Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/b351ea-7e09-45af-a0ee-e40de08413fa/1/yuxr9i0NZUn0o09IaqVO0hGS-y0.roa
File: yuxr9i0NZUn0o09IaqVO0hGS-y0.roa (raw, json)
Hash identifier: P5m9r4pP5axV8FCVBWL9U89640uBf9plMxMJ1C0Rnss=
Subject key identifier: CA:EC:6B:F6:2D:0D:65:49:F4:A3:4F:48:6A:A5:4E:D2:11:92:FB:2D
Certificate issuer: /CN=8521d103fc73e9075dcf1e22bc8242b70f98c884
Certificate serial: 018CC86F4F26C0B15B1FF6417535F199705E
Authority key identifier: 85:21:D1:03:FC:73:E9:07:5D:CF:1E:22:BC:82:42:B7:0F:98:C8:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hSHRA_xz6Qddzx4ivIJCtw-YyIQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/b351ea-7e09-45af-a0ee-e40de08413fa/1/yuxr9i0NZUn0o09IaqVO0hGS-y0.roa
Signing time: Tue 02 Jan 2024 04:29:47 +0000
ROA not before: Tue 02 Jan 2024 04:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47914
IP address blocks: 91.247.0.0/19 maxlen: 24
93.157.232.0/21 maxlen: 24
91.245.128.0/19 maxlen: 24
176.108.192.0/19 maxlen: 24
109.206.128.0/19 maxlen: 24
2001:67c:2704::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/b351ea-7e09-45af-a0ee-e40de08413fa/1/hSHRA_xz6Qddzx4ivIJCtw-YyIQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/b351ea-7e09-45af-a0ee-e40de08413fa/1/hSHRA_xz6Qddzx4ivIJCtw-YyIQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hSHRA_xz6Qddzx4ivIJCtw-YyIQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:4f:26:c0:b1:5b:1f:f6:41:75:35:f1:99:70:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8521d103fc73e9075dcf1e22bc8242b70f98c884
Validity
Not Before: Jan 2 04:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=caec6bf62d0d6549f4a34f486aa54ed21192fb2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:da:64:f3:4f:d8:85:ce:e9:1f:19:eb:19:3f:
6b:97:25:37:43:2e:ce:d6:5b:93:26:4d:b9:41:41:
76:40:ec:70:b4:7f:21:27:ce:69:84:a1:b4:0c:c3:
50:55:a1:f9:ac:9a:ca:9e:9a:f4:ee:4b:3b:d7:e2:
03:fe:20:1a:16:be:36:f2:af:fe:47:f3:60:d0:28:
60:ba:a2:83:e3:29:3f:e4:b5:5f:98:06:9b:32:8b:
59:df:41:e4:36:b4:09:e2:0d:2c:0e:e0:13:24:f7:
26:a2:67:50:b9:b5:e8:76:67:b9:ea:d7:f0:0a:38:
b4:f0:af:dc:65:d8:11:d1:56:19:53:be:5b:4f:59:
0b:ba:ec:aa:e9:38:78:1f:29:6d:d3:22:ed:86:22:
64:c1:d1:3d:bf:94:a3:3d:ce:b6:89:d7:72:0a:67:
0d:9c:81:1d:da:44:f3:35:1c:f6:6f:bb:6a:5c:34:
f6:03:46:9c:29:66:fe:37:d4:48:6f:22:7c:97:07:
8c:62:5d:b9:50:1c:0f:6f:a3:c2:46:2f:b0:8e:88:
8b:cc:d2:7a:9f:8d:93:ba:84:f0:e4:70:84:47:a3:
19:66:44:ba:c9:58:81:63:29:bf:f9:ae:15:9f:3d:
75:a1:3d:11:c3:6d:e1:d3:a6:b1:d5:6a:ea:ad:1f:
65:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:EC:6B:F6:2D:0D:65:49:F4:A3:4F:48:6A:A5:4E:D2:11:92:FB:2D
X509v3 Authority Key Identifier:
keyid:85:21:D1:03:FC:73:E9:07:5D:CF:1E:22:BC:82:42:B7:0F:98:C8:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hSHRA_xz6Qddzx4ivIJCtw-YyIQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b351ea-7e09-45af-a0ee-e40de08413fa/1/yuxr9i0NZUn0o09IaqVO0hGS-y0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b351ea-7e09-45af-a0ee-e40de08413fa/1/hSHRA_xz6Qddzx4ivIJCtw-YyIQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.245.128.0/19
91.247.0.0/19
93.157.232.0/21
109.206.128.0/19
176.108.192.0/19
IPv6:
2001:67c:2704::/48
Signature Algorithm: sha256WithRSAEncryption
62:1f:14:17:03:a9:52:8a:95:09:4c:c6:3b:f6:8f:a5:99:f6:
be:f9:31:2d:b6:30:f8:b4:16:48:ff:90:95:0b:02:ae:18:90:
b5:5e:99:74:0b:eb:4e:17:b2:9d:15:ff:ca:b4:df:f7:0f:ba:
a4:89:37:2f:19:50:eb:67:f0:03:c1:27:5a:f2:aa:dd:1c:47:
28:26:99:33:4e:47:4c:c8:53:d7:05:94:48:03:7e:db:1f:54:
f8:3e:8f:0a:20:30:1c:63:a0:fb:0d:d0:51:39:12:ee:84:4d:
5f:46:74:8c:51:de:ca:b8:4e:2f:be:79:d5:c6:52:6a:eb:0a:
f0:6d:23:03:98:26:cc:6d:6f:9e:a2:29:45:9b:91:4d:7d:00:
f3:45:47:08:97:bf:b7:cd:13:44:a0:e9:4d:35:c9:f5:3d:16:
da:13:06:6a:06:22:6e:99:36:1c:5d:3a:60:55:a1:f2:21:1d:
ee:70:df:9b:fe:af:18:53:ca:d0:b0:6e:b5:76:4d:ab:0c:f2:
c6:0d:49:48:78:6e:b4:0a:c6:87:66:b6:cf:f5:8a:ae:86:1e:
28:69:ed:ba:e8:08:38:7a:a9:77:f1:1d:ca:78:e1:63:b7:c9:
3b:85:95:fa:a3:56:a6:a9:64:30:1d:d4:ca:b1:78:99:f7:b8:
c5:2d:45:60
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYzIb08mwLFbH/ZBdTXxmXBeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MjFkMTAzZmM3M2U5MDc1ZGNmMWUyMmJjODI0MmI3MGY5
OGM4ODQwHhcNMjQwMTAyMDQyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWVjNmJmNjJkMGQ2NTQ5ZjRhMzRmNDg2YWE1NGVkMjExOTJmYjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudpk80/Yhc7pHxnrGT9rlyU3Qy7O
1luTJk25QUF2QOxwtH8hJ85phKG0DMNQVaH5rJrKnpr07ks71+ID/iAaFr428q/+
R/Ng0ChguqKD4yk/5LVfmAabMotZ30HkNrQJ4g0sDuATJPcmomdQubXodme56tfw
Cji08K/cZdgR0VYZU75bT1kLuuyq6Th4Hylt0yLthiJkwdE9v5SjPc62iddyCmcN
nIEd2kTzNRz2b7tqXDT2A0acKWb+N9RIbyJ8lweMYl25UBwPb6PCRi+wjoiLzNJ6
n42TuoTw5HCER6MZZkS6yViBYym/+a4Vnz11oT0Rw23h06ax1WrqrR9liQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFMrsa/YtDWVJ9KNPSGqlTtIRkvstMB8GA1UdIwQY
MBaAFIUh0QP8c+kHXc8eIryCQrcPmMiEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFNIUkFfeHo2UWRkeng0aXZJSkN0dy1ZeUlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9iMzUxZWEtN2UwOS00NWFmLWEwZWUt
ZTQwZGUwODQxM2ZhLzEveXV4cjlpME5aVW4wbzA5SWFxVk8waEdTLXkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9iMzUxZWEtN2UwOS00NWFmLWEwZWUtZTQwZGUwODQxM2Zh
LzEvaFNIUkFfeHo2UWRkeng0aXZJSkN0dy1ZeUlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQFW/WAAwQF
W/cAAwQDXZ3oAwQFbc6AAwQFsGzAMA8EAgACMAkDBwAgAQZ8JwQwDQYJKoZIhvcN
AQELBQADggEBAGIfFBcDqVKKlQlMxjv2j6WZ9r75MS22MPi0Fkj/kJULAq4YkLVe
mXQL604Xsp0V/8q03/cPuqSJNy8ZUOtn8APBJ1ryqt0cRygmmTNOR0zIU9cFlEgD
ftsfVPg+jwogMBxjoPsN0FE5Eu6ETV9GdIxR3sq4Ti++edXGUmrrCvBtIwOYJsxt
b56iKUWbkU19APNFRwiXv7fNE0Sg6U01yfU9FtoTBmoGIm6ZNhxdOmBVofIhHe5w
35v+rxhTytCwbrV2TasM8sYNSUh4brQKxodmts/1iq6GHihp7broCDh6qXfxHcp4
4WO3yTuFlfqjVqapZDAd1MqxeJn3uMUtRWA=
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:41:31 2024 by rpki-client on console-ams.rpki-client.org