Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/1146ec-03ed-4025-8aa6-7a63590a06bd/1/YqkpZDVrandNeXMUSjAZ91gKobo.roa
File: YqkpZDVrandNeXMUSjAZ91gKobo.roa (raw, json)
Hash identifier: 6KHX4dbge+PGC39OFbr1qxDLnX420dNH4CLgmnrPdvo=
Subject key identifier: 62:A9:29:64:35:6B:6A:77:4D:79:73:14:4A:30:19:F7:58:0A:A1:BA
Certificate issuer: /CN=36ea2abed8908f327f86e2b0af15d4831049ceaa
Certificate serial: 018CCA295173BAE917BE7E1BA1B2E2991EA9
Authority key identifier: 36:EA:2A:BE:D8:90:8F:32:7F:86:E2:B0:AF:15:D4:83:10:49:CE:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NuoqvtiQjzJ_huKwrxXUgxBJzqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/1146ec-03ed-4025-8aa6-7a63590a06bd/1/YqkpZDVrandNeXMUSjAZ91gKobo.roa
Signing time: Tue 02 Jan 2024 12:32:34 +0000
ROA not before: Tue 02 Jan 2024 12:32:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35535
IP address blocks: 80.241.114.0/23 maxlen: 23
80.241.112.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/1146ec-03ed-4025-8aa6-7a63590a06bd/1/NuoqvtiQjzJ_huKwrxXUgxBJzqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/1146ec-03ed-4025-8aa6-7a63590a06bd/1/NuoqvtiQjzJ_huKwrxXUgxBJzqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/NuoqvtiQjzJ_huKwrxXUgxBJzqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:51:73:ba:e9:17:be:7e:1b:a1:b2:e2:99:1e:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36ea2abed8908f327f86e2b0af15d4831049ceaa
Validity
Not Before: Jan 2 12:32:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62a92964356b6a774d7973144a3019f7580aa1ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:97:31:1d:5a:b1:7d:6c:a3:cb:66:f0:ff:78:
e8:a5:46:65:19:1e:2f:aa:22:5e:96:f3:73:01:e1:
cc:12:d3:18:3c:4d:8f:a7:52:01:f5:ea:3b:f3:2e:
4c:23:70:1b:bb:a1:32:10:a9:e3:52:05:d3:41:55:
43:b3:ab:7c:8d:ad:a3:4c:9d:c8:14:e4:1f:c6:75:
2f:e7:5f:5a:13:c2:46:9e:f2:c0:1e:ee:c6:67:9b:
0a:94:e8:2e:ba:51:eb:4d:04:9e:21:36:d0:1d:e4:
43:1b:b9:fd:8a:a5:01:3c:14:98:00:1a:dc:9e:31:
20:4c:1f:2e:74:4f:4b:2b:ba:a1:a1:19:36:eb:15:
92:de:cc:4d:dc:13:97:f3:2e:ef:b2:d8:7f:02:fe:
8b:b0:8a:24:de:34:98:08:1f:dc:9a:98:c2:5d:37:
2b:c8:0e:48:a7:b9:0b:60:d1:ad:86:30:73:d5:de:
29:3e:4a:7c:1b:d7:92:e2:ea:87:70:25:95:03:2a:
6a:bf:43:8a:37:9f:75:e8:9c:95:f1:d6:2a:c0:d9:
2b:e1:f1:b7:bb:02:41:4f:2f:0d:62:7c:6d:7e:3e:
be:95:7c:56:dd:d8:d1:c1:5e:f1:e3:36:0b:49:f9:
07:88:5f:41:7c:2f:12:e2:7d:5f:d0:79:cb:fd:5d:
a9:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:A9:29:64:35:6B:6A:77:4D:79:73:14:4A:30:19:F7:58:0A:A1:BA
X509v3 Authority Key Identifier:
keyid:36:EA:2A:BE:D8:90:8F:32:7F:86:E2:B0:AF:15:D4:83:10:49:CE:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NuoqvtiQjzJ_huKwrxXUgxBJzqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/1146ec-03ed-4025-8aa6-7a63590a06bd/1/YqkpZDVrandNeXMUSjAZ91gKobo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/1146ec-03ed-4025-8aa6-7a63590a06bd/1/NuoqvtiQjzJ_huKwrxXUgxBJzqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.241.112.0/20
Signature Algorithm: sha256WithRSAEncryption
7f:6b:bc:6b:ff:5b:bb:61:97:3f:06:7e:4b:8c:aa:37:6a:7e:
aa:8b:1f:da:ed:8b:55:5f:06:e2:cf:1f:58:26:40:4f:e6:29:
70:5c:c0:6b:8c:0a:9b:6e:a2:41:0a:3f:a8:b0:8c:a9:5e:24:
99:6e:8c:d2:a3:29:44:ec:f7:c6:4c:2e:82:7a:80:48:04:7f:
e2:65:d3:14:6c:0f:6a:11:a8:67:94:4e:ee:df:01:0e:ec:63:
08:96:70:85:95:91:bf:31:ab:1e:d2:d5:cc:c3:25:d0:9b:88:
6a:ea:9d:46:5e:ea:8d:e1:7f:5f:e6:b7:76:25:3d:05:9d:1c:
d4:62:5d:a2:42:cf:17:40:5d:04:50:1e:1d:3c:98:c2:8b:26:
91:4c:be:81:00:6e:ef:77:37:a8:ef:6d:20:d2:e8:dd:7f:a5:
09:31:db:2c:95:a9:1e:83:82:24:c5:aa:6f:18:65:25:34:d6:
d0:85:79:44:0f:92:16:3b:e4:25:32:ed:67:04:bf:1c:b1:b8:
4f:e5:cc:51:54:f0:9a:90:3b:91:68:25:eb:f2:38:8a:c8:a5:
72:20:30:91:29:2d:31:37:cc:25:0a:37:a1:35:32:7a:5c:29:
56:fd:c0:30:17:59:46:b3:1d:b4:c6:c4:fc:07:6d:b0:64:49:
8d:eb:cd:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKVFzuukXvn4bobLimR6pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZWEyYWJlZDg5MDhmMzI3Zjg2ZTJiMGFmMTVkNDgzMTA0
OWNlYWEwHhcNMjQwMTAyMTIzMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmE5Mjk2NDM1NmI2YTc3NGQ3OTczMTQ0YTMwMTlmNzU4MGFhMWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspcxHVqxfWyjy2bw/3jopUZlGR4v
qiJelvNzAeHMEtMYPE2Pp1IB9eo78y5MI3Abu6EyEKnjUgXTQVVDs6t8ja2jTJ3I
FOQfxnUv519aE8JGnvLAHu7GZ5sKlOguulHrTQSeITbQHeRDG7n9iqUBPBSYABrc
njEgTB8udE9LK7qhoRk26xWS3sxN3BOX8y7vsth/Av6LsIok3jSYCB/cmpjCXTcr
yA5Ip7kLYNGthjBz1d4pPkp8G9eS4uqHcCWVAypqv0OKN5916JyV8dYqwNkr4fG3
uwJBTy8NYnxtfj6+lXxW3djRwV7x4zYLSfkHiF9BfC8S4n1f0HnL/V2p5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGKpKWQ1a2p3TXlzFEowGfdYCqG6MB8GA1UdIwQY
MBaAFDbqKr7YkI8yf4bisK8V1IMQSc6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnVvcXZ0aVFqekpfaHVLd3J4WFVneEJKenFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy8xMTQ2ZWMtMDNlZC00MDI1LThhYTYt
N2E2MzU5MGEwNmJkLzEvWXFrcFpEVnJhbmROZVhNVVNqQVo5MWdLb2JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy8xMTQ2ZWMtMDNlZC00MDI1LThhYTYtN2E2MzU5MGEwNmJk
LzEvTnVvcXZ0aVFqekpfaHVLd3J4WFVneEJKenFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUPFwMA0G
CSqGSIb3DQEBCwUAA4IBAQB/a7xr/1u7YZc/Bn5LjKo3an6qix/a7YtVXwbizx9Y
JkBP5ilwXMBrjAqbbqJBCj+osIypXiSZbozSoylE7PfGTC6CeoBIBH/iZdMUbA9q
EahnlE7u3wEO7GMIlnCFlZG/Mase0tXMwyXQm4hq6p1GXuqN4X9f5rd2JT0FnRzU
Yl2iQs8XQF0EUB4dPJjCiyaRTL6BAG7vdzeo720g0ujdf6UJMdsslakeg4Ikxapv
GGUlNNbQhXlED5IWO+QlMu1nBL8csbhP5cxRVPCakDuRaCXr8jiKyKVyIDCRKS0x
N8wlCjehNTJ6XClW/cAwF1lGsx20xsT8B22wZEmN681y
-----END CERTIFICATE-----
Generated at Sat Jun 1 18:27:22 2024 by rpki-client on console-ams.rpki-client.org