Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/yCnHPt_QlorljwCIE4B10MsyWqI.roa
File: yCnHPt_QlorljwCIE4B10MsyWqI.roa (raw, json)
Hash identifier: TENhnHcII4d8rZezueGXqw73iSfWx/RlwAbf4BOb0vU=
Subject key identifier: C8:29:C7:3E:DF:D0:96:8A:E5:8F:00:88:13:80:75:D0:CB:32:5A:A2
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 019423D6CF5337693687104043F82C38D6E9
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/yCnHPt_QlorljwCIE4B10MsyWqI.roa
Signing time: Wed 01 Jan 2025 21:47:47 +0000
ROA not before: Wed 01 Jan 2025 21:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3320
IP address blocks: 80.71.231.0/24 maxlen: 24
80.71.233.0/24 maxlen: 24
80.71.235.0/24 maxlen: 24
80.71.236.0/24 maxlen: 24
80.71.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.mft
rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:cf:53:37:69:36:87:10:40:43:f8:2c:38:d6:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Jan 1 21:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c829c73edfd0968ae58f0088138075d0cb325aa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:44:93:c7:7f:9f:10:f2:ea:98:35:c7:b3:85:
70:96:44:d1:59:9d:8b:92:c6:f6:75:b3:74:97:a2:
33:fb:b2:fe:be:dc:56:cd:55:48:15:ca:c2:c0:69:
47:ab:49:28:77:98:c9:f5:f4:cd:f4:c2:27:25:b7:
e4:7e:32:aa:07:e5:c4:d3:57:62:ca:91:96:a2:b0:
a9:09:54:61:2e:36:84:04:2f:f7:16:e3:2a:f6:b5:
08:95:47:b9:54:8f:44:49:4d:59:bb:82:dd:30:5d:
fd:96:a8:d1:a8:c4:60:bf:2b:6b:a1:71:43:c6:25:
e3:dc:db:ed:58:97:a5:eb:5c:e4:e4:f8:24:9f:33:
ef:08:cf:f3:ec:27:2a:39:58:a6:39:2e:46:b1:af:
25:d2:70:0f:9c:63:5e:fa:7d:01:56:3c:d2:69:10:
b4:78:b5:43:ca:d7:e5:fa:48:5b:6e:fd:ea:77:5d:
53:f0:15:1d:8e:d2:be:7b:61:a7:23:e6:cf:f8:ab:
f9:09:c7:cd:50:7d:16:77:ee:b8:6b:2b:f4:12:54:
56:29:0e:23:84:4a:16:db:17:db:41:48:f1:5e:81:
ef:6c:79:1b:83:6c:3c:9b:76:eb:d6:c1:62:17:ea:
b6:ac:26:c6:04:7c:36:5e:b4:c5:24:6d:31:7b:e6:
68:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:29:C7:3E:DF:D0:96:8A:E5:8F:00:88:13:80:75:D0:CB:32:5A:A2
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/yCnHPt_QlorljwCIE4B10MsyWqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.71.231.0/24
80.71.233.0/24
80.71.235.0-80.71.236.255
80.71.238.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:7c:9e:97:db:99:b7:9d:eb:87:31:3b:58:89:cd:4e:e0:47:
fb:43:88:ed:ea:97:eb:c7:94:3c:63:91:df:e2:c8:19:e9:f9:
1d:4f:2b:ae:25:c2:b5:ff:9f:9b:60:07:18:bd:42:1f:63:61:
c3:02:e2:25:6d:34:42:81:e9:3c:88:eb:77:7f:cc:2e:20:a8:
dd:8b:4e:f4:19:b0:ce:8a:99:f8:6c:22:3d:e3:81:54:dd:3d:
7e:37:e5:2f:c9:55:6b:3a:40:8d:99:6f:19:cd:2f:08:49:8d:
1e:08:d3:47:fd:5a:ef:5f:5c:af:25:57:28:8b:3d:27:bc:32:
d3:72:31:41:66:be:a9:3f:e7:02:07:d8:49:3f:cc:66:4f:fc:
03:0e:52:06:ee:0f:e8:57:3c:ee:d8:18:2b:4a:70:3c:81:25:
a8:1f:71:28:54:44:de:be:53:39:1a:a8:d3:e5:2c:e4:cd:4a:
ad:57:cd:a8:ce:06:a8:6e:d7:f7:3b:74:13:56:19:f0:b2:a6:
d2:02:c6:4f:1e:c1:ab:21:36:14:48:af:ed:30:fc:98:e9:ac:
e0:32:9b:b0:ae:05:a9:f8:42:43:95:7f:37:d9:f6:f1:db:cc:
64:a6:d4:27:ff:cc:a2:ef:bd:3a:68:8e:6b:7a:b6:99:a5:71:
31:ce:8f:2e
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQj1s9TN2k2hxBAQ/gsONbpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjUwMTAxMjE0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODI5YzczZWRmZDA5NjhhZTU4ZjAwODgxMzgwNzVkMGNiMzI1YWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsESTx3+fEPLqmDXHs4VwlkTRWZ2L
ksb2dbN0l6Iz+7L+vtxWzVVIFcrCwGlHq0kod5jJ9fTN9MInJbfkfjKqB+XE01di
ypGWorCpCVRhLjaEBC/3FuMq9rUIlUe5VI9ESU1Zu4LdMF39lqjRqMRgvytroXFD
xiXj3NvtWJel61zk5PgknzPvCM/z7CcqOVimOS5Gsa8l0nAPnGNe+n0BVjzSaRC0
eLVDytfl+khbbv3qd11T8BUdjtK+e2GnI+bP+Kv5CcfNUH0Wd+64ayv0ElRWKQ4j
hEoW2xfbQUjxXoHvbHkbg2w8m3br1sFiF+q2rCbGBHw2XrTFJG0xe+ZoGQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFMgpxz7f0JaK5Y8AiBOAddDLMlqiMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEveUNuSFB0X1Fsb3JsandDSUU0QjEwTXN5V3FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAUEfnAwQA
UEfpMAwDBABQR+sDBABQR+wDBABQR+4wDQYJKoZIhvcNAQELBQADggEBAD18npfb
mbed64cxO1iJzU7gR/tDiO3ql+vHlDxjkd/iyBnp+R1PK64lwrX/n5tgBxi9Qh9j
YcMC4iVtNEKB6TyI63d/zC4gqN2LTvQZsM6KmfhsIj3jgVTdPX435S/JVWs6QI2Z
bxnNLwhJjR4I00f9Wu9fXK8lVyiLPSe8MtNyMUFmvqk/5wIH2Ek/zGZP/AMOUgbu
D+hXPO7YGCtKcDyBJagfcShURN6+UzkaqNPlLOTNSq1XzajOBqhu1/c7dBNWGfCy
ptICxk8ewashNhRIr+0w/JjprOAym7CuBan4QkOVfzfZ9vHbzGSm1Cf/zKLvvTpo
jmt6tpmlcTHOjy4=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:43:53 2025 by rpki-client