Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/057a69-e68e-4004-8625-9177b14ee633/1/YHCzpdx3QlF1VtA6SUTuSfQuxfA.roa
File: YHCzpdx3QlF1VtA6SUTuSfQuxfA.roa (raw, json)
Hash identifier: 29gPbHhB2HxQ6mjaSKBJ8CzQgQfqUPyV5BQbyd2W5Zo=
Subject key identifier: 60:70:B3:A5:DC:77:42:51:75:56:D0:3A:49:44:EE:49:F4:2E:C5:F0
Certificate issuer: /CN=b945085995f3cb7c7dbd05e41774da624b1af2e9
Certificate serial: 018CC424B0CDE32DDEDF23AAA9E22574E9CA
Authority key identifier: B9:45:08:59:95:F3:CB:7C:7D:BD:05:E4:17:74:DA:62:4B:1A:F2:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uUUIWZXzy3x9vQXkF3TaYksa8uk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/057a69-e68e-4004-8625-9177b14ee633/1/YHCzpdx3QlF1VtA6SUTuSfQuxfA.roa
Signing time: Mon 01 Jan 2024 08:29:48 +0000
ROA not before: Mon 01 Jan 2024 08:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207425
IP address blocks: 193.105.121.0/24 maxlen: 27
193.105.96.0/24 maxlen: 24
193.105.102.0/24 maxlen: 27
193.105.117.0/24 maxlen: 27
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/057a69-e68e-4004-8625-9177b14ee633/1/uUUIWZXzy3x9vQXkF3TaYksa8uk.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/057a69-e68e-4004-8625-9177b14ee633/1/uUUIWZXzy3x9vQXkF3TaYksa8uk.mft
rsync://rpki.ripe.net/repository/DEFAULT/uUUIWZXzy3x9vQXkF3TaYksa8uk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Jun 2024 07:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:b0:cd:e3:2d:de:df:23:aa:a9:e2:25:74:e9:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b945085995f3cb7c7dbd05e41774da624b1af2e9
Validity
Not Before: Jan 1 08:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6070b3a5dc7742517556d03a4944ee49f42ec5f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f6:51:47:8e:e1:f7:52:0e:e5:9b:96:6c:bf:
b5:7a:68:cf:25:20:20:41:e4:1f:99:de:16:a6:ee:
bd:1f:8b:6f:66:2f:cf:a0:0e:77:da:b6:78:b7:0a:
f0:90:6a:8b:5b:d3:b6:42:14:88:8c:12:6d:70:27:
5e:c5:4a:5f:b9:2c:8d:c5:53:24:51:8a:ae:be:ed:
c3:41:cc:ea:fc:06:02:e1:61:c2:04:d9:bb:a7:b2:
99:cd:b1:ce:2d:cf:03:5b:40:f0:fd:0f:b8:8c:1d:
84:82:d8:aa:51:84:4e:c7:52:c1:b2:37:63:bb:ff:
55:a8:20:c5:1d:ff:e3:ca:a1:26:07:5c:af:be:13:
e7:e7:d7:58:cd:94:eb:4b:0c:d5:7c:e1:bc:11:cc:
c1:07:33:b3:93:0d:f5:22:16:d1:c4:f5:81:8e:fc:
08:6e:15:73:21:c5:ad:d2:a6:07:32:a1:3d:d0:30:
17:a5:bb:7b:89:49:8b:10:b6:43:de:72:c4:28:10:
bd:61:0d:01:b5:92:8a:6f:c9:ae:71:90:3f:60:d5:
6f:a6:4a:03:98:d0:88:12:c4:14:fd:12:a6:0e:ea:
97:ef:63:73:ee:b7:6e:3c:7e:83:2c:fb:74:fd:0b:
1a:89:9a:81:3d:fd:f1:94:1c:f1:a8:da:38:cc:8c:
21:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:70:B3:A5:DC:77:42:51:75:56:D0:3A:49:44:EE:49:F4:2E:C5:F0
X509v3 Authority Key Identifier:
keyid:B9:45:08:59:95:F3:CB:7C:7D:BD:05:E4:17:74:DA:62:4B:1A:F2:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uUUIWZXzy3x9vQXkF3TaYksa8uk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/057a69-e68e-4004-8625-9177b14ee633/1/YHCzpdx3QlF1VtA6SUTuSfQuxfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/057a69-e68e-4004-8625-9177b14ee633/1/uUUIWZXzy3x9vQXkF3TaYksa8uk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.105.96.0/24
193.105.102.0/24
193.105.117.0/24
193.105.121.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:a1:8d:0d:02:e8:70:bf:86:9f:7c:dc:35:f7:02:cf:3f:40:
71:89:92:44:65:87:20:80:d0:31:5a:92:de:97:bc:2d:43:85:
de:a8:d0:d1:aa:62:14:df:48:9e:fb:84:0f:4c:93:06:f3:20:
3b:c6:26:c4:d1:17:a3:c7:1b:2f:6d:4a:45:f0:23:7f:66:bb:
a9:16:c1:66:89:91:64:83:6c:47:f4:95:0b:1c:ae:3c:10:43:
f7:f1:76:5c:5a:42:2a:c7:71:13:0c:a4:cc:7b:bf:49:de:cc:
f1:e3:c8:79:5b:37:f7:2e:82:04:08:af:a9:4b:40:d0:e3:6c:
04:45:76:3c:08:1a:98:91:ee:c4:9e:2f:f9:d2:7f:c4:53:72:
d9:e1:8a:60:33:17:15:c7:24:ea:2d:1b:c0:4b:fc:9f:5b:a7:
bc:0e:46:53:02:f7:7b:b5:e3:21:21:1b:eb:5c:26:3c:ab:2a:
67:63:9a:a1:67:dc:2c:cb:f7:34:ee:e7:e4:77:d9:b7:a3:3b:
8f:8a:45:9c:df:9e:c1:17:c4:40:ec:3e:e1:20:01:f1:ec:50:
e0:e1:cd:07:30:43:d0:ea:88:51:27:4d:ce:6e:0d:2c:be:7f:
7c:6c:89:20:bf:97:c8:ff:19:94:ff:cc:b7:27:f2:b3:ce:5c:
8e:09:41:b7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEJLDN4y3e3yOqqeIldOnKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NDUwODU5OTVmM2NiN2M3ZGJkMDVlNDE3NzRkYTYyNGIx
YWYyZTkwHhcNMjQwMTAxMDgyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDcwYjNhNWRjNzc0MjUxNzU1NmQwM2E0OTQ0ZWU0OWY0MmVjNWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPZRR47h91IO5ZuWbL+1emjPJSAg
QeQfmd4Wpu69H4tvZi/PoA532rZ4twrwkGqLW9O2QhSIjBJtcCdexUpfuSyNxVMk
UYquvu3DQczq/AYC4WHCBNm7p7KZzbHOLc8DW0Dw/Q+4jB2EgtiqUYROx1LBsjdj
u/9VqCDFHf/jyqEmB1yvvhPn59dYzZTrSwzVfOG8EczBBzOzkw31IhbRxPWBjvwI
bhVzIcWt0qYHMqE90DAXpbt7iUmLELZD3nLEKBC9YQ0BtZKKb8mucZA/YNVvpkoD
mNCIEsQU/RKmDuqX72Nz7rduPH6DLPt0/QsaiZqBPf3xlBzxqNo4zIwhMwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGBws6Xcd0JRdVbQOklE7kn0LsXwMB8GA1UdIwQY
MBaAFLlFCFmV88t8fb0F5Bd02mJLGvLpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVVVSVdaWHp5M3g5dlFYa0YzVGFZa3NhOHVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8wNTdhNjktZTY4ZS00MDA0LTg2MjUt
OTE3N2IxNGVlNjMzLzEvWUhDenBkeDNRbEYxVnRBNlNVVHVTZlF1eGZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8wNTdhNjktZTY4ZS00MDA0LTg2MjUtOTE3N2IxNGVlNjMz
LzEvdVVVSVdaWHp5M3g5dlFYa0YzVGFZa3NhOHVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwWlgAwQA
wWlmAwQAwWl1AwQAwWl5MA0GCSqGSIb3DQEBCwUAA4IBAQAroY0NAuhwv4affNw1
9wLPP0BxiZJEZYcggNAxWpLel7wtQ4XeqNDRqmIU30ie+4QPTJMG8yA7xibE0Rej
xxsvbUpF8CN/ZrupFsFmiZFkg2xH9JULHK48EEP38XZcWkIqx3ETDKTMe79J3szx
48h5Wzf3LoIECK+pS0DQ42wERXY8CBqYke7Eni/50n/EU3LZ4YpgMxcVxyTqLRvA
S/yfW6e8DkZTAvd7teMhIRvrXCY8qypnY5qhZ9wsy/c07ufkd9m3ozuPikWc357B
F8RA7D7hIAHx7FDg4c0HMEPQ6ohRJ03Obg0svn98bIkgv5fI/xmU/8y3J/KzzlyO
CUG3
-----END CERTIFICATE-----
Generated at Tue Jun 4 14:36:15 2024 by rpki-client on console-ams.rpki-client.org