Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/a35052-7336-425f-a7ba-87f68b71e44d/1/y67kdvZ0g5XG1svfzeJ7eWGyNpY.roa
File: y67kdvZ0g5XG1svfzeJ7eWGyNpY.roa (raw, json)
Hash identifier: gj7ou5QmqASJwYYyALCIG7vreQONN2DkB8O2PIZ1kQE=
Subject key identifier: CB:AE:E4:76:F6:74:83:95:C6:D6:CB:DF:CD:E2:7B:79:61:B2:36:96
Certificate issuer: /CN=57b275b9bcc45dce8b3ef0172c96737800947a4e
Certificate serial: 018CC34955B1C58BFF4C0700A2610D3AA912
Authority key identifier: 57:B2:75:B9:BC:C4:5D:CE:8B:3E:F0:17:2C:96:73:78:00:94:7A:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V7J1ubzEXc6LPvAXLJZzeACUek4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/a35052-7336-425f-a7ba-87f68b71e44d/1/y67kdvZ0g5XG1svfzeJ7eWGyNpY.roa
Signing time: Mon 01 Jan 2024 04:30:12 +0000
ROA not before: Mon 01 Jan 2024 04:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201691
IP address blocks: 185.88.178.0/24 maxlen: 24
185.88.176.0/24 maxlen: 24
185.88.179.0/24 maxlen: 24
185.88.177.0/24 maxlen: 24
2a05:cd01::/32 maxlen: 32
2a05:cd00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/a35052-7336-425f-a7ba-87f68b71e44d/1/V7J1ubzEXc6LPvAXLJZzeACUek4.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/a35052-7336-425f-a7ba-87f68b71e44d/1/V7J1ubzEXc6LPvAXLJZzeACUek4.mft
rsync://rpki.ripe.net/repository/DEFAULT/V7J1ubzEXc6LPvAXLJZzeACUek4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 08:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:55:b1:c5:8b:ff:4c:07:00:a2:61:0d:3a:a9:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57b275b9bcc45dce8b3ef0172c96737800947a4e
Validity
Not Before: Jan 1 04:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cbaee476f6748395c6d6cbdfcde27b7961b23696
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:39:0f:f5:91:81:ef:1c:d6:66:78:ce:1f:75:
0f:e4:bc:19:b7:f0:7d:b4:54:6e:8b:b3:de:4a:c7:
81:16:18:5f:c6:f8:f2:f3:4d:35:0c:77:c3:f1:8d:
57:02:a5:d4:08:2e:e5:af:e8:ee:4b:b7:99:0e:74:
da:6e:53:7c:47:97:e0:48:dd:98:81:d5:be:f2:eb:
99:7d:35:0c:a1:53:6b:86:fc:27:e5:4b:7f:71:0c:
a1:61:3b:55:e3:ed:a3:5f:1f:93:8a:02:f6:71:4e:
9c:35:ad:d6:cb:39:5c:38:a5:aa:e3:c1:c2:e1:09:
ad:00:33:cd:53:a0:04:0e:47:93:08:3b:15:df:4c:
e5:ff:e3:40:15:09:f2:e2:0e:ee:21:91:af:cb:89:
63:f4:77:b1:ca:80:b4:ad:02:4a:ce:4d:11:db:2f:
d2:f3:5a:f0:43:90:e2:20:07:f6:28:c0:f4:e1:39:
9d:cd:30:37:b4:d5:a7:1e:5b:21:d0:12:9c:66:e0:
32:1f:7e:03:89:5f:52:08:38:72:7b:3e:e8:ba:82:
91:d8:51:b5:19:d2:c8:d0:c9:eb:0e:4c:9f:b1:9b:
ab:d0:05:7f:a2:7c:b2:c7:a9:35:7c:29:31:50:56:
07:cf:e3:61:32:ae:51:d4:c1:e0:45:88:13:29:cb:
b7:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:AE:E4:76:F6:74:83:95:C6:D6:CB:DF:CD:E2:7B:79:61:B2:36:96
X509v3 Authority Key Identifier:
keyid:57:B2:75:B9:BC:C4:5D:CE:8B:3E:F0:17:2C:96:73:78:00:94:7A:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V7J1ubzEXc6LPvAXLJZzeACUek4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a35052-7336-425f-a7ba-87f68b71e44d/1/y67kdvZ0g5XG1svfzeJ7eWGyNpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a35052-7336-425f-a7ba-87f68b71e44d/1/V7J1ubzEXc6LPvAXLJZzeACUek4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.176.0/22
IPv6:
2a05:cd00::/31
Signature Algorithm: sha256WithRSAEncryption
50:8b:6c:1d:35:39:06:cb:ca:e7:44:70:65:88:42:0b:ab:a0:
a6:a1:5f:be:b0:e7:59:01:1e:11:8c:e2:6d:41:ef:aa:cd:69:
5f:fd:f0:1b:ce:87:4b:70:18:4d:02:0e:10:b8:10:91:db:69:
7f:58:20:ed:01:6c:d4:e4:c1:8f:5e:1e:b4:12:fd:05:69:22:
ef:00:8f:48:cc:e6:e4:39:de:9e:ae:4d:e8:7e:ae:fa:4a:8f:
ed:27:cf:98:c0:df:55:86:55:b8:b2:ca:09:9f:78:31:24:40:
8d:b6:37:37:57:2d:26:0a:9c:23:47:de:ce:52:05:90:b6:60:
df:0d:da:d8:1b:ab:c6:b8:dc:ff:a0:22:5f:92:f4:80:e2:5f:
59:68:05:57:63:f3:41:f2:15:a8:e5:f8:98:4d:6d:a4:1b:4c:
5f:90:e2:5d:92:76:d2:de:26:28:d6:86:cb:f0:a0:38:f9:61:
e4:2d:2b:03:67:8e:cd:7e:8d:f1:10:f0:07:6c:73:63:fe:07:
fb:b5:d6:2f:49:53:f8:88:46:83:1b:39:99:30:3f:c7:a2:ff:
36:35:ec:78:a3:f5:4c:0b:02:1f:7f:b3:7d:48:a4:a5:d4:2f:
04:8a:cd:44:89:e8:7c:fb:e0:f4:5a:aa:ef:d3:99:b3:9a:f9:
46:9e:78:3a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDSVWxxYv/TAcAomENOqkSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YjI3NWI5YmNjNDVkY2U4YjNlZjAxNzJjOTY3Mzc4MDA5
NDdhNGUwHhcNMjQwMTAxMDQzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmFlZTQ3NmY2NzQ4Mzk1YzZkNmNiZGZjZGUyN2I3OTYxYjIzNjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozkP9ZGB7xzWZnjOH3UP5LwZt/B9
tFRui7PeSseBFhhfxvjy8001DHfD8Y1XAqXUCC7lr+juS7eZDnTablN8R5fgSN2Y
gdW+8uuZfTUMoVNrhvwn5Ut/cQyhYTtV4+2jXx+TigL2cU6cNa3WyzlcOKWq48HC
4QmtADPNU6AEDkeTCDsV30zl/+NAFQny4g7uIZGvy4lj9HexyoC0rQJKzk0R2y/S
81rwQ5DiIAf2KMD04TmdzTA3tNWnHlsh0BKcZuAyH34DiV9SCDhyez7ouoKR2FG1
GdLI0MnrDkyfsZur0AV/onyyx6k1fCkxUFYHz+NhMq5R1MHgRYgTKcu3jwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMuu5Hb2dIOVxtbL383ie3lhsjaWMB8GA1UdIwQY
MBaAFFeydbm8xF3Oiz7wFyyWc3gAlHpOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjdKMXViekVYYzZMUHZBWExKWnplQUNVZWs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9hMzUwNTItNzMzNi00MjVmLWE3YmEt
ODdmNjhiNzFlNDRkLzEveTY3a2R2WjBnNVhHMXN2ZnplSjdlV0d5TnBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9hMzUwNTItNzMzNi00MjVmLWE3YmEtODdmNjhiNzFlNDRk
LzEvVjdKMXViekVYYzZMUHZBWExKWnplQUNVZWs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuViwMA0E
AgACMAcDBQEqBc0AMA0GCSqGSIb3DQEBCwUAA4IBAQBQi2wdNTkGy8rnRHBliEIL
q6CmoV++sOdZAR4RjOJtQe+qzWlf/fAbzodLcBhNAg4QuBCR22l/WCDtAWzU5MGP
Xh60Ev0FaSLvAI9IzObkOd6erk3ofq76So/tJ8+YwN9VhlW4ssoJn3gxJECNtjc3
Vy0mCpwjR97OUgWQtmDfDdrYG6vGuNz/oCJfkvSA4l9ZaAVXY/NB8hWo5fiYTW2k
G0xfkOJdknbS3iYo1obL8KA4+WHkLSsDZ47Nfo3xEPAHbHNj/gf7tdYvSVP4iEaD
GzmZMD/Hov82Nex4o/VMCwIff7N9SKSl1C8Eis1Eieh8++D0Wqrv05mzmvlGnng6
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:27:24 2024 by rpki-client on console-fra.rpki-client.org