Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/YpZRclXp1TgnHUqsbvs99TZsRCk.roa
File: YpZRclXp1TgnHUqsbvs99TZsRCk.roa (raw, json)
Hash identifier: Q+vYIt1OwhGOUtQ2tMT2GJfddEq8WWKxmv0yzW9afpc=
Subject key identifier: 62:96:51:72:55:E9:D5:38:27:1D:4A:AC:6E:FB:3D:F5:36:6C:44:29
Certificate issuer: /CN=542f633f76e8d8aaeaa32b5ace16a3db3943d80c
Certificate serial: 018F147FED34BE5232C984C35A7C135ADF7D
Authority key identifier: 54:2F:63:3F:76:E8:D8:AA:EA:A3:2B:5A:CE:16:A3:DB:39:43:D8:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VC9jP3bo2Krqoytazhaj2zlD2Aw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/YpZRclXp1TgnHUqsbvs99TZsRCk.roa
Signing time: Thu 25 Apr 2024 09:04:39 +0000
ROA not before: Thu 25 Apr 2024 09:04:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 65632
IP address blocks: 188.125.163.0/24 maxlen: 24
188.125.164.0/24 maxlen: 24
188.125.165.0/24 maxlen: 24
188.125.166.0/24 maxlen: 24
188.125.170.0/24 maxlen: 24
188.125.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/VC9jP3bo2Krqoytazhaj2zlD2Aw.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/VC9jP3bo2Krqoytazhaj2zlD2Aw.mft
rsync://rpki.ripe.net/repository/DEFAULT/VC9jP3bo2Krqoytazhaj2zlD2Aw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:14:7f:ed:34:be:52:32:c9:84:c3:5a:7c:13:5a:df:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=542f633f76e8d8aaeaa32b5ace16a3db3943d80c
Validity
Not Before: Apr 25 09:04:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6296517255e9d538271d4aac6efb3df5366c4429
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:45:f4:48:9e:0c:81:2a:69:7f:e9:e0:f1:b5:
98:93:1f:17:42:42:37:6e:2a:64:33:c8:93:13:3d:
7b:b9:4d:6b:4e:22:1d:2d:bd:5c:33:36:9c:ca:7f:
46:c0:38:52:bd:56:8d:32:66:75:cc:20:2a:5b:d4:
e8:ef:b3:c7:58:e6:3c:65:f7:d9:d5:ed:79:ed:a3:
03:66:33:9a:5d:3d:80:97:4c:5e:1e:5b:40:78:33:
26:a4:aa:2c:6e:1b:0c:a4:9c:31:ab:33:33:98:9d:
11:5d:22:b6:b3:b8:55:85:16:9f:35:06:5c:62:07:
33:f0:4e:69:1c:b3:ab:36:d3:7c:2f:dd:bd:b1:44:
76:f9:f8:18:04:31:23:ff:a7:15:49:13:9a:c9:d8:
80:a8:7f:6f:82:51:39:db:d2:cb:84:54:66:fb:07:
a7:22:7d:5e:17:dc:51:bf:94:8f:b4:35:db:ab:6e:
0d:fb:33:52:8a:7d:cf:9d:88:4c:5f:9b:2b:18:0e:
d4:29:c6:be:2b:48:e9:26:29:88:36:7c:bb:38:1b:
13:28:01:b7:55:d0:e9:2a:1b:c1:97:8b:bf:db:d2:
d7:96:09:cb:a8:5a:17:ba:92:d2:9f:93:2a:bd:21:
40:2a:cd:ef:04:69:b0:b9:d3:7e:58:25:82:ac:a5:
a0:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:96:51:72:55:E9:D5:38:27:1D:4A:AC:6E:FB:3D:F5:36:6C:44:29
X509v3 Authority Key Identifier:
keyid:54:2F:63:3F:76:E8:D8:AA:EA:A3:2B:5A:CE:16:A3:DB:39:43:D8:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VC9jP3bo2Krqoytazhaj2zlD2Aw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/YpZRclXp1TgnHUqsbvs99TZsRCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/VC9jP3bo2Krqoytazhaj2zlD2Aw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.125.163.0-188.125.166.255
188.125.170.0/24
188.125.174.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:08:91:12:41:ae:20:bb:e8:43:26:8e:dc:a7:fc:9c:32:44:
4b:66:af:e5:5c:7d:b6:1f:91:0e:52:e8:6e:e9:ec:11:c8:e4:
d2:93:b5:ca:6e:72:cb:9e:82:4e:17:62:57:57:b4:02:ad:e1:
4e:66:49:e4:4e:e5:a3:77:27:5d:e4:83:b8:12:24:92:91:67:
60:8e:a1:6a:95:35:ec:bc:1a:7a:9e:d8:3e:d2:cd:8b:ee:9b:
bd:d6:a5:5f:ca:a8:45:37:fe:6d:f6:62:2e:0a:98:9a:d7:35:
98:95:77:15:66:32:97:65:7f:60:85:76:9e:95:47:1e:81:eb:
ed:b9:11:01:30:5e:c0:9e:a5:32:77:40:75:91:bd:da:26:c7:
c5:c3:40:72:61:bb:d5:94:1c:43:a9:7f:d7:bf:ba:a2:23:bd:
76:5f:12:f9:23:16:4c:65:57:06:da:e3:57:b3:84:c0:0c:5f:
82:78:b1:4d:44:f7:4a:42:51:d8:3b:19:33:34:54:30:5c:84:
2f:c0:22:79:fe:e6:c2:91:ee:16:0f:94:6f:f5:74:84:29:96:
ba:39:c1:37:4f:2a:5e:3c:85:60:f5:be:82:d1:e0:72:6b:1d:
49:6e:16:3b:e5:1c:8c:65:88:51:d6:8f:a5:6d:94:56:a9:57:
af:dc:36:36
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY8Uf+00vlIyyYTDWnwTWt99MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MmY2MzNmNzZlOGQ4YWFlYWEzMmI1YWNlMTZhM2RiMzk0
M2Q4MGMwHhcNMjQwNDI1MDkwNDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Mjk2NTE3MjU1ZTlkNTM4MjcxZDRhYWM2ZWZiM2RmNTM2NmM0NDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykX0SJ4MgSppf+ng8bWYkx8XQkI3
bipkM8iTEz17uU1rTiIdLb1cMzacyn9GwDhSvVaNMmZ1zCAqW9To77PHWOY8ZffZ
1e157aMDZjOaXT2Al0xeHltAeDMmpKosbhsMpJwxqzMzmJ0RXSK2s7hVhRafNQZc
Ygcz8E5pHLOrNtN8L929sUR2+fgYBDEj/6cVSROaydiAqH9vglE529LLhFRm+wen
In1eF9xRv5SPtDXbq24N+zNSin3PnYhMX5srGA7UKca+K0jpJimINny7OBsTKAG3
VdDpKhvBl4u/29LXlgnLqFoXupLSn5MqvSFAKs3vBGmwudN+WCWCrKWg3wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFGKWUXJV6dU4Jx1KrG77PfU2bEQpMB8GA1UdIwQY
MBaAFFQvYz926Niq6qMrWs4Wo9s5Q9gMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkM5alAzYm8yS3Jxb3l0YXpoYWoyemxEMkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9kNmI4NzQtYWVhOC00YjdlLWIwZDIt
NjliOTUzYzlkNWFhLzEvWXBaUmNsWHAxVGduSFVxc2J2czk5VFpzUkNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9kNmI4NzQtYWVhOC00YjdlLWIwZDItNjliOTUzYzlkNWFh
LzEvVkM5alAzYm8yS3Jxb3l0YXpoYWoyemxEMkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAC8faMD
BAC8faYDBAC8faoDBAC8fa4wDQYJKoZIhvcNAQELBQADggEBALsIkRJBriC76EMm
jtyn/JwyREtmr+VcfbYfkQ5S6G7p7BHI5NKTtcpucsuegk4XYldXtAKt4U5mSeRO
5aN3J13kg7gSJJKRZ2COoWqVNey8Gnqe2D7SzYvum73WpV/KqEU3/m32Yi4KmJrX
NZiVdxVmMpdlf2CFdp6VRx6B6+25EQEwXsCepTJ3QHWRvdomx8XDQHJhu9WUHEOp
f9e/uqIjvXZfEvkjFkxlVwba41ezhMAMX4J4sU1E90pCUdg7GTM0VDBchC/AInn+
5sKR7hYPlG/1dIQplro5wTdPKl48hWD1voLR4HJrHUluFjvlHIxliFHWj6VtlFap
V6/cNjY=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:19:42 2024 by rpki-client on console-ams.rpki-client.org