Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/c48271-dee5-4841-a7dd-b0d72e910efe/1/YhXzWE6X_0r9AS35tqm5NNfI3BY.roa
File: YhXzWE6X_0r9AS35tqm5NNfI3BY.roa (raw, json)
Hash identifier: uAGqUAVggTUJwxgwtzP9+l6Ot9WG4byneSGi6sXvnNg=
Subject key identifier: 62:15:F3:58:4E:97:FF:4A:FD:01:2D:F9:B6:A9:B9:34:D7:C8:DC:16
Certificate issuer: /CN=488c65dc359b58ca6ba5d3daeb874f058684e8c6
Certificate serial: 018CC72589A6EA406757FEFB58688C596B9C
Authority key identifier: 48:8C:65:DC:35:9B:58:CA:6B:A5:D3:DA:EB:87:4F:05:86:84:E8:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SIxl3DWbWMprpdPa64dPBYaE6MY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/c48271-dee5-4841-a7dd-b0d72e910efe/1/YhXzWE6X_0r9AS35tqm5NNfI3BY.roa
Signing time: Mon 01 Jan 2024 22:29:35 +0000
ROA not before: Mon 01 Jan 2024 22:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48635
IP address blocks: 91.238.176.0/23 maxlen: 24
194.247.30.0/23 maxlen: 24
176.117.58.0/23 maxlen: 24
195.20.8.0/22 maxlen: 24
77.94.248.0/21 maxlen: 24
193.23.143.0/24 maxlen: 24
185.28.56.0/22 maxlen: 24
91.198.106.0/24 maxlen: 24
193.164.192.0/23 maxlen: 24
185.232.248.0/22 maxlen: 24
2a00:9b60::/40 maxlen: 48
2001:67c:28fc::/48 maxlen: 48
2a00:f60::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/c48271-dee5-4841-a7dd-b0d72e910efe/1/SIxl3DWbWMprpdPa64dPBYaE6MY.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/c48271-dee5-4841-a7dd-b0d72e910efe/1/SIxl3DWbWMprpdPa64dPBYaE6MY.mft
rsync://rpki.ripe.net/repository/DEFAULT/SIxl3DWbWMprpdPa64dPBYaE6MY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:89:a6:ea:40:67:57:fe:fb:58:68:8c:59:6b:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=488c65dc359b58ca6ba5d3daeb874f058684e8c6
Validity
Not Before: Jan 1 22:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6215f3584e97ff4afd012df9b6a9b934d7c8dc16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:0f:a5:96:32:3f:0d:58:76:ec:e2:2f:bf:d0:
ea:17:4e:8e:dd:46:19:8e:09:8e:07:03:8d:e3:d7:
be:3b:f4:a0:f7:52:31:1a:1f:e5:cf:0a:16:c8:e9:
22:4c:96:74:42:ac:7d:14:c2:38:e8:8f:44:1d:6c:
9a:eb:43:d1:09:8c:2f:0f:d0:d4:14:f2:7c:35:64:
3c:f8:d3:46:da:49:79:00:0d:f6:16:bc:fb:06:a3:
1f:dc:d4:f4:76:aa:ed:c0:ae:ff:79:05:37:be:7d:
2d:9e:58:92:b1:57:40:f9:2e:4e:1f:a0:46:e4:90:
bc:99:ff:e2:17:06:ec:16:27:73:e7:83:a6:88:30:
ae:37:c8:73:3c:99:37:88:6c:74:66:57:4a:c0:05:
47:90:13:03:80:5f:96:71:58:0d:1a:76:16:bc:2e:
96:69:04:67:e8:6b:82:6b:17:9d:6e:ef:ce:3d:c2:
61:2e:45:ce:54:bf:e1:9a:98:7a:d3:d5:f4:87:57:
d7:f8:07:38:3a:34:33:b5:83:72:c2:40:0c:2f:44:
5a:e7:82:06:ac:d4:ff:d0:58:e6:0e:1a:40:cf:6e:
d1:e2:63:ee:75:1f:a2:6e:3b:cf:96:af:b0:9e:22:
3e:ff:22:4a:4b:82:bb:78:a0:07:57:c3:87:68:ab:
25:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:15:F3:58:4E:97:FF:4A:FD:01:2D:F9:B6:A9:B9:34:D7:C8:DC:16
X509v3 Authority Key Identifier:
keyid:48:8C:65:DC:35:9B:58:CA:6B:A5:D3:DA:EB:87:4F:05:86:84:E8:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SIxl3DWbWMprpdPa64dPBYaE6MY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c48271-dee5-4841-a7dd-b0d72e910efe/1/YhXzWE6X_0r9AS35tqm5NNfI3BY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c48271-dee5-4841-a7dd-b0d72e910efe/1/SIxl3DWbWMprpdPa64dPBYaE6MY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.94.248.0/21
91.198.106.0/24
91.238.176.0/23
176.117.58.0/23
185.28.56.0/22
185.232.248.0/22
193.23.143.0/24
193.164.192.0/23
194.247.30.0/23
195.20.8.0/22
IPv6:
2001:67c:28fc::/48
2a00:f60::/32
2a00:9b60::/40
Signature Algorithm: sha256WithRSAEncryption
6a:fc:64:c8:d1:8e:bc:b8:ed:7a:6b:7b:5e:60:1e:dd:bc:5c:
67:9b:03:d8:ee:ab:64:05:23:dc:71:6e:2c:fe:ad:bc:8e:42:
4b:77:d3:09:01:3c:44:bb:21:3d:c9:9c:c8:97:48:cb:31:7e:
96:a3:40:26:01:78:8a:d5:47:00:08:ab:fd:37:a6:4e:86:d4:
c1:15:ee:f8:60:93:f2:3c:64:f2:e7:b9:c3:2d:80:57:77:42:
bd:72:c2:2a:59:be:d9:12:71:cb:0a:12:d3:f0:77:68:c0:3e:
45:99:81:16:81:27:56:41:48:8c:9f:ce:41:6f:f7:4a:62:7e:
08:56:f5:6b:2d:91:57:b3:57:ac:60:78:b9:07:13:76:3e:35:
4b:34:19:c1:77:04:bc:12:15:b0:37:72:59:a5:91:20:85:69:
30:38:6a:cb:5a:89:a8:bb:08:a2:3c:8d:53:02:ae:ae:c8:ef:
d6:65:f8:1a:24:4a:25:af:13:13:6b:3b:ee:ea:46:d7:97:6c:
4d:01:d1:0b:b7:b2:5c:0b:7a:ba:dc:3e:43:cc:51:92:06:41:
02:e5:08:c0:0e:44:a8:66:ab:a4:f2:91:82:3a:5c:9f:94:26:
07:c2:80:45:38:97:9c:32:86:c3:8c:e0:f6:dd:91:36:b6:42:
c2:4a:66:61
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYzHJYmm6kBnV/77WGiMWWucMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4OGM2NWRjMzU5YjU4Y2E2YmE1ZDNkYWViODc0ZjA1ODY4
NGU4YzYwHhcNMjQwMTAxMjIyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjE1ZjM1ODRlOTdmZjRhZmQwMTJkZjliNmE5YjkzNGQ3YzhkYzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhw+lljI/DVh27OIvv9DqF06O3UYZ
jgmOBwON49e+O/Sg91IxGh/lzwoWyOkiTJZ0Qqx9FMI46I9EHWya60PRCYwvD9DU
FPJ8NWQ8+NNG2kl5AA32Frz7BqMf3NT0dqrtwK7/eQU3vn0tnliSsVdA+S5OH6BG
5JC8mf/iFwbsFidz54OmiDCuN8hzPJk3iGx0ZldKwAVHkBMDgF+WcVgNGnYWvC6W
aQRn6GuCaxedbu/OPcJhLkXOVL/hmph609X0h1fX+Ac4OjQztYNywkAML0Ra54IG
rNT/0FjmDhpAz27R4mPudR+ibjvPlq+wniI+/yJKS4K7eKAHV8OHaKslAQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFGIV81hOl/9K/QEt+bapuTTXyNwWMB8GA1UdIwQY
MBaAFEiMZdw1m1jKa6XT2uuHTwWGhOjGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0l4bDNEV2JXTXBycGRQYTY0ZFBCWWFFNk1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9jNDgyNzEtZGVlNS00ODQxLWE3ZGQt
YjBkNzJlOTEwZWZlLzEvWWhYeldFNlhfMHI5QVMzNXRxbTVOTmZJM0JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9jNDgyNzEtZGVlNS00ODQxLWE3ZGQtYjBkNzJlOTEwZWZl
LzEvU0l4bDNEV2JXTXBycGRQYTY0ZFBCWWFFNk1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBCBAIAATA8AwQDTV74AwQA
W8ZqAwQBW+6wAwQBsHU6AwQCuRw4AwQCuej4AwQAwRePAwQBwaTAAwQBwvceAwQC
wxQIMB4EAgACMBgDBwAgAQZ8KPwDBQAqAA9gAwYAKgCbYAAwDQYJKoZIhvcNAQEL
BQADggEBAGr8ZMjRjry47Xpre15gHt28XGebA9juq2QFI9xxbiz+rbyOQkt30wkB
PES7IT3JnMiXSMsxfpajQCYBeIrVRwAIq/03pk6G1MEV7vhgk/I8ZPLnucMtgFd3
Qr1ywipZvtkSccsKEtPwd2jAPkWZgRaBJ1ZBSIyfzkFv90pifghW9WstkVezV6xg
eLkHE3Y+NUs0GcF3BLwSFbA3clmlkSCFaTA4astaiai7CKI8jVMCrq7I79Zl+Bok
SiWvExNrO+7qRteXbE0B0Qu3slwLerrcPkPMUZIGQQLlCMAORKhmq6TykYI6XJ+U
JgfCgEU4l5wyhsOM4PbdkTa2QsJKZmE=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:46:22 2024 by rpki-client on console-ams.rpki-client.org