Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/506f3d-c863-462f-87eb-b3ae1e4c32b7/1/YOz4HMcWA7pzh-HUhN3yKp6bYvE.roa
File: YOz4HMcWA7pzh-HUhN3yKp6bYvE.roa (raw, json)
Hash identifier: aE8g9tWt8HPjwVpd7Twwyc6SDM/Gm+OUJiIsKMxmIhc=
Subject key identifier: 60:EC:F8:1C:C7:16:03:BA:73:87:E1:D4:84:DD:F2:2A:9E:9B:62:F1
Certificate issuer: /CN=1c683f95c98d2cfe9d79cdd3db8ee8138bb35772
Certificate serial: 018CC34909327F3837708669EF11D45D10C2
Authority key identifier: 1C:68:3F:95:C9:8D:2C:FE:9D:79:CD:D3:DB:8E:E8:13:8B:B3:57:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HGg_lcmNLP6dec3T247oE4uzV3I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/506f3d-c863-462f-87eb-b3ae1e4c32b7/1/YOz4HMcWA7pzh-HUhN3yKp6bYvE.roa
Signing time: Mon 01 Jan 2024 04:29:52 +0000
ROA not before: Mon 01 Jan 2024 04:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8426
IP address blocks: 194.158.160.0/19 maxlen: 19
212.61.0.0/16 maxlen: 16
195.38.192.0/18 maxlen: 18
2a02:830::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/506f3d-c863-462f-87eb-b3ae1e4c32b7/1/HGg_lcmNLP6dec3T247oE4uzV3I.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/506f3d-c863-462f-87eb-b3ae1e4c32b7/1/HGg_lcmNLP6dec3T247oE4uzV3I.mft
rsync://rpki.ripe.net/repository/DEFAULT/HGg_lcmNLP6dec3T247oE4uzV3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:09:32:7f:38:37:70:86:69:ef:11:d4:5d:10:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c683f95c98d2cfe9d79cdd3db8ee8138bb35772
Validity
Not Before: Jan 1 04:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60ecf81cc71603ba7387e1d484ddf22a9e9b62f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:af:56:66:fc:27:b3:b3:83:a8:c2:4d:7a:3a:
00:a7:02:71:26:22:a4:53:ec:4a:e9:45:25:6e:fa:
bf:95:19:15:77:9d:89:66:e3:a8:3a:ed:32:21:5c:
2a:c6:39:36:41:e6:fc:2a:8c:bf:83:40:fa:f3:b9:
e5:e0:0a:26:65:2a:d1:9f:c2:a9:fb:3b:16:44:b9:
99:b8:c0:f4:2b:19:a0:6b:58:e9:22:bd:74:90:40:
96:dd:d8:3f:ce:5b:8a:5e:b4:7d:d7:d9:ad:47:e6:
12:04:36:ac:d6:10:b8:2f:56:df:55:fb:08:92:e5:
7a:09:f0:39:1d:fa:c7:e5:30:e3:9c:c5:c7:15:e8:
71:27:5b:9f:41:96:87:64:10:32:9c:b1:4f:ea:81:
ab:fd:28:a0:ba:b1:e1:65:4e:2e:6b:47:bb:10:62:
95:12:0e:9d:68:03:4c:f5:73:8e:db:b0:b4:df:cd:
c5:80:de:f3:d9:a1:04:8e:24:d1:19:1c:20:e4:27:
cc:09:45:68:49:c9:df:7d:aa:ed:43:12:f6:78:d2:
45:6e:0c:af:d1:a0:89:67:91:00:b0:87:c8:13:c1:
3c:64:4b:f6:bd:6e:52:21:6d:51:20:00:de:30:d1:
fc:6e:75:0d:8b:1e:92:2a:c7:cd:42:c2:61:01:d8:
3a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:EC:F8:1C:C7:16:03:BA:73:87:E1:D4:84:DD:F2:2A:9E:9B:62:F1
X509v3 Authority Key Identifier:
keyid:1C:68:3F:95:C9:8D:2C:FE:9D:79:CD:D3:DB:8E:E8:13:8B:B3:57:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HGg_lcmNLP6dec3T247oE4uzV3I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/506f3d-c863-462f-87eb-b3ae1e4c32b7/1/YOz4HMcWA7pzh-HUhN3yKp6bYvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/506f3d-c863-462f-87eb-b3ae1e4c32b7/1/HGg_lcmNLP6dec3T247oE4uzV3I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.158.160.0/19
195.38.192.0/18
212.61.0.0/16
IPv6:
2a02:830::/32
Signature Algorithm: sha256WithRSAEncryption
27:af:86:df:5c:a7:b0:b0:ff:97:b6:6c:56:d0:48:3e:77:6d:
cf:19:4a:7f:54:1d:16:de:37:03:cd:81:19:f3:cd:52:af:d5:
22:05:3b:87:22:e4:74:5b:df:f8:56:c9:f5:60:0b:02:ca:0a:
c8:c5:da:87:64:78:e7:e1:f2:76:e0:a4:ed:ac:e6:62:5f:31:
78:78:e4:30:df:43:3f:08:b0:e6:5e:ff:b3:f3:c3:50:07:70:
dd:09:b1:47:0c:6e:12:64:74:19:b6:8a:9d:11:a3:1f:61:ff:
a6:35:a5:8b:cd:df:d4:6c:01:c9:ab:f1:10:bf:06:ea:c7:f2:
5f:b7:6a:ea:57:b5:34:38:20:7a:0a:d6:c5:45:c6:d0:b8:06:
c9:e4:33:47:c7:4f:f8:5b:f3:67:c9:28:e4:82:3d:b5:bc:b2:
d7:b8:50:9b:fd:a5:2e:a1:c4:f0:7f:4a:22:e0:f4:fb:75:b0:
10:30:a3:27:83:53:7a:f1:b6:88:bb:18:c2:12:d3:61:60:17:
f0:f8:2d:97:ae:d4:3d:46:ab:9a:a2:e6:fa:7b:40:ac:e2:b7:
c4:3f:25:e4:43:8f:bf:dc:6a:e0:d9:0f:e3:6f:05:04:0c:b6:
16:49:ba:f5:67:de:47:7e:a8:35:9e:cb:d7:04:8c:4b:ae:95:
1e:53:eb:c6
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzDSQkyfzg3cIZp7xHUXRDCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNjgzZjk1Yzk4ZDJjZmU5ZDc5Y2RkM2RiOGVlODEzOGJi
MzU3NzIwHhcNMjQwMTAxMDQyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGVjZjgxY2M3MTYwM2JhNzM4N2UxZDQ4NGRkZjIyYTllOWI2MmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnK9WZvwns7ODqMJNejoApwJxJiKk
U+xK6UUlbvq/lRkVd52JZuOoOu0yIVwqxjk2Qeb8Koy/g0D687nl4AomZSrRn8Kp
+zsWRLmZuMD0Kxmga1jpIr10kECW3dg/zluKXrR919mtR+YSBDas1hC4L1bfVfsI
kuV6CfA5HfrH5TDjnMXHFehxJ1ufQZaHZBAynLFP6oGr/SigurHhZU4ua0e7EGKV
Eg6daANM9XOO27C0383FgN7z2aEEjiTRGRwg5CfMCUVoScnffartQxL2eNJFbgyv
0aCJZ5EAsIfIE8E8ZEv2vW5SIW1RIADeMNH8bnUNix6SKsfNQsJhAdg6RQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGDs+BzHFgO6c4fh1ITd8iqem2LxMB8GA1UdIwQY
MBaAFBxoP5XJjSz+nXnN09uO6BOLs1dyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEdnX2xjbU5MUDZkZWMzVDI0N29FNHV6VjNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC81MDZmM2QtYzg2My00NjJmLTg3ZWIt
YjNhZTFlNGMzMmI3LzEvWU96NEhNY1dBN3B6aC1IVWhOM3lLcDZiWXZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC81MDZmM2QtYzg2My00NjJmLTg3ZWItYjNhZTFlNGMzMmI3
LzEvSEdnX2xjbU5MUDZkZWMzVDI0N29FNHV6VjNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQFwp6gAwQG
wybAAwMA1D0wDQQCAAIwBwMFACoCCDAwDQYJKoZIhvcNAQELBQADggEBACevht9c
p7Cw/5e2bFbQSD53bc8ZSn9UHRbeNwPNgRnzzVKv1SIFO4ci5HRb3/hWyfVgCwLK
CsjF2odkeOfh8nbgpO2s5mJfMXh45DDfQz8IsOZe/7Pzw1AHcN0JsUcMbhJkdBm2
ip0Rox9h/6Y1pYvN39RsAcmr8RC/BurH8l+3aupXtTQ4IHoK1sVFxtC4BsnkM0fH
T/hb82fJKOSCPbW8ste4UJv9pS6hxPB/SiLg9Pt1sBAwoyeDU3rxtoi7GMIS02Fg
F/D4LZeu1D1Gq5qi5vp7QKzit8Q/JeRDj7/cauDZD+NvBQQMthZJuvVn3kd+qDWe
y9cEjEuulR5T68Y=
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:32:38 2024 by rpki-client on console-fra.rpki-client.org