Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/YnApw1VE9v2DdZwTiEoVBVPeJx0.roa
File: YnApw1VE9v2DdZwTiEoVBVPeJx0.roa (raw, json)
Hash identifier: oPDivIRNsKRNx2Ajzjm/4pjDRSvVSlzlLgZkHWiTw44=
Subject key identifier: 62:70:29:C3:55:44:F6:FD:83:75:9C:13:88:4A:15:05:53:DE:27:1D
Certificate issuer: /CN=a811a2c9fc8de9679bb158581b10ceaee91ff791
Certificate serial: 0192499D2782DE39BCD7F00E2BA083C9FC83
Authority key identifier: A8:11:A2:C9:FC:8D:E9:67:9B:B1:58:58:1B:10:CE:AE:E9:1F:F7:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qBGiyfyN6WebsVhYGxDOrukf95E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/YnApw1VE9v2DdZwTiEoVBVPeJx0.roa
Signing time: Tue 01 Oct 2024 19:44:48 +0000
ROA not before: Tue 01 Oct 2024 19:44:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34393
IP address blocks: 91.192.56.0/22 maxlen: 22
95.215.20.0/22 maxlen: 22
95.215.24.0/21 maxlen: 21
195.177.64.0/22 maxlen: 22
195.177.84.0/22 maxlen: 22
2001:67c:2f64::/48 maxlen: 48
2a0e:c980::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/qBGiyfyN6WebsVhYGxDOrukf95E.crl
rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/qBGiyfyN6WebsVhYGxDOrukf95E.mft
rsync://rpki.ripe.net/repository/DEFAULT/qBGiyfyN6WebsVhYGxDOrukf95E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:49:9d:27:82:de:39:bc:d7:f0:0e:2b:a0:83:c9:fc:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a811a2c9fc8de9679bb158581b10ceaee91ff791
Validity
Not Before: Oct 1 19:44:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=627029c35544f6fd83759c13884a150553de271d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a2:70:7d:83:d5:d4:61:51:1a:2e:6c:64:1e:
03:92:26:d6:6a:39:2d:23:de:8d:13:22:ae:75:01:
f4:c4:8f:b0:10:54:7d:30:24:82:a1:0f:a9:1a:39:
f3:9e:0d:ef:c8:7d:09:7e:92:7d:c4:31:a4:c1:0a:
1b:56:64:5c:31:02:dd:c7:dc:c8:66:25:33:68:a5:
2f:2d:51:f1:5f:4e:52:64:94:62:ad:33:54:b4:7b:
a0:f7:00:12:eb:98:f7:c9:3b:06:a3:5e:da:0b:14:
5f:91:7d:f7:fc:18:6d:a4:c8:ba:d2:da:e0:5c:08:
1f:4d:10:79:c1:6e:ea:37:c4:61:47:d3:fa:bc:70:
50:6f:8e:5b:09:b4:42:87:f7:37:7e:e7:04:07:95:
1d:9f:5a:1c:77:db:f6:2a:5a:cc:e7:f5:30:70:38:
a6:74:b7:28:1c:0d:cc:45:81:0a:77:58:f7:d7:2e:
38:e9:aa:b7:1c:c2:43:7a:7f:8d:66:87:5a:e2:13:
f1:e4:c1:85:e0:9e:da:9b:6e:96:3c:ba:e5:62:21:
c8:b6:a3:76:87:15:8c:39:97:a5:e6:5e:72:8b:49:
d1:d9:e3:4a:75:26:d9:33:9c:28:ac:81:ff:87:db:
5e:76:99:58:92:a4:c3:4e:11:1e:dc:2b:b5:a7:f1:
95:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:70:29:C3:55:44:F6:FD:83:75:9C:13:88:4A:15:05:53:DE:27:1D
X509v3 Authority Key Identifier:
keyid:A8:11:A2:C9:FC:8D:E9:67:9B:B1:58:58:1B:10:CE:AE:E9:1F:F7:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qBGiyfyN6WebsVhYGxDOrukf95E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/YnApw1VE9v2DdZwTiEoVBVPeJx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/qBGiyfyN6WebsVhYGxDOrukf95E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.192.56.0/22
95.215.20.0-95.215.31.255
195.177.64.0/22
195.177.84.0/22
IPv6:
2001:67c:2f64::/48
2a0e:c980::/29
Signature Algorithm: sha256WithRSAEncryption
43:c8:10:29:ec:49:00:fb:86:90:39:c0:60:7a:f8:ae:4c:da:
68:5c:11:df:d9:dc:f0:a3:3a:3e:ea:d8:73:55:e9:4a:d2:50:
8b:cf:6e:5a:7c:35:c7:69:60:d1:f9:70:1b:41:11:85:0d:7f:
dc:a6:8c:fa:44:b9:d8:3e:26:aa:87:83:ec:fd:46:99:92:02:
53:7b:46:9d:55:72:a0:da:68:29:21:81:4c:dc:9c:d9:c0:4c:
ab:72:17:32:b4:31:f9:34:28:3c:d2:66:81:dd:40:90:10:ff:
5b:81:a8:2d:07:01:fe:8f:e4:61:62:41:88:89:26:96:9e:5c:
f1:90:eb:c9:00:f5:4f:04:7d:c2:9b:67:62:e9:2b:1d:e8:50:
a1:35:6f:d5:27:29:ce:3e:75:8c:a9:4e:6e:89:25:dc:35:fa:
50:29:ed:c8:6e:77:1e:c5:c7:e0:d5:f6:93:2c:a4:30:63:c1:
c2:ff:e2:0e:6a:42:8d:88:e3:30:ff:f4:07:37:a0:6a:ab:7b:
dc:76:ba:3e:32:ad:48:dc:0a:27:1e:cc:be:3b:cd:86:d4:50:
69:42:f7:59:12:71:d2:03:bc:9f:ed:b7:7b:50:84:cc:d5:df:
11:3b:35:a2:ef:94:fd:64:48:89:b4:22:5d:18:8b:c2:9a:ef:
7b:83:3b:c4
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZJJnSeC3jm81/AOK6CDyfyDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MTFhMmM5ZmM4ZGU5Njc5YmIxNTg1ODFiMTBjZWFlZTkx
ZmY3OTEwHhcNMjQxMDAxMTk0NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjcwMjljMzU1NDRmNmZkODM3NTljMTM4ODRhMTUwNTUzZGUyNzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsaJwfYPV1GFRGi5sZB4DkibWajkt
I96NEyKudQH0xI+wEFR9MCSCoQ+pGjnzng3vyH0JfpJ9xDGkwQobVmRcMQLdx9zI
ZiUzaKUvLVHxX05SZJRirTNUtHug9wAS65j3yTsGo17aCxRfkX33/BhtpMi60trg
XAgfTRB5wW7qN8RhR9P6vHBQb45bCbRCh/c3fucEB5Udn1ocd9v2KlrM5/UwcDim
dLcoHA3MRYEKd1j31y446aq3HMJDen+NZoda4hPx5MGF4J7am26WPLrlYiHItqN2
hxWMOZel5l5yi0nR2eNKdSbZM5worIH/h9tedplYkqTDThEe3Cu1p/GV/wIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFGJwKcNVRPb9g3WcE4hKFQVT3icdMB8GA1UdIwQY
MBaAFKgRosn8jelnm7FYWBsQzq7pH/eRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUJHaXlmeU42V2Vic1ZoWUd4RE9ydWtmOTVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8xZGVjYjMtMTU5My00NWRiLWFmNTYt
MGNjNGMwMDAwODU4LzEvWW5BcHcxVkU5djJEZFp3VGlFb1ZCVlBlSngwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS8xZGVjYjMtMTU5My00NWRiLWFmNTYtMGNjNGMwMDAwODU4
LzEvcUJHaXlmeU42V2Vic1ZoWUd4RE9ydWtmOTVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAmBAIAATAgAwQCW8A4MAwD
BAJf1xQDBAVf1wADBALDsUADBALDsVQwFgQCAAIwEAMHACABBnwvZAMFAyoOyYAw
DQYJKoZIhvcNAQELBQADggEBAEPIECnsSQD7hpA5wGB6+K5M2mhcEd/Z3PCjOj7q
2HNV6UrSUIvPblp8NcdpYNH5cBtBEYUNf9ymjPpEudg+JqqHg+z9RpmSAlN7Rp1V
cqDaaCkhgUzcnNnATKtyFzK0Mfk0KDzSZoHdQJAQ/1uBqC0HAf6P5GFiQYiJJpae
XPGQ68kA9U8EfcKbZ2LpKx3oUKE1b9UnKc4+dYypTm6JJdw1+lAp7chudx7Fx+DV
9pMspDBjwcL/4g5qQo2I4zD/9Ac3oGqre9x2uj4yrUjcCicezL47zYbUUGlC91kS
cdIDvJ/tt3tQhMzV3xE7NaLvlP1kSIm0Il0Yi8Ka73uDO8Q=
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:11:51 2024 by rpki-client on console-ams.rpki-client.org