Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/ryjIHr3uxiOHc6XK7RzVWr7JeBI.roa
File: ryjIHr3uxiOHc6XK7RzVWr7JeBI.roa (raw, json)
Hash identifier: BKN1KBVK/1UKQo8P6rAhFlYMidJGtHkL2LKINCyxs50=
Subject key identifier: AF:28:C8:1E:BD:EE:C6:23:87:73:A5:CA:ED:1C:D5:5A:BE:C9:78:12
Certificate issuer: /CN=d833bfa014b9192f2700acaf6f279dbef8a0aff2
Certificate serial: 018E32E224C682B2E1C1E4E2E26B6BAD24D4
Authority key identifier: D8:33:BF:A0:14:B9:19:2F:27:00:AC:AF:6F:27:9D:BE:F8:A0:AF:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2DO_oBS5GS8nAKyvbyedvvigr_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/ryjIHr3uxiOHc6XK7RzVWr7JeBI.roa
Signing time: Tue 12 Mar 2024 13:37:45 +0000
ROA not before: Tue 12 Mar 2024 13:37:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8943
IP address blocks: 185.73.44.0/22 maxlen: 22
194.33.11.0/24 maxlen: 24
212.13.192.0/19 maxlen: 19
2001:ba8::/32 maxlen: 32
2001:baa::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/2DO_oBS5GS8nAKyvbyedvvigr_I.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/2DO_oBS5GS8nAKyvbyedvvigr_I.mft
rsync://rpki.ripe.net/repository/DEFAULT/2DO_oBS5GS8nAKyvbyedvvigr_I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:32:e2:24:c6:82:b2:e1:c1:e4:e2:e2:6b:6b:ad:24:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d833bfa014b9192f2700acaf6f279dbef8a0aff2
Validity
Not Before: Mar 12 13:37:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af28c81ebdeec6238773a5caed1cd55abec97812
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:e3:e5:04:f9:d1:8c:69:17:6d:57:14:3a:4c:
2a:ce:64:4b:33:d5:c5:4c:47:19:3e:4a:4c:86:35:
b9:a8:17:b6:08:62:2e:e4:29:ef:e8:70:46:f8:a3:
0f:cb:99:38:a6:5d:b4:f5:47:cb:54:92:f1:79:74:
3c:b8:26:1e:63:ca:64:ec:b7:9e:71:fc:05:ff:15:
00:7d:3d:b7:2d:68:84:a9:ca:d9:84:c7:a8:62:17:
14:92:c9:b8:7a:af:bd:10:44:a2:c4:1f:e2:0b:6f:
dc:6f:dc:7f:42:e3:32:05:b5:b9:7d:40:4a:41:c2:
c2:aa:c7:bd:49:2b:65:81:76:32:4e:94:64:58:cf:
f3:e0:8d:bc:b8:ce:61:bf:8a:14:f0:d4:43:f7:13:
e5:24:28:de:79:b8:7b:a5:2c:f5:7b:73:2b:07:38:
86:73:49:dc:6b:bd:fc:6e:02:53:3a:bf:11:bd:de:
dc:0f:24:ab:dc:f6:08:b2:d5:f8:77:3c:27:37:9d:
4e:ae:69:53:ef:bb:09:b8:db:7c:1a:a8:93:ea:49:
8c:51:ee:66:56:ae:96:43:0f:e3:06:ce:5f:86:a1:
34:2e:c8:3b:80:1d:aa:c2:a3:c1:08:47:94:69:27:
11:78:c6:dd:dd:8a:16:21:fc:e8:ea:2b:25:6d:0d:
51:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:28:C8:1E:BD:EE:C6:23:87:73:A5:CA:ED:1C:D5:5A:BE:C9:78:12
X509v3 Authority Key Identifier:
keyid:D8:33:BF:A0:14:B9:19:2F:27:00:AC:AF:6F:27:9D:BE:F8:A0:AF:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2DO_oBS5GS8nAKyvbyedvvigr_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/ryjIHr3uxiOHc6XK7RzVWr7JeBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/2DO_oBS5GS8nAKyvbyedvvigr_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.73.44.0/22
194.33.11.0/24
212.13.192.0/19
IPv6:
2001:ba8::/32
2001:baa::/32
Signature Algorithm: sha256WithRSAEncryption
c5:54:98:11:d8:a2:29:22:68:fe:b7:59:5f:2d:88:2e:cb:16:
3e:ab:e2:d3:d7:9d:4a:24:37:7f:91:b8:d2:c1:3f:fd:bc:07:
68:06:d1:a9:9f:d9:74:69:ed:1b:27:72:f5:96:83:fe:20:96:
61:3e:3d:50:3d:f7:e4:03:f1:83:c0:a6:a3:82:14:c0:1a:41:
a2:d8:4a:77:ec:0b:e1:bf:35:15:49:ed:e5:78:94:63:c4:5a:
14:0c:40:c3:91:9a:f9:e4:d7:15:17:12:b9:a4:02:4f:81:67:
45:30:a2:a0:6d:e3:ca:23:12:bb:7f:b9:79:d6:9f:8e:b9:72:
6b:db:7f:eb:30:13:84:87:3f:5d:48:85:4c:71:61:70:16:be:
0c:c7:42:f5:82:2b:f7:6d:9e:94:d1:ad:69:33:34:8d:97:b0:
0a:df:b8:1b:ce:bd:97:39:0d:24:f4:e3:8e:7c:5b:34:95:30:
b8:7a:dd:9f:30:db:1a:6d:97:1c:5f:56:a4:67:32:80:97:63:
ae:4b:20:45:81:48:ad:48:da:d5:d5:08:b2:4e:42:c5:81:6b:
84:07:8e:36:4f:f5:d7:06:4d:2f:e8:15:45:76:cd:00:bc:36:
e3:d0:09:74:36:58:05:ef:00:de:1a:28:73:5a:33:da:ef:d9:
90:c1:e5:7d
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAY4y4iTGgrLhweTi4mtrrSTUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MzNiZmEwMTRiOTE5MmYyNzAwYWNhZjZmMjc5ZGJlZjhh
MGFmZjIwHhcNMjQwMzEyMTMzNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjI4YzgxZWJkZWVjNjIzODc3M2E1Y2FlZDFjZDU1YWJlYzk3ODEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+PlBPnRjGkXbVcUOkwqzmRLM9XF
TEcZPkpMhjW5qBe2CGIu5Cnv6HBG+KMPy5k4pl209UfLVJLxeXQ8uCYeY8pk7Lee
cfwF/xUAfT23LWiEqcrZhMeoYhcUksm4eq+9EESixB/iC2/cb9x/QuMyBbW5fUBK
QcLCqse9SStlgXYyTpRkWM/z4I28uM5hv4oU8NRD9xPlJCjeebh7pSz1e3MrBziG
c0nca738bgJTOr8Rvd7cDySr3PYIstX4dzwnN51OrmlT77sJuNt8GqiT6kmMUe5m
Vq6WQw/jBs5fhqE0Lsg7gB2qwqPBCEeUaScReMbd3YoWIfzo6islbQ1R1QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFK8oyB697sYjh3Olyu0c1Vq+yXgSMB8GA1UdIwQY
MBaAFNgzv6AUuRkvJwCsr28nnb74oK/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkRPX29CUzVHUzhuQUt5dmJ5ZWR2dmlncl9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi80MTE2OTYtOTNiZS00NmJhLThlOTEt
NWMwMTdiZDQzNjYzLzEvcnlqSUhyM3V4aU9IYzZYSzdSelZXcjdKZUJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi80MTE2OTYtOTNiZS00NmJhLThlOTEtNWMwMTdiZDQzNjYz
LzEvMkRPX29CUzVHUzhuQUt5dmJ5ZWR2dmlncl9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCuUksAwQA
wiELAwQF1A3AMBQEAgACMA4DBQAgAQuoAwUAIAELqjANBgkqhkiG9w0BAQsFAAOC
AQEAxVSYEdiiKSJo/rdZXy2ILssWPqvi09edSiQ3f5G40sE//bwHaAbRqZ/ZdGnt
Gydy9ZaD/iCWYT49UD335APxg8Cmo4IUwBpBothKd+wL4b81FUnt5XiUY8RaFAxA
w5Ga+eTXFRcSuaQCT4FnRTCioG3jyiMSu3+5edafjrlya9t/6zAThIc/XUiFTHFh
cBa+DMdC9YIr922elNGtaTM0jZewCt+4G869lzkNJPTjjnxbNJUwuHrdnzDbGm2X
HF9WpGcygJdjrksgRYFIrUja1dUIsk5CxYFrhAeONk/11wZNL+gVRXbNALw249AJ
dDZYBe8A3hooc1oz2u/ZkMHlfQ==
-----END CERTIFICATE-----
Generated at Wed May 8 22:56:31 2024 by rpki-client on console-ams.rpki-client.org