Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Y9geqpNsiFqtz2Iv5qv91glDoYI.roa
File: Y9geqpNsiFqtz2Iv5qv91glDoYI.roa (raw, json)
Hash identifier: 0Zg6lVrTxjH0ZPncInq8A9ysuAXuPJzXVqCvryMOlBk=
Subject key identifier: 63:D8:1E:AA:93:6C:88:5A:AD:CF:62:2F:E6:AB:FD:D6:09:43:A1:82
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018CC8DE93270FC8394AF8B6FC1774B1B3A0
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Y9geqpNsiFqtz2Iv5qv91glDoYI.roa
Signing time: Tue 02 Jan 2024 06:31:18 +0000
ROA not before: Tue 02 Jan 2024 06:31:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211826
IP address blocks: 5.253.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:93:27:0f:c8:39:4a:f8:b6:fc:17:74:b1:b3:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 2 06:31:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63d81eaa936c885aadcf622fe6abfdd60943a182
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ca:75:4c:99:3f:85:38:81:b0:a8:26:60:75:
a4:5b:07:83:9a:32:40:96:81:15:35:36:f9:94:7a:
1e:c9:3b:5f:d8:19:62:9b:95:11:d2:60:6a:8f:b2:
5f:97:87:53:62:e6:41:12:dc:49:07:9f:f5:ed:08:
c1:48:c2:16:d4:c3:be:04:5e:a9:7c:40:32:8d:ca:
c1:3c:ec:8c:9f:e1:76:a0:c8:72:4d:a7:25:48:1a:
af:1d:4f:19:cf:cf:5f:a4:4f:94:38:60:c2:e0:d7:
3b:55:09:93:2a:9e:39:56:18:79:64:f6:4c:aa:80:
ef:eb:30:4c:56:bc:dd:38:c8:b9:04:39:a0:a9:91:
f6:7a:6f:80:77:96:a4:fb:6d:f2:e8:55:3c:15:75:
c9:c4:e0:9e:76:4f:2e:93:e0:dd:61:78:eb:62:fd:
75:f5:b5:a8:a9:62:f1:83:e3:8d:0b:ff:f6:dc:60:
8c:9c:3e:42:b9:b3:01:a5:2b:6a:fa:20:74:75:9e:
27:73:bf:28:8e:10:fe:04:a4:0d:65:40:71:9f:a0:
7b:6a:75:f2:81:d4:86:92:fb:d0:a8:8f:66:50:79:
0f:cb:08:a8:88:44:e8:94:0c:ef:a0:85:9f:0a:fa:
b5:ac:25:c7:c0:b8:4e:99:86:66:15:65:87:08:cf:
90:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:D8:1E:AA:93:6C:88:5A:AD:CF:62:2F:E6:AB:FD:D6:09:43:A1:82
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Y9geqpNsiFqtz2Iv5qv91glDoYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.46.0/24
Signature Algorithm: sha256WithRSAEncryption
60:c8:fa:78:b7:6c:d3:05:5b:65:c1:62:47:3d:9b:52:01:d3:
b7:d5:8d:cf:d9:d5:ce:a5:57:dc:43:ff:17:27:12:94:d8:71:
c6:82:07:fe:6e:dd:3b:75:5a:82:e4:20:bd:33:dc:96:23:c7:
69:a4:0c:aa:c6:57:4f:ce:80:2f:f0:df:02:fb:79:fa:8a:dd:
af:85:2c:90:38:74:03:e3:4c:87:5b:4d:ee:58:84:08:10:56:
ea:b8:65:3a:60:0b:97:be:92:75:d8:22:8a:b0:70:63:bd:c9:
6c:5e:32:99:7d:67:47:4a:48:ed:c3:d6:63:95:3d:4c:ef:c8:
fb:5f:c9:24:14:86:1f:69:e5:a0:c1:74:b3:bb:19:93:4c:4a:
1a:c1:1b:cc:a1:f4:2a:9d:33:5d:36:6e:c5:79:d5:83:c0:50:
af:58:c0:98:ab:e4:01:7d:79:9b:ef:9b:ea:93:0d:d3:dc:db:
9f:51:e7:48:01:39:64:0c:87:c9:dc:e5:b1:02:4a:66:a7:4c:
f9:cd:13:4a:98:5b:01:47:a9:0c:65:49:b1:39:dc:69:01:2f:
f5:73:d1:07:e0:02:3c:95:bd:0d:77:05:cb:ba:e9:66:48:8a:
04:6a:d2:dc:8d:06:61:bb:01:6c:4e:75:c6:99:00:ce:c3:8b:
fa:fb:52:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3pMnD8g5Svi2/Bd0sbOgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQwMTAyMDYzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2Q4MWVhYTkzNmM4ODVhYWRjZjYyMmZlNmFiZmRkNjA5NDNhMTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMp1TJk/hTiBsKgmYHWkWweDmjJA
loEVNTb5lHoeyTtf2Blim5UR0mBqj7Jfl4dTYuZBEtxJB5/17QjBSMIW1MO+BF6p
fEAyjcrBPOyMn+F2oMhyTaclSBqvHU8Zz89fpE+UOGDC4Nc7VQmTKp45Vhh5ZPZM
qoDv6zBMVrzdOMi5BDmgqZH2em+Ad5ak+23y6FU8FXXJxOCedk8uk+DdYXjrYv11
9bWoqWLxg+ONC//23GCMnD5CubMBpStq+iB0dZ4nc78ojhD+BKQNZUBxn6B7anXy
gdSGkvvQqI9mUHkPywioiETolAzvoIWfCvq1rCXHwLhOmYZmFWWHCM+QZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGPYHqqTbIharc9iL+ar/dYJQ6GCMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvWTlnZXFwTnNpRnF0ejJJdjVxdjkxZ2xEb1lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABf0uMA0G
CSqGSIb3DQEBCwUAA4IBAQBgyPp4t2zTBVtlwWJHPZtSAdO31Y3P2dXOpVfcQ/8X
JxKU2HHGggf+bt07dVqC5CC9M9yWI8dppAyqxldPzoAv8N8C+3n6it2vhSyQOHQD
40yHW03uWIQIEFbquGU6YAuXvpJ12CKKsHBjvclsXjKZfWdHSkjtw9ZjlT1M78j7
X8kkFIYfaeWgwXSzuxmTTEoawRvMofQqnTNdNm7FedWDwFCvWMCYq+QBfXmb75vq
kw3T3NufUedIATlkDIfJ3OWxAkpmp0z5zRNKmFsBR6kMZUmxOdxpAS/1c9EH4AI8
lb0NdwXLuulmSIoEatLcjQZhuwFsTnXGmQDOw4v6+1Jo
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:47:37 2024 by rpki-client on console-fra.rpki-client.org