Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/YhHxsxNH4RP_FfePdq8SlQdgZyg.roa
File: YhHxsxNH4RP_FfePdq8SlQdgZyg.roa (raw, json)
Hash identifier: K3fGfKE/dBh+cdQFHO8biNnAdH/Glpbr/rysigKy5PI=
Subject key identifier: 62:11:F1:B3:13:47:E1:13:FF:15:F7:8F:76:AF:12:95:07:60:67:28
Certificate issuer: /CN=cd576d876e17e67aa3b1f1c10dab39db2935e22b
Certificate serial: 019425216F37A0887A9AE41B02200FCDB2FE
Authority key identifier: CD:57:6D:87:6E:17:E6:7A:A3:B1:F1:C1:0D:AB:39:DB:29:35:E2:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zVdth24X5nqjsfHBDas52yk14is.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/YhHxsxNH4RP_FfePdq8SlQdgZyg.roa
Signing time: Thu 02 Jan 2025 03:48:55 +0000
ROA not before: Thu 02 Jan 2025 03:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 74.118.124.0/24 maxlen: 24
74.118.125.0/24 maxlen: 24
74.118.126.0/24 maxlen: 24
74.118.127.0/24 maxlen: 24
143.223.96.0/24 maxlen: 24
143.223.97.0/24 maxlen: 24
143.223.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/zVdth24X5nqjsfHBDas52yk14is.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/zVdth24X5nqjsfHBDas52yk14is.mft
rsync://rpki.ripe.net/repository/DEFAULT/zVdth24X5nqjsfHBDas52yk14is.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 13:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:6f:37:a0:88:7a:9a:e4:1b:02:20:0f:cd:b2:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd576d876e17e67aa3b1f1c10dab39db2935e22b
Validity
Not Before: Jan 2 03:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6211f1b31347e113ff15f78f76af129507606728
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:1c:8e:5d:dc:2d:71:d9:61:7e:41:9b:5b:79:
e2:e2:6d:0c:2b:8c:ec:9d:b0:59:13:f7:42:33:56:
98:ff:ed:ae:f3:03:23:ff:15:24:f0:4a:bd:44:78:
fd:4c:41:22:3e:d4:14:5c:ce:3f:64:73:b9:c5:40:
eb:4d:9b:62:78:9c:93:36:f6:af:85:13:28:b3:42:
28:b8:9f:19:7b:5a:8f:48:20:b3:85:71:e5:43:ee:
ee:b1:1e:43:68:a9:24:fa:19:e6:a2:14:ec:8b:67:
01:85:29:b0:ff:77:11:66:a6:0e:c8:15:eb:d2:8e:
db:e6:70:d5:4a:e3:7e:53:93:55:d7:78:ac:e2:1e:
42:00:33:a2:5e:68:27:21:2d:ac:36:6d:35:0d:f5:
72:45:72:54:cc:d6:f3:bb:45:67:fa:17:c2:bd:12:
76:05:58:5c:03:fb:a5:3b:9e:1f:69:fa:98:aa:01:
11:5b:3d:08:04:fd:e0:83:ed:d9:8a:33:af:3e:1a:
b4:8e:92:b9:b5:d7:15:9d:1a:6a:f8:6f:02:54:e9:
a2:4c:e3:a9:41:32:59:45:c5:a5:b5:2c:a2:ec:95:
76:d9:29:6a:05:18:d6:ae:38:15:56:ae:9e:87:b5:
f3:86:01:ae:ae:00:42:d7:3d:b2:05:6c:3b:a9:25:
20:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:11:F1:B3:13:47:E1:13:FF:15:F7:8F:76:AF:12:95:07:60:67:28
X509v3 Authority Key Identifier:
keyid:CD:57:6D:87:6E:17:E6:7A:A3:B1:F1:C1:0D:AB:39:DB:29:35:E2:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zVdth24X5nqjsfHBDas52yk14is.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/YhHxsxNH4RP_FfePdq8SlQdgZyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/42f014-cd92-4205-aa53-1a80a2f7d7ea/1/zVdth24X5nqjsfHBDas52yk14is.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
74.118.124.0/22
143.223.96.0-143.223.98.255
Signature Algorithm: sha256WithRSAEncryption
69:1e:26:ad:0e:a3:6f:23:8c:8e:1d:de:14:d9:78:f3:0f:4e:
e0:ca:85:46:a1:71:7d:7c:05:be:6e:d0:c8:56:6e:97:d0:04:
4d:71:72:ea:89:c7:f6:37:f6:1e:aa:ed:78:8b:4a:e8:bb:e7:
c0:25:6f:ee:ea:4f:17:e2:95:d1:6f:40:be:91:93:de:74:f9:
07:ba:f3:4d:6e:8e:df:62:98:55:8f:fc:08:79:b3:4c:00:d9:
cc:2f:68:ed:bf:96:37:8d:a1:ba:db:3a:23:ea:06:5f:79:b9:
e7:10:ba:2e:16:35:6c:8e:72:7e:e6:ec:31:9b:b4:4a:00:a9:
9a:b3:3d:82:84:37:83:27:da:cc:44:5e:30:35:6d:27:94:b0:
9a:b0:ed:77:09:94:07:69:ea:49:02:7c:c6:b5:9b:7e:62:35:
b2:fe:98:e1:ae:c3:77:4f:93:3f:00:38:0e:c9:72:cf:2e:72:
ca:40:99:a5:c0:d3:41:4b:63:ec:5d:90:b6:67:2a:33:af:8b:
95:27:cb:c2:a1:52:5f:bc:33:3e:d0:d8:2d:60:00:14:ec:b6:
37:c3:78:76:38:1c:c4:0d:0b:5f:0d:5c:8b:e2:5e:de:0e:31:
79:d1:5f:7c:8c:96:0a:ec:88:af:af:1e:86:93:7a:6c:04:fb:
89:97:0a:d9
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQlIW83oIh6muQbAiAPzbL+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNTc2ZDg3NmUxN2U2N2FhM2IxZjFjMTBkYWIzOWRiMjkz
NWUyMmIwHhcNMjUwMTAyMDM0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjExZjFiMzEzNDdlMTEzZmYxNWY3OGY3NmFmMTI5NTA3NjA2NzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRyOXdwtcdlhfkGbW3ni4m0MK4zs
nbBZE/dCM1aY/+2u8wMj/xUk8Eq9RHj9TEEiPtQUXM4/ZHO5xUDrTZtieJyTNvav
hRMos0IouJ8Ze1qPSCCzhXHlQ+7usR5DaKkk+hnmohTsi2cBhSmw/3cRZqYOyBXr
0o7b5nDVSuN+U5NV13is4h5CADOiXmgnIS2sNm01DfVyRXJUzNbzu0Vn+hfCvRJ2
BVhcA/ulO54fafqYqgERWz0IBP3gg+3ZijOvPhq0jpK5tdcVnRpq+G8CVOmiTOOp
QTJZRcWltSyi7JV22SlqBRjWrjgVVq6eh7XzhgGurgBC1z2yBWw7qSUg6QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGIR8bMTR+ET/xX3j3avEpUHYGcoMB8GA1UdIwQY
MBaAFM1XbYduF+Z6o7HxwQ2rOdspNeIrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelZkdGgyNFg1bnFqc2ZIQkRhczUyeWsxNGlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS80MmYwMTQtY2Q5Mi00MjA1LWFhNTMt
MWE4MGEyZjdkN2VhLzEvWWhIeHN4Tkg0UlBfRmZlUGRxOFNsUWRnWnlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS80MmYwMTQtY2Q5Mi00MjA1LWFhNTMtMWE4MGEyZjdkN2Vh
LzEvelZkdGgyNFg1bnFqc2ZIQkRhczUyeWsxNGlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCSnZ8MAwD
BAWP32ADBACP32IwDQYJKoZIhvcNAQELBQADggEBAGkeJq0Oo28jjI4d3hTZePMP
TuDKhUahcX18Bb5u0MhWbpfQBE1xcuqJx/Y39h6q7XiLSui758Alb+7qTxfildFv
QL6Rk950+Qe6801ujt9imFWP/Ah5s0wA2cwvaO2/ljeNobrbOiPqBl95uecQui4W
NWyOcn7m7DGbtEoAqZqzPYKEN4Mn2sxEXjA1bSeUsJqw7XcJlAdp6kkCfMa1m35i
NbL+mOGuw3dPkz8AOA7Jcs8ucspAmaXA00FLY+xdkLZnKjOvi5Uny8KhUl+8Mz7Q
2C1gABTstjfDeHY4HMQNC18NXIviXt4OMXnRX3yMlgrsiK+vHoaTemwE+4mXCtk=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:22 2025 by rpki-client