Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/2df786-52d5-438b-8b56-0e96b1ffb247/1/YMQ02KtoHddOBd8P0_L911zzXZo.roa
File: YMQ02KtoHddOBd8P0_L911zzXZo.roa (raw, json)
Hash identifier: KLEMa+EsIIYumj5REVXzu9c2VVWhgQLOfarzx4uuFQ8=
Subject key identifier: 60:C4:34:D8:AB:68:1D:D7:4E:05:DF:0F:D3:F2:FD:D7:5C:F3:5D:9A
Certificate issuer: /CN=1ddf5951c9ae79976d97e1d28e466a615119898b
Certificate serial: 018CC64B5C9316256F4BD673F44C44D419C0
Authority key identifier: 1D:DF:59:51:C9:AE:79:97:6D:97:E1:D2:8E:46:6A:61:51:19:89:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hd9ZUcmueZdtl-HSjkZqYVEZiYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/2df786-52d5-438b-8b56-0e96b1ffb247/1/YMQ02KtoHddOBd8P0_L911zzXZo.roa
Signing time: Mon 01 Jan 2024 18:31:16 +0000
ROA not before: Mon 01 Jan 2024 18:31:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200845
IP address blocks: 185.251.213.0/24 maxlen: 24
185.171.104.0/22 maxlen: 24
185.251.212.0/22 maxlen: 24
185.251.215.0/24 maxlen: 24
185.171.107.0/24 maxlen: 24
185.171.106.0/24 maxlen: 24
185.251.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/2df786-52d5-438b-8b56-0e96b1ffb247/1/Hd9ZUcmueZdtl-HSjkZqYVEZiYs.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/2df786-52d5-438b-8b56-0e96b1ffb247/1/Hd9ZUcmueZdtl-HSjkZqYVEZiYs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Hd9ZUcmueZdtl-HSjkZqYVEZiYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:02:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:5c:93:16:25:6f:4b:d6:73:f4:4c:44:d4:19:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ddf5951c9ae79976d97e1d28e466a615119898b
Validity
Not Before: Jan 1 18:31:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60c434d8ab681dd74e05df0fd3f2fdd75cf35d9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:05:d7:53:be:ec:f3:08:98:bc:75:75:e2:de:
a6:f4:15:a0:2d:f9:d7:52:d7:8a:88:f5:c6:50:e1:
73:24:78:0f:37:65:19:62:59:7d:21:47:63:c7:ad:
4b:72:25:b6:3e:6d:5d:a5:df:fa:8f:1c:b5:41:6c:
ae:fd:b5:60:4e:21:f4:18:54:44:a9:51:10:5f:63:
28:80:c5:3a:11:59:11:77:50:94:75:f5:18:dc:ff:
8c:63:f6:18:4f:22:fa:cb:0a:3f:fe:fe:25:c9:1c:
f2:e3:22:9a:b5:93:b6:39:4c:10:9b:94:7e:5a:a4:
45:c3:5b:3b:b5:47:1f:2e:62:d8:ed:d3:47:19:7a:
c1:27:55:65:75:b7:53:2d:09:14:b5:50:cb:5f:a4:
15:1b:f4:92:2e:4c:52:68:93:8e:b0:88:af:bb:59:
6f:3e:0d:33:22:92:99:f1:f6:36:a7:82:cf:15:3b:
71:a7:d1:c7:2d:91:96:64:88:04:48:a8:8b:2d:4b:
9f:3b:2d:ec:61:43:f9:2b:61:75:fc:bc:e9:b9:0a:
45:a9:8a:7c:1b:05:17:86:d1:63:94:12:b7:cf:c2:
cd:f0:a8:de:12:ec:40:54:c6:ea:1f:ab:d9:62:90:
25:4c:4d:15:8b:be:59:08:dd:22:a5:4f:f0:e6:90:
62:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:C4:34:D8:AB:68:1D:D7:4E:05:DF:0F:D3:F2:FD:D7:5C:F3:5D:9A
X509v3 Authority Key Identifier:
keyid:1D:DF:59:51:C9:AE:79:97:6D:97:E1:D2:8E:46:6A:61:51:19:89:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hd9ZUcmueZdtl-HSjkZqYVEZiYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/2df786-52d5-438b-8b56-0e96b1ffb247/1/YMQ02KtoHddOBd8P0_L911zzXZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/2df786-52d5-438b-8b56-0e96b1ffb247/1/Hd9ZUcmueZdtl-HSjkZqYVEZiYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.171.104.0/22
185.251.212.0/22
Signature Algorithm: sha256WithRSAEncryption
55:0d:65:8b:b0:a5:ce:cb:d1:17:fd:ea:87:c9:a0:89:d7:c7:
07:ea:ae:21:18:62:2a:8d:4e:77:bf:d5:85:d5:b5:21:d4:63:
1a:75:8d:4b:b7:e1:d1:a0:4d:cb:37:0f:37:ea:ec:9c:15:a4:
0f:93:1c:a5:a4:04:7c:b0:37:69:bf:3b:59:cd:19:da:cd:d2:
ac:53:a1:99:a2:07:7f:26:bd:7e:5b:66:7b:c8:6f:cd:09:ad:
64:2e:81:e6:6b:40:33:8e:b8:6e:40:24:39:af:65:68:80:d1:
4a:42:77:16:56:60:df:04:9e:bf:13:ea:8a:21:96:ec:d8:75:
2f:a7:64:d5:b3:77:db:c5:1a:9b:5d:fe:4f:bc:b1:b1:7f:65:
d6:41:7d:89:d2:aa:9c:a8:6c:8f:65:aa:5c:7c:1b:33:2f:09:
64:c6:56:98:06:b9:b3:c9:8e:99:50:2e:ee:2b:81:09:fe:11:
dc:17:b6:97:71:d4:80:35:72:03:25:98:2c:cf:6b:dc:f3:1c:
9f:93:e7:44:04:d4:61:83:b2:ad:59:6d:47:9d:2b:5d:8c:d1:
78:dc:fe:27:55:d6:bf:94:0d:8f:e1:08:e2:b6:41:23:f5:08:
13:47:a8:e1:5a:25:0a:59:08:20:0f:a6:f8:13:ff:94:59:4f:
67:c8:4a:85
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGS1yTFiVvS9Zz9ExE1BnAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZGY1OTUxYzlhZTc5OTc2ZDk3ZTFkMjhlNDY2YTYxNTEx
OTg5OGIwHhcNMjQwMTAxMTgzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGM0MzRkOGFiNjgxZGQ3NGUwNWRmMGZkM2YyZmRkNzVjZjM1ZDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQXXU77s8wiYvHV14t6m9BWgLfnX
UteKiPXGUOFzJHgPN2UZYll9IUdjx61LciW2Pm1dpd/6jxy1QWyu/bVgTiH0GFRE
qVEQX2MogMU6EVkRd1CUdfUY3P+MY/YYTyL6ywo//v4lyRzy4yKatZO2OUwQm5R+
WqRFw1s7tUcfLmLY7dNHGXrBJ1VldbdTLQkUtVDLX6QVG/SSLkxSaJOOsIivu1lv
Pg0zIpKZ8fY2p4LPFTtxp9HHLZGWZIgESKiLLUufOy3sYUP5K2F1/LzpuQpFqYp8
GwUXhtFjlBK3z8LN8KjeEuxAVMbqH6vZYpAlTE0Vi75ZCN0ipU/w5pBiNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGDENNiraB3XTgXfD9Py/ddc812aMB8GA1UdIwQY
MBaAFB3fWVHJrnmXbZfh0o5GamFRGYmLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGQ5WlVjbXVlWmR0bC1IU2prWnFZVkVaaVlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8yZGY3ODYtNTJkNS00MzhiLThiNTYt
MGU5NmIxZmZiMjQ3LzEvWU1RMDJLdG9IZGRPQmQ4UDBfTDkxMXp6WFpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8yZGY3ODYtNTJkNS00MzhiLThiNTYtMGU5NmIxZmZiMjQ3
LzEvSGQ5WlVjbXVlWmR0bC1IU2prWnFZVkVaaVlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuatoAwQC
ufvUMA0GCSqGSIb3DQEBCwUAA4IBAQBVDWWLsKXOy9EX/eqHyaCJ18cH6q4hGGIq
jU53v9WF1bUh1GMadY1Lt+HRoE3LNw836uycFaQPkxylpAR8sDdpvztZzRnazdKs
U6GZogd/Jr1+W2Z7yG/NCa1kLoHma0AzjrhuQCQ5r2VogNFKQncWVmDfBJ6/E+qK
IZbs2HUvp2TVs3fbxRqbXf5PvLGxf2XWQX2J0qqcqGyPZapcfBszLwlkxlaYBrmz
yY6ZUC7uK4EJ/hHcF7aXcdSANXIDJZgsz2vc8xyfk+dEBNRhg7KtWW1HnStdjNF4
3P4nVda/lA2P4QjitkEj9QgTR6jhWiUKWQggD6b4E/+UWU9nyEqF
-----END CERTIFICATE-----
Generated at Sat May 18 00:00:58 2024 by rpki-client on console-fra.rpki-client.org