Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/4d200d-eae5-44da-8ee3-09595e9cd6c2/1/YN0IjUVCV36VWf0bc6p6qm9HeAE.roa
File: YN0IjUVCV36VWf0bc6p6qm9HeAE.roa (raw, json)
Hash identifier: tUw+ubOIW95dzzfnpD1zV/xBmwh2WzsRwZkSxLB2B6s=
Subject key identifier: 60:DD:08:8D:45:42:57:7E:95:59:FD:1B:73:AA:7A:AA:6F:47:78:01
Certificate issuer: /CN=e740eed28f2d994eb2b831cb8efc6470306d7461
Certificate serial: 018CC9BC35143E4D11BE0A5AFB1E8200D84E
Authority key identifier: E7:40:EE:D2:8F:2D:99:4E:B2:B8:31:CB:8E:FC:64:70:30:6D:74:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/50Du0o8tmU6yuDHLjvxkcDBtdGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/4d200d-eae5-44da-8ee3-09595e9cd6c2/1/YN0IjUVCV36VWf0bc6p6qm9HeAE.roa
Signing time: Tue 02 Jan 2024 10:33:23 +0000
ROA not before: Tue 02 Jan 2024 10:33:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42600
IP address blocks: 185.139.201.0/24 maxlen: 24
185.139.200.0/24 maxlen: 24
185.139.200.0/22 maxlen: 24
185.139.203.0/24 maxlen: 24
185.139.202.0/24 maxlen: 24
185.46.90.0/24 maxlen: 24
185.46.89.0/24 maxlen: 24
185.46.88.0/24 maxlen: 24
185.46.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/4d200d-eae5-44da-8ee3-09595e9cd6c2/1/50Du0o8tmU6yuDHLjvxkcDBtdGE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/4d200d-eae5-44da-8ee3-09595e9cd6c2/1/50Du0o8tmU6yuDHLjvxkcDBtdGE.mft
rsync://rpki.ripe.net/repository/DEFAULT/50Du0o8tmU6yuDHLjvxkcDBtdGE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:35:14:3e:4d:11:be:0a:5a:fb:1e:82:00:d8:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e740eed28f2d994eb2b831cb8efc6470306d7461
Validity
Not Before: Jan 2 10:33:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60dd088d4542577e9559fd1b73aa7aaa6f477801
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:19:58:d4:08:3f:1f:cd:ec:9c:5e:9e:3f:7f:
d2:93:57:62:28:0c:d9:c6:ee:cf:27:93:59:11:0e:
f4:07:e1:aa:5c:ad:78:67:d7:9a:40:a1:45:0b:0f:
5c:46:85:79:8f:c7:21:e1:27:8e:c2:9f:e5:2e:88:
a5:2c:e8:e6:fc:9f:9f:20:1b:b1:34:78:a7:d0:01:
75:5a:c9:32:05:dc:25:59:75:28:1b:ba:68:37:b0:
dc:bf:f3:c8:ef:0e:6b:70:55:0d:b6:0a:22:39:4b:
f6:61:69:99:1a:3e:0a:71:1d:27:20:52:d3:c3:de:
bd:90:af:74:5a:4b:49:eb:7c:ff:91:f5:1f:68:e8:
d2:a3:64:69:a4:32:f8:71:ea:85:e6:2f:23:4d:96:
51:1f:4c:b1:54:d2:b0:a4:79:53:df:90:84:ef:05:
d1:d3:b8:58:da:71:eb:54:5c:9c:bd:63:1d:2a:b8:
f3:c0:30:f6:36:33:c3:3a:7c:e9:3e:3e:f0:05:3f:
59:07:c3:00:11:42:66:d5:8d:2b:4f:71:e1:ce:e8:
2e:d6:4a:d7:53:02:25:f9:8c:cb:e4:0c:fc:99:1d:
d6:e8:23:62:c7:99:25:04:0b:cc:7b:51:a5:6b:8b:
4b:32:d7:c0:f1:a7:fb:28:db:cc:fb:05:6d:f5:21:
ef:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:DD:08:8D:45:42:57:7E:95:59:FD:1B:73:AA:7A:AA:6F:47:78:01
X509v3 Authority Key Identifier:
keyid:E7:40:EE:D2:8F:2D:99:4E:B2:B8:31:CB:8E:FC:64:70:30:6D:74:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/50Du0o8tmU6yuDHLjvxkcDBtdGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/4d200d-eae5-44da-8ee3-09595e9cd6c2/1/YN0IjUVCV36VWf0bc6p6qm9HeAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/4d200d-eae5-44da-8ee3-09595e9cd6c2/1/50Du0o8tmU6yuDHLjvxkcDBtdGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.46.88.0/22
185.139.200.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:eb:1d:d2:36:e7:a0:1c:c5:66:08:96:31:19:fe:8f:10:14:
f0:e6:c7:70:47:11:21:be:f0:ff:0b:08:34:1c:11:65:4f:c2:
f2:89:4f:b6:6e:26:a3:e6:84:72:67:62:41:87:02:c1:46:3a:
c4:1f:4c:96:b8:6c:db:d5:b1:6e:0b:bf:9c:64:09:b3:be:c0:
ff:cc:ca:4b:26:8e:18:8a:37:bf:fa:ac:9b:1d:c0:14:37:b1:
ca:d3:d9:fa:4d:fc:49:88:94:b0:80:98:c1:47:88:41:3c:76:
53:7c:b1:38:38:6f:52:53:ee:c7:54:1f:7e:17:c7:24:fb:16:
1e:65:47:97:01:68:c1:6e:80:32:ae:f9:4d:a1:05:e4:e2:47:
99:62:e5:7a:84:7a:49:eb:d7:c1:3c:4d:c6:ed:72:27:89:34:
2a:30:db:95:e2:7a:30:11:38:cd:97:2c:6a:39:53:c3:ed:50:
e0:79:97:3a:c9:19:68:e6:74:3a:3d:1b:6a:8d:8a:ea:a0:81:
39:56:90:5d:8e:d8:47:ac:6a:5f:c5:55:6d:c6:80:55:b2:19:
f3:53:00:74:5c:0d:0b:45:8f:b4:fd:e4:d7:7b:87:5a:0d:64:
7a:f2:19:26:b7:11:d0:41:bb:27:a3:3b:37:f9:ab:a0:53:6c:
79:e2:45:06
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJvDUUPk0Rvgpa+x6CANhOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NDBlZWQyOGYyZDk5NGViMmI4MzFjYjhlZmM2NDcwMzA2
ZDc0NjEwHhcNMjQwMTAyMTAzMzIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGRkMDg4ZDQ1NDI1NzdlOTU1OWZkMWI3M2FhN2FhYTZmNDc3ODAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhlY1Ag/H83snF6eP3/Sk1diKAzZ
xu7PJ5NZEQ70B+GqXK14Z9eaQKFFCw9cRoV5j8ch4SeOwp/lLoilLOjm/J+fIBux
NHin0AF1WskyBdwlWXUoG7poN7Dcv/PI7w5rcFUNtgoiOUv2YWmZGj4KcR0nIFLT
w969kK90WktJ63z/kfUfaOjSo2RppDL4ceqF5i8jTZZRH0yxVNKwpHlT35CE7wXR
07hY2nHrVFycvWMdKrjzwDD2NjPDOnzpPj7wBT9ZB8MAEUJm1Y0rT3Hhzugu1krX
UwIl+YzL5Az8mR3W6CNix5klBAvMe1Gla4tLMtfA8af7KNvM+wVt9SHvMwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGDdCI1FQld+lVn9G3OqeqpvR3gBMB8GA1UdIwQY
MBaAFOdA7tKPLZlOsrgxy478ZHAwbXRhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTBEdTBvOHRtVTZ5dURITGp2eGtjREJ0ZEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy80ZDIwMGQtZWFlNS00NGRhLThlZTMt
MDk1OTVlOWNkNmMyLzEvWU4wSWpVVkNWMzZWV2YwYmM2cDZxbTlIZUFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy80ZDIwMGQtZWFlNS00NGRhLThlZTMtMDk1OTVlOWNkNmMy
LzEvNTBEdTBvOHRtVTZ5dURITGp2eGtjREJ0ZEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuS5YAwQC
uYvIMA0GCSqGSIb3DQEBCwUAA4IBAQAc6x3SNuegHMVmCJYxGf6PEBTw5sdwRxEh
vvD/Cwg0HBFlT8LyiU+2biaj5oRyZ2JBhwLBRjrEH0yWuGzb1bFuC7+cZAmzvsD/
zMpLJo4Yije/+qybHcAUN7HK09n6TfxJiJSwgJjBR4hBPHZTfLE4OG9SU+7HVB9+
F8ck+xYeZUeXAWjBboAyrvlNoQXk4keZYuV6hHpJ69fBPE3G7XIniTQqMNuV4now
ETjNlyxqOVPD7VDgeZc6yRlo5nQ6PRtqjYrqoIE5VpBdjthHrGpfxVVtxoBVshnz
UwB0XA0LRY+0/eTXe4daDWR68hkmtxHQQbsnozs3+augU2x54kUG
-----END CERTIFICATE-----
Generated at Mon May 13 13:11:03 2024 by rpki-client on console-ams.rpki-client.org