Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/1d5ee1-accf-474f-a589-cd1fa484411b/1/YKs5bmFUVAk0U3c65JyA-yx_ru8.roa
File: YKs5bmFUVAk0U3c65JyA-yx_ru8.roa (raw, json)
Hash identifier: /iSRIEZxHR2KYrSfKlv13GZuPtZZ9il7XqwpwVFRwXE=
Subject key identifier: 60:AB:39:6E:61:54:54:09:34:53:77:3A:E4:9C:80:FB:2C:7F:AE:EF
Certificate issuer: /CN=b869ee66164d3cb41dbd2df5417817c32f4cea05
Certificate serial: 01942643868B586D74652147BAB7C06180AA
Authority key identifier: B8:69:EE:66:16:4D:3C:B4:1D:BD:2D:F5:41:78:17:C3:2F:4C:EA:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uGnuZhZNPLQdvS31QXgXwy9M6gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/1d5ee1-accf-474f-a589-cd1fa484411b/1/YKs5bmFUVAk0U3c65JyA-yx_ru8.roa
Signing time: Thu 02 Jan 2025 09:05:46 +0000
ROA not before: Thu 02 Jan 2025 09:05:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 185.19.92.0/24 maxlen: 24
185.19.93.0/24 maxlen: 24
185.19.94.0/24 maxlen: 24
185.19.95.0/24 maxlen: 24
185.59.28.0/24 maxlen: 24
185.59.30.0/24 maxlen: 24
185.59.31.0/24 maxlen: 24
185.114.193.0/24 maxlen: 24
185.114.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/1d5ee1-accf-474f-a589-cd1fa484411b/1/uGnuZhZNPLQdvS31QXgXwy9M6gU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/1d5ee1-accf-474f-a589-cd1fa484411b/1/uGnuZhZNPLQdvS31QXgXwy9M6gU.mft
rsync://rpki.ripe.net/repository/DEFAULT/uGnuZhZNPLQdvS31QXgXwy9M6gU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:43:86:8b:58:6d:74:65:21:47:ba:b7:c0:61:80:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b869ee66164d3cb41dbd2df5417817c32f4cea05
Validity
Not Before: Jan 2 09:05:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60ab396e615454093453773ae49c80fb2c7faeef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:57:ce:d9:17:9a:66:b7:a8:b5:27:ee:79:15:
cc:33:ee:84:b3:63:3e:1d:a9:c3:b3:06:9b:c9:dc:
b1:fe:75:d6:28:48:29:82:19:c8:f1:e2:0e:5b:bc:
7b:32:71:7d:ff:75:25:f7:c2:1b:7c:d0:7e:54:98:
f0:26:37:0f:c6:ae:fa:da:e1:70:7f:db:e7:ec:fc:
bc:a8:ae:53:12:94:d5:c4:68:a7:d0:40:e7:6b:5a:
52:58:66:42:2f:c1:7c:f5:3a:44:86:5b:c2:02:01:
7c:63:8b:be:4e:56:e2:00:11:fe:3a:2f:37:ff:9a:
3e:e4:41:ca:a4:d1:e6:6f:f6:a8:fe:7a:07:98:6d:
69:68:b6:b3:47:8a:cf:c1:08:4f:66:68:91:1b:d7:
bf:da:fe:f6:97:3d:be:a9:c3:83:15:b2:20:52:8b:
ec:ac:ba:d8:f1:cf:4b:a2:15:be:a4:d3:4c:4f:6c:
23:ea:32:74:0d:45:76:39:e6:69:bc:8d:0e:ae:4a:
68:83:73:81:23:39:2e:c0:96:5d:7b:68:dd:e5:e4:
fd:4b:0f:29:fb:ba:b7:88:da:7c:e9:cd:84:ce:98:
b7:ee:81:ef:bf:11:dd:b4:e5:04:72:a7:6c:12:5f:
d4:1b:38:c7:6f:29:53:30:a2:e5:50:c0:56:39:bf:
19:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:AB:39:6E:61:54:54:09:34:53:77:3A:E4:9C:80:FB:2C:7F:AE:EF
X509v3 Authority Key Identifier:
keyid:B8:69:EE:66:16:4D:3C:B4:1D:BD:2D:F5:41:78:17:C3:2F:4C:EA:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uGnuZhZNPLQdvS31QXgXwy9M6gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/1d5ee1-accf-474f-a589-cd1fa484411b/1/YKs5bmFUVAk0U3c65JyA-yx_ru8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/1d5ee1-accf-474f-a589-cd1fa484411b/1/uGnuZhZNPLQdvS31QXgXwy9M6gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.19.92.0/22
185.59.28.0/24
185.59.30.0/23
185.114.193.0/24
185.114.195.0/24
Signature Algorithm: sha256WithRSAEncryption
81:49:25:d1:d0:ed:0f:aa:52:e3:93:12:aa:b3:b2:8a:57:ef:
af:3e:94:48:d2:11:66:dd:66:42:10:ed:dc:60:73:9e:c8:e6:
08:e5:76:f4:76:89:04:6f:07:ad:42:2b:a1:11:cd:1b:05:a8:
89:5c:bf:b2:fe:c6:74:1d:72:f3:b9:35:ae:23:e7:f2:81:e5:
fd:a0:77:15:a0:2b:0f:39:a2:65:7c:a6:07:83:25:b3:21:1d:
45:5c:38:13:40:04:dd:71:17:b8:1f:f5:de:a7:ff:c0:9f:d5:
0f:96:a5:5e:e9:d2:b9:66:7c:d6:6d:00:d7:b5:aa:8f:5d:dc:
a1:bb:a4:7f:1c:f0:ff:a0:9f:e6:c8:6f:3f:93:02:08:67:9a:
74:57:a3:6d:e9:79:ca:7a:5e:38:f3:a9:85:22:34:49:b2:d0:
7e:81:09:06:c4:8c:b3:7f:dd:d3:0c:3b:9a:42:e3:de:df:18:
7d:e0:26:bd:ae:29:67:08:e8:9b:6d:a2:86:9b:5f:7c:64:e9:
00:40:8c:91:41:d7:12:76:4c:3c:b9:80:e3:6e:ce:ba:df:06:
78:52:ea:6e:ed:8b:9f:29:b5:93:4d:ba:45:e8:da:d0:c5:b9:
04:07:b7:74:0a:75:07:88:26:d8:f0:b7:79:63:49:b7:52:0e:
57:2f:57:90
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQmQ4aLWG10ZSFHurfAYYCqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4NjllZTY2MTY0ZDNjYjQxZGJkMmRmNTQxNzgxN2MzMmY0
Y2VhMDUwHhcNMjUwMTAyMDkwNTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGFiMzk2ZTYxNTQ1NDA5MzQ1Mzc3M2FlNDljODBmYjJjN2ZhZWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1fO2ReaZreotSfueRXMM+6Es2M+
HanDswabydyx/nXWKEgpghnI8eIOW7x7MnF9/3Ul98IbfNB+VJjwJjcPxq762uFw
f9vn7Py8qK5TEpTVxGin0EDna1pSWGZCL8F89TpEhlvCAgF8Y4u+TlbiABH+Oi83
/5o+5EHKpNHmb/ao/noHmG1paLazR4rPwQhPZmiRG9e/2v72lz2+qcODFbIgUovs
rLrY8c9LohW+pNNMT2wj6jJ0DUV2OeZpvI0Orkpog3OBIzkuwJZde2jd5eT9Sw8p
+7q3iNp86c2Ezpi37oHvvxHdtOUEcqdsEl/UGzjHbylTMKLlUMBWOb8Z8QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGCrOW5hVFQJNFN3OuScgPssf67vMB8GA1UdIwQY
MBaAFLhp7mYWTTy0Hb0t9UF4F8MvTOoFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUdudVpoWk5QTFFkdlMzMVFYZ1h3eTlNNmdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8xZDVlZTEtYWNjZi00NzRmLWE1ODkt
Y2QxZmE0ODQ0MTFiLzEvWUtzNWJtRlVWQWswVTNjNjVKeUEteXhfcnU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8xZDVlZTEtYWNjZi00NzRmLWE1ODktY2QxZmE0ODQ0MTFi
LzEvdUdudVpoWk5QTFFkdlMzMVFYZ1h3eTlNNmdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCuRNcAwQA
uTscAwQBuTseAwQAuXLBAwQAuXLDMA0GCSqGSIb3DQEBCwUAA4IBAQCBSSXR0O0P
qlLjkxKqs7KKV++vPpRI0hFm3WZCEO3cYHOeyOYI5Xb0dokEbwetQiuhEc0bBaiJ
XL+y/sZ0HXLzuTWuI+fygeX9oHcVoCsPOaJlfKYHgyWzIR1FXDgTQATdcRe4H/Xe
p//An9UPlqVe6dK5ZnzWbQDXtaqPXdyhu6R/HPD/oJ/myG8/kwIIZ5p0V6Nt6XnK
el4486mFIjRJstB+gQkGxIyzf93TDDuaQuPe3xh94Ca9rilnCOibbaKGm198ZOkA
QIyRQdcSdkw8uYDjbs663wZ4Uupu7YufKbWTTbpF6NrQxbkEB7d0CnUHiCbY8Ld5
Y0m3Ug5XL1eQ
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:10:07 2025 by rpki-client