Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/ytFkpLehJs3CVmIpxWzuMJnYFnw.roa
File: ytFkpLehJs3CVmIpxWzuMJnYFnw.roa (raw, json)
Hash identifier: RGfvWMDkmzrQljGdHnk4HKPeOV7otH55pggv8MhHYpo=
Subject key identifier: CA:D1:64:A4:B7:A1:26:CD:C2:56:62:29:C5:6C:EE:30:99:D8:16:7C
Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial: 018E0E7DFBC9F1F070071B2BBEA3060A8270
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/ytFkpLehJs3CVmIpxWzuMJnYFnw.roa
Signing time: Tue 05 Mar 2024 12:02:01 +0000
ROA not before: Tue 05 Mar 2024 12:02:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 145.78.20.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.mft
rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0e:7d:fb:c9:f1:f0:70:07:1b:2b:be:a3:06:0a:82:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Validity
Not Before: Mar 5 12:02:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cad164a4b7a126cdc2566229c56cee3099d8167c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:77:99:87:d6:fd:49:35:34:cd:f9:6b:b4:aa:
38:c6:f9:59:46:f9:1f:b4:42:e1:91:fa:1a:0b:8b:
ba:13:43:e9:a8:41:aa:65:78:a8:95:10:c9:36:a3:
2a:3e:34:ba:3a:60:56:00:11:28:90:6d:0b:fb:58:
27:c8:45:fb:0b:a0:0e:f5:50:27:35:db:e7:14:5d:
7c:3c:07:d4:a0:6a:31:75:76:6f:ac:0d:b7:2b:09:
9e:41:d8:4d:d9:7a:ee:a2:68:e8:29:ba:a9:e0:a7:
15:6a:f0:0b:59:32:62:79:5f:97:68:11:8c:38:7c:
e0:7a:33:28:4a:09:0f:8f:fd:6b:31:6b:5e:99:4e:
08:c9:ec:19:b8:7d:a8:c3:c7:39:f5:c4:82:09:3b:
5e:f5:a2:51:20:55:d6:88:00:ff:26:57:31:09:23:
f6:08:08:d7:b2:35:da:fe:61:ee:bc:6e:a2:13:63:
dd:8d:e0:40:6c:8b:d1:71:ec:28:58:50:70:5d:15:
95:16:b5:f6:ed:a0:e6:65:5c:48:52:4e:10:bc:0c:
be:64:5a:e4:ea:60:ef:50:1f:00:9f:8b:0c:87:59:
65:d4:00:a3:eb:c1:d8:21:60:bc:ea:e6:48:50:52:
0c:1e:bb:28:c7:ca:16:53:31:2d:79:dc:f3:d0:90:
2d:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:D1:64:A4:B7:A1:26:CD:C2:56:62:29:C5:6C:EE:30:99:D8:16:7C
X509v3 Authority Key Identifier:
keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/ytFkpLehJs3CVmIpxWzuMJnYFnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.78.20.0/22
Signature Algorithm: sha256WithRSAEncryption
19:ef:0a:2a:d1:3d:3e:e6:6b:98:88:f9:0d:71:78:e9:03:be:
47:c7:33:b0:2d:2c:79:ba:61:25:b9:a6:23:46:80:e7:88:4a:
c2:1f:9c:75:89:6a:b1:27:47:fc:61:fd:c7:3b:76:3a:9e:ee:
68:bd:1e:2c:89:43:b0:35:b7:fd:58:16:99:26:d9:8c:8c:c5:
06:30:62:7a:c6:43:b0:5f:d1:62:e6:8a:42:e2:f3:15:8e:65:
3e:bc:4e:6c:11:b4:3c:1e:ac:40:f4:78:be:bc:56:fe:17:1f:
9d:aa:04:02:b5:fe:d5:0a:9b:0c:f7:64:d8:3c:8a:08:bd:c7:
9c:f2:33:f2:8e:fd:fa:53:fb:72:e9:a7:57:22:61:d6:76:84:
95:7d:3a:2f:fa:4d:c3:00:73:7e:72:83:d3:8f:1f:6d:b9:d6:
24:6f:39:17:12:52:47:7a:84:9b:ad:1c:fd:81:30:68:47:ec:
1d:32:aa:c2:40:dc:41:36:dd:36:02:82:51:24:0b:f9:83:71:
0b:6c:7b:ce:6d:37:eb:46:9b:3a:b7:93:3b:72:8e:4f:81:91:
73:5e:c1:2b:f6:cc:2f:68:49:28:f0:f9:35:dd:73:df:91:63:
df:d8:eb:32:a2:80:53:4a:43:19:69:da:ed:73:30:ad:3b:47:
ae:91:61:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4OffvJ8fBwBxsrvqMGCoJwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjQwMzA1MTIwMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWQxNjRhNGI3YTEyNmNkYzI1NjYyMjljNTZjZWUzMDk5ZDgxNjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhneZh9b9STU0zflrtKo4xvlZRvkf
tELhkfoaC4u6E0PpqEGqZXiolRDJNqMqPjS6OmBWABEokG0L+1gnyEX7C6AO9VAn
NdvnFF18PAfUoGoxdXZvrA23KwmeQdhN2XruomjoKbqp4KcVavALWTJieV+XaBGM
OHzgejMoSgkPj/1rMWtemU4IyewZuH2ow8c59cSCCTte9aJRIFXWiAD/JlcxCSP2
CAjXsjXa/mHuvG6iE2PdjeBAbIvRcewoWFBwXRWVFrX27aDmZVxIUk4QvAy+ZFrk
6mDvUB8An4sMh1ll1ACj68HYIWC86uZIUFIMHrsox8oWUzEtedzz0JAtqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMrRZKS3oSbNwlZiKcVs7jCZ2BZ8MB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEveXRGa3BMZWhKczNDVm1JcHhXenVNSm5ZRm53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk
LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCkU4UMA0G
CSqGSIb3DQEBCwUAA4IBAQAZ7woq0T0+5muYiPkNcXjpA75HxzOwLSx5umEluaYj
RoDniErCH5x1iWqxJ0f8Yf3HO3Y6nu5ovR4siUOwNbf9WBaZJtmMjMUGMGJ6xkOw
X9Fi5opC4vMVjmU+vE5sEbQ8HqxA9Hi+vFb+Fx+dqgQCtf7VCpsM92TYPIoIvcec
8jPyjv36U/ty6adXImHWdoSVfTov+k3DAHN+coPTjx9tudYkbzkXElJHeoSbrRz9
gTBoR+wdMqrCQNxBNt02AoJRJAv5g3ELbHvObTfrRps6t5M7co5PgZFzXsEr9swv
aEko8Pk13XPfkWPf2OsyooBTSkMZadrtczCtO0eukWEm
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:35:13 2024 by rpki-client on console-fra.rpki-client.org