Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/YqbCfbjfBbQY7aiSewNCscdQdgY.roa
File: YqbCfbjfBbQY7aiSewNCscdQdgY.roa (raw, json)
Hash identifier: Y+/2NfmHz0hITKTKf7ajHO278OF3qroahj/vgxfDBAw=
Subject key identifier: 62:A6:C2:7D:B8:DF:05:B4:18:ED:A8:92:7B:03:42:B1:C7:50:76:06
Certificate issuer: /CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Certificate serial: 018CC94C95B221C599E556728FA8FE4542C1
Authority key identifier: 6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/YqbCfbjfBbQY7aiSewNCscdQdgY.roa
Signing time: Tue 02 Jan 2024 08:31:28 +0000
ROA not before: Tue 02 Jan 2024 08:31:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50979
IP address blocks: 92.118.148.0/24 maxlen: 24
176.126.162.0/24 maxlen: 24
185.237.218.0/23 maxlen: 23
2a0a:8c40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.mft
rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:95:b2:21:c5:99:e5:56:72:8f:a8:fe:45:42:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Validity
Not Before: Jan 2 08:31:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62a6c27db8df05b418eda8927b0342b1c7507606
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:86:7c:ec:b4:ad:7d:df:ea:e5:a3:8b:58:d8:
3f:86:71:80:1e:2e:54:5b:e8:2d:0d:7b:16:d5:10:
da:4a:67:bd:27:9f:d4:ff:c5:5b:23:e1:df:5e:5c:
43:1e:11:98:33:a8:db:9c:e6:dc:e2:eb:01:6d:3d:
49:61:f2:8d:80:88:96:3b:32:03:18:3e:f9:45:a6:
95:84:81:fc:b0:82:30:20:ba:e5:cb:21:dd:5b:e5:
03:30:56:46:40:16:7a:bf:77:c4:f0:45:3c:60:23:
e6:12:3f:01:fa:3f:40:75:e3:be:4b:9a:bd:28:e1:
ed:02:90:68:d2:33:16:31:09:e9:3e:5a:2b:d4:92:
40:67:01:ca:9b:1d:9c:fc:1d:82:26:06:73:5d:54:
4d:92:85:c4:25:7e:59:71:0c:02:54:36:6a:17:a1:
84:41:e9:7a:71:5b:d3:75:74:99:f4:94:ca:46:ff:
cf:c6:4f:32:c2:4a:07:ce:52:23:8e:95:fa:db:2a:
28:0e:30:7d:91:a0:b6:d6:db:d6:ac:b9:7e:15:5a:
77:ce:77:fe:a1:86:d2:db:4e:c1:de:7d:99:34:39:
25:6e:69:24:da:ed:98:ab:32:11:0a:e1:ad:c8:95:
51:c6:4c:94:57:df:59:ae:a7:43:c9:58:46:74:a0:
de:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:A6:C2:7D:B8:DF:05:B4:18:ED:A8:92:7B:03:42:B1:C7:50:76:06
X509v3 Authority Key Identifier:
keyid:6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/YqbCfbjfBbQY7aiSewNCscdQdgY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.148.0/24
176.126.162.0/24
185.237.218.0/23
IPv6:
2a0a:8c40::/32
Signature Algorithm: sha256WithRSAEncryption
0c:7f:8b:5a:b5:06:ce:aa:b8:c6:15:30:b0:c6:d1:62:00:4e:
2a:7e:e9:6f:0b:43:69:ab:8d:f0:64:df:a4:25:ed:ef:bb:e3:
9a:0d:0c:5c:ac:a1:db:32:03:f9:e1:00:5a:cf:32:71:5e:ec:
8e:6e:7c:5f:ee:ff:0d:9f:74:ab:db:c6:9f:90:d5:0e:a8:c0:
0d:68:b6:78:56:56:f6:a6:95:1f:21:34:d2:e3:68:3f:19:f1:
61:a4:22:5b:aa:f5:aa:3d:6b:6b:71:21:79:d2:88:6f:3d:56:
21:5e:99:c3:68:15:37:bb:73:ad:9a:2b:ed:1f:4c:05:61:b3:
3f:e3:45:02:3e:e8:14:ea:7d:fd:bc:18:d7:e0:81:d1:1c:5b:
ee:9f:ca:26:63:fa:cf:df:42:6d:45:41:65:3d:1d:f0:2f:63:
ed:86:f4:90:76:59:8a:1c:cb:92:cc:9c:ff:7b:5d:2e:86:16:
5c:90:61:b2:24:f8:37:13:f7:a3:ee:cf:1d:ab:5e:24:b1:1f:
df:ac:2b:c8:91:5a:a2:97:31:2c:0e:61:76:7c:58:05:1a:5c:
6f:9a:96:d5:39:0a:73:29:44:28:c1:c6:c7:27:46:ba:c0:e5:
8d:57:a3:66:4d:d5:e4:69:46:1a:b0:a0:5a:4f:4b:33:00:35:
55:c1:23:b0
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzJTJWyIcWZ5VZyj6j+RULBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmY2NkZmZkYTZhNGM0ODkxNGI1ZThjZGU3ZGE1ZDgyMGI5
Yzk3MTgwHhcNMjQwMTAyMDgzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmE2YzI3ZGI4ZGYwNWI0MThlZGE4OTI3YjAzNDJiMWM3NTA3NjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4Z87LStfd/q5aOLWNg/hnGAHi5U
W+gtDXsW1RDaSme9J5/U/8VbI+HfXlxDHhGYM6jbnObc4usBbT1JYfKNgIiWOzID
GD75RaaVhIH8sIIwILrlyyHdW+UDMFZGQBZ6v3fE8EU8YCPmEj8B+j9AdeO+S5q9
KOHtApBo0jMWMQnpPlor1JJAZwHKmx2c/B2CJgZzXVRNkoXEJX5ZcQwCVDZqF6GE
Qel6cVvTdXSZ9JTKRv/Pxk8ywkoHzlIjjpX62yooDjB9kaC21tvWrLl+FVp3znf+
oYbS207B3n2ZNDklbmkk2u2YqzIRCuGtyJVRxkyUV99ZrqdDyVhGdKDeKwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGKmwn243wW0GO2oknsDQrHHUHYGMB8GA1UdIwQY
MBaAFG/M3/2mpMSJFLXozefaXYILnJcYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQt
YTc3NGU0MWQyNjRjLzEvWXFiQ2ZiamZCYlFZN2FpU2V3TkNzY2RRZGdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQtYTc3NGU0MWQyNjRj
LzEvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAXHaUAwQA
sH6iAwQBue3aMA0EAgACMAcDBQAqCoxAMA0GCSqGSIb3DQEBCwUAA4IBAQAMf4ta
tQbOqrjGFTCwxtFiAE4qfulvC0Npq43wZN+kJe3vu+OaDQxcrKHbMgP54QBazzJx
XuyObnxf7v8Nn3Sr28afkNUOqMANaLZ4Vlb2ppUfITTS42g/GfFhpCJbqvWqPWtr
cSF50ohvPVYhXpnDaBU3u3OtmivtH0wFYbM/40UCPugU6n39vBjX4IHRHFvun8om
Y/rP30JtRUFlPR3wL2PthvSQdlmKHMuSzJz/e10uhhZckGGyJPg3E/ej7s8dq14k
sR/frCvIkVqilzEsDmF2fFgFGlxvmpbVOQpzKUQowcbHJ0a6wOWNV6NmTdXkaUYa
sKBaT0szADVVwSOw
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:32:25 2024 by rpki-client on console-ams.rpki-client.org