Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/8c3f6f-5ae9-492e-9d3a-750d62e9e53a/1/RyUcvyusLRdJxnSpDXYR-Ap6_hY.roa
File: RyUcvyusLRdJxnSpDXYR-Ap6_hY.roa (raw, json)
Hash identifier: cqE3sgRwrpNyt6c/ObeNO4WoTvRMjK/wNT613R6QcaI=
Subject key identifier: 47:25:1C:BF:2B:AC:2D:17:49:C6:74:A9:0D:76:11:F8:0A:7A:FE:16
Certificate issuer: /CN=3a6c606f20cecfe312cc6c814dec9904b6db7c3c
Certificate serial: 018CC94DC3426098404A0F6BAB9B767A9B9E
Authority key identifier: 3A:6C:60:6F:20:CE:CF:E3:12:CC:6C:81:4D:EC:99:04:B6:DB:7C:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OmxgbyDOz-MSzGyBTeyZBLbbfDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/8c3f6f-5ae9-492e-9d3a-750d62e9e53a/1/RyUcvyusLRdJxnSpDXYR-Ap6_hY.roa
Signing time: Tue 02 Jan 2024 08:32:45 +0000
ROA not before: Tue 02 Jan 2024 08:32:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62129
IP address blocks: 185.55.204.0/22 maxlen: 22
5.134.88.0/21 maxlen: 21
45.11.100.0/22 maxlen: 22
2a04:d5c0::/29 maxlen: 29
2a0e:8d00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/8c3f6f-5ae9-492e-9d3a-750d62e9e53a/1/OmxgbyDOz-MSzGyBTeyZBLbbfDw.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/8c3f6f-5ae9-492e-9d3a-750d62e9e53a/1/OmxgbyDOz-MSzGyBTeyZBLbbfDw.mft
rsync://rpki.ripe.net/repository/DEFAULT/OmxgbyDOz-MSzGyBTeyZBLbbfDw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:c3:42:60:98:40:4a:0f:6b:ab:9b:76:7a:9b:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a6c606f20cecfe312cc6c814dec9904b6db7c3c
Validity
Not Before: Jan 2 08:32:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47251cbf2bac2d1749c674a90d7611f80a7afe16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:07:72:79:5d:74:da:47:4b:ec:ca:9a:97:db:
6a:7b:27:9f:ec:84:21:c3:ef:a5:6f:e5:54:cb:ed:
ac:76:a5:d9:12:b1:05:e8:9f:71:b8:e2:94:05:11:
07:ea:34:c6:1a:ba:a7:78:fb:30:42:84:89:60:3d:
b7:c6:be:9e:da:62:21:81:d1:fc:d4:cb:94:9e:a5:
c8:3c:35:f0:1c:e9:12:cf:41:9e:43:7b:52:7e:48:
71:c2:c5:2f:85:15:e2:3b:23:16:31:f8:52:41:a7:
c1:b2:29:a3:a7:04:0e:c6:1b:ee:06:98:7b:f9:98:
4d:ec:87:b0:d5:82:b4:3c:4a:75:16:e0:67:87:7a:
56:e8:2d:3f:89:f1:3d:2d:ab:80:35:e0:ae:e8:c0:
40:e2:9e:5d:e6:4a:d7:f6:88:e1:ee:cf:5d:49:3b:
e4:97:2c:e4:6d:cc:f5:34:e9:f2:c9:74:64:67:e7:
d4:b9:37:d3:77:75:c0:79:ca:1f:a4:7a:f2:3d:d3:
23:42:53:f6:b8:34:90:bf:f5:46:c9:77:8f:df:69:
94:1f:c9:a2:ab:24:05:4b:39:ac:f5:75:a3:8d:f2:
44:24:20:d6:f3:93:4a:84:e2:3c:92:93:8e:3f:c9:
d8:01:a9:81:1e:e0:b5:d0:bd:63:a9:a1:bf:b0:ed:
ae:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:25:1C:BF:2B:AC:2D:17:49:C6:74:A9:0D:76:11:F8:0A:7A:FE:16
X509v3 Authority Key Identifier:
keyid:3A:6C:60:6F:20:CE:CF:E3:12:CC:6C:81:4D:EC:99:04:B6:DB:7C:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OmxgbyDOz-MSzGyBTeyZBLbbfDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/8c3f6f-5ae9-492e-9d3a-750d62e9e53a/1/RyUcvyusLRdJxnSpDXYR-Ap6_hY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/8c3f6f-5ae9-492e-9d3a-750d62e9e53a/1/OmxgbyDOz-MSzGyBTeyZBLbbfDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.134.88.0/21
45.11.100.0/22
185.55.204.0/22
IPv6:
2a04:d5c0::/29
2a0e:8d00::/29
Signature Algorithm: sha256WithRSAEncryption
2b:b8:49:c9:7d:05:ad:1c:12:d2:16:0f:03:6b:15:79:16:d9:
2f:b0:c8:75:ee:0e:9c:60:1f:97:dd:f5:35:e3:50:50:b6:d2:
09:4d:96:c5:46:9e:e1:59:45:53:18:a4:c3:2f:83:f7:58:42:
50:dd:5f:c4:e7:fb:67:ed:c4:f0:76:e1:65:35:3e:51:0d:1b:
42:a1:1f:0a:22:46:96:af:53:a1:e9:52:78:e1:b9:c8:1b:fa:
65:11:2b:b4:34:57:4d:38:a7:28:82:d8:7a:e7:e3:15:e0:ca:
d2:19:f9:44:9b:a2:19:53:45:33:43:22:5f:55:d8:a1:9a:40:
54:9e:97:6d:21:1f:3d:71:92:e6:98:3f:2e:f7:11:94:78:1f:
d1:11:de:fa:33:18:5b:c3:e7:40:d0:62:40:aa:fa:36:3d:73:
fd:b7:9c:59:a1:87:be:c5:a3:ff:ab:3f:00:85:14:6c:a0:fc:
df:e5:13:f5:10:9a:e0:e0:84:59:ec:ac:5c:2d:48:14:b9:0c:
dd:51:fd:06:65:92:8b:80:0b:ee:03:15:01:96:cf:f7:d2:c3:
d4:c3:b5:2f:21:6c:b8:cf:02:80:ea:b5:7b:e2:66:9d:ed:df:
37:d5:b7:5a:2b:f4:5b:76:fb:5b:c4:7a:13:9f:9f:7b:fb:59:
60:5e:33:65
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzJTcNCYJhASg9rq5t2epueMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNmM2MDZmMjBjZWNmZTMxMmNjNmM4MTRkZWM5OTA0YjZk
YjdjM2MwHhcNMjQwMTAyMDgzMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzI1MWNiZjJiYWMyZDE3NDljNjc0YTkwZDc2MTFmODBhN2FmZTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7wdyeV102kdL7Mqal9tqeyef7IQh
w++lb+VUy+2sdqXZErEF6J9xuOKUBREH6jTGGrqnePswQoSJYD23xr6e2mIhgdH8
1MuUnqXIPDXwHOkSz0GeQ3tSfkhxwsUvhRXiOyMWMfhSQafBsimjpwQOxhvuBph7
+ZhN7Iew1YK0PEp1FuBnh3pW6C0/ifE9LauANeCu6MBA4p5d5krX9ojh7s9dSTvk
lyzkbcz1NOnyyXRkZ+fUuTfTd3XAecofpHryPdMjQlP2uDSQv/VGyXeP32mUH8mi
qyQFSzms9XWjjfJEJCDW85NKhOI8kpOOP8nYAamBHuC10L1jqaG/sO2urwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFEclHL8rrC0XScZ0qQ12EfgKev4WMB8GA1UdIwQY
MBaAFDpsYG8gzs/jEsxsgU3smQS223w8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT214Z2J5RE96LU1Tekd5QlRleVpCTGJiZkR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi84YzNmNmYtNWFlOS00OTJlLTlkM2Et
NzUwZDYyZTllNTNhLzEvUnlVY3Z5dXNMUmRKeG5TcERYWVItQXA2X2hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi84YzNmNmYtNWFlOS00OTJlLTlkM2EtNzUwZDYyZTllNTNh
LzEvT214Z2J5RE96LU1Tekd5QlRleVpCTGJiZkR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQDBYZYAwQC
LQtkAwQCuTfMMBQEAgACMA4DBQMqBNXAAwUDKg6NADANBgkqhkiG9w0BAQsFAAOC
AQEAK7hJyX0FrRwS0hYPA2sVeRbZL7DIde4OnGAfl931NeNQULbSCU2WxUae4VlF
Uxikwy+D91hCUN1fxOf7Z+3E8HbhZTU+UQ0bQqEfCiJGlq9ToelSeOG5yBv6ZREr
tDRXTTinKILYeufjFeDK0hn5RJuiGVNFM0MiX1XYoZpAVJ6XbSEfPXGS5pg/LvcR
lHgf0RHe+jMYW8PnQNBiQKr6Nj1z/becWaGHvsWj/6s/AIUUbKD83+UT9RCa4OCE
WeysXC1IFLkM3VH9BmWSi4AL7gMVAZbP99LD1MO1LyFsuM8CgOq1e+Jmne3fN9W3
Wiv0W3b7W8R6E5+fe/tZYF4zZQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:00:49 2024 by rpki-client on console-fra.rpki-client.org