Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e2cea4-514a-4349-9cbc-f9ec30cb9b4b/1/FYyJuOlatGIlA61s4f07XUGlkGY.roa
File: FYyJuOlatGIlA61s4f07XUGlkGY.roa (raw, json)
Hash identifier: Py+5NmYVZfVm5rbvNCZVmCmJkN1lML6LlEnI73AYMuo=
Subject key identifier: 15:8C:89:B8:E9:5A:B4:62:25:03:AD:6C:E1:FD:3B:5D:41:A5:90:66
Certificate issuer: /CN=60fa7fdfcebc07a272db89cdaf877870c687e04f
Certificate serial: 0194228D0FEE9345115EAE991BC9D614101A
Authority key identifier: 60:FA:7F:DF:CE:BC:07:A2:72:DB:89:CD:AF:87:78:70:C6:87:E0:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YPp_3868B6Jy24nNr4d4cMaH4E8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e2cea4-514a-4349-9cbc-f9ec30cb9b4b/1/FYyJuOlatGIlA61s4f07XUGlkGY.roa
Signing time: Wed 01 Jan 2025 15:47:37 +0000
ROA not before: Wed 01 Jan 2025 15:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28821
IP address blocks: 185.104.56.0/22 maxlen: 22
185.104.56.0/24 maxlen: 24
185.104.57.0/24 maxlen: 24
185.104.58.0/24 maxlen: 24
185.104.59.0/24 maxlen: 24
2a06:2f00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/e2cea4-514a-4349-9cbc-f9ec30cb9b4b/1/YPp_3868B6Jy24nNr4d4cMaH4E8.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/e2cea4-514a-4349-9cbc-f9ec30cb9b4b/1/YPp_3868B6Jy24nNr4d4cMaH4E8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YPp_3868B6Jy24nNr4d4cMaH4E8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:0f:ee:93:45:11:5e:ae:99:1b:c9:d6:14:10:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60fa7fdfcebc07a272db89cdaf877870c687e04f
Validity
Not Before: Jan 1 15:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=158c89b8e95ab4622503ad6ce1fd3b5d41a59066
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ca:24:56:2a:44:d7:ab:12:b9:4b:8c:ff:f6:
a9:2c:68:7f:af:5a:de:05:09:26:82:a4:86:17:33:
0e:9f:df:a9:ab:aa:18:46:27:99:bf:42:8e:0c:1b:
95:2b:7f:2c:48:e2:44:ee:97:bc:b7:4b:64:3a:6d:
c4:0f:bc:01:69:0a:de:36:10:58:b4:22:8d:74:bf:
97:90:c7:21:1a:eb:42:20:37:23:17:af:33:51:ad:
c3:c3:df:75:6a:50:48:8d:0b:40:02:cc:6b:9d:9e:
97:da:47:b2:ed:58:13:83:2c:d1:d2:99:55:85:ba:
2b:39:cb:8c:5c:5d:90:ca:95:95:85:a2:6a:5c:e8:
6f:da:1a:3d:6e:84:6f:01:3d:84:2f:b8:81:c5:8e:
fe:14:70:89:50:b4:b3:f4:ec:fa:77:80:b0:63:7a:
18:e7:89:cd:f9:30:68:56:02:9a:5a:09:37:c4:c6:
63:90:68:69:b8:4a:cb:34:25:e4:d1:4f:eb:82:20:
75:c3:2d:79:eb:31:3f:ed:7d:0e:a3:fd:b4:3b:8f:
be:e0:85:23:bc:ce:09:cc:f3:32:05:aa:d5:e5:82:
89:45:86:b6:58:17:ba:6b:e2:78:3f:0b:34:66:5c:
bf:dd:e4:28:be:73:69:8c:9e:83:08:4b:b8:b4:86:
7d:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:8C:89:B8:E9:5A:B4:62:25:03:AD:6C:E1:FD:3B:5D:41:A5:90:66
X509v3 Authority Key Identifier:
keyid:60:FA:7F:DF:CE:BC:07:A2:72:DB:89:CD:AF:87:78:70:C6:87:E0:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YPp_3868B6Jy24nNr4d4cMaH4E8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e2cea4-514a-4349-9cbc-f9ec30cb9b4b/1/FYyJuOlatGIlA61s4f07XUGlkGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e2cea4-514a-4349-9cbc-f9ec30cb9b4b/1/YPp_3868B6Jy24nNr4d4cMaH4E8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.56.0/22
IPv6:
2a06:2f00::/29
Signature Algorithm: sha256WithRSAEncryption
a5:62:1b:e9:05:8a:d3:1f:36:6b:fa:6e:57:fc:5e:7a:eb:a3:
19:db:d8:4a:81:28:67:06:51:0a:3d:01:34:dd:26:39:cf:4b:
71:cb:a3:56:17:f3:01:f3:bd:99:ee:3c:31:7d:3e:24:d9:ca:
c0:f3:f7:66:0e:83:fc:bf:c6:62:c6:ed:7e:82:3c:24:a1:d8:
ea:d1:aa:a0:59:af:0c:76:4c:64:ef:97:f6:82:2e:ea:6c:80:
86:16:97:86:9d:2f:a0:6e:0d:1c:e0:13:74:f0:7f:a3:40:2e:
01:8a:8f:3d:40:4b:d2:74:18:48:52:93:6a:24:09:90:7b:db:
74:3a:7b:ea:82:9e:74:f1:65:4e:83:07:e0:ab:f7:07:d9:cd:
ce:50:0b:c2:07:45:1a:37:0d:66:0b:fa:a5:6f:d4:48:09:29:
39:39:ff:aa:df:f3:f9:c2:91:a4:7b:2b:13:ce:d0:db:1e:28:
f0:d0:57:9b:a9:d4:4b:b9:46:02:14:95:81:ba:39:6a:71:39:
1e:de:6b:42:03:0a:fc:e8:a2:85:74:eb:ec:98:0a:14:ec:91:
2e:e2:12:2b:7e:0f:e9:0a:fd:c2:7d:4d:0e:9d:0f:19:cb:8c:
82:fb:a0:da:a1:89:48:e5:44:91:dd:82:3a:66:70:3b:e8:d4:
8d:cf:b5:3f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQijQ/uk0URXq6ZG8nWFBAaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZmE3ZmRmY2ViYzA3YTI3MmRiODljZGFmODc3ODcwYzY4
N2UwNGYwHhcNMjUwMTAxMTU0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNThjODliOGU5NWFiNDYyMjUwM2FkNmNlMWZkM2I1ZDQxYTU5MDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1cokVipE16sSuUuM//apLGh/r1re
BQkmgqSGFzMOn9+pq6oYRieZv0KODBuVK38sSOJE7pe8t0tkOm3ED7wBaQreNhBY
tCKNdL+XkMchGutCIDcjF68zUa3Dw991alBIjQtAAsxrnZ6X2key7VgTgyzR0plV
hborOcuMXF2QypWVhaJqXOhv2ho9boRvAT2EL7iBxY7+FHCJULSz9Oz6d4CwY3oY
54nN+TBoVgKaWgk3xMZjkGhpuErLNCXk0U/rgiB1wy156zE/7X0Oo/20O4++4IUj
vM4JzPMyBarV5YKJRYa2WBe6a+J4Pws0Zly/3eQovnNpjJ6DCEu4tIZ9fQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBWMibjpWrRiJQOtbOH9O11BpZBmMB8GA1UdIwQY
MBaAFGD6f9/OvAeictuJza+HeHDGh+BPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVBwXzM4NjhCNkp5MjRuTnI0ZDRjTWFINEU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lMmNlYTQtNTE0YS00MzQ5LTljYmMt
ZjllYzMwY2I5YjRiLzEvRll5SnVPbGF0R0lsQTYxczRmMDdYVUdsa0dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9lMmNlYTQtNTE0YS00MzQ5LTljYmMtZjllYzMwY2I5YjRi
LzEvWVBwXzM4NjhCNkp5MjRuTnI0ZDRjTWFINEU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWg4MA0E
AgACMAcDBQMqBi8AMA0GCSqGSIb3DQEBCwUAA4IBAQClYhvpBYrTHzZr+m5X/F56
66MZ29hKgShnBlEKPQE03SY5z0txy6NWF/MB872Z7jwxfT4k2crA8/dmDoP8v8Zi
xu1+gjwkodjq0aqgWa8Mdkxk75f2gi7qbICGFpeGnS+gbg0c4BN08H+jQC4Bio89
QEvSdBhIUpNqJAmQe9t0Onvqgp508WVOgwfgq/cH2c3OUAvCB0UaNw1mC/qlb9RI
CSk5Of+q3/P5wpGkeysTztDbHijw0FebqdRLuUYCFJWBujlqcTke3mtCAwr86KKF
dOvsmAoU7JEu4hIrfg/pCv3CfU0OnQ8Zy4yC+6DaoYlI5USR3YI6ZnA76NSNz7U/
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:07:43 2025 by rpki-client