Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/yntKueGdh_gRYfTjbFRGz4s6BD8.roa
File: yntKueGdh_gRYfTjbFRGz4s6BD8.roa (raw, json)
Hash identifier: 8wVmYZSgIm0dCsPvd2oqoO7MS+FukiT5t5Ke1EaX2FA=
Subject key identifier: CA:7B:4A:B9:E1:9D:87:F8:11:61:F4:E3:6C:54:46:CF:8B:3A:04:3F
Certificate issuer: /CN=a2d3f9bc9656badc26e7de1abb0fa72c3d728dd8
Certificate serial: 01941FFAADA91BDF8AC2DA50480768E0D45E
Authority key identifier: A2:D3:F9:BC:96:56:BA:DC:26:E7:DE:1A:BB:0F:A7:2C:3D:72:8D:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/otP5vJZWutwm594auw-nLD1yjdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/yntKueGdh_gRYfTjbFRGz4s6BD8.roa
Signing time: Wed 01 Jan 2025 03:48:29 +0000
ROA not before: Wed 01 Jan 2025 03:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51935
IP address blocks: 46.163.192.0/18 maxlen: 24
62.220.240.0/21 maxlen: 24
62.220.248.0/22 maxlen: 24
83.146.160.0/19 maxlen: 24
185.192.24.0/22 maxlen: 24
2a02:6fa0::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.mft
rsync://rpki.ripe.net/repository/DEFAULT/otP5vJZWutwm594auw-nLD1yjdg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:ad:a9:1b:df:8a:c2:da:50:48:07:68:e0:d4:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2d3f9bc9656badc26e7de1abb0fa72c3d728dd8
Validity
Not Before: Jan 1 03:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca7b4ab9e19d87f81161f4e36c5446cf8b3a043f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:2a:87:68:9b:af:c6:6d:47:30:63:3f:80:3e:
9a:2d:f1:e4:c4:34:c9:2d:7d:db:c8:10:05:2c:a1:
80:d6:67:fc:67:2f:fc:c3:87:36:f8:46:26:8e:28:
d0:73:ab:4f:ab:2b:62:29:63:6c:bf:58:1b:4b:a2:
87:f1:29:ad:8e:f9:90:37:54:c4:75:3a:40:2f:e9:
f7:b0:89:0c:0f:c2:f7:b9:ed:59:b6:12:a6:a5:5a:
6e:ec:01:0a:28:eb:4d:f9:ff:85:c0:f9:47:76:84:
e1:d1:ee:be:f6:bc:55:b8:8b:88:4a:39:d0:ad:8f:
54:86:ab:84:57:54:ee:2c:26:96:30:be:b1:a5:86:
07:ff:3c:61:75:b3:a7:94:7f:f4:a6:ab:b8:c2:24:
25:f2:35:63:2b:9f:d7:c5:cc:21:71:59:20:cb:ab:
47:95:73:9b:b8:82:c7:4b:ce:83:08:ef:2a:45:f5:
da:e2:48:05:04:35:d9:4d:41:97:21:8a:c0:43:c2:
f6:60:6d:84:41:32:6a:58:6d:1c:12:5a:20:cd:10:
88:6b:ce:5d:eb:9f:54:af:2a:db:bc:e7:e4:83:65:
41:1a:c9:73:ae:98:c2:99:9c:ed:ba:f1:c7:84:06:
d2:f0:dd:09:31:32:c9:85:1b:79:e5:8d:06:43:a1:
30:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:7B:4A:B9:E1:9D:87:F8:11:61:F4:E3:6C:54:46:CF:8B:3A:04:3F
X509v3 Authority Key Identifier:
keyid:A2:D3:F9:BC:96:56:BA:DC:26:E7:DE:1A:BB:0F:A7:2C:3D:72:8D:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/otP5vJZWutwm594auw-nLD1yjdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/yntKueGdh_gRYfTjbFRGz4s6BD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/68fd0f-2b87-4704-a32f-d711e84c29a1/1/otP5vJZWutwm594auw-nLD1yjdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.163.192.0/18
62.220.240.0-62.220.251.255
83.146.160.0/19
185.192.24.0/22
IPv6:
2a02:6fa0::/32
Signature Algorithm: sha256WithRSAEncryption
71:35:54:34:c6:e9:90:7b:1a:c1:31:49:ff:37:11:d6:0e:da:
21:f2:70:15:19:08:29:3e:bb:3e:52:b4:ca:18:c2:c9:38:93:
98:82:63:8c:d5:80:de:08:a5:b5:84:c2:2d:6a:b6:36:c5:50:
6c:2b:f0:d2:65:1a:b5:c5:aa:c0:c2:e0:b5:87:78:0d:01:94:
e7:0e:4a:c4:c4:17:44:81:3f:c2:ea:6d:82:7f:ae:c7:a1:0e:
ab:80:5e:ed:ee:84:13:31:90:b2:62:dc:93:d3:5d:cc:c3:10:
46:ec:30:e1:57:c3:52:db:9c:b2:a2:c2:11:2d:45:2e:4f:c3:
74:69:31:4e:ba:27:93:aa:85:12:3d:65:c9:b2:73:44:1e:db:
2b:3b:fb:ff:92:40:ae:3c:e7:ef:ea:89:75:25:a9:62:ab:28:
6f:33:89:39:29:3e:3a:3e:81:fe:ca:eb:2d:72:1b:28:f3:30:
76:a6:e1:17:2d:7d:a4:f8:d6:69:04:af:83:ed:ee:ef:d9:6e:
a6:49:c9:52:dd:53:94:c5:42:0b:bb:a6:e5:01:ee:ab:ad:3f:
50:b6:af:33:e7:b8:5b:ea:82:b1:67:66:b9:45:ab:bd:2e:af:
62:d8:31:78:26:62:0e:64:98:bb:49:33:c8:89:36:36:7c:ec:
99:e3:00:80
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZQf+q2pG9+KwtpQSAdo4NReMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZDNmOWJjOTY1NmJhZGMyNmU3ZGUxYWJiMGZhNzJjM2Q3
MjhkZDgwHhcNMjUwMTAxMDM0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTdiNGFiOWUxOWQ4N2Y4MTE2MWY0ZTM2YzU0NDZjZjhiM2EwNDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyqHaJuvxm1HMGM/gD6aLfHkxDTJ
LX3byBAFLKGA1mf8Zy/8w4c2+EYmjijQc6tPqytiKWNsv1gbS6KH8SmtjvmQN1TE
dTpAL+n3sIkMD8L3ue1ZthKmpVpu7AEKKOtN+f+FwPlHdoTh0e6+9rxVuIuISjnQ
rY9UhquEV1TuLCaWML6xpYYH/zxhdbOnlH/0pqu4wiQl8jVjK5/XxcwhcVkgy6tH
lXObuILHS86DCO8qRfXa4kgFBDXZTUGXIYrAQ8L2YG2EQTJqWG0cElogzRCIa85d
659UryrbvOfkg2VBGslzrpjCmZztuvHHhAbS8N0JMTLJhRt55Y0GQ6EwOQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFMp7SrnhnYf4EWH042xURs+LOgQ/MB8GA1UdIwQY
MBaAFKLT+byWVrrcJufeGrsPpyw9co3YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3RQNXZKWld1dHdtNTk0YXV3LW5MRDF5amRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82OGZkMGYtMmI4Ny00NzA0LWEzMmYt
ZDcxMWU4NGMyOWExLzEveW50S3VlR2RoX2dSWWZUamJGUkd6NHM2QkQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82OGZkMGYtMmI4Ny00NzA0LWEzMmYtZDcxMWU4NGMyOWEx
LzEvb3RQNXZKWld1dHdtNTk0YXV3LW5MRDF5amRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQGLqPAMAwD
BAQ+3PADBAI+3PgDBAVTkqADBAK5wBgwDQQCAAIwBwMFACoCb6AwDQYJKoZIhvcN
AQELBQADggEBAHE1VDTG6ZB7GsExSf83EdYO2iHycBUZCCk+uz5StMoYwsk4k5iC
Y4zVgN4IpbWEwi1qtjbFUGwr8NJlGrXFqsDC4LWHeA0BlOcOSsTEF0SBP8LqbYJ/
rsehDquAXu3uhBMxkLJi3JPTXczDEEbsMOFXw1LbnLKiwhEtRS5Pw3RpMU66J5Oq
hRI9Zcmyc0Qe2ys7+/+SQK485+/qiXUlqWKrKG8ziTkpPjo+gf7K6y1yGyjzMHam
4RctfaT41mkEr4Pt7u/ZbqZJyVLdU5TFQgu7puUB7qutP1C2rzPnuFvqgrFnZrlF
q70ur2LYMXgmYg5kmLtJM8iJNjZ87JnjAIA=
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:47:31 2025 by rpki-client