Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/810b0e-10de-43d2-9d27-4c26ca4c77b8/1/yDuyzpz8V6tUO4ypI5JTC6olznI.roa
File: yDuyzpz8V6tUO4ypI5JTC6olznI.roa (raw, json)
Hash identifier: sU3cGzXohhd2L4NE5eSM/HxBFPvYLSbJIsZgY+b3IeU=
Subject key identifier: C8:3B:B2:CE:9C:FC:57:AB:54:3B:8C:A9:23:92:53:0B:AA:25:CE:72
Certificate issuer: /CN=fb357f291af4a4c6747b3e4fbe61181d357c8bcc
Certificate serial: 018D64489B2906DD045EE930DC079AEEEB90
Authority key identifier: FB:35:7F:29:1A:F4:A4:C6:74:7B:3E:4F:BE:61:18:1D:35:7C:8B:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zV_KRr0pMZ0ez5PvmEYHTV8i8w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/810b0e-10de-43d2-9d27-4c26ca4c77b8/1/yDuyzpz8V6tUO4ypI5JTC6olznI.roa
Signing time: Thu 01 Feb 2024 10:48:16 +0000
ROA not before: Thu 01 Feb 2024 10:48:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200424
IP address blocks: 45.92.56.0/22 maxlen: 24
45.128.240.0/22 maxlen: 24
185.107.144.0/22 maxlen: 24
2a06:42c0::/29 maxlen: 32
2a0e:1ec0::/29 maxlen: 32
2a0f:79c0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/810b0e-10de-43d2-9d27-4c26ca4c77b8/1/1-zV_KRr0pMZ0ez5PvmEYHTV8i8w.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/810b0e-10de-43d2-9d27-4c26ca4c77b8/1/1-zV_KRr0pMZ0ez5PvmEYHTV8i8w.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-zV_KRr0pMZ0ez5PvmEYHTV8i8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:64:48:9b:29:06:dd:04:5e:e9:30:dc:07:9a:ee:eb:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb357f291af4a4c6747b3e4fbe61181d357c8bcc
Validity
Not Before: Feb 1 10:48:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c83bb2ce9cfc57ab543b8ca92392530baa25ce72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c0:76:3c:94:3e:28:b5:22:61:8d:1d:2e:bd:
57:22:12:dc:05:95:0a:81:b4:78:df:43:39:bb:dc:
71:50:4f:1b:5c:d2:2c:7b:f2:d0:18:c2:2b:c3:63:
44:f2:a7:0a:8e:b6:1b:f2:9b:81:5e:ac:35:4d:4e:
df:3f:a8:1e:07:bc:0a:c5:e0:30:f4:49:99:93:5c:
ac:5c:97:58:e1:0a:1e:03:8c:60:51:c5:32:95:7a:
e7:cf:e0:9c:f8:df:ee:d8:a1:e8:86:31:b1:44:81:
45:26:97:80:29:ed:32:b0:03:dc:1c:20:4f:4e:7a:
b0:4a:81:b0:0e:cd:1e:f9:99:24:77:03:4d:e8:10:
60:ba:99:ca:09:f5:b0:20:0c:a0:bb:3d:73:76:31:
2c:f4:0f:6f:2d:7f:25:41:ea:ef:d9:10:da:07:2e:
97:7e:c5:ab:88:e1:10:c7:f9:f2:9b:3f:bf:71:c8:
d7:6a:83:04:df:26:a0:45:0b:49:cc:65:a6:1a:11:
58:43:f4:e9:ce:58:17:e6:5f:a6:eb:a1:cc:4e:19:
c6:e4:78:63:c8:ee:86:1d:fa:ff:41:48:56:95:ca:
10:70:84:cf:8e:ef:5a:8e:e2:7b:d7:65:be:df:a8:
4e:90:58:7d:5a:6a:4b:94:be:90:32:95:ae:8e:8a:
25:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:3B:B2:CE:9C:FC:57:AB:54:3B:8C:A9:23:92:53:0B:AA:25:CE:72
X509v3 Authority Key Identifier:
keyid:FB:35:7F:29:1A:F4:A4:C6:74:7B:3E:4F:BE:61:18:1D:35:7C:8B:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zV_KRr0pMZ0ez5PvmEYHTV8i8w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/810b0e-10de-43d2-9d27-4c26ca4c77b8/1/yDuyzpz8V6tUO4ypI5JTC6olznI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/810b0e-10de-43d2-9d27-4c26ca4c77b8/1/1-zV_KRr0pMZ0ez5PvmEYHTV8i8w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.56.0/22
45.128.240.0/22
185.107.144.0/22
IPv6:
2a06:42c0::/29
2a0e:1ec0::/29
2a0f:79c0::/29
Signature Algorithm: sha256WithRSAEncryption
00:d1:d4:82:42:11:0c:b0:90:12:9b:fa:89:6f:41:d9:cb:ac:
2f:87:b8:01:44:a8:41:dc:5b:e6:fd:3e:4e:c0:24:41:e0:05:
32:82:fe:9e:e2:5b:39:5f:9b:02:d3:6e:9a:24:c8:f3:e7:71:
fe:11:af:7b:53:92:f2:06:71:57:e8:16:e2:34:8b:90:c4:02:
fb:62:30:71:8a:6b:33:a0:1a:b5:03:64:5a:de:c2:fb:99:26:
eb:f6:78:41:c3:21:34:81:a9:58:00:45:3f:71:16:d1:72:9b:
f0:17:b6:16:73:ba:56:a3:f5:cd:f7:5b:3b:29:9f:2c:67:78:
37:04:15:3f:bc:c5:fb:e4:77:30:20:8f:0a:cc:fd:2e:89:21:
00:ec:3c:ab:fd:f0:68:5a:ac:f1:9a:b2:f3:9e:35:d2:82:61:
fe:7e:18:1d:b8:6c:1c:f5:7a:e2:93:af:24:b7:cb:49:c4:7d:
c6:8d:a2:1e:78:8b:a6:00:e8:7e:4a:35:ee:f9:79:8b:59:ca:
83:80:dc:07:6e:ee:97:56:d7:3c:78:e8:6c:d9:14:a9:24:1b:
94:9b:19:2f:b3:c2:49:8b:1f:21:57:3b:5a:df:2b:be:8a:db:
83:7d:5a:3f:d3:89:0f:55:09:d9:e6:7f:5d:20:00:02:84:54:
fd:09:e7:83
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAY1kSJspBt0EXukw3Aea7uuQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMzU3ZjI5MWFmNGE0YzY3NDdiM2U0ZmJlNjExODFkMzU3
YzhiY2MwHhcNMjQwMjAxMTA0ODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODNiYjJjZTljZmM1N2FiNTQzYjhjYTkyMzkyNTMwYmFhMjVjZTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcB2PJQ+KLUiYY0dLr1XIhLcBZUK
gbR430M5u9xxUE8bXNIse/LQGMIrw2NE8qcKjrYb8puBXqw1TU7fP6geB7wKxeAw
9EmZk1ysXJdY4QoeA4xgUcUylXrnz+Cc+N/u2KHohjGxRIFFJpeAKe0ysAPcHCBP
TnqwSoGwDs0e+ZkkdwNN6BBgupnKCfWwIAyguz1zdjEs9A9vLX8lQerv2RDaBy6X
fsWriOEQx/nymz+/ccjXaoME3yagRQtJzGWmGhFYQ/TpzlgX5l+m66HMThnG5Hhj
yO6GHfr/QUhWlcoQcITPju9ajuJ712W+36hOkFh9WmpLlL6QMpWujool2wIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFMg7ss6c/FerVDuMqSOSUwuqJc5yMB8GA1UdIwQY
MBaAFPs1fyka9KTGdHs+T75hGB01fIvMMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS16Vl9LUnIwcE1aMGV6NVB2bUVZSFRWOGk4dy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjIvODEwYjBlLTEwZGUtNDNkMi05ZDI3
LTRjMjZjYTRjNzdiOC8xL3lEdXl6cHo4VjZ0VU80eXBJNUpUQzZvbHpuSS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjIvODEwYjBlLTEwZGUtNDNkMi05ZDI3LTRjMjZjYTRjNzdi
OC8xLzEtelZfS1JyMHBNWjBlejVQdm1FWUhUVjhpOHcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSAYIKwYBBQUHAQcBAf8EOTA3MBgEAgABMBIDBAItXDgD
BAItgPADBAK5a5AwGwQCAAIwFQMFAyoGQsADBQMqDh7AAwUDKg95wDANBgkqhkiG
9w0BAQsFAAOCAQEAANHUgkIRDLCQEpv6iW9B2cusL4e4AUSoQdxb5v0+TsAkQeAF
MoL+nuJbOV+bAtNumiTI8+dx/hGve1OS8gZxV+gW4jSLkMQC+2IwcYprM6AatQNk
Wt7C+5km6/Z4QcMhNIGpWABFP3EW0XKb8Be2FnO6VqP1zfdbOymfLGd4NwQVP7zF
++R3MCCPCsz9LokhAOw8q/3waFqs8Zqy85410oJh/n4YHbhsHPV64pOvJLfLScR9
xo2iHniLpgDofko17vl5i1nKg4DcB27ul1bXPHjobNkUqSQblJsZL7PCSYsfIVc7
Wt8rvorbg31aP9OJD1UJ2eZ/XSAAAoRU/Qnngw==
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:35:02 2024 by rpki-client on console-ams.rpki-client.org