Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/6f6826-1aad-4c3c-bd91-cca37e2f2729/1/Y9P3hSad8vS4uuTkIxHYXtTLWI0.roa
File: Y9P3hSad8vS4uuTkIxHYXtTLWI0.roa (raw, json)
Hash identifier: ue1k1PmID0axCmqSpG8cblSc2fYzE2n2sSN0QO8yDRk=
Subject key identifier: 63:D3:F7:85:26:9D:F2:F4:B8:BA:E4:E4:23:11:D8:5E:D4:CB:58:8D
Certificate issuer: /CN=f826ffe96cdc41efaa8bfb3125862d6594be9827
Certificate serial: 018E3D6D1E6AB725FCE5E831BCE9D10FA099
Authority key identifier: F8:26:FF:E9:6C:DC:41:EF:AA:8B:FB:31:25:86:2D:65:94:BE:98:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Cb_6WzcQe-qi_sxJYYtZZS-mCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/6f6826-1aad-4c3c-bd91-cca37e2f2729/1/Y9P3hSad8vS4uuTkIxHYXtTLWI0.roa
Signing time: Thu 14 Mar 2024 14:45:44 +0000
ROA not before: Thu 14 Mar 2024 14:45:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207592
IP address blocks: 134.76.0.0/16 maxlen: 16
134.76.175.0/24 maxlen: 24
195.12.38.0/24 maxlen: 24
2a06:93c0::/29 maxlen: 29
2a06:93c0::/48 maxlen: 48
2a06:93c0:1::/48 maxlen: 48
2a06:93c0:2::/48 maxlen: 48
2a06:93c0:3::/48 maxlen: 48
2a06:93c1:129::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/6f6826-1aad-4c3c-bd91-cca37e2f2729/1/1-Cb_6WzcQe-qi_sxJYYtZZS-mCc.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/6f6826-1aad-4c3c-bd91-cca37e2f2729/1/1-Cb_6WzcQe-qi_sxJYYtZZS-mCc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-Cb_6WzcQe-qi_sxJYYtZZS-mCc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 17:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3d:6d:1e:6a:b7:25:fc:e5:e8:31:bc:e9:d1:0f:a0:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f826ffe96cdc41efaa8bfb3125862d6594be9827
Validity
Not Before: Mar 14 14:45:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63d3f785269df2f4b8bae4e42311d85ed4cb588d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ef:db:cf:6e:c4:52:5f:53:bb:b2:e3:47:f2:
7d:99:e0:55:60:d3:f2:2f:62:2e:aa:fa:8d:f3:0b:
ac:54:cc:ee:32:24:a3:37:5f:2f:11:8b:cc:c4:df:
2f:d4:c2:e7:58:71:8d:de:57:db:8c:7b:8f:5f:bc:
c8:a2:c7:d5:4f:e6:0d:75:11:be:db:0b:78:12:0d:
be:b6:6a:a6:80:f3:bb:78:f6:81:07:35:be:b9:5b:
09:b2:c0:8f:2b:de:e2:ad:21:79:42:b2:5a:09:dc:
46:a5:19:35:6f:de:16:57:29:b1:82:25:3e:fd:3f:
dc:12:ac:49:21:63:f8:b3:4b:9e:a0:bc:88:ca:b2:
0c:9e:b1:e9:cf:b3:29:1d:3c:d9:fc:ea:ad:31:39:
07:17:7f:b0:74:1b:1a:99:13:60:ca:c0:b5:d6:ce:
83:d7:31:78:15:e6:87:40:a6:a4:c0:d7:13:58:49:
d5:3d:f9:79:5a:d0:39:63:a5:28:55:2c:38:f9:42:
3b:ad:9c:98:23:16:71:29:35:85:0b:fb:84:2d:43:
db:16:d4:5d:24:ea:95:69:c0:ca:6b:6f:6d:42:95:
71:eb:34:3b:09:6e:12:c6:c8:ac:89:f1:a3:46:77:
5f:d2:94:ac:61:a6:96:ad:d5:cf:27:12:01:c5:90:
d5:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:D3:F7:85:26:9D:F2:F4:B8:BA:E4:E4:23:11:D8:5E:D4:CB:58:8D
X509v3 Authority Key Identifier:
keyid:F8:26:FF:E9:6C:DC:41:EF:AA:8B:FB:31:25:86:2D:65:94:BE:98:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Cb_6WzcQe-qi_sxJYYtZZS-mCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6f6826-1aad-4c3c-bd91-cca37e2f2729/1/Y9P3hSad8vS4uuTkIxHYXtTLWI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6f6826-1aad-4c3c-bd91-cca37e2f2729/1/1-Cb_6WzcQe-qi_sxJYYtZZS-mCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.76.0.0/16
195.12.38.0/24
IPv6:
2a06:93c0::/29
Signature Algorithm: sha256WithRSAEncryption
b2:69:6d:aa:63:c3:ea:11:45:3b:84:a1:a3:3d:01:94:90:f4:
06:dd:e3:cc:0a:05:b6:91:74:0c:72:10:73:f3:33:ca:70:c6:
23:54:01:19:3d:e5:ae:0f:c9:3e:ab:c7:c2:af:79:e9:aa:89:
41:7a:75:41:50:56:3d:f7:18:c0:6a:eb:7c:ac:3a:13:ff:0d:
98:de:d5:a7:01:e7:cb:1a:87:28:5b:64:bf:46:78:05:15:30:
1b:c7:e0:4e:bd:d4:f6:63:ac:66:c4:81:10:8e:20:36:ee:a3:
9f:f6:7d:28:d7:39:ad:3b:80:97:f1:88:21:11:26:44:7d:c3:
95:66:de:56:95:9e:12:5e:81:fd:7b:95:a8:ac:d4:a8:7d:37:
8c:8c:d5:99:ca:6d:02:dd:3e:bf:14:84:d3:07:63:9a:04:4f:
81:79:11:cd:10:21:cb:1d:87:5d:da:f2:f1:91:27:ad:b9:d6:
ac:72:30:fc:0e:43:4d:6a:a1:18:24:ad:81:7c:ed:8d:dc:5c:
a8:d3:70:fd:8d:12:2a:37:0c:25:0c:a1:6b:d7:ae:21:f4:85:
3c:f0:89:67:1a:75:9e:b8:0f:d5:bc:fa:02:87:42:70:f0:fe:
da:5d:9a:9c:43:8c:4a:87:c5:cf:c7:72:1d:0d:22:a5:a7:c4:
9f:64:cc:8e
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY49bR5qtyX85egxvOnRD6CZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MjZmZmU5NmNkYzQxZWZhYThiZmIzMTI1ODYyZDY1OTRi
ZTk4MjcwHhcNMjQwMzE0MTQ0NTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2QzZjc4NTI2OWRmMmY0YjhiYWU0ZTQyMzExZDg1ZWQ0Y2I1ODhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmO/bz27EUl9Tu7LjR/J9meBVYNPy
L2IuqvqN8wusVMzuMiSjN18vEYvMxN8v1MLnWHGN3lfbjHuPX7zIosfVT+YNdRG+
2wt4Eg2+tmqmgPO7ePaBBzW+uVsJssCPK97irSF5QrJaCdxGpRk1b94WVymxgiU+
/T/cEqxJIWP4s0ueoLyIyrIMnrHpz7MpHTzZ/OqtMTkHF3+wdBsamRNgysC11s6D
1zF4FeaHQKakwNcTWEnVPfl5WtA5Y6UoVSw4+UI7rZyYIxZxKTWFC/uELUPbFtRd
JOqVacDKa29tQpVx6zQ7CW4SxsisifGjRndf0pSsYaaWrdXPJxIBxZDVyQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFGPT94UmnfL0uLrk5CMR2F7Uy1iNMB8GA1UdIwQY
MBaAFPgm/+ls3EHvqov7MSWGLWWUvpgnMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1DYl82V3pjUWUtcWlfc3hKWVl0WlpTLW1DYy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjIvNmY2ODI2LTFhYWQtNGMzYy1iZDkx
LWNjYTM3ZTJmMjcyOS8xL1k5UDNoU2FkOHZTNHV1VGtJeEhZWHRUTFdJMC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjIvNmY2ODI2LTFhYWQtNGMzYy1iZDkxLWNjYTM3ZTJmMjcy
OS8xLzEtQ2JfNld6Y1FlLXFpX3N4SllZdFpaUy1tQ2MuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMwYIKwYBBQUHAQcBAf8EJDAiMBEEAgABMAsDAwCGTAME
AMMMJjANBAIAAjAHAwUDKgaTwDANBgkqhkiG9w0BAQsFAAOCAQEAsmltqmPD6hFF
O4Shoz0BlJD0Bt3jzAoFtpF0DHIQc/MzynDGI1QBGT3lrg/JPqvHwq956aqJQXp1
QVBWPfcYwGrrfKw6E/8NmN7VpwHnyxqHKFtkv0Z4BRUwG8fgTr3U9mOsZsSBEI4g
Nu6jn/Z9KNc5rTuAl/GIIREmRH3DlWbeVpWeEl6B/XuVqKzUqH03jIzVmcptAt0+
vxSE0wdjmgRPgXkRzRAhyx2HXdry8ZEnrbnWrHIw/A5DTWqhGCStgXztjdxcqNNw
/Y0SKjcMJQyha9euIfSFPPCJZxp1nrgP1bz6AodCcPD+2l2anEOMSofFz8dyHQ0i
pafEn2TMjg==
-----END CERTIFICATE-----
Generated at Sat May 18 00:24:21 2024 by rpki-client on console-fra.rpki-client.org