Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/fa342e-b3bc-4373-8c6b-8854c82b545d/1/YzQdD1wQIzgXZjJ4bpH8K1_DI1k.roa
File: YzQdD1wQIzgXZjJ4bpH8K1_DI1k.roa (raw, json)
Hash identifier: 02LhwizqZZvdU1MCUNrBSxrLGToTKeod4+C85tEONZA=
Subject key identifier: 63:34:1D:0F:5C:10:23:38:17:66:32:78:6E:91:FC:2B:5F:C3:23:59
Certificate issuer: /CN=cb335dc6feb385f6a23344056a13c2c595028e91
Certificate serial: 0192F72EA2D905EA35AF32CAFDF30179F15B
Authority key identifier: CB:33:5D:C6:FE:B3:85:F6:A2:33:44:05:6A:13:C2:C5:95:02:8E:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yzNdxv6zhfaiM0QFahPCxZUCjpE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/fa342e-b3bc-4373-8c6b-8854c82b545d/1/YzQdD1wQIzgXZjJ4bpH8K1_DI1k.roa
Signing time: Mon 04 Nov 2024 12:38:01 +0000
ROA not before: Mon 04 Nov 2024 12:38:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61361
IP address blocks: 45.80.0.0/22 maxlen: 22
2a0e:3780::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/fa342e-b3bc-4373-8c6b-8854c82b545d/1/yzNdxv6zhfaiM0QFahPCxZUCjpE.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/fa342e-b3bc-4373-8c6b-8854c82b545d/1/yzNdxv6zhfaiM0QFahPCxZUCjpE.mft
rsync://rpki.ripe.net/repository/DEFAULT/yzNdxv6zhfaiM0QFahPCxZUCjpE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 21:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f7:2e:a2:d9:05:ea:35:af:32:ca:fd:f3:01:79:f1:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb335dc6feb385f6a23344056a13c2c595028e91
Validity
Not Before: Nov 4 12:38:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63341d0f5c102338176632786e91fc2b5fc32359
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:a5:74:4b:47:67:df:b8:80:ea:6c:e8:bc:8e:
9b:20:3c:00:e2:07:e4:e4:ae:b8:90:1a:05:f9:88:
ee:5e:7d:a3:5c:5c:0e:95:fb:86:1a:0a:7b:2f:ad:
a5:f4:f2:23:68:95:fa:31:00:bb:b8:26:4d:82:96:
73:3a:78:c2:7b:8f:cd:61:cf:1f:3d:3b:4d:9a:fb:
1a:ca:28:dd:d7:18:10:60:76:a9:e9:1b:3d:70:2a:
a5:2a:73:90:65:bf:bf:de:33:ac:90:3e:e8:a4:6f:
6a:66:2e:5e:15:fd:84:06:94:fb:c7:63:23:e9:1b:
05:6a:92:31:e5:74:ec:59:ff:07:fb:76:df:a5:d1:
7a:d4:83:0e:b8:1d:1d:a8:7a:da:99:b1:e2:86:9c:
28:40:f6:bc:78:29:2c:0b:af:46:58:16:6f:b0:11:
f1:3a:d9:b7:86:6d:53:de:67:2e:d4:50:27:fe:f3:
1b:f0:5e:9c:9b:da:07:34:24:e7:83:31:b7:e2:60:
88:a8:39:2c:d4:af:67:7c:ea:5e:97:ad:e4:c8:af:
6c:45:fe:26:8a:10:b9:64:ec:8b:c8:18:d9:cf:81:
b5:00:8c:da:b4:6e:5e:21:88:72:9e:75:69:b6:0f:
5e:47:7d:18:15:a0:a4:d4:da:62:a8:c8:6a:8a:d9:
e0:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:34:1D:0F:5C:10:23:38:17:66:32:78:6E:91:FC:2B:5F:C3:23:59
X509v3 Authority Key Identifier:
keyid:CB:33:5D:C6:FE:B3:85:F6:A2:33:44:05:6A:13:C2:C5:95:02:8E:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yzNdxv6zhfaiM0QFahPCxZUCjpE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/fa342e-b3bc-4373-8c6b-8854c82b545d/1/YzQdD1wQIzgXZjJ4bpH8K1_DI1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/fa342e-b3bc-4373-8c6b-8854c82b545d/1/yzNdxv6zhfaiM0QFahPCxZUCjpE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.0.0/22
IPv6:
2a0e:3780::/29
Signature Algorithm: sha256WithRSAEncryption
64:9f:26:a1:03:d3:29:dd:38:c0:6b:9e:82:34:2e:cd:2b:57:
b2:a7:29:ed:23:94:12:dc:18:d5:a7:ba:8b:ef:98:13:4c:85:
7e:8c:1a:7d:92:98:16:24:1d:e5:b3:e4:c0:9f:ed:c1:2c:3f:
d5:0b:a8:9b:e6:8f:d2:3b:82:ea:b1:7c:ca:86:ba:00:20:66:
ee:3e:a1:a1:a1:41:dd:d3:93:7d:a7:6a:94:68:b4:15:8d:55:
b3:64:aa:91:4f:9d:7f:52:b3:a2:66:65:ef:61:35:26:d0:2c:
0e:a5:e3:77:31:ac:09:bf:af:d5:2d:d5:39:ac:6c:91:62:51:
79:66:16:79:33:90:23:70:53:cb:f3:4c:04:ad:c5:b3:11:b1:
11:25:04:0f:ba:ab:6f:eb:b2:b4:cd:fd:23:5c:f7:77:78:46:
02:53:ab:d0:80:1d:a4:33:f3:79:f8:fe:5e:cf:80:d6:45:a0:
d1:2f:85:e4:8e:d0:2a:e8:ec:06:af:28:aa:5f:a4:1d:4b:20:
14:c6:d1:3f:b9:27:fa:fb:16:e9:4a:7a:9c:94:4b:aa:86:6d:
98:8b:79:bf:bb:e6:8c:5b:a9:28:28:f7:ca:c1:63:23:8c:5c:
7b:92:25:5f:7c:7e:55:6f:fc:b4:4b:88:a8:fa:64:fd:66:fb:
cc:80:90:ab
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZL3LqLZBeo1rzLK/fMBefFbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMzM1ZGM2ZmViMzg1ZjZhMjMzNDQwNTZhMTNjMmM1OTUw
MjhlOTEwHhcNMjQxMTA0MTIzODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzM0MWQwZjVjMTAyMzM4MTc2NjMyNzg2ZTkxZmMyYjVmYzMyMzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3aV0S0dn37iA6mzovI6bIDwA4gfk
5K64kBoF+YjuXn2jXFwOlfuGGgp7L62l9PIjaJX6MQC7uCZNgpZzOnjCe4/NYc8f
PTtNmvsayijd1xgQYHap6Rs9cCqlKnOQZb+/3jOskD7opG9qZi5eFf2EBpT7x2Mj
6RsFapIx5XTsWf8H+3bfpdF61IMOuB0dqHrambHihpwoQPa8eCksC69GWBZvsBHx
Otm3hm1T3mcu1FAn/vMb8F6cm9oHNCTngzG34mCIqDks1K9nfOpel63kyK9sRf4m
ihC5ZOyLyBjZz4G1AIzatG5eIYhynnVptg9eR30YFaCk1NpiqMhqitng2QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGM0HQ9cECM4F2YyeG6R/CtfwyNZMB8GA1UdIwQY
MBaAFMszXcb+s4X2ojNEBWoTwsWVAo6RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXpOZHh2NnpoZmFpTTBRRmFoUEN4WlVDanBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9mYTM0MmUtYjNiYy00MzczLThjNmIt
ODg1NGM4MmI1NDVkLzEvWXpRZEQxd1FJemdYWmpKNGJwSDhLMV9ESTFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9mYTM0MmUtYjNiYy00MzczLThjNmItODg1NGM4MmI1NDVk
LzEveXpOZHh2NnpoZmFpTTBRRmFoUEN4WlVDanBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVAAMA0E
AgACMAcDBQMqDjeAMA0GCSqGSIb3DQEBCwUAA4IBAQBknyahA9Mp3TjAa56CNC7N
K1eypyntI5QS3BjVp7qL75gTTIV+jBp9kpgWJB3ls+TAn+3BLD/VC6ib5o/SO4Lq
sXzKhroAIGbuPqGhoUHd05N9p2qUaLQVjVWzZKqRT51/UrOiZmXvYTUm0CwOpeN3
MawJv6/VLdU5rGyRYlF5ZhZ5M5AjcFPL80wErcWzEbERJQQPuqtv67K0zf0jXPd3
eEYCU6vQgB2kM/N5+P5ez4DWRaDRL4XkjtAq6OwGryiqX6QdSyAUxtE/uSf6+xbp
SnqclEuqhm2Yi3m/u+aMW6koKPfKwWMjjFx7kiVffH5Vb/y0S4io+mT9ZvvMgJCr
-----END CERTIFICATE-----
Generated at Tue Nov 26 03:02:58 2024 by rpki-client on console-fra.rpki-client.org