Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/949dde-e814-4fb2-9f9b-59483fa09fe1/1/Ykr0XgKDU3KOYZrqkTITSRcVI2c.roa
File: Ykr0XgKDU3KOYZrqkTITSRcVI2c.roa (raw, json)
Hash identifier: YTwm80Oet8eNSm7MIKXCsAA5Y5ugVztkXfh7cWhhMsw=
Subject key identifier: 62:4A:F4:5E:02:83:53:72:8E:61:9A:EA:91:32:13:49:17:15:23:67
Certificate issuer: /CN=25fd5781576f3d4225af99453e93a92598527126
Certificate serial: 018CC64B2BA29675C9DA813E6BE202844EFB
Authority key identifier: 25:FD:57:81:57:6F:3D:42:25:AF:99:45:3E:93:A9:25:98:52:71:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jf1XgVdvPUIlr5lFPpOpJZhScSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/949dde-e814-4fb2-9f9b-59483fa09fe1/1/Ykr0XgKDU3KOYZrqkTITSRcVI2c.roa
Signing time: Mon 01 Jan 2024 18:31:04 +0000
ROA not before: Mon 01 Jan 2024 18:31:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208738
IP address blocks: 185.252.186.0/24 maxlen: 24
185.252.184.0/24 maxlen: 24
185.252.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/949dde-e814-4fb2-9f9b-59483fa09fe1/1/Jf1XgVdvPUIlr5lFPpOpJZhScSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/949dde-e814-4fb2-9f9b-59483fa09fe1/1/Jf1XgVdvPUIlr5lFPpOpJZhScSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Jf1XgVdvPUIlr5lFPpOpJZhScSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:2b:a2:96:75:c9:da:81:3e:6b:e2:02:84:4e:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25fd5781576f3d4225af99453e93a92598527126
Validity
Not Before: Jan 1 18:31:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=624af45e028353728e619aea9132134917152367
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:90:30:7a:f0:7d:36:6b:04:d5:0f:50:8e:30:
7f:6e:0f:c0:da:18:60:04:76:86:3b:1b:de:97:51:
7b:d1:e9:36:59:d1:d9:a5:cf:97:2f:46:6f:7d:c4:
94:1e:71:4c:cd:5b:fb:9f:b9:af:eb:ec:05:29:2e:
90:e7:f2:64:7b:02:1c:1e:84:c4:50:93:81:5c:8b:
b1:64:88:31:45:06:9a:67:04:68:f6:83:94:e9:4a:
17:09:e3:7c:86:00:b1:b2:19:c0:c7:11:3e:f8:72:
6b:69:e1:b7:04:b6:19:4f:f5:a6:d0:0d:c0:ed:39:
a3:34:df:71:7e:e1:2b:91:54:c4:a3:59:f1:26:88:
5a:0e:83:2f:60:60:1d:2d:89:14:48:38:18:55:a1:
f0:eb:f4:8d:d6:ab:df:fc:8a:db:4c:fc:7d:eb:18:
ad:9f:ac:98:2b:c3:6b:be:c0:56:f0:cc:ca:c8:e0:
be:d8:9a:f5:60:b3:e6:f6:90:8f:d1:7e:10:41:01:
23:8c:b1:ff:a4:bc:2d:ed:26:3f:87:20:77:d0:33:
c5:98:a7:c4:19:cc:66:6b:58:dc:72:69:30:2d:2d:
68:44:f4:d1:68:e0:58:2e:6b:74:e5:2e:3c:34:4f:
a7:4e:c2:37:64:b6:89:5a:1a:56:59:cb:e3:1c:30:
c0:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:4A:F4:5E:02:83:53:72:8E:61:9A:EA:91:32:13:49:17:15:23:67
X509v3 Authority Key Identifier:
keyid:25:FD:57:81:57:6F:3D:42:25:AF:99:45:3E:93:A9:25:98:52:71:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jf1XgVdvPUIlr5lFPpOpJZhScSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/949dde-e814-4fb2-9f9b-59483fa09fe1/1/Ykr0XgKDU3KOYZrqkTITSRcVI2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/949dde-e814-4fb2-9f9b-59483fa09fe1/1/Jf1XgVdvPUIlr5lFPpOpJZhScSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.184.0/24
185.252.186.0/23
Signature Algorithm: sha256WithRSAEncryption
67:b6:44:44:3e:4e:0f:8e:2f:de:c8:91:4b:20:1c:dd:a5:52:
9f:1f:d3:79:a3:1e:d6:3b:44:c7:e0:01:be:0d:71:6f:37:80:
55:67:5f:18:f5:32:a9:39:0e:8f:7e:79:53:18:9b:f8:19:50:
c7:63:b6:0d:44:19:cb:86:44:ff:6c:09:7a:9d:f2:6f:0a:ed:
c8:74:20:97:74:03:f6:0d:4c:42:f7:e5:c6:25:75:3e:44:e4:
79:d2:de:6d:70:c2:d9:3d:3c:4d:78:cf:dd:3d:e1:6d:5c:49:
0c:cd:98:1c:5e:59:ba:4c:34:31:1b:3f:c2:04:34:26:cf:8f:
ec:0d:fd:a4:74:5b:e0:8c:d8:9c:ea:86:cd:48:1f:38:c0:95:
22:57:be:7e:f7:23:fd:38:76:12:b4:d2:fc:5c:a0:6d:b3:19:
95:da:37:ed:a6:63:14:4a:0b:df:17:e6:ce:88:44:15:c4:3b:
f4:df:e4:0e:8b:0b:a8:c0:28:f2:e6:ac:1e:8f:e1:8b:02:f5:
b0:cf:9f:72:25:0b:eb:15:66:aa:01:8b:07:74:0b:54:70:0d:
ca:09:17:fa:89:74:a3:32:ec:a1:43:4c:2f:f6:6c:6a:90:29:
96:75:d6:8a:bf:ab:52:b4:be:b5:25:b6:55:2a:2a:b9:d0:0e:
7b:55:bb:f6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGSyuilnXJ2oE+a+IChE77MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZmQ1NzgxNTc2ZjNkNDIyNWFmOTk0NTNlOTNhOTI1OTg1
MjcxMjYwHhcNMjQwMTAxMTgzMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjRhZjQ1ZTAyODM1MzcyOGU2MTlhZWE5MTMyMTM0OTE3MTUyMzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJAwevB9NmsE1Q9QjjB/bg/A2hhg
BHaGOxvel1F70ek2WdHZpc+XL0ZvfcSUHnFMzVv7n7mv6+wFKS6Q5/JkewIcHoTE
UJOBXIuxZIgxRQaaZwRo9oOU6UoXCeN8hgCxshnAxxE++HJraeG3BLYZT/Wm0A3A
7TmjNN9xfuErkVTEo1nxJohaDoMvYGAdLYkUSDgYVaHw6/SN1qvf/IrbTPx96xit
n6yYK8NrvsBW8MzKyOC+2Jr1YLPm9pCP0X4QQQEjjLH/pLwt7SY/hyB30DPFmKfE
Gcxma1jccmkwLS1oRPTRaOBYLmt05S48NE+nTsI3ZLaJWhpWWcvjHDDAMwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGJK9F4Cg1NyjmGa6pEyE0kXFSNnMB8GA1UdIwQY
MBaAFCX9V4FXbz1CJa+ZRT6TqSWYUnEmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmYxWGdWZHZQVUlscjVsRlBwT3BKWmhTY1NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85NDlkZGUtZTgxNC00ZmIyLTlmOWIt
NTk0ODNmYTA5ZmUxLzEvWWtyMFhnS0RVM0tPWVpycWtUSVRTUmNWSTJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni85NDlkZGUtZTgxNC00ZmIyLTlmOWItNTk0ODNmYTA5ZmUx
LzEvSmYxWGdWZHZQVUlscjVsRlBwT3BKWmhTY1NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAufy4AwQB
ufy6MA0GCSqGSIb3DQEBCwUAA4IBAQBntkREPk4Pji/eyJFLIBzdpVKfH9N5ox7W
O0TH4AG+DXFvN4BVZ18Y9TKpOQ6PfnlTGJv4GVDHY7YNRBnLhkT/bAl6nfJvCu3I
dCCXdAP2DUxC9+XGJXU+ROR50t5tcMLZPTxNeM/dPeFtXEkMzZgcXlm6TDQxGz/C
BDQmz4/sDf2kdFvgjNic6obNSB84wJUiV75+9yP9OHYStNL8XKBtsxmV2jftpmMU
SgvfF+bOiEQVxDv03+QOiwuowCjy5qwej+GLAvWwz59yJQvrFWaqAYsHdAtUcA3K
CRf6iXSjMuyhQ0wv9mxqkCmWddaKv6tStL61JbZVKiq50A57Vbv2
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:39:42 2024 by rpki-client on console-ams.rpki-client.org