Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/991fd8-2d85-4cf9-9036-5e02c4653e50/1/yKJh9BpZk1krm2V92iou-81IPdE.roa
File: yKJh9BpZk1krm2V92iou-81IPdE.roa (raw, json)
Hash identifier: nh/aexV0IAMIe8kR7DeYTnRZPAIfJIrpZyOfto5YLRg=
Subject key identifier: C8:A2:61:F4:1A:59:93:59:2B:9B:65:7D:DA:2A:2E:FB:CD:48:3D:D1
Certificate issuer: /CN=642c7a4e9f02b2f4e664d7d0d72a52e51261de54
Certificate serial: 018CC8DCCC7EB45C4950E663323471E26C2A
Authority key identifier: 64:2C:7A:4E:9F:02:B2:F4:E6:64:D7:D0:D7:2A:52:E5:12:61:DE:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZCx6Tp8CsvTmZNfQ1ypS5RJh3lQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/991fd8-2d85-4cf9-9036-5e02c4653e50/1/yKJh9BpZk1krm2V92iou-81IPdE.roa
Signing time: Tue 02 Jan 2024 06:29:22 +0000
ROA not before: Tue 02 Jan 2024 06:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57473
IP address blocks: 194.60.250.0/24 maxlen: 24
185.115.136.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/991fd8-2d85-4cf9-9036-5e02c4653e50/1/ZCx6Tp8CsvTmZNfQ1ypS5RJh3lQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/991fd8-2d85-4cf9-9036-5e02c4653e50/1/ZCx6Tp8CsvTmZNfQ1ypS5RJh3lQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZCx6Tp8CsvTmZNfQ1ypS5RJh3lQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:cc:7e:b4:5c:49:50:e6:63:32:34:71:e2:6c:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=642c7a4e9f02b2f4e664d7d0d72a52e51261de54
Validity
Not Before: Jan 2 06:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8a261f41a5993592b9b657dda2a2efbcd483dd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c2:76:ee:3e:1e:9e:36:89:73:26:a0:75:db:
5f:a7:87:45:03:0c:ed:62:03:55:ac:22:44:95:b7:
79:97:9b:82:8b:65:0d:36:00:1b:5f:29:ca:b1:86:
ca:5e:dd:f4:67:f6:d1:01:66:c6:db:59:53:4b:12:
c1:13:8a:3c:17:4d:0c:4c:33:44:a0:91:3e:58:63:
17:27:71:09:b4:78:fa:e7:99:57:e0:18:96:6c:46:
6c:da:43:0e:c2:94:d6:da:f5:01:f1:53:67:a5:fa:
3d:8f:f8:e9:81:3d:23:0f:d3:df:28:92:5a:62:cb:
75:62:75:6a:2b:16:39:b7:92:d7:42:16:68:8c:24:
71:be:91:f4:dc:60:86:3b:78:78:e5:23:a4:dc:56:
7f:a7:28:d1:87:44:85:29:42:12:c4:0d:04:f7:54:
bb:cc:60:1e:04:57:f2:b3:a6:c4:d6:f0:d8:9d:15:
ab:60:16:47:d4:3c:cc:4a:49:d3:58:05:8c:ca:da:
3d:ce:30:9c:03:44:23:7a:44:13:82:aa:4f:21:bf:
72:b6:5f:83:b9:8c:3c:33:b2:6b:4b:96:f0:95:8b:
d3:3c:68:14:e0:b6:13:00:53:53:87:5c:6e:d2:58:
38:cb:42:5e:8f:4d:7f:3f:59:29:03:bf:0e:b5:98:
eb:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:A2:61:F4:1A:59:93:59:2B:9B:65:7D:DA:2A:2E:FB:CD:48:3D:D1
X509v3 Authority Key Identifier:
keyid:64:2C:7A:4E:9F:02:B2:F4:E6:64:D7:D0:D7:2A:52:E5:12:61:DE:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZCx6Tp8CsvTmZNfQ1ypS5RJh3lQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/991fd8-2d85-4cf9-9036-5e02c4653e50/1/yKJh9BpZk1krm2V92iou-81IPdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/991fd8-2d85-4cf9-9036-5e02c4653e50/1/ZCx6Tp8CsvTmZNfQ1ypS5RJh3lQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.115.136.0/22
194.60.250.0/24
Signature Algorithm: sha256WithRSAEncryption
79:7b:09:90:6f:91:91:67:8d:de:47:48:7d:63:ac:1e:15:d6:
3f:84:0e:69:52:1c:97:bd:5f:2e:d6:62:b7:8f:fa:df:72:9e:
82:7e:c9:de:92:6b:0b:11:64:55:c8:3f:47:bd:3c:32:c7:5a:
4e:5d:93:73:ca:9d:51:14:55:aa:75:6f:b9:fc:4f:e0:1d:5d:
d1:94:d6:75:eb:df:19:90:f2:eb:f0:7b:c7:fd:26:12:5e:80:
7c:d9:5c:33:7e:cd:67:92:96:6d:8a:6c:cf:0e:c7:09:c7:1c:
4f:ab:17:8c:ee:e8:9f:a3:d5:e7:94:b4:c1:4a:55:29:4c:0d:
db:80:95:61:97:00:ad:a9:f8:7a:3e:4d:84:0e:52:f8:39:76:
89:0d:1f:f8:47:d9:ff:d2:de:29:02:a1:16:29:2b:3e:e8:4e:
f5:db:eb:55:6c:23:73:54:39:13:51:fd:81:9a:bc:d1:ec:3d:
7e:c2:f0:97:75:36:b5:03:1b:74:63:72:01:5e:21:c6:d5:e5:
ae:ad:9b:a3:ef:84:5a:e0:24:2d:78:f9:7a:96:83:b9:a9:e0:
ff:62:7f:32:60:cb:1e:37:85:34:87:15:31:dd:4a:13:58:ab:
42:fc:9d:10:c6:c0:27:40:1c:dd:93:7d:e5:62:de:ac:a5:5a:
5e:e1:91:42
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI3Mx+tFxJUOZjMjRx4mwqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MmM3YTRlOWYwMmIyZjRlNjY0ZDdkMGQ3MmE1MmU1MTI2
MWRlNTQwHhcNMjQwMTAyMDYyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGEyNjFmNDFhNTk5MzU5MmI5YjY1N2RkYTJhMmVmYmNkNDgzZGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMJ27j4enjaJcyagddtfp4dFAwzt
YgNVrCJElbd5l5uCi2UNNgAbXynKsYbKXt30Z/bRAWbG21lTSxLBE4o8F00MTDNE
oJE+WGMXJ3EJtHj655lX4BiWbEZs2kMOwpTW2vUB8VNnpfo9j/jpgT0jD9PfKJJa
Yst1YnVqKxY5t5LXQhZojCRxvpH03GCGO3h45SOk3FZ/pyjRh0SFKUISxA0E91S7
zGAeBFfys6bE1vDYnRWrYBZH1DzMSknTWAWMyto9zjCcA0QjekQTgqpPIb9ytl+D
uYw8M7JrS5bwlYvTPGgU4LYTAFNTh1xu0lg4y0Jej01/P1kpA78OtZjrUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMiiYfQaWZNZK5tlfdoqLvvNSD3RMB8GA1UdIwQY
MBaAFGQsek6fArL05mTX0NcqUuUSYd5UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkN4NlRwOENzdlRtWk5mUTF5cFM1UkpoM2xRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy85OTFmZDgtMmQ4NS00Y2Y5LTkwMzYt
NWUwMmM0NjUzZTUwLzEveUtKaDlCcFprMWtybTJWOTJpb3UtODFJUGRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy85OTFmZDgtMmQ4NS00Y2Y5LTkwMzYtNWUwMmM0NjUzZTUw
LzEvWkN4NlRwOENzdlRtWk5mUTF5cFM1UkpoM2xRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuXOIAwQA
wjz6MA0GCSqGSIb3DQEBCwUAA4IBAQB5ewmQb5GRZ43eR0h9Y6weFdY/hA5pUhyX
vV8u1mK3j/rfcp6CfsnekmsLEWRVyD9HvTwyx1pOXZNzyp1RFFWqdW+5/E/gHV3R
lNZ1698ZkPLr8HvH/SYSXoB82Vwzfs1nkpZtimzPDscJxxxPqxeM7uifo9XnlLTB
SlUpTA3bgJVhlwCtqfh6Pk2EDlL4OXaJDR/4R9n/0t4pAqEWKSs+6E712+tVbCNz
VDkTUf2BmrzR7D1+wvCXdTa1Axt0Y3IBXiHG1eWurZuj74Ra4CQtePl6loO5qeD/
Yn8yYMseN4U0hxUx3UoTWKtC/J0QxsAnQBzdk33lYt6spVpe4ZFC
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:31:46 2024 by rpki-client on console-ams.rpki-client.org