Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/YARiX9yqI85mcTyy4f4ditoYRCA.roa
File: YARiX9yqI85mcTyy4f4ditoYRCA.roa (raw, json)
Hash identifier: JiQt9T+8yMncfqYlSlRYvlu/MBVvri6wmhzgI44chMg=
Subject key identifier: 60:04:62:5F:DC:AA:23:CE:66:71:3C:B2:E1:FE:1D:8A:DA:18:44:20
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019428235D54A9C10639991756C8BF51758E
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/YARiX9yqI85mcTyy4f4ditoYRCA.roa
Signing time: Thu 02 Jan 2025 17:49:53 +0000
ROA not before: Thu 02 Jan 2025 17:49:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199654
IP address blocks: 31.57.166.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:5d:54:a9:c1:06:39:99:17:56:c8:bf:51:75:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 2 17:49:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6004625fdcaa23ce66713cb2e1fe1d8ada184420
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:cd:aa:40:ff:f1:46:9d:9a:8a:8b:bf:6c:b9:
16:bc:3a:fe:f0:53:d8:96:ff:fc:35:c7:04:45:80:
ba:d1:28:25:15:0f:f0:80:01:46:1b:a1:87:ac:e4:
0d:49:97:5b:e7:2c:0b:c2:3b:22:07:d7:54:73:2f:
c5:73:95:50:b0:fb:2b:6f:f6:25:e9:d7:61:f7:ef:
56:84:46:0a:87:d4:0b:e6:09:f0:36:ba:40:b3:bc:
95:85:19:a6:fe:86:51:ed:99:a8:88:cc:c5:ab:a2:
81:62:49:41:d5:77:dc:b6:0b:51:29:3b:56:4e:52:
06:cc:5e:13:0d:95:38:aa:ce:48:c0:2a:a5:9f:e1:
d4:72:05:68:e9:e9:81:ce:4b:8c:00:c9:6c:76:c7:
50:e8:4e:6b:98:39:de:76:4a:bd:ac:57:e8:42:21:
0f:18:86:e4:51:e6:78:ff:8c:3e:08:15:21:b4:8c:
cb:7e:da:fc:26:f9:91:f4:ce:7e:da:3d:ed:be:66:
c4:db:ae:26:91:2c:2c:e5:5b:f7:83:1e:78:e6:dc:
b0:ec:c4:eb:3c:64:95:87:b7:52:b8:44:af:04:4d:
5a:da:7b:e2:cb:6d:16:a1:22:d2:ef:fb:70:d5:65:
01:03:6f:d5:22:87:34:d1:21:cc:0a:1b:83:a2:1f:
d7:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:04:62:5F:DC:AA:23:CE:66:71:3C:B2:E1:FE:1D:8A:DA:18:44:20
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/YARiX9yqI85mcTyy4f4ditoYRCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.166.0/24
Signature Algorithm: sha256WithRSAEncryption
58:6d:16:7a:94:d5:7b:8a:1c:65:71:66:4a:07:be:fe:f2:6f:
12:71:a8:41:9f:83:2a:c4:4e:91:36:dc:bd:a0:39:e1:6d:96:
31:87:8d:3d:d9:82:36:ca:1f:8f:9c:41:8b:fc:25:0f:71:7c:
94:5d:f1:b5:9f:2a:67:36:11:a9:12:37:73:ea:50:45:a0:bf:
b7:b6:37:ab:c5:48:4d:dd:52:b6:0d:06:5f:e7:6b:4d:a8:ef:
1e:b6:2f:8e:f8:45:de:d2:e6:b3:d8:f1:70:ba:ee:98:3d:19:
ed:de:e5:39:3e:95:df:18:82:ee:3a:94:23:60:51:92:5f:3a:
f5:90:82:99:7b:36:a7:50:11:a8:47:6d:bf:4c:b9:0b:95:b4:
0e:47:82:d2:cc:ec:9d:4f:5c:d1:a4:6a:16:f3:01:ee:68:04:
81:ea:65:1e:cb:48:27:d4:7a:41:43:fd:ce:00:bf:b5:9b:44:
ec:85:50:c8:bb:ad:71:dd:b7:c4:d9:7f:38:52:e1:a3:03:08:
5c:94:ec:fb:f5:ef:76:a7:38:19:cc:65:98:7b:46:3d:e2:75:
fd:4c:d0:23:6c:c9:61:97:36:58:20:92:2c:e6:62:a7:b0:22:
b9:53:96:bb:f6:1b:5b:32:02:f7:57:61:01:79:00:e5:c0:79:
68:ca:a2:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoI11UqcEGOZkXVsi/UXWOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTAyMTc0OTUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDA0NjI1ZmRjYWEyM2NlNjY3MTNjYjJlMWZlMWQ4YWRhMTg0NDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAss2qQP/xRp2aiou/bLkWvDr+8FPY
lv/8NccERYC60SglFQ/wgAFGG6GHrOQNSZdb5ywLwjsiB9dUcy/Fc5VQsPsrb/Yl
6ddh9+9WhEYKh9QL5gnwNrpAs7yVhRmm/oZR7ZmoiMzFq6KBYklB1XfctgtRKTtW
TlIGzF4TDZU4qs5IwCqln+HUcgVo6emBzkuMAMlsdsdQ6E5rmDnedkq9rFfoQiEP
GIbkUeZ4/4w+CBUhtIzLftr8JvmR9M5+2j3tvmbE264mkSws5Vv3gx545tyw7MTr
PGSVh7dSuESvBE1a2nviy20WoSLS7/tw1WUBA2/VIoc00SHMChuDoh/XOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGAEYl/cqiPOZnE8suH+HYraGEQgMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvWUFSaVg5eXFJODVtY1R5eTRmNGRpdG9ZUkNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHzmmMA0G
CSqGSIb3DQEBCwUAA4IBAQBYbRZ6lNV7ihxlcWZKB77+8m8ScahBn4MqxE6RNty9
oDnhbZYxh4092YI2yh+PnEGL/CUPcXyUXfG1nypnNhGpEjdz6lBFoL+3tjerxUhN
3VK2DQZf52tNqO8eti+O+EXe0uaz2PFwuu6YPRnt3uU5PpXfGILuOpQjYFGSXzr1
kIKZezanUBGoR22/TLkLlbQOR4LSzOydT1zRpGoW8wHuaASB6mUey0gn1HpBQ/3O
AL+1m0TshVDIu61x3bfE2X84UuGjAwhclOz79e92pzgZzGWYe0Y94nX9TNAjbMlh
lzZYIJIs5mKnsCK5U5a79htbMgL3V2EBeQDlwHloyqKZ
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:15:41 2025 by rpki-client