Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/99b535-c42b-4e01-8793-722294783e9e/1/y02pMvabXiUHXfszzuw4tsQ9f3Y.roa
File: y02pMvabXiUHXfszzuw4tsQ9f3Y.roa (raw, json)
Hash identifier: TnjAyIua6I2FKkaCX+4CimLwOool++Dsd02yEVGqYjo=
Subject key identifier: CB:4D:A9:32:F6:9B:5E:25:07:5D:FB:33:CE:EC:38:B6:C4:3D:7F:76
Certificate issuer: /CN=1b78dbf3e859582fd1eda2f2dcde5422295146f1
Certificate serial: 018CC4930883E462A6F8AD503C7B114F58B1
Authority key identifier: 1B:78:DB:F3:E8:59:58:2F:D1:ED:A2:F2:DC:DE:54:22:29:51:46:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G3jb8-hZWC_R7aLy3N5UIilRRvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/99b535-c42b-4e01-8793-722294783e9e/1/y02pMvabXiUHXfszzuw4tsQ9f3Y.roa
Signing time: Mon 01 Jan 2024 10:30:19 +0000
ROA not before: Mon 01 Jan 2024 10:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15600
IP address blocks: 5.172.128.0/20 maxlen: 20
185.74.136.0/22 maxlen: 22
2a00:d4e0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/99b535-c42b-4e01-8793-722294783e9e/1/G3jb8-hZWC_R7aLy3N5UIilRRvE.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/99b535-c42b-4e01-8793-722294783e9e/1/G3jb8-hZWC_R7aLy3N5UIilRRvE.mft
rsync://rpki.ripe.net/repository/DEFAULT/G3jb8-hZWC_R7aLy3N5UIilRRvE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 11:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:08:83:e4:62:a6:f8:ad:50:3c:7b:11:4f:58:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b78dbf3e859582fd1eda2f2dcde5422295146f1
Validity
Not Before: Jan 1 10:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb4da932f69b5e25075dfb33ceec38b6c43d7f76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:36:ea:44:6a:8c:4f:97:3a:02:ab:67:03:a0:
d9:88:21:3b:64:f5:d8:6f:ab:a2:6d:9e:b6:ca:29:
a7:1f:7c:a6:34:70:fb:e8:1f:f0:3b:14:9b:72:d4:
18:25:6d:d0:22:1d:c9:de:04:c9:09:fd:5c:de:a9:
8a:2c:b9:3d:f7:5f:05:c6:fe:91:f5:3c:07:58:17:
5a:72:d1:8f:61:e4:ca:2f:ac:d8:79:6b:df:83:f1:
16:d9:33:dc:9a:f2:a3:2a:2c:0b:7c:34:34:82:06:
33:aa:5b:2c:99:3e:b0:4d:76:94:68:48:71:a3:37:
a1:71:83:e6:f4:9e:a8:c8:68:91:25:b1:25:e7:bc:
c4:af:c1:54:35:94:f1:b1:18:7b:e3:84:76:d1:ae:
21:c3:4a:7d:de:66:d9:6d:49:28:a7:2d:cd:6b:20:
15:7a:17:3a:0d:9a:a3:78:9b:89:f8:d7:dc:6c:5f:
25:14:53:cd:92:b3:75:04:c5:36:21:8e:15:9c:ee:
80:61:4c:a2:7d:c7:cd:b6:fa:ce:f4:1b:41:99:b9:
f3:50:07:55:3a:83:e3:be:4e:eb:2d:5e:d9:13:50:
72:ac:d2:e6:29:cc:f9:6d:78:0e:5d:95:6c:bd:32:
cf:8c:89:ed:58:c3:8c:0a:3f:45:85:fb:07:05:08:
52:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:4D:A9:32:F6:9B:5E:25:07:5D:FB:33:CE:EC:38:B6:C4:3D:7F:76
X509v3 Authority Key Identifier:
keyid:1B:78:DB:F3:E8:59:58:2F:D1:ED:A2:F2:DC:DE:54:22:29:51:46:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G3jb8-hZWC_R7aLy3N5UIilRRvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/99b535-c42b-4e01-8793-722294783e9e/1/y02pMvabXiUHXfszzuw4tsQ9f3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/99b535-c42b-4e01-8793-722294783e9e/1/G3jb8-hZWC_R7aLy3N5UIilRRvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.128.0/20
185.74.136.0/22
IPv6:
2a00:d4e0::/29
Signature Algorithm: sha256WithRSAEncryption
01:5a:f5:b7:54:6d:4d:ea:aa:89:c6:09:d4:78:9e:99:e7:b4:
1e:60:b5:b8:85:c6:0c:da:8a:c0:b9:37:0e:34:51:18:7f:75:
ac:9f:dc:45:43:95:1a:e6:e0:ee:53:56:93:f2:87:f7:4a:b2:
91:6b:b4:1b:77:e9:4a:e2:70:36:8f:b4:91:bc:07:c4:87:98:
8a:17:33:4c:f8:26:9f:3d:1f:5a:90:49:12:37:7c:d1:50:5d:
fd:3b:eb:11:a0:83:65:42:51:0a:11:32:d6:c5:09:27:84:ae:
c1:fe:6f:c5:b8:7b:6c:97:84:99:59:be:79:2c:37:30:eb:e3:
20:4f:69:03:da:0a:c5:0b:b6:3a:3c:13:ed:8a:25:78:57:bf:
d3:41:e5:d2:6d:47:76:85:44:b4:19:4d:f4:d2:75:23:db:e7:
b6:7b:50:c7:c4:85:cb:b6:d4:45:fd:a8:9e:42:8c:0f:65:f4:
7e:d8:87:e1:dd:5b:dc:e5:15:4e:7c:fd:6d:43:69:3a:d6:fa:
2f:80:89:2b:0b:8f:bc:bb:c8:25:b2:6d:dc:f4:18:7a:86:10:
25:46:8e:94:17:c9:16:89:d5:3f:90:2d:b4:d1:e9:32:ca:b6:
5d:71:a6:9b:3d:1e:2e:3f:be:94:4a:67:4b:5b:69:04:01:93:
09:42:1d:8e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzEkwiD5GKm+K1QPHsRT1ixMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiNzhkYmYzZTg1OTU4MmZkMWVkYTJmMmRjZGU1NDIyMjk1
MTQ2ZjEwHhcNMjQwMTAxMTAzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjRkYTkzMmY2OWI1ZTI1MDc1ZGZiMzNjZWVjMzhiNmM0M2Q3Zjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjbqRGqMT5c6AqtnA6DZiCE7ZPXY
b6uibZ62yimnH3ymNHD76B/wOxSbctQYJW3QIh3J3gTJCf1c3qmKLLk9918Fxv6R
9TwHWBdactGPYeTKL6zYeWvfg/EW2TPcmvKjKiwLfDQ0ggYzqlssmT6wTXaUaEhx
ozehcYPm9J6oyGiRJbEl57zEr8FUNZTxsRh744R20a4hw0p93mbZbUkopy3NayAV
ehc6DZqjeJuJ+NfcbF8lFFPNkrN1BMU2IY4VnO6AYUyifcfNtvrO9BtBmbnzUAdV
OoPjvk7rLV7ZE1ByrNLmKcz5bXgOXZVsvTLPjIntWMOMCj9FhfsHBQhSHQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMtNqTL2m14lB137M87sOLbEPX92MB8GA1UdIwQY
MBaAFBt42/PoWVgv0e2i8tzeVCIpUUbxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzNqYjgtaFpXQ19SN2FMeTNONVVJaWxSUnZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC85OWI1MzUtYzQyYi00ZTAxLTg3OTMt
NzIyMjk0NzgzZTllLzEveTAycE12YWJYaVVIWGZzenp1dzR0c1E5ZjNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC85OWI1MzUtYzQyYi00ZTAxLTg3OTMtNzIyMjk0NzgzZTll
LzEvRzNqYjgtaFpXQ19SN2FMeTNONVVJaWxSUnZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEBayAAwQC
uUqIMA0EAgACMAcDBQMqANTgMA0GCSqGSIb3DQEBCwUAA4IBAQABWvW3VG1N6qqJ
xgnUeJ6Z57QeYLW4hcYM2orAuTcONFEYf3Wsn9xFQ5Ua5uDuU1aT8of3SrKRa7Qb
d+lK4nA2j7SRvAfEh5iKFzNM+CafPR9akEkSN3zRUF39O+sRoINlQlEKETLWxQkn
hK7B/m/FuHtsl4SZWb55LDcw6+MgT2kD2grFC7Y6PBPtiiV4V7/TQeXSbUd2hUS0
GU300nUj2+e2e1DHxIXLttRF/aieQowPZfR+2Ifh3Vvc5RVOfP1tQ2k61vovgIkr
C4+8u8glsm3c9Bh6hhAlRo6UF8kWidU/kC200ekyyrZdcaabPR4uP76USmdLW2kE
AZMJQh2O
-----END CERTIFICATE-----
Generated at Sat May 18 20:06:27 2024 by rpki-client on console-fra.rpki-client.org