Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/Y5s98Vti62p_iBLFJayxk94RTbs.roa
File: Y5s98Vti62p_iBLFJayxk94RTbs.roa (raw, json)
Hash identifier: pL8VpB4MxWr1/wWnhzPZInfeHpGISCjMLM4/kUv4m8M=
Subject key identifier: 63:9B:3D:F1:5B:62:EB:6A:7F:88:12:C5:25:AC:B1:93:DE:11:4D:BB
Certificate issuer: /CN=37518d180923a7f3c00653ec12bc702b95aab907
Certificate serial: 018CC348A56ABA339003F1E5497691266994
Authority key identifier: 37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/Y5s98Vti62p_iBLFJayxk94RTbs.roa
Signing time: Mon 01 Jan 2024 04:29:27 +0000
ROA not before: Mon 01 Jan 2024 04:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8678
IP address blocks: 193.255.224.0/21 maxlen: 21
193.255.222.0/23 maxlen: 23
193.255.221.0/24 maxlen: 24
193.255.232.0/22 maxlen: 22
193.255.236.0/23 maxlen: 23
194.27.24.0/22 maxlen: 22
194.27.28.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/N1GNGAkjp_PABlPsErxwK5WquQc.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/N1GNGAkjp_PABlPsErxwK5WquQc.mft
rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:a5:6a:ba:33:90:03:f1:e5:49:76:91:26:69:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37518d180923a7f3c00653ec12bc702b95aab907
Validity
Not Before: Jan 1 04:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=639b3df15b62eb6a7f8812c525acb193de114dbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:95:0b:c4:a7:fe:58:c4:12:46:36:bb:f2:91:
24:de:75:ad:f1:fa:d0:8d:cf:f3:b9:5b:94:d9:4d:
13:d8:60:0d:ce:19:48:b6:49:46:13:fb:57:61:a8:
c0:d8:a1:1b:ba:4b:71:32:10:3a:68:a6:9d:dc:5f:
4d:6c:b8:d0:38:1e:e8:7e:ba:7b:10:86:4e:53:f0:
e6:91:73:4c:a7:61:54:1d:40:a7:06:98:9d:9a:86:
55:55:af:95:f1:08:fc:c5:9f:11:86:af:b2:d7:9a:
e6:16:9c:9b:0c:56:01:47:28:7a:28:63:40:fb:fe:
95:a8:8c:95:83:91:dd:b6:f0:46:bd:aa:ad:34:a5:
28:eb:ad:e9:05:de:24:0c:29:2a:2a:b9:f0:3c:d0:
1a:54:2b:13:6f:52:44:e9:63:56:43:27:a3:ee:ea:
46:fe:33:06:2a:ef:88:c7:91:12:d9:3c:b6:09:9e:
2b:9b:06:b5:be:30:fc:0a:dd:b2:fb:6e:af:a0:0f:
3b:b1:74:76:78:c0:2a:59:30:c1:df:3a:82:01:af:
31:10:1c:4b:38:6c:33:54:ca:45:aa:75:52:88:3f:
b8:8d:90:48:df:9b:6f:1d:52:9d:55:3d:10:fa:a6:
92:ba:d8:f3:fd:48:71:c9:64:03:ce:fc:9d:b0:7d:
e6:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:9B:3D:F1:5B:62:EB:6A:7F:88:12:C5:25:AC:B1:93:DE:11:4D:BB
X509v3 Authority Key Identifier:
keyid:37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/Y5s98Vti62p_iBLFJayxk94RTbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/N1GNGAkjp_PABlPsErxwK5WquQc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.255.221.0-193.255.237.255
194.27.24.0-194.27.29.255
Signature Algorithm: sha256WithRSAEncryption
79:c8:53:6d:ea:0c:37:66:0f:b9:76:d4:9f:db:56:f7:c3:6b:
60:e4:99:1f:13:0d:2a:55:ce:a4:d7:2c:e6:7c:dd:cc:41:7f:
5c:57:96:b1:c5:0d:ab:c9:c8:a3:3d:ab:14:8f:59:4c:e1:fd:
d4:92:74:7d:95:7a:81:bf:f4:28:b8:06:b7:61:98:e8:54:6f:
8e:bf:0a:67:17:e7:de:46:e0:5e:0e:54:56:4b:c1:a8:c6:47:
bf:28:f0:4a:c5:67:4d:60:5c:22:d2:4b:61:82:95:a2:2a:24:
81:75:2c:b1:78:e0:74:59:6e:56:01:ab:9d:c6:5e:47:0f:3e:
c6:9c:c3:ce:4e:9f:a4:8f:f7:01:f5:52:56:10:3d:a8:b0:5e:
96:ab:8d:b3:54:31:28:da:a1:1c:c3:2b:0b:93:6e:9a:46:df:
36:78:30:13:12:eb:1f:1b:d5:a4:03:d0:43:ca:36:ff:96:66:
e8:82:81:1b:d6:cf:77:3f:b6:21:fe:ce:c1:76:bb:d8:d1:c4:
a6:00:a6:25:57:d5:80:2f:21:4d:ef:43:66:8f:56:74:75:00:
7d:e1:76:c4:28:a6:08:35:ff:82:ff:2c:bc:e1:2d:b7:39:5c:
4c:67:af:c7:ac:11:82:08:8c:26:d5:2c:a5:5b:bf:42:2b:ab:
af:a9:c3:21
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzDSKVqujOQA/HlSXaRJmmUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NTE4ZDE4MDkyM2E3ZjNjMDA2NTNlYzEyYmM3MDJiOTVh
YWI5MDcwHhcNMjQwMTAxMDQyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzliM2RmMTViNjJlYjZhN2Y4ODEyYzUyNWFjYjE5M2RlMTE0ZGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9JULxKf+WMQSRja78pEk3nWt8frQ
jc/zuVuU2U0T2GANzhlItklGE/tXYajA2KEbuktxMhA6aKad3F9NbLjQOB7ofrp7
EIZOU/DmkXNMp2FUHUCnBpidmoZVVa+V8Qj8xZ8Rhq+y15rmFpybDFYBRyh6KGNA
+/6VqIyVg5HdtvBGvaqtNKUo663pBd4kDCkqKrnwPNAaVCsTb1JE6WNWQyej7upG
/jMGKu+Ix5ES2Ty2CZ4rmwa1vjD8Ct2y+26voA87sXR2eMAqWTDB3zqCAa8xEBxL
OGwzVMpFqnVSiD+4jZBI35tvHVKdVT0Q+qaSutjz/UhxyWQDzvydsH3mdQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFGObPfFbYutqf4gSxSWssZPeEU27MB8GA1UdIwQY
MBaAFDdRjRgJI6fzwAZT7BK8cCuVqrkHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjFHTkdBa2pwX1BBQmxQc0VyeHdLNVdxdVFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9mODBlZjMtOWYwYi00YmQxLTgwMTgt
NTk2NzE5MjBmYjYwLzEvWTVzOThWdGk2MnBfaUJMRkpheXhrOTRSVGJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9mODBlZjMtOWYwYi00YmQxLTgwMTgtNTk2NzE5MjBmYjYw
LzEvTjFHTkdBa2pwX1BBQmxQc0VyeHdLNVdxdVFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBADB/90D
BAHB/+wwDAMEA8IbGAMEAcIbHDANBgkqhkiG9w0BAQsFAAOCAQEAechTbeoMN2YP
uXbUn9tW98NrYOSZHxMNKlXOpNcs5nzdzEF/XFeWscUNq8nIoz2rFI9ZTOH91JJ0
fZV6gb/0KLgGt2GY6FRvjr8KZxfn3kbgXg5UVkvBqMZHvyjwSsVnTWBcItJLYYKV
oiokgXUssXjgdFluVgGrncZeRw8+xpzDzk6fpI/3AfVSVhA9qLBelquNs1QxKNqh
HMMrC5NumkbfNngwExLrHxvVpAPQQ8o2/5Zm6IKBG9bPdz+2If7OwXa72NHEpgCm
JVfVgC8hTe9DZo9WdHUAfeF2xCimCDX/gv8svOEttzlcTGevx6wRggiMJtUspVu/
Qiurr6nDIQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:55:19 2024 by rpki-client on console-ams.rpki-client.org