Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/2146ca-e026-402c-a56e-86af52fb4eeb/1/Y86euGQ_SA5ONcNaPLluLQROYxY.roa
File: Y86euGQ_SA5ONcNaPLluLQROYxY.roa (raw, json)
Hash identifier: dnxVNmI9jDRCJpqvfca39nW8CJQJoC7sn9UBZfjph2s=
Subject key identifier: 63:CE:9E:B8:64:3F:48:0E:4E:35:C3:5A:3C:B9:6E:2D:04:4E:63:16
Certificate issuer: /CN=a2510279be138c42cdef62718f0f6afacae1819e
Certificate serial: 018CC56DDBBB16861E851D01EF3F0C916138
Authority key identifier: A2:51:02:79:BE:13:8C:42:CD:EF:62:71:8F:0F:6A:FA:CA:E1:81:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/olECeb4TjELN72Jxjw9q-srhgZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/2146ca-e026-402c-a56e-86af52fb4eeb/1/Y86euGQ_SA5ONcNaPLluLQROYxY.roa
Signing time: Mon 01 Jan 2024 14:29:20 +0000
ROA not before: Mon 01 Jan 2024 14:29:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42700
IP address blocks: 194.110.199.0/24 maxlen: 24
2001:678:1ec::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/96/2146ca-e026-402c-a56e-86af52fb4eeb/1/olECeb4TjELN72Jxjw9q-srhgZ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/96/2146ca-e026-402c-a56e-86af52fb4eeb/1/olECeb4TjELN72Jxjw9q-srhgZ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/olECeb4TjELN72Jxjw9q-srhgZ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:db:bb:16:86:1e:85:1d:01:ef:3f:0c:91:61:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2510279be138c42cdef62718f0f6afacae1819e
Validity
Not Before: Jan 1 14:29:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63ce9eb8643f480e4e35c35a3cb96e2d044e6316
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b3:82:66:84:8c:8e:9b:91:a6:ea:0d:eb:b7:
ba:81:24:73:e0:10:2c:e6:5f:b7:e9:9e:3f:c9:5e:
0f:9a:4f:16:73:d9:48:36:04:f7:10:ee:3a:4f:a6:
6e:c0:61:7c:49:81:1e:62:66:43:a5:9f:e1:80:3a:
ef:44:44:aa:5c:e7:f1:f8:9c:ae:c5:1d:a0:99:4d:
d6:ec:74:a9:15:7e:c5:d5:e9:af:98:99:5f:35:91:
60:c2:95:eb:ab:b2:14:b8:b7:5f:14:16:7e:85:81:
64:af:98:d1:e8:5c:7d:07:18:8b:e4:e7:74:c4:c3:
50:8c:16:b4:56:3e:79:eb:b5:0a:3e:4e:9f:f1:33:
9a:d0:94:da:ab:91:26:83:9b:e9:5e:88:69:6e:cb:
0d:8f:c7:c0:4d:fd:2a:04:77:f5:b6:c4:c5:29:0f:
f2:75:9f:fa:4d:94:74:e9:40:39:d5:62:a7:74:99:
e4:7c:fa:b8:93:1b:a5:ce:e0:c1:7a:2e:14:14:87:
26:30:d5:5a:ef:5c:5d:ae:ab:d7:ea:21:f8:f1:e6:
3a:22:47:94:fa:0f:13:2b:b9:1f:0b:73:73:91:08:
dc:e2:81:d6:4c:7e:84:a0:58:06:a0:f0:99:95:be:
c6:09:5c:d4:77:10:cd:71:4d:8d:6d:4d:65:19:e0:
b5:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:CE:9E:B8:64:3F:48:0E:4E:35:C3:5A:3C:B9:6E:2D:04:4E:63:16
X509v3 Authority Key Identifier:
keyid:A2:51:02:79:BE:13:8C:42:CD:EF:62:71:8F:0F:6A:FA:CA:E1:81:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/olECeb4TjELN72Jxjw9q-srhgZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/2146ca-e026-402c-a56e-86af52fb4eeb/1/Y86euGQ_SA5ONcNaPLluLQROYxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/2146ca-e026-402c-a56e-86af52fb4eeb/1/olECeb4TjELN72Jxjw9q-srhgZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.110.199.0/24
IPv6:
2001:678:1ec::/48
Signature Algorithm: sha256WithRSAEncryption
39:05:00:cc:26:55:60:dc:bc:2d:1e:46:c8:96:68:fe:e4:8b:
70:a5:27:98:a5:3d:c0:af:bf:da:33:b7:d1:a1:c8:ff:81:dd:
d0:63:bf:5a:cb:97:e7:f9:53:6e:80:13:90:84:89:90:d0:ec:
b9:4d:5c:70:f3:9d:fb:b5:ac:5d:2d:f4:d4:47:8c:89:ba:70:
65:57:ae:e0:45:86:95:7e:0b:a2:16:9e:5f:ed:3b:11:22:03:
7d:1e:bb:2e:cf:3d:5b:e9:e1:7a:66:04:72:fa:20:9a:56:de:
ff:4d:b2:0e:02:98:eb:c5:db:b7:fc:3a:c8:64:78:d9:17:98:
1f:34:1a:95:c6:17:aa:b2:c5:6b:58:6f:56:eb:8a:44:9c:22:
b5:6d:95:c7:a0:3d:36:5a:54:8a:32:af:74:d9:e1:cb:ee:32:
09:03:d5:1d:28:60:ed:7f:28:82:34:78:a1:0d:99:06:47:58:
6f:be:57:5f:71:af:40:ab:13:87:da:3f:9c:dd:d9:79:95:71:
4c:a1:97:3b:54:5c:07:65:4d:60:a6:6b:2b:91:21:30:74:01:
26:79:e7:37:75:1b:47:e3:7c:c5:b6:91:00:a5:d1:9b:2d:f6:
fd:3b:ed:ce:09:cb:c4:1a:f9:f2:0b:b3:25:a2:a0:f9:1c:74:
08:6f:14:6e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzFbdu7FoYehR0B7z8MkWE4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNTEwMjc5YmUxMzhjNDJjZGVmNjI3MThmMGY2YWZhY2Fl
MTgxOWUwHhcNMjQwMTAxMTQyOTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2NlOWViODY0M2Y0ODBlNGUzNWMzNWEzY2I5NmUyZDA0NGU2MzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7OCZoSMjpuRpuoN67e6gSRz4BAs
5l+36Z4/yV4Pmk8Wc9lINgT3EO46T6ZuwGF8SYEeYmZDpZ/hgDrvRESqXOfx+Jyu
xR2gmU3W7HSpFX7F1emvmJlfNZFgwpXrq7IUuLdfFBZ+hYFkr5jR6Fx9BxiL5Od0
xMNQjBa0Vj5567UKPk6f8TOa0JTaq5Emg5vpXohpbssNj8fATf0qBHf1tsTFKQ/y
dZ/6TZR06UA51WKndJnkfPq4kxulzuDBei4UFIcmMNVa71xdrqvX6iH48eY6IkeU
+g8TK7kfC3NzkQjc4oHWTH6EoFgGoPCZlb7GCVzUdxDNcU2NbU1lGeC1wQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGPOnrhkP0gOTjXDWjy5bi0ETmMWMB8GA1UdIwQY
MBaAFKJRAnm+E4xCze9icY8PavrK4YGeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2xFQ2ViNFRqRUxONzJKeGp3OXEtc3JoZ1o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni8yMTQ2Y2EtZTAyNi00MDJjLWE1NmUt
ODZhZjUyZmI0ZWViLzEvWTg2ZXVHUV9TQTVPTmNOYVBMbHVMUVJPWXhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni8yMTQ2Y2EtZTAyNi00MDJjLWE1NmUtODZhZjUyZmI0ZWVi
LzEvb2xFQ2ViNFRqRUxONzJKeGp3OXEtc3JoZ1o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwm7HMA8E
AgACMAkDBwAgAQZ4AewwDQYJKoZIhvcNAQELBQADggEBADkFAMwmVWDcvC0eRsiW
aP7ki3ClJ5ilPcCvv9ozt9GhyP+B3dBjv1rLl+f5U26AE5CEiZDQ7LlNXHDznfu1
rF0t9NRHjIm6cGVXruBFhpV+C6IWnl/tOxEiA30euy7PPVvp4XpmBHL6IJpW3v9N
sg4CmOvF27f8OshkeNkXmB80GpXGF6qyxWtYb1brikScIrVtlcegPTZaVIoyr3TZ
4cvuMgkD1R0oYO1/KII0eKENmQZHWG++V19xr0CrE4faP5zd2XmVcUyhlztUXAdl
TWCmayuRITB0ASZ55zd1G0fjfMW2kQCl0Zst9v077c4Jy8Qa+fILsyWioPkcdAhv
FG4=
-----END CERTIFICATE-----
Generated at Sat Jun 1 23:17:44 2024 by rpki-client on console-ams.rpki-client.org