Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/3066ca-e017-4f61-adc5-728e9967daca/1/yqxSv6aOe5wKHWpuvjDG82AoMKQ.roa
File: yqxSv6aOe5wKHWpuvjDG82AoMKQ.roa (raw, json)
Hash identifier: 1jZcnfsL3Qb3ft8hxKMbjSeyoBrLpNChYJaYu03EiCE=
Subject key identifier: CA:AC:52:BF:A6:8E:7B:9C:0A:1D:6A:6E:BE:30:C6:F3:60:28:30:A4
Certificate issuer: /CN=8c89801b19aa9728ad4f6bb7185c11f14b9d8d7c
Certificate serial: 018D9DC221AEF58EF73F44A924DEE8D87291
Authority key identifier: 8C:89:80:1B:19:AA:97:28:AD:4F:6B:B7:18:5C:11:F1:4B:9D:8D:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jImAGxmqlyitT2u3GFwR8UudjXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/3066ca-e017-4f61-adc5-728e9967daca/1/yqxSv6aOe5wKHWpuvjDG82AoMKQ.roa
Signing time: Mon 12 Feb 2024 14:39:21 +0000
ROA not before: Mon 12 Feb 2024 14:39:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5500
IP address blocks: 80.92.144.0/20 maxlen: 20
85.119.112.0/21 maxlen: 21
88.82.128.0/19 maxlen: 19
193.108.218.0/24 maxlen: 24
195.72.113.0/24 maxlen: 24
195.72.114.0/23 maxlen: 23
195.128.250.0/23 maxlen: 23
195.206.192.0/19 maxlen: 19
217.22.80.0/20 maxlen: 20
2a05:aa40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/3066ca-e017-4f61-adc5-728e9967daca/1/jImAGxmqlyitT2u3GFwR8UudjXw.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/3066ca-e017-4f61-adc5-728e9967daca/1/jImAGxmqlyitT2u3GFwR8UudjXw.mft
rsync://rpki.ripe.net/repository/DEFAULT/jImAGxmqlyitT2u3GFwR8UudjXw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9d:c2:21:ae:f5:8e:f7:3f:44:a9:24:de:e8:d8:72:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c89801b19aa9728ad4f6bb7185c11f14b9d8d7c
Validity
Not Before: Feb 12 14:39:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=caac52bfa68e7b9c0a1d6a6ebe30c6f3602830a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:74:d5:1e:3e:56:fd:d1:16:d9:fb:1f:70:c8:
c2:58:f9:e0:8f:b0:b4:58:59:54:54:8b:c7:ac:2f:
d6:c8:93:2a:e2:e7:59:a6:71:ab:7a:bf:30:f1:97:
dc:9a:90:72:b8:dd:69:82:25:02:98:5d:d5:ff:e3:
81:a5:ca:71:fa:aa:92:b3:cb:17:05:b2:5b:b2:65:
aa:f2:8b:76:df:7c:ef:f5:68:40:0c:f5:05:7f:d2:
fe:eb:26:7d:1e:88:42:81:b9:dd:ca:eb:a1:ad:14:
4f:a0:be:8b:91:88:a6:fc:f2:2c:d2:7d:fc:32:75:
0d:6c:42:5f:48:55:29:12:0a:c1:ba:84:35:02:1d:
46:ca:c0:d7:d0:72:66:97:de:ec:40:6e:9d:6e:a5:
66:1b:c3:9e:b9:72:c7:11:d8:0b:ae:33:c8:95:7d:
6a:ae:7e:73:fc:90:07:4a:cd:94:1d:bd:15:20:03:
69:91:01:37:97:38:cf:b3:33:0f:d6:e4:28:83:da:
f2:cb:61:84:4d:35:2b:53:be:4b:51:d7:8d:04:87:
84:84:05:ac:c6:7c:a2:c3:a7:bf:a5:6d:2c:b4:12:
31:d3:87:31:5c:c9:10:24:64:b6:98:0e:1f:e6:21:
d3:ad:fa:29:54:54:f8:01:e7:f1:b5:fb:65:21:52:
91:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:AC:52:BF:A6:8E:7B:9C:0A:1D:6A:6E:BE:30:C6:F3:60:28:30:A4
X509v3 Authority Key Identifier:
keyid:8C:89:80:1B:19:AA:97:28:AD:4F:6B:B7:18:5C:11:F1:4B:9D:8D:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jImAGxmqlyitT2u3GFwR8UudjXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/3066ca-e017-4f61-adc5-728e9967daca/1/yqxSv6aOe5wKHWpuvjDG82AoMKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/3066ca-e017-4f61-adc5-728e9967daca/1/jImAGxmqlyitT2u3GFwR8UudjXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.92.144.0/20
85.119.112.0/21
88.82.128.0/19
193.108.218.0/24
195.72.113.0-195.72.115.255
195.128.250.0/23
195.206.192.0/19
217.22.80.0/20
IPv6:
2a05:aa40::/29
Signature Algorithm: sha256WithRSAEncryption
24:e2:ec:2f:e3:04:39:34:a1:7b:6a:07:85:5c:62:07:ae:f1:
90:b6:08:ee:a0:8f:06:8b:51:5f:d3:ce:8d:03:6b:f9:44:e2:
2a:56:de:b3:c3:09:cb:4f:31:b3:84:48:1c:e7:e7:a8:0d:e4:
b1:be:c6:14:b0:7a:cc:b9:45:1f:01:d9:ed:84:90:c9:3f:9c:
74:46:82:75:b9:b3:02:a3:22:e3:6f:d8:61:cd:fd:94:47:c8:
29:87:80:a1:19:74:8a:76:8b:ed:94:b0:bc:f6:6e:6b:d6:72:
d3:fc:10:b6:f1:86:06:f3:76:7d:5c:ac:54:ab:77:6a:8a:3f:
fa:64:50:79:c8:3a:cd:8a:95:3b:a6:88:f3:78:59:e6:74:70:
e7:88:6f:9b:f4:2f:30:27:a9:8e:a7:61:04:7f:90:3c:a3:6c:
bf:87:66:99:0e:e1:cb:0d:25:45:2b:93:33:56:0f:d9:5f:8f:
c5:a4:e2:aa:3a:10:00:15:1d:49:28:e1:fe:c2:2e:ca:fc:1d:
3f:5c:e2:67:c5:1d:48:d1:8a:35:92:1b:2a:ff:eb:64:d5:04:
b3:f0:3c:8d:83:41:ef:e2:81:19:33:9c:0a:48:68:c5:25:ce:
bb:23:79:2f:0e:0d:a1:26:1d:11:72:58:73:b8:af:ac:63:af:
6f:b6:bc:3c
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAY2dwiGu9Y73P0SpJN7o2HKRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjODk4MDFiMTlhYTk3MjhhZDRmNmJiNzE4NWMxMWYxNGI5
ZDhkN2MwHhcNMjQwMjEyMTQzOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWFjNTJiZmE2OGU3YjljMGExZDZhNmViZTMwYzZmMzYwMjgzMGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2HTVHj5W/dEW2fsfcMjCWPngj7C0
WFlUVIvHrC/WyJMq4udZpnGrer8w8ZfcmpByuN1pgiUCmF3V/+OBpcpx+qqSs8sX
BbJbsmWq8ot233zv9WhADPUFf9L+6yZ9HohCgbndyuuhrRRPoL6LkYim/PIs0n38
MnUNbEJfSFUpEgrBuoQ1Ah1GysDX0HJml97sQG6dbqVmG8OeuXLHEdgLrjPIlX1q
rn5z/JAHSs2UHb0VIANpkQE3lzjPszMP1uQog9ryy2GETTUrU75LUdeNBIeEhAWs
xnyiw6e/pW0stBIx04cxXMkQJGS2mA4f5iHTrfopVFT4AefxtftlIVKRFQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFMqsUr+mjnucCh1qbr4wxvNgKDCkMB8GA1UdIwQY
MBaAFIyJgBsZqpcorU9rtxhcEfFLnY18MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakltQUd4bXFseWl0VDJ1M0dGd1I4VXVkalh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8zMDY2Y2EtZTAxNy00ZjYxLWFkYzUt
NzI4ZTk5NjdkYWNhLzEveXF4U3Y2YU9lNXdLSFdwdXZqREc4MkFvTUtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8zMDY2Y2EtZTAxNy00ZjYxLWFkYzUtNzI4ZTk5NjdkYWNh
LzEvakltQUd4bXFseWl0VDJ1M0dGd1I4VXVkalh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwQEUFyQAwQD
VXdwAwQFWFKAAwQAwWzaMAwDBADDSHEDBALDSHADBAHDgPoDBAXDzsADBATZFlAw
DQQCAAIwBwMFAyoFqkAwDQYJKoZIhvcNAQELBQADggEBACTi7C/jBDk0oXtqB4Vc
Ygeu8ZC2CO6gjwaLUV/Tzo0Da/lE4ipW3rPDCctPMbOESBzn56gN5LG+xhSwesy5
RR8B2e2EkMk/nHRGgnW5swKjIuNv2GHN/ZRHyCmHgKEZdIp2i+2UsLz2bmvWctP8
ELbxhgbzdn1crFSrd2qKP/pkUHnIOs2KlTumiPN4WeZ0cOeIb5v0LzAnqY6nYQR/
kDyjbL+HZpkO4csNJUUrkzNWD9lfj8Wk4qo6EAAVHUko4f7CLsr8HT9c4mfFHUjR
ijWSGyr/62TVBLPwPI2DQe/igRkznApIaMUlzrsjeS8ODaEmHRFyWHO4r6xjr2+2
vDw=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:44:57 2024 by rpki-client on console-ams.rpki-client.org