Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/y2GV6aTaUOUJnMwRp7T3xTGYpsc.roa
File: y2GV6aTaUOUJnMwRp7T3xTGYpsc.roa (raw, json)
Hash identifier: TfpM/sCLBeNscirhAgRcOVJis9xFdjJrS1YdbIm/Gbw=
Subject key identifier: CB:61:95:E9:A4:DA:50:E5:09:9C:CC:11:A7:B4:F7:C5:31:98:A6:C7
Certificate issuer: /CN=ee31367df6d1861071c92bae726523326f45ba2a
Certificate serial: 018CC801660F4A79C52C43ED42D3F954AFC7
Authority key identifier: EE:31:36:7D:F6:D1:86:10:71:C9:2B:AE:72:65:23:32:6F:45:BA:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7jE2ffbRhhBxySuucmUjMm9Fuio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/y2GV6aTaUOUJnMwRp7T3xTGYpsc.roa
Signing time: Tue 02 Jan 2024 02:29:43 +0000
ROA not before: Tue 02 Jan 2024 02:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200639
IP address blocks: 45.92.42.0/24 maxlen: 24
2a0e:1cc0:12::/48 maxlen: 48
2a0e:1cc0:11::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/7jE2ffbRhhBxySuucmUjMm9Fuio.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/7jE2ffbRhhBxySuucmUjMm9Fuio.mft
rsync://rpki.ripe.net/repository/DEFAULT/7jE2ffbRhhBxySuucmUjMm9Fuio.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:66:0f:4a:79:c5:2c:43:ed:42:d3:f9:54:af:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee31367df6d1861071c92bae726523326f45ba2a
Validity
Not Before: Jan 2 02:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb6195e9a4da50e5099ccc11a7b4f7c53198a6c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:8f:78:bc:12:ad:00:93:d4:11:48:7d:2e:71:
14:8e:a4:f3:88:8a:32:09:2f:7c:51:39:e8:c4:d7:
23:38:f5:2e:ff:af:c6:f8:d1:11:e9:f9:c8:32:ca:
18:28:c4:9e:51:07:70:bf:5f:1b:d7:fa:48:b8:25:
bb:81:2d:ca:ac:78:46:17:0e:a1:d1:18:7b:7b:b8:
c3:a3:95:76:bd:20:50:b3:b7:4d:e0:b3:4f:2a:a8:
9e:d3:df:4b:b2:31:bb:6e:80:b4:47:5c:18:3a:50:
2d:fb:d6:bc:77:e5:bd:e0:4a:7e:1c:19:79:bb:29:
0d:0b:f2:61:fa:8b:bd:c8:e8:ba:01:a9:cb:97:ea:
e6:60:5b:1f:d7:b2:62:03:15:ee:40:5a:c9:a0:c0:
b6:16:95:83:8f:7a:81:4a:7c:fb:8f:a6:00:19:40:
34:77:25:7d:bb:d9:07:91:26:d2:6a:aa:6d:40:b7:
1d:29:5e:ca:d2:48:c6:b4:ca:05:f2:bc:f7:8e:86:
5b:60:ee:6b:e5:78:d6:92:37:a8:50:7d:8e:5c:a1:
af:3e:a2:c5:b0:6d:af:ee:4f:5a:2c:ba:86:09:f5:
91:e0:af:45:d8:1e:c7:7b:a3:51:f1:7f:7b:9b:1b:
b9:fe:7f:1f:d8:46:f7:77:cd:22:32:87:15:a2:28:
a2:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:61:95:E9:A4:DA:50:E5:09:9C:CC:11:A7:B4:F7:C5:31:98:A6:C7
X509v3 Authority Key Identifier:
keyid:EE:31:36:7D:F6:D1:86:10:71:C9:2B:AE:72:65:23:32:6F:45:BA:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7jE2ffbRhhBxySuucmUjMm9Fuio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/y2GV6aTaUOUJnMwRp7T3xTGYpsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/7jE2ffbRhhBxySuucmUjMm9Fuio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.42.0/24
IPv6:
2a0e:1cc0:11::-2a0e:1cc0:12:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
85:bd:fb:33:c3:0f:63:49:16:81:95:a1:9f:85:4e:88:9d:a7:
3b:b1:c4:da:f9:6f:d3:13:b1:01:84:a6:55:ff:42:17:68:78:
63:b1:6b:2a:1d:47:80:04:dc:c2:5e:07:a1:6c:e1:84:2c:f8:
2f:3c:ca:b4:da:60:95:a5:fd:91:9b:07:b2:66:0e:55:72:d6:
f5:fc:77:ed:a0:64:55:93:a6:66:58:1d:97:9f:87:47:53:9d:
93:b0:92:d3:b6:bb:e2:b8:79:32:f9:60:a8:44:fd:cc:ba:62:
79:c5:d4:66:53:78:6d:1f:43:84:d6:06:09:d7:4d:66:1a:49:
bc:de:10:35:81:86:08:1a:f7:ff:77:8a:23:b0:db:ac:12:94:
13:22:bf:c6:e2:9d:87:2b:7f:91:4a:11:e0:d4:da:0a:36:b5:
03:3e:a4:65:82:fe:22:75:33:1b:ec:c4:70:7a:fd:d6:51:71:
86:11:18:1e:1c:d0:43:aa:fa:a8:a7:a6:28:ef:1d:1b:00:dc:
66:ff:66:88:c3:fd:8c:bb:5f:f2:24:27:da:19:69:1d:e7:99:
e7:e8:9f:e7:24:aa:94:f1:8c:f6:6e:3b:20:bf:2b:60:8a:ee:
54:39:cd:73:fb:3f:c1:f1:34:77:e5:5d:4d:76:3c:3a:2d:68:
13:65:9d:6f
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzIAWYPSnnFLEPtQtP5VK/HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMzEzNjdkZjZkMTg2MTA3MWM5MmJhZTcyNjUyMzMyNmY0
NWJhMmEwHhcNMjQwMTAyMDIyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjYxOTVlOWE0ZGE1MGU1MDk5Y2NjMTFhN2I0ZjdjNTMxOThhNmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp494vBKtAJPUEUh9LnEUjqTziIoy
CS98UTnoxNcjOPUu/6/G+NER6fnIMsoYKMSeUQdwv18b1/pIuCW7gS3KrHhGFw6h
0Rh7e7jDo5V2vSBQs7dN4LNPKqie099LsjG7boC0R1wYOlAt+9a8d+W94Ep+HBl5
uykNC/Jh+ou9yOi6AanLl+rmYFsf17JiAxXuQFrJoMC2FpWDj3qBSnz7j6YAGUA0
dyV9u9kHkSbSaqptQLcdKV7K0kjGtMoF8rz3joZbYO5r5XjWkjeoUH2OXKGvPqLF
sG2v7k9aLLqGCfWR4K9F2B7He6NR8X97mxu5/n8f2Eb3d80iMocVoiii/wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFMthlemk2lDlCZzMEae098UxmKbHMB8GA1UdIwQY
MBaAFO4xNn320YYQcckrrnJlIzJvRboqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2pFMmZmYlJoaEJ4eVN1dWNtVWpNbTlGdWlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8xYmI0ZGQtZTljNC00ZDNkLTlhM2It
MTE1OWRiZmJlZDU0LzEveTJHVjZhVGFVT1VKbk13UnA3VDN4VEdZcHNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8xYmI0ZGQtZTljNC00ZDNkLTlhM2ItMTE1OWRiZmJlZDU0
LzEvN2pFMmZmYlJoaEJ4eVN1dWNtVWpNbTlGdWlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQALVwqMBoE
AgACMBQwEgMHACoOHMAAEQMHACoOHMAAEjANBgkqhkiG9w0BAQsFAAOCAQEAhb37
M8MPY0kWgZWhn4VOiJ2nO7HE2vlv0xOxAYSmVf9CF2h4Y7FrKh1HgATcwl4HoWzh
hCz4LzzKtNpglaX9kZsHsmYOVXLW9fx37aBkVZOmZlgdl5+HR1Odk7CS07a74rh5
MvlgqET9zLpiecXUZlN4bR9DhNYGCddNZhpJvN4QNYGGCBr3/3eKI7DbrBKUEyK/
xuKdhyt/kUoR4NTaCja1Az6kZYL+InUzG+zEcHr91lFxhhEYHhzQQ6r6qKemKO8d
GwDcZv9miMP9jLtf8iQn2hlpHeeZ5+if5ySqlPGM9m47IL8rYIruVDnNc/s/wfE0
d+VdTXY8Oi1oE2Wdbw==
-----END CERTIFICATE-----
Generated at Wed May 8 21:08:37 2024 by rpki-client on console-ams.rpki-client.org