Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/YuzK84yE-VeaDfqQ6O3J9o15Kv0.roa
File: YuzK84yE-VeaDfqQ6O3J9o15Kv0.roa (raw, json)
Hash identifier: EVKp3DpwGwk3zHFDB6I7C6vUQecOQerB/cDYFjxLfg8=
Subject key identifier: 62:EC:CA:F3:8C:84:F9:57:9A:0D:FA:90:E8:ED:C9:F6:8D:79:2A:FD
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 019424B29F7157B5C0CE3EAF9A501B0221BB
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/YuzK84yE-VeaDfqQ6O3J9o15Kv0.roa
Signing time: Thu 02 Jan 2025 01:47:53 +0000
ROA not before: Thu 02 Jan 2025 01:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21859
IP address blocks: 217.180.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.mft
rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:9f:71:57:b5:c0:ce:3e:af:9a:50:1b:02:21:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Jan 2 01:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=62eccaf38c84f9579a0dfa90e8edc9f68d792afd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c4:bc:34:15:da:97:4c:e8:03:fd:01:a7:10:
0a:0a:34:cb:9e:36:56:18:72:d3:1f:f8:21:ca:7a:
2f:86:8a:3f:c8:6f:3a:b7:f7:b2:fa:ca:5a:3e:32:
48:00:34:94:03:77:18:4c:19:c2:39:be:0d:0c:e3:
53:ce:7c:b8:27:75:62:e7:65:03:0e:52:30:03:44:
61:67:3f:03:1e:62:cd:0f:5e:73:7d:95:ca:86:e4:
ba:c0:bb:95:06:1b:f8:85:31:4d:60:f7:dd:be:bb:
90:f9:90:41:83:a1:70:ae:f7:7d:e6:4d:28:e1:fb:
ff:0c:0f:9a:79:95:b2:06:ea:5b:1d:51:b7:12:53:
a8:fd:5c:de:b2:d7:74:cc:43:54:a0:5c:c7:e0:73:
05:ab:2c:99:87:dc:61:27:6a:b7:94:fd:08:14:ec:
11:1e:84:79:89:13:40:1c:5c:5a:cc:90:35:9d:2b:
8d:59:f7:a5:4b:87:b2:13:67:27:ef:9e:d1:e4:8a:
3a:65:f8:35:3b:5c:44:ff:f1:95:c6:b5:57:71:30:
02:7f:39:c6:92:aa:4a:ba:18:9c:17:2d:6c:0a:43:
a1:74:66:21:d2:c8:91:1e:5b:19:30:aa:b4:0c:f4:
47:31:d7:e1:b1:8d:4a:aa:c4:20:af:90:e6:db:6e:
f0:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:EC:CA:F3:8C:84:F9:57:9A:0D:FA:90:E8:ED:C9:F6:8D:79:2A:FD
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/YuzK84yE-VeaDfqQ6O3J9o15Kv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.180.15.0/24
Signature Algorithm: sha256WithRSAEncryption
05:6d:a3:7b:17:64:ee:fb:5b:42:1c:fc:fc:ee:b7:ae:07:8a:
2b:96:64:ec:b3:bb:e9:45:e6:0a:a1:04:70:0b:43:2a:26:ed:
f0:31:5e:14:dd:e6:c2:97:dd:d2:77:9c:0b:fb:c3:b9:85:f6:
e9:0d:f3:31:ce:52:25:1e:60:28:6e:ac:8a:56:b6:3b:f7:26:
ed:d0:f3:38:61:44:46:9d:31:9d:f4:3a:2c:37:ea:f1:fc:fa:
89:00:ff:67:53:e7:c6:4d:7e:48:69:bf:ae:3b:4a:f4:c5:c2:
5b:95:6c:04:ba:94:3d:4c:53:ad:c7:5c:3f:ac:97:6d:31:db:
4a:1e:d1:88:df:5d:16:a2:5f:7f:b9:18:76:a1:23:4b:1e:bb:
7e:2e:5d:4e:83:8c:69:d2:ad:35:e2:ac:23:ba:80:90:da:4c:
e4:74:f4:af:7b:94:69:f9:c5:ac:a1:45:e7:40:c3:7f:ee:58:
45:67:7d:0a:ac:8e:27:85:36:5b:1e:71:41:76:4c:af:6a:f6:
74:e8:ee:4d:e4:d3:10:05:2e:19:78:ca:c2:0b:95:58:56:19:
78:67:66:59:a6:8e:b0:7d:83:52:d3:0c:c4:ec:4e:52:db:6c:
72:db:a7:89:ab:cc:d9:3e:e8:68:5c:20:fc:d2:d2:7e:c5:46:
20:cd:9d:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQksp9xV7XAzj6vmlAbAiG7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwMTAyMDE0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmVjY2FmMzhjODRmOTU3OWEwZGZhOTBlOGVkYzlmNjhkNzkyYWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMS8NBXal0zoA/0BpxAKCjTLnjZW
GHLTH/ghynovhoo/yG86t/ey+spaPjJIADSUA3cYTBnCOb4NDONTzny4J3Vi52UD
DlIwA0RhZz8DHmLND15zfZXKhuS6wLuVBhv4hTFNYPfdvruQ+ZBBg6Fwrvd95k0o
4fv/DA+aeZWyBupbHVG3ElOo/Vzestd0zENUoFzH4HMFqyyZh9xhJ2q3lP0IFOwR
HoR5iRNAHFxazJA1nSuNWfelS4eyE2cn757R5Io6Zfg1O1xE//GVxrVXcTACfznG
kqpKuhicFy1sCkOhdGYh0siRHlsZMKq0DPRHMdfhsY1KqsQgr5Dm227w8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGLsyvOMhPlXmg36kOjtyfaNeSr9MB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvWXV6Szg0eUUtVmVhRGZxUTZPM0o5bzE1S3YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2bQPMA0G
CSqGSIb3DQEBCwUAA4IBAQAFbaN7F2Tu+1tCHPz87reuB4orlmTss7vpReYKoQRw
C0MqJu3wMV4U3ebCl93Sd5wL+8O5hfbpDfMxzlIlHmAobqyKVrY79ybt0PM4YURG
nTGd9DosN+rx/PqJAP9nU+fGTX5Iab+uO0r0xcJblWwEupQ9TFOtx1w/rJdtMdtK
HtGI310Wol9/uRh2oSNLHrt+Ll1Og4xp0q014qwjuoCQ2kzkdPSve5Rp+cWsoUXn
QMN/7lhFZ30KrI4nhTZbHnFBdkyvavZ06O5N5NMQBS4ZeMrCC5VYVhl4Z2ZZpo6w
fYNS0wzE7E5S22xy26eJq8zZPuhoXCD80tJ+xUYgzZ1v
-----END CERTIFICATE-----
Generated at Wed Feb 5 15:00:33 2025 by rpki-client