Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/ysSurpWSWI24mEXo-1UNITeZO04.roa
File: ysSurpWSWI24mEXo-1UNITeZO04.roa (raw, json)
Hash identifier: IpPOlFQvqsTmrv3YEw3rzlOt8iuke14NTccb2hZYBGg=
Subject key identifier: CA:C4:AE:AE:95:92:58:8D:B8:98:45:E8:FB:55:0D:21:37:99:3B:4E
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 019420D5CCFF081D97A825F9B1AB12C9090B
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/ysSurpWSWI24mEXo-1UNITeZO04.roa
Signing time: Wed 01 Jan 2025 07:47:49 +0000
ROA not before: Wed 01 Jan 2025 07:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48031
IP address blocks: 45.146.170.0/24 maxlen: 24
45.149.133.0/24 maxlen: 24
193.142.253.0/24 maxlen: 24
195.245.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 02:01:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:cc:ff:08:1d:97:a8:25:f9:b1:ab:12:c9:09:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Jan 1 07:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cac4aeae9592588db89845e8fb550d2137993b4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ac:f3:7b:9e:fa:1c:27:87:6a:33:d5:72:cf:
71:88:1a:c5:bd:45:a9:00:09:dc:56:f6:76:88:6d:
75:ae:af:87:0d:fc:57:1c:ee:d5:f4:be:60:72:d0:
c3:a8:68:b8:3c:3b:4e:13:27:07:87:5d:74:77:45:
1b:1d:e5:72:a1:81:04:10:b9:32:8d:fa:f6:f9:90:
6e:45:99:fb:95:8d:36:8f:e1:eb:69:1b:ef:6e:8a:
8d:67:5f:7d:a7:43:0e:44:5b:f0:27:10:c9:db:3c:
fa:62:fd:30:52:d0:a1:c1:a2:8e:bb:4b:02:0f:52:
30:b6:55:2f:b6:85:0f:82:0e:c2:03:a1:3b:b7:1f:
ac:9a:71:a4:1c:d1:21:d6:6f:3f:88:02:32:e1:4a:
9b:4b:be:6c:27:39:53:da:45:52:be:5a:56:4f:f2:
70:b8:2f:ea:3b:69:3a:6e:65:02:7e:d1:ad:df:3b:
8d:cf:d6:25:e5:9d:15:63:43:b7:9c:96:38:6b:ee:
24:d1:9f:70:5d:c8:1f:ad:5d:d9:5d:0b:e2:c0:27:
f8:03:76:2a:97:a8:15:5d:92:a6:47:b2:4c:bd:a8:
0e:7b:6b:3c:2c:b7:cb:3e:7b:9c:46:9f:a3:12:70:
2f:d1:7b:0d:99:67:75:fc:9c:56:6b:82:ec:54:e3:
52:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:C4:AE:AE:95:92:58:8D:B8:98:45:E8:FB:55:0D:21:37:99:3B:4E
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/ysSurpWSWI24mEXo-1UNITeZO04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.170.0/24
45.149.133.0/24
193.142.253.0/24
195.245.102.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:be:54:29:e9:92:eb:00:b0:99:73:4b:f2:7a:0b:08:1d:a6:
de:95:d2:fc:62:53:c1:48:23:79:84:f8:37:58:6e:04:3c:73:
05:16:6e:fd:73:2b:ac:d7:fc:d3:bc:9c:8b:3b:b6:b5:07:71:
6c:28:3f:44:da:d6:e9:52:90:5e:b3:f6:27:ce:af:a1:1b:88:
5d:1e:cb:4d:5d:8e:49:23:ca:20:1f:3f:50:78:36:b1:51:bf:
24:cb:68:25:a1:37:ef:59:1b:d0:5d:1a:32:4b:a0:b0:25:e5:
b1:e4:e8:c6:88:1f:53:97:d1:36:00:a6:53:9a:b7:9d:82:78:
37:54:ac:89:01:b8:c4:4d:9d:e7:52:c4:f5:2d:f4:83:11:95:
78:85:e0:81:9b:55:d3:01:44:f6:7f:7f:65:69:67:ee:32:03:
2b:bc:b2:8c:e1:a2:1c:db:17:54:f3:b6:ea:d1:ae:14:f6:32:
b5:f1:c0:56:fe:bc:72:94:64:7e:1b:40:06:e6:96:a3:56:8e:
de:f3:f5:7b:f4:f8:9a:7b:86:b7:8b:3b:f7:5c:01:36:b9:9e:
3b:62:e8:e8:e8:dc:1d:3d:f7:63:e3:53:e3:ef:ab:19:30:e7:
83:18:a9:64:b5:f1:2b:3c:39:d3:6f:d9:b1:f2:01:c0:9e:c4:
ba:ec:4a:37
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQg1cz/CB2XqCX5sasSyQkLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjUwMTAxMDc0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWM0YWVhZTk1OTI1ODhkYjg5ODQ1ZThmYjU1MGQyMTM3OTkzYjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6zze576HCeHajPVcs9xiBrFvUWp
AAncVvZ2iG11rq+HDfxXHO7V9L5gctDDqGi4PDtOEycHh110d0UbHeVyoYEEELky
jfr2+ZBuRZn7lY02j+HraRvvboqNZ199p0MORFvwJxDJ2zz6Yv0wUtChwaKOu0sC
D1IwtlUvtoUPgg7CA6E7tx+smnGkHNEh1m8/iAIy4UqbS75sJzlT2kVSvlpWT/Jw
uC/qO2k6bmUCftGt3zuNz9Yl5Z0VY0O3nJY4a+4k0Z9wXcgfrV3ZXQviwCf4A3Yq
l6gVXZKmR7JMvagOe2s8LLfLPnucRp+jEnAv0XsNmWd1/JxWa4LsVONSiwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMrErq6VkliNuJhF6PtVDSE3mTtOMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEveXNTdXJwV1NXSTI0bUVYby0xVU5JVGVaTzA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZKqAwQA
LZWFAwQAwY79AwQAw/VmMA0GCSqGSIb3DQEBCwUAA4IBAQCzvlQp6ZLrALCZc0vy
egsIHabeldL8YlPBSCN5hPg3WG4EPHMFFm79cyus1/zTvJyLO7a1B3FsKD9E2tbp
UpBes/Ynzq+hG4hdHstNXY5JI8ogHz9QeDaxUb8ky2gloTfvWRvQXRoyS6CwJeWx
5OjGiB9Tl9E2AKZTmredgng3VKyJAbjETZ3nUsT1LfSDEZV4heCBm1XTAUT2f39l
aWfuMgMrvLKM4aIc2xdU87bq0a4U9jK18cBW/rxylGR+G0AG5pajVo7e8/V79Pia
e4a3izv3XAE2uZ47Yujo6NwdPfdj41Pj76sZMOeDGKlktfErPDnTb9mx8gHAnsS6
7Eo3
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:45:26 2025 by rpki-client