Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/b1b41d-d886-442a-9524-8c56d8fe17b5/1/YrBEbKYcRihrrXhf5rGMn4NnWP8.roa
File: YrBEbKYcRihrrXhf5rGMn4NnWP8.roa (raw, json)
Hash identifier: 0EjDwiQerEsJrNpiAV/U41dtG8QfC+EEgtF9mTKQLqE=
Subject key identifier: 62:B0:44:6C:A6:1C:46:28:6B:AD:78:5F:E6:B1:8C:9F:83:67:58:FF
Certificate issuer: /CN=1474b6fc67b6b90db311c61fc0e3a9c752833c56
Certificate serial: 01942444BC61FC8D2574FD242A52043D4B0B
Authority key identifier: 14:74:B6:FC:67:B6:B9:0D:B3:11:C6:1F:C0:E3:A9:C7:52:83:3C:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FHS2_Ge2uQ2zEcYfwOOpx1KDPFY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/b1b41d-d886-442a-9524-8c56d8fe17b5/1/YrBEbKYcRihrrXhf5rGMn4NnWP8.roa
Signing time: Wed 01 Jan 2025 23:47:51 +0000
ROA not before: Wed 01 Jan 2025 23:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203615
IP address blocks: 185.127.180.0/22 maxlen: 24
185.127.180.0/24 maxlen: 24
185.127.181.0/24 maxlen: 24
2a06:cb00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/b1b41d-d886-442a-9524-8c56d8fe17b5/1/FHS2_Ge2uQ2zEcYfwOOpx1KDPFY.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/b1b41d-d886-442a-9524-8c56d8fe17b5/1/FHS2_Ge2uQ2zEcYfwOOpx1KDPFY.mft
rsync://rpki.ripe.net/repository/DEFAULT/FHS2_Ge2uQ2zEcYfwOOpx1KDPFY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 05:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:bc:61:fc:8d:25:74:fd:24:2a:52:04:3d:4b:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1474b6fc67b6b90db311c61fc0e3a9c752833c56
Validity
Not Before: Jan 1 23:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=62b0446ca61c46286bad785fe6b18c9f836758ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:db:ee:57:ef:19:c9:c3:0c:04:ab:dd:3d:6b:
e7:af:35:bf:86:1c:f4:ea:43:be:bb:8f:d6:cf:a0:
45:c0:68:ab:e8:48:83:ff:f6:53:78:4d:df:9b:8d:
3d:d8:da:23:e8:0c:0f:38:60:fe:20:73:08:50:e8:
3e:d7:78:33:0b:1f:bc:ad:1d:36:4e:d6:cf:7d:21:
e3:ec:db:49:5d:b3:64:c4:32:3e:dc:7d:d4:e3:f6:
69:c0:91:a4:3c:66:aa:29:82:f0:bb:60:fb:1d:ef:
2c:be:14:cc:14:dc:93:d4:b2:3e:43:68:df:f6:e6:
94:bc:d1:2d:eb:a3:57:e1:8c:96:69:95:d3:c0:fd:
80:e1:0f:c4:d7:b4:45:d1:f6:a7:b1:e7:55:a8:4b:
83:9a:0b:de:d8:77:7e:6c:f7:6c:06:36:ef:a1:ad:
87:e6:6a:a9:e3:dc:57:e8:fa:8d:16:a7:c5:09:e1:
95:16:84:c3:a8:1e:00:3b:1d:bd:9c:85:1c:86:9e:
be:a5:1f:db:84:9a:c6:d2:3b:25:19:76:c9:81:38:
22:b7:0f:fb:b3:2f:6d:25:69:a0:b9:2c:15:68:11:
36:93:f9:68:e0:f6:6b:34:e1:e5:fd:d3:10:9c:92:
20:d0:15:d5:fb:59:c4:75:1e:38:73:50:ab:aa:6f:
5a:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:B0:44:6C:A6:1C:46:28:6B:AD:78:5F:E6:B1:8C:9F:83:67:58:FF
X509v3 Authority Key Identifier:
keyid:14:74:B6:FC:67:B6:B9:0D:B3:11:C6:1F:C0:E3:A9:C7:52:83:3C:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FHS2_Ge2uQ2zEcYfwOOpx1KDPFY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/b1b41d-d886-442a-9524-8c56d8fe17b5/1/YrBEbKYcRihrrXhf5rGMn4NnWP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/b1b41d-d886-442a-9524-8c56d8fe17b5/1/FHS2_Ge2uQ2zEcYfwOOpx1KDPFY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.127.180.0/22
IPv6:
2a06:cb00::/29
Signature Algorithm: sha256WithRSAEncryption
57:7f:fd:85:8d:cd:61:09:78:d3:39:32:42:4d:3b:96:46:2c:
95:7e:99:c0:00:73:06:c5:de:38:2b:aa:21:d0:41:48:da:3e:
51:f2:2f:3d:05:f7:30:0f:dd:41:1d:2b:13:be:71:31:d4:48:
50:f2:a5:38:1f:68:1a:e1:15:12:69:e0:83:0c:55:cb:e8:50:
0a:7c:0f:bc:69:91:fa:96:56:f5:ca:78:25:9a:be:18:e8:13:
5d:07:fd:41:e5:40:83:61:19:71:3f:40:0b:33:53:84:f8:8f:
01:28:f5:90:9d:2e:a3:5f:9d:69:be:87:8e:36:3e:24:b5:11:
a9:57:bb:14:eb:53:2b:7b:39:83:4e:63:48:b4:df:c3:91:1a:
10:1e:db:56:fd:4f:e5:17:89:0a:56:0b:2e:90:3f:21:ed:bf:
ea:6f:4e:de:3f:53:12:4c:4f:f2:24:aa:22:16:c4:c7:d3:72:
da:b3:99:ca:fb:12:60:ab:4a:6b:95:1f:15:f8:4b:3d:c2:0c:
bb:72:c4:17:39:34:e2:b9:42:8e:2a:65:f5:95:58:95:63:44:
b0:24:96:43:a7:f5:99:96:e7:75:62:11:bf:94:a8:76:85:96:
c5:30:6d:46:a7:a5:4a:2c:ed:fd:ed:fd:10:4b:3e:9e:81:a4:
d8:c9:83:a4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQkRLxh/I0ldP0kKlIEPUsLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0NzRiNmZjNjdiNmI5MGRiMzExYzYxZmMwZTNhOWM3NTI4
MzNjNTYwHhcNMjUwMTAxMjM0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmIwNDQ2Y2E2MWM0NjI4NmJhZDc4NWZlNmIxOGM5ZjgzNjc1OGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdvuV+8ZycMMBKvdPWvnrzW/hhz0
6kO+u4/Wz6BFwGir6EiD//ZTeE3fm4092Noj6AwPOGD+IHMIUOg+13gzCx+8rR02
TtbPfSHj7NtJXbNkxDI+3H3U4/ZpwJGkPGaqKYLwu2D7He8svhTMFNyT1LI+Q2jf
9uaUvNEt66NX4YyWaZXTwP2A4Q/E17RF0fansedVqEuDmgve2Hd+bPdsBjbvoa2H
5mqp49xX6PqNFqfFCeGVFoTDqB4AOx29nIUchp6+pR/bhJrG0jslGXbJgTgitw/7
sy9tJWmguSwVaBE2k/lo4PZrNOHl/dMQnJIg0BXV+1nEdR44c1Crqm9ayQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGKwRGymHEYoa614X+axjJ+DZ1j/MB8GA1UdIwQY
MBaAFBR0tvxntrkNsxHGH8DjqcdSgzxWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkhTMl9HZTJ1UTJ6RWNZZndPT3B4MUtEUEZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9iMWI0MWQtZDg4Ni00NDJhLTk1MjQt
OGM1NmQ4ZmUxN2I1LzEvWXJCRWJLWWNSaWhyclhoZjVyR01uNE5uV1A4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9iMWI0MWQtZDg4Ni00NDJhLTk1MjQtOGM1NmQ4ZmUxN2I1
LzEvRkhTMl9HZTJ1UTJ6RWNZZndPT3B4MUtEUEZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuX+0MA0E
AgACMAcDBQMqBssAMA0GCSqGSIb3DQEBCwUAA4IBAQBXf/2Fjc1hCXjTOTJCTTuW
RiyVfpnAAHMGxd44K6oh0EFI2j5R8i89BfcwD91BHSsTvnEx1EhQ8qU4H2ga4RUS
aeCDDFXL6FAKfA+8aZH6llb1ynglmr4Y6BNdB/1B5UCDYRlxP0ALM1OE+I8BKPWQ
nS6jX51pvoeONj4ktRGpV7sU61MrezmDTmNItN/DkRoQHttW/U/lF4kKVgsukD8h
7b/qb07eP1MSTE/yJKoiFsTH03Las5nK+xJgq0prlR8V+Es9wgy7csQXOTTiuUKO
KmX1lViVY0SwJJZDp/WZlud1YhG/lKh2hZbFMG1Gp6VKLO397f0QSz6egaTYyYOk
-----END CERTIFICATE-----
Generated at Wed Apr 16 13:25:29 2025 by rpki-client