Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/226be8-c7b7-47f0-b0d5-d14af2cb8fde/1/Yyt36k7JtSXYqg9c2wJbMDlRViE.roa
File: Yyt36k7JtSXYqg9c2wJbMDlRViE.roa (raw, json)
Hash identifier: cDTj7aUJHOzTfo2JuPMnt2z61FD/8BUwXRrjBVj2RDc=
Subject key identifier: 63:2B:77:EA:4E:C9:B5:25:D8:AA:0F:5C:DB:02:5B:30:39:51:56:21
Certificate issuer: /CN=49240b59bbf6906a555e1074c5ae73ec62dffc5f
Certificate serial: 018CC26D098DAE9C4D536D6DF93E4436C82B
Authority key identifier: 49:24:0B:59:BB:F6:90:6A:55:5E:10:74:C5:AE:73:EC:62:DF:FC:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SSQLWbv2kGpVXhB0xa5z7GLf_F8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/226be8-c7b7-47f0-b0d5-d14af2cb8fde/1/Yyt36k7JtSXYqg9c2wJbMDlRViE.roa
Signing time: Mon 01 Jan 2024 00:29:34 +0000
ROA not before: Mon 01 Jan 2024 00:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59708
IP address blocks: 185.4.107.0/24 maxlen: 24
185.4.106.0/24 maxlen: 24
185.4.104.0/22 maxlen: 24
185.4.104.0/24 maxlen: 24
185.4.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/226be8-c7b7-47f0-b0d5-d14af2cb8fde/1/SSQLWbv2kGpVXhB0xa5z7GLf_F8.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/226be8-c7b7-47f0-b0d5-d14af2cb8fde/1/SSQLWbv2kGpVXhB0xa5z7GLf_F8.mft
rsync://rpki.ripe.net/repository/DEFAULT/SSQLWbv2kGpVXhB0xa5z7GLf_F8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:09:8d:ae:9c:4d:53:6d:6d:f9:3e:44:36:c8:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49240b59bbf6906a555e1074c5ae73ec62dffc5f
Validity
Not Before: Jan 1 00:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=632b77ea4ec9b525d8aa0f5cdb025b3039515621
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:7f:f7:d4:a9:1e:58:4a:87:cf:9b:fc:93:7c:
1c:c4:7b:b1:53:0f:e1:af:97:70:a8:fb:d5:c5:8d:
ac:d5:2d:34:fd:89:53:38:da:bd:e6:26:73:0d:12:
c3:9e:07:d1:68:39:b9:a0:e5:47:00:b6:e7:35:29:
65:0e:10:fa:10:de:46:24:a0:4b:ea:da:67:96:19:
ed:7a:d7:85:24:53:0c:ff:a1:ed:43:1d:5e:49:e3:
0b:59:f5:0c:95:05:99:f9:4f:27:2f:22:18:79:a2:
4f:f0:13:5f:a6:60:ad:b1:c1:95:d7:ee:a6:a5:4d:
c0:e9:e5:29:2f:6c:93:6f:3a:f5:18:2c:5f:ed:02:
14:e1:2a:40:83:83:af:20:f7:bd:6b:5f:92:13:04:
59:c0:d7:a6:fd:94:1f:df:e1:7a:27:05:2e:4c:e0:
50:54:b9:46:7a:9f:63:5b:a0:0d:7a:a1:ed:45:cc:
9e:49:31:e1:05:95:a2:e8:e3:c9:a7:81:d2:bc:d1:
de:6d:89:4a:90:08:09:40:ee:50:12:99:2c:e4:4b:
0d:70:83:32:56:48:e0:f4:61:bb:23:09:cb:a1:8b:
b8:dc:68:cb:07:b5:0b:92:a8:a5:7e:0c:e1:77:a7:
0c:99:6d:b4:37:f6:40:82:a6:6b:2b:d4:5b:2c:a1:
d9:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:2B:77:EA:4E:C9:B5:25:D8:AA:0F:5C:DB:02:5B:30:39:51:56:21
X509v3 Authority Key Identifier:
keyid:49:24:0B:59:BB:F6:90:6A:55:5E:10:74:C5:AE:73:EC:62:DF:FC:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SSQLWbv2kGpVXhB0xa5z7GLf_F8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/226be8-c7b7-47f0-b0d5-d14af2cb8fde/1/Yyt36k7JtSXYqg9c2wJbMDlRViE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/226be8-c7b7-47f0-b0d5-d14af2cb8fde/1/SSQLWbv2kGpVXhB0xa5z7GLf_F8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.104.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:bf:52:7e:60:66:96:61:25:5c:af:d1:5e:f4:35:60:03:35:
4f:9d:c4:e2:35:6e:2c:42:bf:b6:30:b9:f5:02:88:bd:6c:af:
09:1b:e1:bb:a7:f1:12:43:7a:c2:05:59:f6:ce:4a:09:89:28:
f9:6f:3f:62:ad:e8:4f:6c:d0:a5:1d:20:96:a1:8e:c2:36:1d:
55:0c:55:81:68:a4:e5:83:2d:a9:ed:3f:8c:e0:fe:89:ba:8b:
e8:d0:d5:81:4f:70:74:bd:b6:02:da:15:c3:c3:ae:20:fe:5f:
b2:cf:ed:23:14:92:4b:0c:cf:ce:2c:d6:39:a9:3d:1a:98:d5:
b1:3e:35:e5:fe:41:bb:50:19:dc:e3:ff:e8:69:cf:9a:01:32:
0c:77:15:08:36:a5:44:16:68:ad:c5:fe:09:91:29:3a:ac:63:
cf:52:4a:27:3d:28:cf:5b:8a:59:26:a7:92:b8:79:4f:60:f7:
2c:06:4e:34:ad:00:10:85:1d:5b:35:f6:ec:9d:0a:e5:58:2b:
8d:a2:cf:72:1a:40:bc:dd:db:61:1c:6f:50:b8:89:db:f9:f8:
40:aa:0c:1c:cf:3b:b2:91:2f:02:96:88:6e:44:83:c0:46:37:
87:40:24:48:58:45:8c:5f:b3:ac:41:e8:2a:28:96:3a:1f:67:
7a:6f:6d:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbQmNrpxNU21t+T5ENsgrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MjQwYjU5YmJmNjkwNmE1NTVlMTA3NGM1YWU3M2VjNjJk
ZmZjNWYwHhcNMjQwMTAxMDAyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzJiNzdlYTRlYzliNTI1ZDhhYTBmNWNkYjAyNWIzMDM5NTE1NjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA33/31KkeWEqHz5v8k3wcxHuxUw/h
r5dwqPvVxY2s1S00/YlTONq95iZzDRLDngfRaDm5oOVHALbnNSllDhD6EN5GJKBL
6tpnlhnteteFJFMM/6HtQx1eSeMLWfUMlQWZ+U8nLyIYeaJP8BNfpmCtscGV1+6m
pU3A6eUpL2yTbzr1GCxf7QIU4SpAg4OvIPe9a1+SEwRZwNem/ZQf3+F6JwUuTOBQ
VLlGep9jW6ANeqHtRcyeSTHhBZWi6OPJp4HSvNHebYlKkAgJQO5QEpks5EsNcIMy
Vkjg9GG7IwnLoYu43GjLB7ULkqilfgzhd6cMmW20N/ZAgqZrK9RbLKHZuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGMrd+pOybUl2KoPXNsCWzA5UVYhMB8GA1UdIwQY
MBaAFEkkC1m79pBqVV4QdMWuc+xi3/xfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1NRTFdidjJrR3BWWGhCMHhhNXo3R0xmX0Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yMjZiZTgtYzdiNy00N2YwLWIwZDUt
ZDE0YWYyY2I4ZmRlLzEvWXl0MzZrN0p0U1hZcWc5YzJ3SmJNRGxSVmlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yMjZiZTgtYzdiNy00N2YwLWIwZDUtZDE0YWYyY2I4ZmRl
LzEvU1NRTFdidjJrR3BWWGhCMHhhNXo3R0xmX0Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQRoMA0G
CSqGSIb3DQEBCwUAA4IBAQAOv1J+YGaWYSVcr9Fe9DVgAzVPncTiNW4sQr+2MLn1
Aoi9bK8JG+G7p/ESQ3rCBVn2zkoJiSj5bz9irehPbNClHSCWoY7CNh1VDFWBaKTl
gy2p7T+M4P6Juovo0NWBT3B0vbYC2hXDw64g/l+yz+0jFJJLDM/OLNY5qT0amNWx
PjXl/kG7UBnc4//oac+aATIMdxUINqVEFmitxf4JkSk6rGPPUkonPSjPW4pZJqeS
uHlPYPcsBk40rQAQhR1bNfbsnQrlWCuNos9yGkC83dthHG9QuInb+fhAqgwczzuy
kS8ClohuRIPARjeHQCRIWEWMX7OsQegqKJY6H2d6b21c
-----END CERTIFICATE-----
Generated at Tue Nov 26 22:18:52 2024 by rpki-client on console-ams.rpki-client.org