Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/ddc344-64c6-46c8-a25c-d4edc0eb3e0a/1/dY5YHDURGUHiN-lAbH3teL3Zvnk.roa
File: dY5YHDURGUHiN-lAbH3teL3Zvnk.roa (raw, json)
Hash identifier: UPeZHsHSrqoO0IahxKFNK0L+q5H85m2PNs0xM64op9k=
Subject key identifier: 75:8E:58:1C:35:11:19:41:E2:37:E9:40:6C:7D:ED:78:BD:D9:BE:79
Certificate issuer: /CN=009a637282b3d0a0fca4a554f6936f7df42e8165
Certificate serial: 018CC348DC6DB63298165C45B75C40080153
Authority key identifier: 00:9A:63:72:82:B3:D0:A0:FC:A4:A5:54:F6:93:6F:7D:F4:2E:81:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AJpjcoKz0KD8pKVU9pNvffQugWU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/ddc344-64c6-46c8-a25c-d4edc0eb3e0a/1/dY5YHDURGUHiN-lAbH3teL3Zvnk.roa
Signing time: Mon 01 Jan 2024 04:29:41 +0000
ROA not before: Mon 01 Jan 2024 04:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200457
IP address blocks: 185.106.172.0/22 maxlen: 24
2a06:3d40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/ddc344-64c6-46c8-a25c-d4edc0eb3e0a/1/AJpjcoKz0KD8pKVU9pNvffQugWU.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/ddc344-64c6-46c8-a25c-d4edc0eb3e0a/1/AJpjcoKz0KD8pKVU9pNvffQugWU.mft
rsync://rpki.ripe.net/repository/DEFAULT/AJpjcoKz0KD8pKVU9pNvffQugWU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:dc:6d:b6:32:98:16:5c:45:b7:5c:40:08:01:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=009a637282b3d0a0fca4a554f6936f7df42e8165
Validity
Not Before: Jan 1 04:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=758e581c35111941e237e9406c7ded78bdd9be79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:86:b6:9b:84:75:56:ce:7a:b4:23:55:8a:ce:
51:13:86:3a:45:e4:7d:48:74:b0:ab:ed:b9:ca:6a:
ee:55:fc:5e:8f:41:5b:96:5d:cd:ab:e4:4c:58:f7:
b9:0a:7d:3d:4f:6a:d0:ec:80:a2:bc:be:dd:00:6f:
e3:d5:25:a9:aa:b2:38:cb:e6:cb:19:0a:8f:e4:7c:
a4:8c:65:16:f1:2f:d9:12:11:70:29:b1:7a:f1:57:
d0:1b:82:1c:91:fe:c7:7c:37:d9:93:4c:16:b0:01:
0f:82:f1:6e:69:79:62:c6:6c:cc:47:b2:90:6a:72:
67:08:ab:a2:37:9d:80:51:a5:28:be:11:5e:dc:5f:
cf:fb:b0:20:83:da:7f:2d:75:e4:f0:55:fe:2d:14:
ac:29:88:d5:e0:ac:fc:70:43:63:9e:6a:e6:9d:05:
3d:69:31:87:af:d1:bc:63:90:10:ca:66:a9:1e:a0:
4a:34:0b:d9:62:ff:3c:de:c8:ce:5a:5a:76:6e:8d:
eb:5b:f4:46:9f:69:f8:14:66:f6:de:42:08:de:48:
5c:81:5e:c9:7a:87:df:b9:8b:65:c3:b7:a1:d7:37:
9f:d6:de:d6:3e:37:e5:6d:ed:a7:22:da:15:49:de:
df:fd:2e:9b:13:46:93:ac:32:53:7b:63:7f:ce:00:
ae:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:8E:58:1C:35:11:19:41:E2:37:E9:40:6C:7D:ED:78:BD:D9:BE:79
X509v3 Authority Key Identifier:
keyid:00:9A:63:72:82:B3:D0:A0:FC:A4:A5:54:F6:93:6F:7D:F4:2E:81:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AJpjcoKz0KD8pKVU9pNvffQugWU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/ddc344-64c6-46c8-a25c-d4edc0eb3e0a/1/dY5YHDURGUHiN-lAbH3teL3Zvnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/ddc344-64c6-46c8-a25c-d4edc0eb3e0a/1/AJpjcoKz0KD8pKVU9pNvffQugWU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.106.172.0/22
IPv6:
2a06:3d40::/29
Signature Algorithm: sha256WithRSAEncryption
86:8d:10:e3:17:bd:51:3a:34:07:e4:4c:09:71:70:d4:ec:62:
21:a0:50:46:78:7c:df:88:0f:91:59:80:f5:f4:42:57:e1:9e:
54:c3:ad:4e:2a:8e:fa:52:a8:25:60:3b:ad:c9:a3:b9:22:56:
e5:a4:11:d4:9f:55:dd:1d:48:7a:1f:a3:a4:69:1d:f0:f0:9b:
de:76:07:9d:31:24:00:39:56:76:e9:8d:3e:43:cf:81:93:5b:
58:72:b3:d7:18:b4:99:74:c0:3e:90:ae:b9:13:32:73:68:cf:
db:35:95:3a:eb:a9:89:36:83:81:7c:da:8f:87:5f:ff:68:22:
ca:21:c8:c4:bd:06:f5:d6:d2:ec:c2:7c:79:75:97:7f:36:3c:
4a:a9:de:89:cc:2b:17:25:ba:33:34:2b:47:49:d8:12:aa:6d:
12:5f:4a:25:11:23:26:6f:1d:d0:fa:db:94:fa:f3:06:82:9f:
e0:45:c7:ea:a5:17:cd:60:f9:3c:3d:63:3c:59:04:02:1f:ba:
e4:6a:5d:00:55:67:6e:b2:08:82:3f:f2:ef:e4:6b:d0:11:07:
d1:2f:ac:15:22:b8:c0:3b:7e:86:9a:88:c0:52:2b:70:a6:6c:
24:98:21:ed:f8:20:62:69:b5:eb:83:0d:a3:99:08:df:b6:1b:
0d:44:d9:93
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDSNxttjKYFlxFt1xACAFTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwOWE2MzcyODJiM2QwYTBmY2E0YTU1NGY2OTM2ZjdkZjQy
ZTgxNjUwHhcNMjQwMTAxMDQyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NThlNTgxYzM1MTExOTQxZTIzN2U5NDA2YzdkZWQ3OGJkZDliZTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Ya2m4R1Vs56tCNVis5RE4Y6ReR9
SHSwq+25ymruVfxej0Fbll3Nq+RMWPe5Cn09T2rQ7ICivL7dAG/j1SWpqrI4y+bL
GQqP5HykjGUW8S/ZEhFwKbF68VfQG4Ickf7HfDfZk0wWsAEPgvFuaXlixmzMR7KQ
anJnCKuiN52AUaUovhFe3F/P+7Agg9p/LXXk8FX+LRSsKYjV4Kz8cENjnmrmnQU9
aTGHr9G8Y5AQymapHqBKNAvZYv883sjOWlp2bo3rW/RGn2n4FGb23kII3khcgV7J
eoffuYtlw7eh1zef1t7WPjflbe2nItoVSd7f/S6bE0aTrDJTe2N/zgCuuwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHWOWBw1ERlB4jfpQGx97Xi92b55MB8GA1UdIwQY
MBaAFACaY3KCs9Cg/KSlVPaTb330LoFlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUpwamNvS3owS0Q4cEtWVTlwTnZmZlF1Z1dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9kZGMzNDQtNjRjNi00NmM4LWEyNWMt
ZDRlZGMwZWIzZTBhLzEvZFk1WUhEVVJHVUhpTi1sQWJIM3RlTDNadm5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9kZGMzNDQtNjRjNi00NmM4LWEyNWMtZDRlZGMwZWIzZTBh
LzEvQUpwamNvS3owS0Q4cEtWVTlwTnZmZlF1Z1dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWqsMA0E
AgACMAcDBQMqBj1AMA0GCSqGSIb3DQEBCwUAA4IBAQCGjRDjF71ROjQH5EwJcXDU
7GIhoFBGeHzfiA+RWYD19EJX4Z5Uw61OKo76UqglYDutyaO5IlblpBHUn1XdHUh6
H6OkaR3w8JvedgedMSQAOVZ26Y0+Q8+Bk1tYcrPXGLSZdMA+kK65EzJzaM/bNZU6
66mJNoOBfNqPh1//aCLKIcjEvQb11tLswnx5dZd/NjxKqd6JzCsXJbozNCtHSdgS
qm0SX0olESMmbx3Q+tuU+vMGgp/gRcfqpRfNYPk8PWM8WQQCH7rkal0AVWdusgiC
P/Lv5GvQEQfRL6wVIrjAO36GmojAUitwpmwkmCHt+CBiabXrgw2jmQjfthsNRNmT
-----END CERTIFICATE-----
Generated at Tue Nov 26 19:21:57 2024 by rpki-client on console-fra.rpki-client.org