Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/PNvtjAWcYGneyTNmWk3dJIikmRI.roa
File: PNvtjAWcYGneyTNmWk3dJIikmRI.roa (raw, json)
Hash identifier: PQ1A15EMRMXXjtaY/IFN7Mc5yBR/fpSi6w/MHp8oydA=
Subject key identifier: 3C:DB:ED:8C:05:9C:60:69:DE:C9:33:66:5A:4D:DD:24:88:A4:99:12
Certificate issuer: /CN=61c68268743e823e0e1c870060c0a14223f151eb
Certificate serial: 018CC8DF57625E7CCF625A8523AD2455933A
Authority key identifier: 61:C6:82:68:74:3E:82:3E:0E:1C:87:00:60:C0:A1:42:23:F1:51:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/PNvtjAWcYGneyTNmWk3dJIikmRI.roa
Signing time: Tue 02 Jan 2024 06:32:09 +0000
ROA not before: Tue 02 Jan 2024 06:32:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34749
IP address blocks: 93.94.160.0/21 maxlen: 24
193.168.50.0/24 maxlen: 24
2a00:ea80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.mft
rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:57:62:5e:7c:cf:62:5a:85:23:ad:24:55:93:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61c68268743e823e0e1c870060c0a14223f151eb
Validity
Not Before: Jan 2 06:32:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3cdbed8c059c6069dec933665a4ddd2488a49912
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:e0:1b:f0:1e:99:16:82:e4:80:60:ad:8e:e0:
1e:8e:d7:2a:80:16:ce:82:4c:01:30:25:7b:9c:7a:
4f:ba:ce:aa:33:ab:3b:23:49:a4:db:e9:0a:bd:89:
5d:f7:a5:3b:63:02:2e:c1:5b:24:bb:c8:fb:5e:4c:
07:f7:f8:be:47:90:7e:83:d3:22:b2:80:b4:f8:a1:
1b:0a:68:be:9b:53:fa:6c:ae:bc:36:47:b1:bc:4a:
e7:1c:ac:f2:d1:b0:02:62:67:23:54:7c:71:76:e9:
c7:38:ee:58:ae:dc:f1:81:96:8d:ba:3d:5d:1a:e1:
d4:9d:b1:4e:ce:eb:95:e1:da:f8:da:8d:66:8b:53:
2b:79:af:e2:a3:a7:f2:84:68:71:e1:ba:5c:1c:b9:
88:57:58:8a:a9:62:be:c0:45:70:f9:d4:20:1d:ac:
cc:5a:e8:1a:3d:9b:11:1e:c5:4a:66:7e:8d:e6:0e:
ac:e9:5e:3a:b3:40:40:8d:a9:85:2b:de:f8:89:3f:
d6:cb:3c:7b:b5:47:9e:99:09:1e:5c:e8:b4:8d:b4:
49:cd:50:f2:12:a8:2d:b0:92:69:60:8d:31:04:5b:
76:65:af:58:45:b8:e0:33:6d:f4:0d:18:c4:3f:60:
c2:22:a9:2b:6b:58:a9:72:90:b3:4e:cc:41:ef:79:
4f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:DB:ED:8C:05:9C:60:69:DE:C9:33:66:5A:4D:DD:24:88:A4:99:12
X509v3 Authority Key Identifier:
keyid:61:C6:82:68:74:3E:82:3E:0E:1C:87:00:60:C0:A1:42:23:F1:51:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YcaCaHQ-gj4OHIcAYMChQiPxUes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/PNvtjAWcYGneyTNmWk3dJIikmRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/62641c-3444-4425-bf51-6d05c0d0da6f/1/YcaCaHQ-gj4OHIcAYMChQiPxUes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.94.160.0/21
193.168.50.0/24
IPv6:
2a00:ea80::/32
Signature Algorithm: sha256WithRSAEncryption
8c:6e:3f:35:f6:d3:e6:1f:47:68:7a:98:4b:fa:77:05:f6:6d:
c1:3b:96:13:e5:2c:3b:ab:fa:ea:00:27:e7:6e:f0:8f:91:22:
fc:12:de:92:62:6d:ad:c4:2d:77:6f:92:13:8d:5d:e2:1d:0a:
ef:74:2e:ee:f9:37:2e:89:4a:4b:4a:64:f1:e4:b3:ef:f6:70:
07:75:2c:8b:ec:31:cb:fc:9c:88:43:da:a3:07:33:85:18:fb:
a1:1f:96:05:29:e4:b8:b6:97:d6:49:2e:ae:51:cb:29:4d:66:
ad:eb:f0:57:8d:0f:86:f7:ee:43:66:47:6c:f4:b8:df:15:b0:
80:40:10:8a:f8:3c:c0:f0:76:ba:f4:55:eb:71:ce:e9:d6:f1:
e8:4c:ce:de:f5:79:2f:c5:6a:69:58:6e:d7:c6:7b:31:a6:95:
79:f6:99:5e:58:0a:6d:3c:60:b4:d7:d8:6d:48:20:e7:ff:39:
ed:50:64:5f:50:6c:64:5a:23:c8:5f:0d:76:c2:93:5b:20:64:
59:b6:ed:0c:b7:25:4c:f0:f3:6a:6c:f8:73:f0:7c:2e:39:56:
c3:59:8a:0d:9e:bf:0f:76:f9:c8:34:5c:84:5e:ff:73:50:91:
29:2c:83:78:32:cd:3e:64:b4:54:7a:2c:79:1b:35:b0:9f:e7:
c4:13:b8:c5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzI31diXnzPYlqFI60kVZM6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYzY4MjY4NzQzZTgyM2UwZTFjODcwMDYwYzBhMTQyMjNm
MTUxZWIwHhcNMjQwMTAyMDYzMjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2RiZWQ4YzA1OWM2MDY5ZGVjOTMzNjY1YTRkZGQyNDg4YTQ5OTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOAb8B6ZFoLkgGCtjuAejtcqgBbO
gkwBMCV7nHpPus6qM6s7I0mk2+kKvYld96U7YwIuwVsku8j7XkwH9/i+R5B+g9Mi
soC0+KEbCmi+m1P6bK68NkexvErnHKzy0bACYmcjVHxxdunHOO5YrtzxgZaNuj1d
GuHUnbFOzuuV4dr42o1mi1Mrea/io6fyhGhx4bpcHLmIV1iKqWK+wEVw+dQgHazM
WugaPZsRHsVKZn6N5g6s6V46s0BAjamFK974iT/Wyzx7tUeemQkeXOi0jbRJzVDy
EqgtsJJpYI0xBFt2Za9YRbjgM230DRjEP2DCIqkra1ipcpCzTsxB73lPcwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDzb7YwFnGBp3skzZlpN3SSIpJkSMB8GA1UdIwQY
MBaAFGHGgmh0PoI+DhyHAGDAoUIj8VHrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi82MjY0MWMtMzQ0NC00NDI1LWJmNTEt
NmQwNWMwZDBkYTZmLzEvUE52dGpBV2NZR25leVRObVdrM2RKSWlrbVJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi82MjY0MWMtMzQ0NC00NDI1LWJmNTEtNmQwNWMwZDBkYTZm
LzEvWWNhQ2FIUS1najRPSEljQVlNQ2hRaVB4VWVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDXV6gAwQA
wagyMA0EAgACMAcDBQAqAOqAMA0GCSqGSIb3DQEBCwUAA4IBAQCMbj819tPmH0do
ephL+ncF9m3BO5YT5Sw7q/rqACfnbvCPkSL8Et6SYm2txC13b5ITjV3iHQrvdC7u
+TcuiUpLSmTx5LPv9nAHdSyL7DHL/JyIQ9qjBzOFGPuhH5YFKeS4tpfWSS6uUcsp
TWat6/BXjQ+G9+5DZkds9LjfFbCAQBCK+DzA8Ha69FXrcc7p1vHoTM7e9XkvxWpp
WG7XxnsxppV59pleWAptPGC019htSCDn/zntUGRfUGxkWiPIXw12wpNbIGRZtu0M
tyVM8PNqbPhz8HwuOVbDWYoNnr8PdvnINFyEXv9zUJEpLIN4Ms0+ZLRUeix5GzWw
n+fEE7jF
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:57:01 2024 by rpki-client on console-fra.rpki-client.org