wed 01 Jan 2025 07:47:51 +0000
ROA not before: Wed 01 Jan 2025 07:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57186
IP address blocks: 85.8.184.0/24 maxlen: 24
85.202.164.0/24 maxlen: 24
91.191.180.0/24 maxlen: 24
185.147.36.0/24 maxlen: 24
185.189.252.0/24 maxlen: 24
185.189.253.0/24 maxlen: 24
185.193.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:d1:07:9b:46:80:48:ed:9f:bf:a1:f0:03:f4:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Jan 1 07:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6124e906148ae7fff8948db2d8aee008a689ec2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b3:dc:f2:59:96:d8:cc:36:36:57:34:17:ed:
86:18:bc:bb:88:c3:0a:59:94:9b:a8:db:89:13:63:
a1:7a:5b:af:b6:82:bc:3f:d7:7a:48:b0:b0:4f:58:
aa:c0:4e:4f:c6:92:e6:18:c8:82:01:bf:31:83:93:
a0:f4:c9:e5:24:6a:04:16:b8:e5:7f:4e:9f:95:55:
e1:1c:09:86:ff:d5:9c:0d:54:0c:78:e9:36:bc:10:
2e:14:1e:b0:7b:d4:12:8f:01:a1:f5:d8:74:7f:7d:
0a:b9:06:bc:21:89:6e:34:cc:84:ef:1d:d8:88:24:
f1:2e:98:ee:03:f6:42:26:b7:d0:14:c8:56:c2:09:
69:48:c3:e1:20:2b:01:2e:d3:43:5e:f7:23:31:5f:
64:59:c9:f3:c5:10:f1:f4:df:44:2e:32:94:64:f4:
7d:a0:88:5d:9e:f4:3f:df:78:b5:d1:60:4c:d7:42:
f5:6d:a3:65:b9:6d:75:43:67:a1:d1:a6:22:d2:19:
a6:0e:f5:04:a6:bd:4f:6d:12:2a:e0:c9:b4:ab:95:
cc:8a:00:9b:0a:32:59:44:80:3f:8e:1b:e1:2e:9d:
0e:f5:6b:4e:c5:58:64:09:19:e2:56:7e:ff:50:ed:
7d:1a:34:95:e9:3e:09:38:ac:af:c0:50:9d:3d:48:
3e:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:24:E9:06:14:8A:E7:FF:F8:94:8D:B2:D8:AE:E0:08:A6:89:EC:2C
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YSTpBhSK5__4lI2y2K7gCKaJ7Cw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.184.0/24
85.202.164.0/24
91.191.180.0/24
185.147.36.0/24
185.189.252.0/23
185.193.140.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:4a:ff:d7:e5:fb:d6:79:3c:f4:9d:2f:a6:5f:22:3b:a6:16:
05:2f:c5:bb:03:91:04:e5:1c:46:a5:18:b3:b5:a4:11:54:2f:
8d:7e:5a:31:9e:44:46:61:dd:68:48:4f:6d:99:0d:55:f3:d5:
27:2a:00:b4:a4:22:18:f4:6f:92:6d:34:d0:89:c6:be:14:c9:
3e:06:9d:62:c4:3d:aa:db:d3:d9:eb:6a:35:19:1d:24:30:aa:
2c:63:ad:8c:d4:4e:ee:fa:2c:f0:aa:90:1c:23:38:42:34:8e:
12:d6:c4:9c:9e:68:95:5b:8c:61:55:87:b6:ae:b7:21:3c:98:
2b:ef:e6:c9:8c:42:9e:b2:0b:2e:5c:42:3f:1f:f9:7b:67:0d:
2e:68:4e:43:90:0b:f9:60:4e:67:8d:00:f1:51:dc:43:6b:a2:
74:ca:31:8c:ab:b8:13:80:1e:5e:b6:18:11:17:a5:b3:63:cc:
f3:8d:4f:b2:c9:b5:02:ad:81:7d:e0:3b:3c:ad:9c:73:77:7c:
13:26:10:13:e6:b6:60:ac:ea:8e:80:e8:43:0a:0b:7e:ea:2c:
21:fa:08:7f:32:1a:42:01:ac:a0:3c:99:ae:26:48:74:b7:4b:
4f:34:15:1f:f7:94:3e:c8:da:6b:46:3e:d0:0a:7b:91:7e:b5:
14:a2:e3:2d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQg1dEHm0aASO2fv6HwA/R9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjUwMTAxMDc0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTI0ZTkwNjE0OGFlN2ZmZjg5NDhkYjJkOGFlZTAwOGE2ODllYzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7Pc8lmW2Mw2Nlc0F+2GGLy7iMMK
WZSbqNuJE2OheluvtoK8P9d6SLCwT1iqwE5PxpLmGMiCAb8xg5Og9MnlJGoEFrjl
f06flVXhHAmG/9WcDVQMeOk2vBAuFB6we9QSjwGh9dh0f30KuQa8IYluNMyE7x3Y
iCTxLpjuA/ZCJrfQFMhWwglpSMPhICsBLtNDXvcjMV9kWcnzxRDx9N9ELjKUZPR9
oIhdnvQ/33i10WBM10L1baNluW11Q2eh0aYi0hmmDvUEpr1PbRIq4Mm0q5XMigCb
CjJZRIA/jhvhLp0O9WtOxVhkCRniVn7/UO19GjSV6T4JOKyvwFCdPUg+LwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGEk6QYUiuf/+JSNstiu4AimiewsMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvWVNUcEJoU0s1X180bEkyeTJLN2dDS2FKN0N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVQi4AwQA
VcqkAwQAW7+0AwQAuZMkAwQBub38AwQAucGMMA0GCSqGSIb3DQEBCwUAA4IBAQAK
Sv/X5fvWeTz0nS+mXyI7phYFL8W7A5EE5RxGpRiztaQRVC+NfloxnkRGYd1oSE9t
mQ1V89UnKgC0pCIY9G+SbTTQica+FMk+Bp1ixD2q29PZ62o1GR0kMKosY62M1E7u
+izwqpAcIzhCNI4S1sScnmiVW4xhVYe2rrchPJgr7+bJjEKesgsuXEI/H/l7Zw0u
aE5DkAv5YE5njQDxUdxDa6J0yjGMq7gTgB5ethgRF6WzY8zzjU+yybUCrYF94Ds8
rZxzd3wTJhAT5rZgrOqOgOhDCgt+6iwh+gh/MhpCAaygPJmuJkh0t0tPNBUf95Q+
yNprRj7QCnuRfrUUouMt
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:45:52 2025 by rpki-client