Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/eb877c-929e-41b6-b9cb-fc64bfc3d2f9/1/YpI--ysZ3BmqfcOwurm7ZdA4Fhw.roa
File: YpI--ysZ3BmqfcOwurm7ZdA4Fhw.roa (raw, json)
Hash identifier: +AlpjmCl5waBWjQxBiozJ0ALHXJR+A+Hbcq5wLKrbiA=
Subject key identifier: 62:92:3E:FB:2B:19:DC:19:AA:7D:C3:B0:BA:B9:BB:65:D0:38:16:1C
Certificate issuer: /CN=02339402c42b3f84995c4d58ef670e8d16c2afe2
Certificate serial: 018CC94E4E9E30506E68F9F3B6245526663D
Authority key identifier: 02:33:94:02:C4:2B:3F:84:99:5C:4D:58:EF:67:0E:8D:16:C2:AF:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AjOUAsQrP4SZXE1Y72cOjRbCr-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/eb877c-929e-41b6-b9cb-fc64bfc3d2f9/1/YpI--ysZ3BmqfcOwurm7ZdA4Fhw.roa
Signing time: Tue 02 Jan 2024 08:33:21 +0000
ROA not before: Tue 02 Jan 2024 08:33:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2611
IP address blocks: 91.241.30.0/24 maxlen: 24
193.191.240.0/20 maxlen: 20
185.122.248.0/22 maxlen: 22
193.191.192.0/19 maxlen: 19
193.190.0.0/15 maxlen: 24
2001:6a8:a001::/48 maxlen: 48
2001:6a8::/29 maxlen: 48
2001:6a8:9200::/48 maxlen: 48
2001:6a8:8a00::/48 maxlen: 48
2001:6a8:be00::/48 maxlen: 48
2001:67c:2a58::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/eb877c-929e-41b6-b9cb-fc64bfc3d2f9/1/AjOUAsQrP4SZXE1Y72cOjRbCr-I.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/eb877c-929e-41b6-b9cb-fc64bfc3d2f9/1/AjOUAsQrP4SZXE1Y72cOjRbCr-I.mft
rsync://rpki.ripe.net/repository/DEFAULT/AjOUAsQrP4SZXE1Y72cOjRbCr-I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 19:51:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:4e:9e:30:50:6e:68:f9:f3:b6:24:55:26:66:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02339402c42b3f84995c4d58ef670e8d16c2afe2
Validity
Not Before: Jan 2 08:33:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62923efb2b19dc19aa7dc3b0bab9bb65d038161c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:09:71:35:7f:a7:24:32:0f:58:dc:8a:32:a6:
7c:2e:a4:5c:9d:7a:33:b4:22:91:44:17:25:40:25:
6e:96:1b:6d:6d:a2:d7:18:cc:f1:5e:4b:02:fc:a6:
52:9c:1f:ca:d8:df:37:77:bd:50:4d:f0:d8:f1:cc:
a6:31:c3:8e:3e:20:cc:d8:a5:d7:d3:c1:eb:52:95:
08:38:d2:85:5c:1d:22:07:d1:96:ce:16:56:73:77:
99:22:0a:4f:ff:60:cc:d7:1e:87:65:d1:18:40:26:
40:7c:d5:6a:42:4e:46:5b:bd:af:52:fd:ef:64:70:
dc:8e:2e:1f:33:2d:15:35:f6:46:e8:e3:dd:4f:96:
56:1c:95:a6:07:ba:59:00:48:30:eb:8c:49:87:06:
f0:43:fe:03:7a:9d:06:be:4f:de:fb:04:42:be:d9:
78:71:a3:2b:05:89:6d:00:3b:7a:3c:48:28:2e:91:
6a:07:ba:da:b0:8f:ff:c1:13:61:d9:54:2d:ee:49:
1b:38:7b:90:3a:1a:c5:89:5d:32:9f:df:78:de:f3:
52:aa:b7:ce:00:69:97:7e:0d:c4:cf:83:a2:12:e2:
ba:b6:7c:ea:9a:56:fb:b1:43:5a:ae:00:4b:ca:d7:
01:3f:59:57:b3:ef:2f:b1:a0:56:0c:ef:e0:11:ef:
20:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:92:3E:FB:2B:19:DC:19:AA:7D:C3:B0:BA:B9:BB:65:D0:38:16:1C
X509v3 Authority Key Identifier:
keyid:02:33:94:02:C4:2B:3F:84:99:5C:4D:58:EF:67:0E:8D:16:C2:AF:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AjOUAsQrP4SZXE1Y72cOjRbCr-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/eb877c-929e-41b6-b9cb-fc64bfc3d2f9/1/YpI--ysZ3BmqfcOwurm7ZdA4Fhw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/eb877c-929e-41b6-b9cb-fc64bfc3d2f9/1/AjOUAsQrP4SZXE1Y72cOjRbCr-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.241.30.0/24
185.122.248.0/22
193.190.0.0/15
IPv6:
2001:67c:2a58::/48
2001:6a8::/29
Signature Algorithm: sha256WithRSAEncryption
3b:eb:85:98:2b:e1:82:7e:ab:f8:8c:32:bf:08:23:32:fa:41:
25:08:81:f1:30:d2:a6:b3:bd:5a:e8:08:f4:22:3d:ab:ec:41:
1d:40:f2:1b:bc:e7:6c:d2:82:cf:99:78:db:5b:17:ab:d6:3c:
f1:97:fe:5d:58:e8:d0:14:7c:f7:3e:95:0a:f5:ff:6a:63:a1:
09:5c:57:c8:f7:b7:22:53:38:8a:fc:61:51:c9:44:0d:43:e0:
7b:f6:c1:1f:1b:3e:fb:a6:c2:d8:f4:f0:93:6f:4f:c7:aa:48:
3d:70:fb:a9:45:25:c5:3e:66:4d:d4:64:9b:23:30:3d:a6:d4:
d6:a9:74:00:36:4c:35:1f:5b:52:04:7a:32:f3:b4:e5:ef:b6:
ff:c1:8c:c8:57:28:19:21:02:a0:9a:9a:4f:22:0e:11:2b:08:
b4:48:22:6c:30:aa:c3:c6:c9:ed:c4:44:6c:68:56:86:70:f0:
be:19:ab:e6:d7:e1:8e:ba:68:5f:59:f7:69:da:3a:24:1d:57:
30:bc:82:9e:64:68:34:73:3a:00:8a:49:27:dd:4a:78:b4:d6:
a0:84:31:61:5e:90:30:11:38:69:ef:12:aa:b0:5f:63:01:72:
27:0e:41:71:12:c0:30:bb:44:91:d4:8f:69:fa:ee:78:bd:5b:
a1:a6:9d:67
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzJTk6eMFBuaPnztiRVJmY9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMzM5NDAyYzQyYjNmODQ5OTVjNGQ1OGVmNjcwZThkMTZj
MmFmZTIwHhcNMjQwMTAyMDgzMzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjkyM2VmYjJiMTlkYzE5YWE3ZGMzYjBiYWI5YmI2NWQwMzgxNjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhAlxNX+nJDIPWNyKMqZ8LqRcnXoz
tCKRRBclQCVulhttbaLXGMzxXksC/KZSnB/K2N83d71QTfDY8cymMcOOPiDM2KXX
08HrUpUIONKFXB0iB9GWzhZWc3eZIgpP/2DM1x6HZdEYQCZAfNVqQk5GW72vUv3v
ZHDcji4fMy0VNfZG6OPdT5ZWHJWmB7pZAEgw64xJhwbwQ/4Dep0Gvk/e+wRCvtl4
caMrBYltADt6PEgoLpFqB7rasI//wRNh2VQt7kkbOHuQOhrFiV0yn9943vNSqrfO
AGmXfg3Ez4OiEuK6tnzqmlb7sUNargBLytcBP1lXs+8vsaBWDO/gEe8gqQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFGKSPvsrGdwZqn3DsLq5u2XQOBYcMB8GA1UdIwQY
MBaAFAIzlALEKz+EmVxNWO9nDo0Wwq/iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWpPVUFzUXJQNFNaWEUxWTcyY09qUmJDci1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9lYjg3N2MtOTI5ZS00MWI2LWI5Y2It
ZmM2NGJmYzNkMmY5LzEvWXBJLS15c1ozQm1xZmNPd3VybTdaZEE0Rmh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9lYjg3N2MtOTI5ZS00MWI2LWI5Y2ItZmM2NGJmYzNkMmY5
LzEvQWpPVUFzUXJQNFNaWEUxWTcyY09qUmJDci1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAXBAIAATARAwQAW/EeAwQC
uXr4AwMBwb4wFgQCAAIwEAMHACABBnwqWAMFAyABBqgwDQYJKoZIhvcNAQELBQAD
ggEBADvrhZgr4YJ+q/iMMr8IIzL6QSUIgfEw0qazvVroCPQiPavsQR1A8hu852zS
gs+ZeNtbF6vWPPGX/l1Y6NAUfPc+lQr1/2pjoQlcV8j3tyJTOIr8YVHJRA1D4Hv2
wR8bPvumwtj08JNvT8eqSD1w+6lFJcU+Zk3UZJsjMD2m1NapdAA2TDUfW1IEejLz
tOXvtv/BjMhXKBkhAqCamk8iDhErCLRIImwwqsPGye3ERGxoVoZw8L4Zq+bX4Y66
aF9Z92naOiQdVzC8gp5kaDRzOgCKSSfdSni01qCEMWFekDAROGnvEqqwX2MBcicO
QXESwDC7RJHUj2n67ni9W6GmnWc=
-----END CERTIFICATE-----
Generated at Mon May 20 02:40:49 2024 by rpki-client on console-fra.rpki-client.org