Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/10c000-77b0-466d-b4cf-445400d703c8/1/y_hkAEXEzVup9N_jtoDogHEzl1E.roa
File: y_hkAEXEzVup9N_jtoDogHEzl1E.roa (raw, json)
Hash identifier: gtJYbb0wyrFQ5wYi2CRJinlHC18eHqkvEm9XIQkvbLE=
Subject key identifier: CB:F8:64:00:45:C4:CD:5B:A9:F4:DF:E3:B6:80:E8:80:71:33:97:51
Certificate issuer: /CN=cfcab8c9d217ac3079c3014b18d446e213f19492
Certificate serial: 018CC7260A17729F5E15D36ACDADA641B422
Authority key identifier: CF:CA:B8:C9:D2:17:AC:30:79:C3:01:4B:18:D4:46:E2:13:F1:94:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z8q4ydIXrDB5wwFLGNRG4hPxlJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/10c000-77b0-466d-b4cf-445400d703c8/1/y_hkAEXEzVup9N_jtoDogHEzl1E.roa
Signing time: Mon 01 Jan 2024 22:30:07 +0000
ROA not before: Mon 01 Jan 2024 22:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41332
IP address blocks: 194.76.10.0/23 maxlen: 24
194.76.12.0/23 maxlen: 24
185.108.236.0/22 maxlen: 22
185.116.176.0/22 maxlen: 24
2a06:8040::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/10c000-77b0-466d-b4cf-445400d703c8/1/z8q4ydIXrDB5wwFLGNRG4hPxlJI.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/10c000-77b0-466d-b4cf-445400d703c8/1/z8q4ydIXrDB5wwFLGNRG4hPxlJI.mft
rsync://rpki.ripe.net/repository/DEFAULT/z8q4ydIXrDB5wwFLGNRG4hPxlJI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:0a:17:72:9f:5e:15:d3:6a:cd:ad:a6:41:b4:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcab8c9d217ac3079c3014b18d446e213f19492
Validity
Not Before: Jan 1 22:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cbf8640045c4cd5ba9f4dfe3b680e88071339751
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:3b:c7:d4:64:e8:cf:73:ca:31:8f:b1:36:da:
b3:e3:c2:ff:c2:24:2d:ff:19:41:00:ec:7a:0c:0d:
62:12:19:e8:2c:25:72:20:8c:40:92:97:c9:d3:f2:
91:98:68:c1:84:ab:ee:3f:aa:05:99:00:9a:a9:43:
0a:6f:b2:c8:33:79:2d:bf:a4:41:a4:7f:b4:f7:57:
dc:8f:e5:f8:cb:eb:8e:fa:b0:71:f7:0c:af:cb:0c:
68:fb:7b:02:4b:ea:cd:e6:f3:78:d3:2e:89:36:57:
b7:fe:73:14:1f:54:f6:af:d1:e1:48:b9:2d:66:1e:
b5:e0:7f:48:4c:9f:22:39:01:66:4c:d3:3e:ed:b2:
fe:21:df:d3:cd:c2:3f:bf:9a:e3:a5:6a:9a:73:50:
57:33:0d:50:a9:22:a4:f7:0e:b1:0a:4a:05:c6:b9:
5a:a4:f9:7c:78:30:7a:fc:00:74:c1:19:83:64:4e:
c5:bf:9c:1e:31:a8:83:9c:03:c9:73:14:e6:28:b8:
3b:a3:89:b6:a2:c1:d7:34:8a:54:b3:b2:d5:17:1f:
26:be:88:10:a4:7d:a6:37:a7:3e:a3:98:35:70:99:
84:31:af:89:15:0f:fe:ec:31:80:39:85:d3:df:aa:
b0:e3:99:b0:a1:22:e0:81:2a:58:8b:6b:a5:72:1f:
61:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:F8:64:00:45:C4:CD:5B:A9:F4:DF:E3:B6:80:E8:80:71:33:97:51
X509v3 Authority Key Identifier:
keyid:CF:CA:B8:C9:D2:17:AC:30:79:C3:01:4B:18:D4:46:E2:13:F1:94:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z8q4ydIXrDB5wwFLGNRG4hPxlJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/10c000-77b0-466d-b4cf-445400d703c8/1/y_hkAEXEzVup9N_jtoDogHEzl1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/10c000-77b0-466d-b4cf-445400d703c8/1/z8q4ydIXrDB5wwFLGNRG4hPxlJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.236.0/22
185.116.176.0/22
194.76.10.0-194.76.13.255
IPv6:
2a06:8040::/29
Signature Algorithm: sha256WithRSAEncryption
9d:7f:68:66:ca:bc:b5:11:8a:21:97:2a:47:72:04:9e:24:64:
a6:51:07:f8:e9:e3:f2:ff:a2:56:03:74:f8:af:f5:73:09:ad:
13:68:8a:2e:4e:e5:ae:97:5e:0e:b6:9d:0c:5f:ee:e4:f0:50:
c4:2a:99:fb:a1:f9:20:62:b3:04:36:8c:3f:d1:32:93:cd:58:
6b:fe:77:7d:f7:a6:ef:33:ad:aa:f9:7f:88:89:23:30:1a:ff:
58:f5:2b:bc:05:15:4e:c6:a7:fc:4d:0e:99:b2:02:98:60:41:
0f:03:f6:44:c1:d6:be:82:79:9b:a8:39:cd:e1:5f:1e:01:3a:
6f:85:bd:aa:8c:7e:99:9c:fb:d5:23:ee:7e:34:3a:c3:12:19:
e5:90:f4:b0:1d:64:1e:af:ed:73:33:94:e5:54:6b:3b:bc:5c:
cf:1b:91:6a:f7:f2:36:c9:64:2f:bc:df:f8:d0:27:ae:38:fa:
4f:78:aa:1b:77:62:d8:5c:7a:e6:51:68:82:3c:b5:db:dd:31:
52:17:e9:0c:58:4c:11:2d:81:0b:58:57:a9:d3:99:f1:ec:14:
db:1e:40:7d:30:68:eb:1c:46:6b:d1:d4:3a:06:01:cd:30:03:
73:9e:72:b8:0d:0c:64:19:0b:75:36:92:96:cd:6d:b4:99:00:
bd:ef:7a:4c
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzHJgoXcp9eFdNqza2mQbQiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2FiOGM5ZDIxN2FjMzA3OWMzMDE0YjE4ZDQ0NmUyMTNm
MTk0OTIwHhcNMjQwMTAxMjIzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmY4NjQwMDQ1YzRjZDViYTlmNGRmZTNiNjgwZTg4MDcxMzM5NzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzvH1GToz3PKMY+xNtqz48L/wiQt
/xlBAOx6DA1iEhnoLCVyIIxAkpfJ0/KRmGjBhKvuP6oFmQCaqUMKb7LIM3ktv6RB
pH+091fcj+X4y+uO+rBx9wyvywxo+3sCS+rN5vN40y6JNle3/nMUH1T2r9HhSLkt
Zh614H9ITJ8iOQFmTNM+7bL+Id/TzcI/v5rjpWqac1BXMw1QqSKk9w6xCkoFxrla
pPl8eDB6/AB0wRmDZE7Fv5weMaiDnAPJcxTmKLg7o4m2osHXNIpUs7LVFx8mvogQ
pH2mN6c+o5g1cJmEMa+JFQ/+7DGAOYXT36qw45mwoSLggSpYi2ulch9h3QIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFMv4ZABFxM1bqfTf47aA6IBxM5dRMB8GA1UdIwQY
MBaAFM/KuMnSF6wwecMBSxjURuIT8ZSSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejhxNHlkSVhyREI1d3dGTEdOUkc0aFB4bEpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8xMGMwMDAtNzdiMC00NjZkLWI0Y2Yt
NDQ1NDAwZDcwM2M4LzEveV9oa0FFWEV6VnVwOU5fanRvRG9nSEV6bDFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8xMGMwMDAtNzdiMC00NjZkLWI0Y2YtNDQ1NDAwZDcwM2M4
LzEvejhxNHlkSVhyREI1d3dGTEdOUkc0aFB4bEpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCuWzsAwQC
uXSwMAwDBAHCTAoDBAHCTAwwDQQCAAIwBwMFAyoGgEAwDQYJKoZIhvcNAQELBQAD
ggEBAJ1/aGbKvLURiiGXKkdyBJ4kZKZRB/jp4/L/olYDdPiv9XMJrRNoii5O5a6X
Xg62nQxf7uTwUMQqmfuh+SBiswQ2jD/RMpPNWGv+d333pu8zrar5f4iJIzAa/1j1
K7wFFU7Gp/xNDpmyAphgQQ8D9kTB1r6CeZuoOc3hXx4BOm+FvaqMfpmc+9Uj7n40
OsMSGeWQ9LAdZB6v7XMzlOVUazu8XM8bkWr38jbJZC+83/jQJ644+k94qht3Ythc
euZRaII8tdvdMVIX6QxYTBEtgQtYV6nTmfHsFNseQH0waOscRmvR1DoGAc0wA3Oe
crgNDGQZC3U2kpbNbbSZAL3vekw=
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:37:41 2024 by rpki-client on console-ams.rpki-client.org