Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/83f631-8977-4d2e-8523-888c07f2153f/1/Y1lv_9FQ575tVB_loyQqbwmwUQM.roa
File: Y1lv_9FQ575tVB_loyQqbwmwUQM.roa (raw, json)
Hash identifier: Irz866DKvk2Bjre43s8+hRPujwiDajfeMxP4b4OaNPI=
Subject key identifier: 63:59:6F:FF:D1:50:E7:BE:6D:54:1F:E5:A3:24:2A:6F:09:B0:51:03
Certificate issuer: /CN=8ab606cea79b5abe81683a63379b39289b2cab93
Certificate serial: 018F3DDD2FE164E6EB23554E623CD2F888E0
Authority key identifier: 8A:B6:06:CE:A7:9B:5A:BE:81:68:3A:63:37:9B:39:28:9B:2C:AB:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/irYGzqebWr6BaDpjN5s5KJssq5M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/83f631-8977-4d2e-8523-888c07f2153f/1/Y1lv_9FQ575tVB_loyQqbwmwUQM.roa
Signing time: Fri 03 May 2024 09:50:56 +0000
ROA not before: Fri 03 May 2024 09:50:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49544
IP address blocks: 185.162.56.0/22 maxlen: 22
2a0a:8000::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/83f631-8977-4d2e-8523-888c07f2153f/1/irYGzqebWr6BaDpjN5s5KJssq5M.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/83f631-8977-4d2e-8523-888c07f2153f/1/irYGzqebWr6BaDpjN5s5KJssq5M.mft
rsync://rpki.ripe.net/repository/DEFAULT/irYGzqebWr6BaDpjN5s5KJssq5M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:3d:dd:2f:e1:64:e6:eb:23:55:4e:62:3c:d2:f8:88:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ab606cea79b5abe81683a63379b39289b2cab93
Validity
Not Before: May 3 09:50:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63596fffd150e7be6d541fe5a3242a6f09b05103
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:ee:52:eb:45:1e:a7:63:d2:bb:a3:c4:c5:6a:
00:2b:07:ba:00:31:8d:4b:20:2c:d1:6a:12:eb:39:
76:ab:df:42:7b:15:24:fa:68:eb:8c:a2:06:ca:28:
18:69:5e:b1:26:70:6b:24:98:fd:43:51:c5:99:61:
d8:4a:86:f0:e1:0e:b7:55:fd:39:11:34:62:33:d8:
ff:ef:87:3d:d5:64:a9:22:62:f8:52:46:a6:aa:9e:
42:64:28:4d:78:47:11:05:d9:e8:1a:2a:a2:ac:76:
b1:56:d0:9b:e3:4b:61:4f:5b:eb:90:0f:06:14:08:
df:ab:f6:44:57:38:33:aa:7b:d9:da:0b:2b:dc:d8:
87:7b:10:08:97:35:69:07:8f:6e:74:01:31:50:0d:
8c:d9:f1:df:35:a2:f8:e4:35:cc:91:71:c0:5e:f6:
58:87:89:2b:99:b1:a5:91:8a:e4:af:ca:fb:65:71:
43:80:2b:04:93:00:21:c8:f3:33:52:06:74:02:73:
45:c0:2a:b4:c1:24:1a:04:e2:15:f7:fd:66:5b:68:
14:59:57:fb:4f:11:d9:39:19:55:8f:25:d5:46:75:
f8:4a:b2:d1:4e:8f:33:43:83:7b:a3:6e:dc:10:fc:
af:82:08:00:71:de:55:b4:e9:21:f2:f8:b1:1d:51:
e7:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:59:6F:FF:D1:50:E7:BE:6D:54:1F:E5:A3:24:2A:6F:09:B0:51:03
X509v3 Authority Key Identifier:
keyid:8A:B6:06:CE:A7:9B:5A:BE:81:68:3A:63:37:9B:39:28:9B:2C:AB:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/irYGzqebWr6BaDpjN5s5KJssq5M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/83f631-8977-4d2e-8523-888c07f2153f/1/Y1lv_9FQ575tVB_loyQqbwmwUQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/83f631-8977-4d2e-8523-888c07f2153f/1/irYGzqebWr6BaDpjN5s5KJssq5M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.162.56.0/22
IPv6:
2a0a:8000::/29
Signature Algorithm: sha256WithRSAEncryption
11:b2:df:58:c3:23:26:f4:0a:41:f2:86:0e:51:71:10:0b:7f:
8e:83:e2:20:72:23:cd:b2:3f:b1:3d:1b:d3:5c:62:1e:53:03:
8c:d0:51:90:16:c8:6d:59:20:4d:78:bd:e8:fd:9b:40:c4:9f:
ff:a2:8d:fe:ea:02:da:e6:70:3a:9a:c3:40:ff:09:07:23:ed:
1d:9b:91:f8:e8:1c:62:7b:f2:d2:d7:e9:0c:e8:d7:4e:bb:35:
38:02:ee:d2:b2:29:e9:c0:8c:d9:5b:44:81:3b:fd:86:c4:d4:
ce:83:ae:ff:91:0d:9f:ae:dd:98:67:8e:36:5f:7c:bd:45:77:
df:cf:92:93:2b:ba:9a:bc:e6:80:3c:07:c7:54:30:e9:2c:75:
47:5c:32:0a:c7:cb:15:2f:ef:d1:1e:41:4f:a9:fd:4c:1c:b9:
35:b5:ae:8c:aa:dd:22:13:1a:dd:1b:a4:e1:09:96:98:fb:c3:
cc:7c:7e:26:ad:53:78:dd:92:0b:3b:43:ba:d0:82:e8:c4:69:
4c:5c:f7:18:c9:a3:11:06:83:bf:0f:91:b8:53:5f:ba:2a:ed:
e8:b3:1d:06:65:22:dc:4f:da:79:ae:47:b8:78:47:19:12:fc:
dc:00:30:0e:2b:7b:5a:5e:4b:3b:42:85:9e:d2:fb:e6:0f:79:
53:70:08:d8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY893S/hZObrI1VOYjzS+IjgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYjYwNmNlYTc5YjVhYmU4MTY4M2E2MzM3OWIzOTI4OWIy
Y2FiOTMwHhcNMjQwNTAzMDk1MDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzU5NmZmZmQxNTBlN2JlNmQ1NDFmZTVhMzI0MmE2ZjA5YjA1MTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6O5S60Uep2PSu6PExWoAKwe6ADGN
SyAs0WoS6zl2q99CexUk+mjrjKIGyigYaV6xJnBrJJj9Q1HFmWHYSobw4Q63Vf05
ETRiM9j/74c91WSpImL4Ukamqp5CZChNeEcRBdnoGiqirHaxVtCb40thT1vrkA8G
FAjfq/ZEVzgzqnvZ2gsr3NiHexAIlzVpB49udAExUA2M2fHfNaL45DXMkXHAXvZY
h4krmbGlkYrkr8r7ZXFDgCsEkwAhyPMzUgZ0AnNFwCq0wSQaBOIV9/1mW2gUWVf7
TxHZORlVjyXVRnX4SrLRTo8zQ4N7o27cEPyvgggAcd5VtOkh8vixHVHnzwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGNZb//RUOe+bVQf5aMkKm8JsFEDMB8GA1UdIwQY
MBaAFIq2Bs6nm1q+gWg6YzebOSibLKuTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXJZR3pxZWJXcjZCYURwak41czVLSnNzcTVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi84M2Y2MzEtODk3Ny00ZDJlLTg1MjMt
ODg4YzA3ZjIxNTNmLzEvWTFsdl85RlE1NzV0VkJfbG95UXFid213VVFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi84M2Y2MzEtODk3Ny00ZDJlLTg1MjMtODg4YzA3ZjIxNTNm
LzEvaXJZR3pxZWJXcjZCYURwak41czVLSnNzcTVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaI4MA0E
AgACMAcDBQMqCoAAMA0GCSqGSIb3DQEBCwUAA4IBAQARst9YwyMm9ApB8oYOUXEQ
C3+Og+IgciPNsj+xPRvTXGIeUwOM0FGQFshtWSBNeL3o/ZtAxJ//oo3+6gLa5nA6
msNA/wkHI+0dm5H46Bxie/LS1+kM6NdOuzU4Au7SsinpwIzZW0SBO/2GxNTOg67/
kQ2frt2YZ442X3y9RXffz5KTK7qavOaAPAfHVDDpLHVHXDIKx8sVL+/RHkFPqf1M
HLk1ta6Mqt0iExrdG6ThCZaY+8PMfH4mrVN43ZILO0O60ILoxGlMXPcYyaMRBoO/
D5G4U1+6Ku3osx0GZSLcT9p5rke4eEcZEvzcADAOK3taXks7QoWe0vvmD3lTcAjY
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:03:13 2024 by rpki-client on console-fra.rpki-client.org