Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/YFJcjlbXYRc0ju_DrP_IIdd1PBc.roa
File: YFJcjlbXYRc0ju_DrP_IIdd1PBc.roa (raw, json)
Hash identifier: Fqc5Fh6HIuVC9sEA9LPVl/ApB8yQd3irxKsoX7gOBY4=
Subject key identifier: 60:52:5C:8E:56:D7:61:17:34:8E:EF:C3:AC:FF:C8:21:D7:75:3C:17
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 018CC64A8209707F397BEAE2ABF37D996BFA
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/YFJcjlbXYRc0ju_DrP_IIdd1PBc.roa
Signing time: Mon 01 Jan 2024 18:30:20 +0000
ROA not before: Mon 01 Jan 2024 18:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201411
IP address blocks: 37.18.96.0/22 maxlen: 24
178.170.156.0/22 maxlen: 24
37.18.62.0/24 maxlen: 24
37.18.63.0/24 maxlen: 24
188.120.36.0/22 maxlen: 24
188.120.40.0/22 maxlen: 24
178.170.182.0/23 maxlen: 24
178.170.184.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:82:09:70:7f:39:7b:ea:e2:ab:f3:7d:99:6b:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 18:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60525c8e56d76117348eefc3acffc821d7753c17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e9:7c:f0:4f:e8:3e:0a:d6:db:e9:b7:ae:25:
d9:d7:6c:e7:64:84:db:98:24:22:9f:5f:51:6c:5f:
84:a0:78:2c:ad:84:21:0d:7d:eb:1b:db:86:f6:d3:
c9:fa:7d:d4:02:c2:f5:ab:71:f2:1e:80:48:9b:bd:
ac:f0:cc:90:f2:1c:64:ad:5e:9a:a6:6d:c7:8b:ba:
82:36:02:19:3c:00:f1:e7:9b:fb:79:12:48:2c:28:
cc:9e:34:3f:74:8e:f6:16:8c:31:85:13:7f:e8:11:
36:fe:fe:a7:32:2f:83:56:82:b7:96:d1:e5:db:17:
80:3f:c0:49:37:38:c7:a9:f4:4b:27:94:95:c5:e7:
51:f4:04:57:f5:5a:f0:98:65:93:f8:43:c3:98:bc:
ed:2f:2a:19:c4:31:83:ca:d2:c1:40:2e:33:e1:1c:
8b:5d:76:4f:21:89:19:78:89:2f:30:d7:f4:d0:5c:
ed:8e:72:a8:c4:6f:1f:10:69:85:b4:28:42:fb:ba:
31:1e:de:17:99:ec:b4:a1:a9:47:8a:3d:0a:02:28:
4a:f8:37:d9:d8:8d:b4:b3:38:a9:97:79:67:4b:7b:
33:5b:cf:34:a3:82:d7:99:68:f9:b7:fa:b4:45:01:
89:02:f9:d8:91:42:59:ba:ae:72:d4:65:ce:3c:28:
3b:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:52:5C:8E:56:D7:61:17:34:8E:EF:C3:AC:FF:C8:21:D7:75:3C:17
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/YFJcjlbXYRc0ju_DrP_IIdd1PBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.62.0/23
37.18.96.0/22
178.170.156.0/22
178.170.182.0-178.170.185.255
188.120.36.0-188.120.43.255
Signature Algorithm: sha256WithRSAEncryption
21:64:87:10:79:9b:85:91:f7:44:61:85:76:47:7f:6b:a0:8b:
06:95:bd:a9:ad:66:e0:9e:c7:65:2c:df:90:9b:76:48:9f:16:
25:26:55:4d:78:9f:3a:f9:40:54:87:3c:44:be:1e:3a:52:3b:
76:8b:22:e6:c0:8e:36:6a:70:5c:46:12:84:a6:83:97:dc:f8:
ae:62:db:dd:c3:da:24:09:27:55:e5:12:60:8d:25:77:fa:29:
cc:be:e2:eb:b6:17:3d:7d:6c:7d:54:79:2b:a0:cf:fb:6e:29:
4b:0b:fa:dd:83:0a:b5:65:a6:cb:7c:bf:4b:67:35:40:5a:e5:
1c:5b:60:4e:a3:99:95:5d:88:9b:5d:5c:ab:06:60:93:da:ab:
8a:7d:25:80:e8:5f:b8:07:82:32:46:fc:ae:a3:c8:7d:c8:a3:
5c:cb:ac:a7:84:21:71:47:5c:9a:5d:c5:e6:f0:1f:b5:8e:90:
e4:a7:29:c5:f0:6d:35:10:f6:10:c0:16:67:bf:44:91:22:28:
4e:f5:b1:f7:bb:ba:7c:eb:46:33:87:d7:cd:2f:b0:e0:8a:b0:
b6:1b:e4:f4:c8:e6:b2:1e:dc:7e:05:ff:7f:a7:38:4b:ed:96:
ea:87:bf:b2:be:92:f7:73:73:12:4a:14:24:39:51:3e:61:66:
97:af:f9:3d
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzGSoIJcH85e+riq/N9mWv6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjQwMTAxMTgzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDUyNWM4ZTU2ZDc2MTE3MzQ4ZWVmYzNhY2ZmYzgyMWQ3NzUzYzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmul88E/oPgrW2+m3riXZ12znZITb
mCQin19RbF+EoHgsrYQhDX3rG9uG9tPJ+n3UAsL1q3HyHoBIm72s8MyQ8hxkrV6a
pm3Hi7qCNgIZPADx55v7eRJILCjMnjQ/dI72FowxhRN/6BE2/v6nMi+DVoK3ltHl
2xeAP8BJNzjHqfRLJ5SVxedR9ARX9VrwmGWT+EPDmLztLyoZxDGDytLBQC4z4RyL
XXZPIYkZeIkvMNf00FztjnKoxG8fEGmFtChC+7oxHt4Xmey0oalHij0KAihK+DfZ
2I20szipl3lnS3szW880o4LXmWj5t/q0RQGJAvnYkUJZuq5y1GXOPCg7nQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFGBSXI5W12EXNI7vw6z/yCHXdTwXMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvWUZKY2psYlhZUmMwanVfRHJQX0lJZGQxUEJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQBJRI+AwQC
JRJgAwQCsqqcMAwDBAGyqrYDBAGyqrgwDAMEArx4JAMEArx4KDANBgkqhkiG9w0B
AQsFAAOCAQEAIWSHEHmbhZH3RGGFdkd/a6CLBpW9qa1m4J7HZSzfkJt2SJ8WJSZV
TXifOvlAVIc8RL4eOlI7dosi5sCONmpwXEYShKaDl9z4rmLb3cPaJAknVeUSYI0l
d/opzL7i67YXPX1sfVR5K6DP+24pSwv63YMKtWWmy3y/S2c1QFrlHFtgTqOZlV2I
m11cqwZgk9qrin0lgOhfuAeCMkb8rqPIfcijXMusp4QhcUdcml3F5vAftY6Q5Kcp
xfBtNRD2EMAWZ79EkSIoTvWx97u6fOtGM4fXzS+w4Iqwthvk9Mjmsh7cfgX/f6c4
S+2W6oe/sr6S93NzEkoUJDlRPmFml6/5PQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:35:00 2024 by rpki-client on console-fra.rpki-client.org