Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/e22192-be00-48c0-a711-7f96c9f05f54/1/yH9vyg4xtGqTxp9p-vGiYSiSBEY.roa
File: yH9vyg4xtGqTxp9p-vGiYSiSBEY.roa (raw, json)
Hash identifier: /ckunZohpD2LwFf44t8473mmV9TLI/iiOdzuYcE3gY4=
Subject key identifier: C8:7F:6F:CA:0E:31:B4:6A:93:C6:9F:69:FA:F1:A2:61:28:92:04:46
Certificate issuer: /CN=0bcbf748e9f4998685d0c965d2dfdf0f362a5052
Certificate serial: 018CC8013EEFE8A5D914C91F64673B6F2A54
Authority key identifier: 0B:CB:F7:48:E9:F4:99:86:85:D0:C9:65:D2:DF:DF:0F:36:2A:50:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C8v3SOn0mYaF0Mll0t_fDzYqUFI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/e22192-be00-48c0-a711-7f96c9f05f54/1/yH9vyg4xtGqTxp9p-vGiYSiSBEY.roa
Signing time: Tue 02 Jan 2024 02:29:33 +0000
ROA not before: Tue 02 Jan 2024 02:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48781
IP address blocks: 185.33.246.0/24 maxlen: 24
185.33.244.0/24 maxlen: 24
91.107.0.0/18 maxlen: 19
95.128.240.0/21 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/e22192-be00-48c0-a711-7f96c9f05f54/1/C8v3SOn0mYaF0Mll0t_fDzYqUFI.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/e22192-be00-48c0-a711-7f96c9f05f54/1/C8v3SOn0mYaF0Mll0t_fDzYqUFI.mft
rsync://rpki.ripe.net/repository/DEFAULT/C8v3SOn0mYaF0Mll0t_fDzYqUFI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 20:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:3e:ef:e8:a5:d9:14:c9:1f:64:67:3b:6f:2a:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bcbf748e9f4998685d0c965d2dfdf0f362a5052
Validity
Not Before: Jan 2 02:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c87f6fca0e31b46a93c69f69faf1a26128920446
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:81:e4:81:48:b5:0f:96:d7:08:83:62:4e:94:
59:40:af:3a:b9:bd:c8:ee:19:a4:36:12:5e:4d:6d:
c8:d8:bc:c9:b7:a9:fe:75:69:ca:81:c3:e8:2d:36:
3b:95:22:25:d9:82:d8:a8:14:14:81:70:28:1d:5a:
51:6d:46:49:23:c5:fd:10:a2:86:f7:e1:c7:5f:0c:
44:a3:ab:bd:96:22:6b:e1:21:04:24:0c:ec:43:58:
77:28:0e:52:b6:7e:6a:b6:3e:38:af:80:20:c3:5e:
7e:6b:6b:b0:7a:93:68:91:a5:09:72:37:2f:d7:aa:
58:0c:62:7e:3a:cd:9a:54:e2:4a:9c:5b:92:e4:56:
a9:c8:46:39:c8:2c:71:b8:47:95:ec:1d:c2:d0:ac:
7b:8e:b7:f9:44:62:8a:1e:d4:59:dd:56:91:1f:6d:
c9:6e:cc:b6:e0:28:ce:87:9c:3f:87:da:60:3a:7c:
93:71:ed:5f:da:3a:dc:d6:81:3d:c2:1e:a0:58:df:
b4:01:e2:59:e6:a4:ee:3a:95:d2:9d:cd:71:ed:28:
9e:60:50:74:01:9e:22:d1:fe:c2:88:8d:02:86:80:
92:b8:88:2e:7a:f5:ae:0f:ff:51:e9:c4:ea:88:96:
40:ed:16:a7:c2:4d:c1:52:be:49:a2:b1:47:72:9b:
86:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:7F:6F:CA:0E:31:B4:6A:93:C6:9F:69:FA:F1:A2:61:28:92:04:46
X509v3 Authority Key Identifier:
keyid:0B:CB:F7:48:E9:F4:99:86:85:D0:C9:65:D2:DF:DF:0F:36:2A:50:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C8v3SOn0mYaF0Mll0t_fDzYqUFI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/e22192-be00-48c0-a711-7f96c9f05f54/1/yH9vyg4xtGqTxp9p-vGiYSiSBEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/e22192-be00-48c0-a711-7f96c9f05f54/1/C8v3SOn0mYaF0Mll0t_fDzYqUFI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.107.0.0/18
95.128.240.0/21
185.33.244.0/24
185.33.246.0/24
Signature Algorithm: sha256WithRSAEncryption
87:4c:e5:4c:41:11:0d:c7:80:a8:24:39:9d:f0:ee:b4:3d:7a:
60:21:88:3d:4c:ce:92:b1:d4:29:6a:16:e7:99:ab:c4:74:f0:
bd:5f:e3:1c:7c:62:f5:a2:ca:fc:fa:0e:37:7f:b0:f8:18:48:
a9:39:57:9e:b7:9d:51:0a:ef:99:74:a8:81:bc:d9:ab:6f:3d:
c0:30:29:ef:d2:78:46:5d:6f:52:c5:8d:a8:5e:da:46:a5:5e:
52:b2:d8:9c:24:2b:4a:f1:82:97:05:aa:6b:d6:f7:0c:4f:17:
8a:75:36:4f:c9:e7:a5:d8:8d:39:9c:c5:22:3a:78:42:e1:ee:
33:20:3a:48:7e:52:de:9d:00:da:dc:70:8d:bb:c3:83:a0:e4:
d7:a6:2d:e7:a5:f4:0a:6a:18:dc:82:36:c8:1a:49:c0:91:b9:
67:31:54:e5:7b:89:3f:c2:25:f1:2b:e2:40:b3:14:c8:26:5f:
23:83:98:ca:72:8e:0e:eb:f5:3d:df:ad:f0:3a:f6:6e:bd:9f:
f3:22:19:45:d5:67:87:c6:dc:b7:58:24:be:b1:71:18:1e:7f:
89:5c:f0:d5:c3:8b:9d:9f:a1:bc:3f:ae:53:21:4e:65:1b:df:
44:f1:8b:c9:5d:74:86:0f:c1:1c:38:d7:d0:86:af:13:ba:56:
b5:91:c7:02
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIAT7v6KXZFMkfZGc7bypUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiY2JmNzQ4ZTlmNDk5ODY4NWQwYzk2NWQyZGZkZjBmMzYy
YTUwNTIwHhcNMjQwMTAyMDIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODdmNmZjYTBlMzFiNDZhOTNjNjlmNjlmYWYxYTI2MTI4OTIwNDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYHkgUi1D5bXCINiTpRZQK86ub3I
7hmkNhJeTW3I2LzJt6n+dWnKgcPoLTY7lSIl2YLYqBQUgXAoHVpRbUZJI8X9EKKG
9+HHXwxEo6u9liJr4SEEJAzsQ1h3KA5Stn5qtj44r4Agw15+a2uwepNokaUJcjcv
16pYDGJ+Os2aVOJKnFuS5FapyEY5yCxxuEeV7B3C0Kx7jrf5RGKKHtRZ3VaRH23J
bsy24CjOh5w/h9pgOnyTce1f2jrc1oE9wh6gWN+0AeJZ5qTuOpXSnc1x7SieYFB0
AZ4i0f7CiI0ChoCSuIguevWuD/9R6cTqiJZA7Ranwk3BUr5JorFHcpuGVQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMh/b8oOMbRqk8afafrxomEokgRGMB8GA1UdIwQY
MBaAFAvL90jp9JmGhdDJZdLf3w82KlBSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzh2M1NPbjBtWWFGME1sbDB0X2ZEellxVUZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9lMjIxOTItYmUwMC00OGMwLWE3MTEt
N2Y5NmM5ZjA1ZjU0LzEveUg5dnlnNHh0R3FUeHA5cC12R2lZU2lTQkVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9lMjIxOTItYmUwMC00OGMwLWE3MTEtN2Y5NmM5ZjA1ZjU0
LzEvQzh2M1NPbjBtWWFGME1sbDB0X2ZEellxVUZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQGW2sAAwQD
X4DwAwQAuSH0AwQAuSH2MA0GCSqGSIb3DQEBCwUAA4IBAQCHTOVMQRENx4CoJDmd
8O60PXpgIYg9TM6SsdQpahbnmavEdPC9X+McfGL1osr8+g43f7D4GEipOVeet51R
Cu+ZdKiBvNmrbz3AMCnv0nhGXW9SxY2oXtpGpV5SsticJCtK8YKXBapr1vcMTxeK
dTZPyeel2I05nMUiOnhC4e4zIDpIflLenQDa3HCNu8ODoOTXpi3npfQKahjcgjbI
GknAkblnMVTle4k/wiXxK+JAsxTIJl8jg5jKco4O6/U9363wOvZuvZ/zIhlF1WeH
xty3WCS+sXEYHn+JXPDVw4udn6G8P65TIU5lG99E8YvJXXSGD8EcONfQhq8Tula1
kccC
-----END CERTIFICATE-----
Generated at Sun May 19 05:08:18 2024 by rpki-client on console-fra.rpki-client.org