Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/Y577KKfqIsp7QDdMBl2F4MY1-G4.roa
File: Y577KKfqIsp7QDdMBl2F4MY1-G4.roa (raw, json)
Hash identifier: 0cmOffiRW3TLrgkplG0Ai0LBg6YXtDmTeyCVkJpysTE=
Subject key identifier: 63:9E:FB:28:A7:EA:22:CA:7B:40:37:4C:06:5D:85:E0:C6:35:F8:6E
Certificate issuer: /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial: 018CC5002EC447B7322D83388BCE2B005C05
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/Y577KKfqIsp7QDdMBl2F4MY1-G4.roa
Signing time: Mon 01 Jan 2024 12:29:32 +0000
ROA not before: Mon 01 Jan 2024 12:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 932
IP address blocks: 91.208.73.0/24 maxlen: 24
91.213.200.0/24 maxlen: 24
91.208.104.0/24 maxlen: 24
45.150.198.0/23 maxlen: 24
2a12:ab80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.mft
rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 17:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:2e:c4:47:b7:32:2d:83:38:8b:ce:2b:00:5c:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Validity
Not Before: Jan 1 12:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=639efb28a7ea22ca7b40374c065d85e0c635f86e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:30:19:9e:05:64:a0:55:07:9f:fe:8c:52:de:
7e:07:c0:68:67:b3:8e:b2:69:8e:68:2e:fb:ed:e9:
e0:4c:bb:6e:c5:14:fd:50:03:34:c5:f7:8f:b5:37:
7e:da:78:89:9d:ef:58:b9:1d:98:b8:7e:c2:e7:cf:
35:82:43:60:51:2f:d2:ff:8d:bf:5d:6b:f1:15:d2:
38:f4:59:8f:59:f9:cb:a7:36:2f:0b:27:a5:c9:eb:
3a:bd:a2:08:96:d2:03:f8:74:03:48:f6:57:27:92:
b4:cc:fa:b2:78:ea:dd:14:f5:6a:90:bd:56:1a:11:
08:ef:0f:c1:a4:aa:b8:89:6d:43:0e:87:bc:15:ca:
57:e2:2d:5c:a2:da:68:00:cc:10:4e:8c:7a:9a:b5:
19:99:02:34:f6:44:6c:bf:8d:5b:ed:cb:58:ca:cf:
86:61:2e:a2:cf:e2:2b:e4:75:f1:36:33:fb:45:08:
97:81:91:e7:3d:eb:de:71:d5:80:31:61:a2:13:78:
c4:9b:74:53:fb:80:d4:42:d2:26:91:ee:d7:a9:1c:
9d:2b:e7:ea:a0:b8:6a:96:63:91:21:c8:33:2b:e0:
bc:18:26:d6:ad:82:b9:e4:33:b6:25:5a:4d:8d:6f:
33:30:6a:83:4f:c7:26:6c:8e:a0:85:1c:6c:e9:00:
16:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:9E:FB:28:A7:EA:22:CA:7B:40:37:4C:06:5D:85:E0:C6:35:F8:6E
X509v3 Authority Key Identifier:
keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/Y577KKfqIsp7QDdMBl2F4MY1-G4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.198.0/23
91.208.73.0/24
91.208.104.0/24
91.213.200.0/24
IPv6:
2a12:ab80::/29
Signature Algorithm: sha256WithRSAEncryption
9c:db:f0:6a:5e:42:bd:d1:e9:f1:5c:e0:ee:8a:f0:e6:d0:02:
c6:8c:46:5d:f2:73:da:50:22:c8:09:76:64:78:e6:8f:34:25:
ff:de:96:da:d8:7e:4f:d4:98:c4:d4:95:6c:4a:5e:64:6a:ed:
81:6b:a8:05:df:a6:77:5e:3f:eb:39:00:c5:ec:e1:fb:8e:1b:
11:da:6f:10:52:08:3e:6c:f0:32:dc:60:9a:9c:91:93:84:38:
c1:33:7f:6d:1e:85:2b:a3:e3:73:12:6d:28:19:31:ea:d0:dd:
a5:df:50:bf:59:b2:b9:66:58:62:84:e1:9f:87:b1:d3:55:45:
22:1f:9d:dc:a5:61:70:3d:dc:6d:52:2b:d5:b7:bf:b9:2c:05:
9a:91:7d:2b:c8:c5:93:f4:2a:ef:12:4a:42:91:e8:2c:57:39:
b7:90:55:1c:a7:24:3a:a5:ff:e7:c1:6c:a7:56:b7:5d:cc:fc:
39:b0:a3:51:2b:5f:b2:b5:7f:e9:f3:14:07:79:b9:ee:c2:33:
6d:17:f8:8d:b8:51:1e:7e:f3:1d:75:e3:15:66:a6:32:55:e1:
36:86:8a:a4:9e:84:ee:61:0f:54:c1:2b:46:e6:64:60:c2:ef:
57:ac:ea:11:b6:17:fd:55:55:e4:81:47:21:ce:44:c4:40:72:
e2:31:2b:7a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzFAC7ER7cyLYM4i84rAFwFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjQwMTAxMTIyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzllZmIyOGE3ZWEyMmNhN2I0MDM3NGMwNjVkODVlMGM2MzVmODZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzAZngVkoFUHn/6MUt5+B8BoZ7OO
smmOaC777engTLtuxRT9UAM0xfePtTd+2niJne9YuR2YuH7C5881gkNgUS/S/42/
XWvxFdI49FmPWfnLpzYvCyelyes6vaIIltID+HQDSPZXJ5K0zPqyeOrdFPVqkL1W
GhEI7w/BpKq4iW1DDoe8FcpX4i1cotpoAMwQTox6mrUZmQI09kRsv41b7ctYys+G
YS6iz+Ir5HXxNjP7RQiXgZHnPevecdWAMWGiE3jEm3RT+4DUQtImke7XqRydK+fq
oLhqlmORIcgzK+C8GCbWrYK55DO2JVpNjW8zMGqDT8cmbI6ghRxs6QAWPQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGOe+yin6iLKe0A3TAZdheDGNfhuMB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEvWTU3N0tLZnFJc3A3UURkTUJsMkY0TVkxLUc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjItNmM3ZTU2ODU4OTBj
LzEvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBLZbGAwQA
W9BJAwQAW9BoAwQAW9XIMA0EAgACMAcDBQMqEquAMA0GCSqGSIb3DQEBCwUAA4IB
AQCc2/BqXkK90enxXODuivDm0ALGjEZd8nPaUCLICXZkeOaPNCX/3pba2H5P1JjE
1JVsSl5kau2Ba6gF36Z3Xj/rOQDF7OH7jhsR2m8QUgg+bPAy3GCanJGThDjBM39t
HoUro+NzEm0oGTHq0N2l31C/WbK5ZlhihOGfh7HTVUUiH53cpWFwPdxtUivVt7+5
LAWakX0ryMWT9CrvEkpCkegsVzm3kFUcpyQ6pf/nwWynVrddzPw5sKNRK1+ytX/p
8xQHebnuwjNtF/iNuFEefvMddeMVZqYyVeE2hoqknoTuYQ9UwStG5mRgwu9XrOoR
thf9VVXkgUchzkTEQHLiMSt6
-----END CERTIFICATE-----
Generated at Fri May 17 23:56:50 2024 by rpki-client on console-fra.rpki-client.org