Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/320baf-59dc-46a2-af7d-d819ced5d35a/1/yUYdHRbTOv0d1MetsWOgAV0H6VU.roa
File: yUYdHRbTOv0d1MetsWOgAV0H6VU.roa (raw, json)
Hash identifier: +EFZd5lQ4dkXRQFADEy9sJ6BqMDudBbS3CjpZl251rg=
Subject key identifier: C9:46:1D:1D:16:D3:3A:FD:1D:D4:C7:AD:B1:63:A0:01:5D:07:E9:55
Certificate issuer: /CN=c5119e75200392f1a2f08be990732d8047b28b09
Certificate serial: 018CC8DDACB40FA5D82812CA60962BDFEAFF
Authority key identifier: C5:11:9E:75:20:03:92:F1:A2:F0:8B:E9:90:73:2D:80:47:B2:8B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xRGedSADkvGi8IvpkHMtgEeyiwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/320baf-59dc-46a2-af7d-d819ced5d35a/1/yUYdHRbTOv0d1MetsWOgAV0H6VU.roa
Signing time: Tue 02 Jan 2024 06:30:20 +0000
ROA not before: Tue 02 Jan 2024 06:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57388
IP address blocks: 130.0.24.0/24 maxlen: 24
130.0.24.0/22 maxlen: 24
130.0.25.0/24 maxlen: 24
130.0.30.0/24 maxlen: 24
130.0.26.0/24 maxlen: 24
130.0.31.0/24 maxlen: 24
185.85.152.0/22 maxlen: 24
130.0.27.0/24 maxlen: 24
130.0.28.0/22 maxlen: 24
2a02:dd00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/320baf-59dc-46a2-af7d-d819ced5d35a/1/xRGedSADkvGi8IvpkHMtgEeyiwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/320baf-59dc-46a2-af7d-d819ced5d35a/1/xRGedSADkvGi8IvpkHMtgEeyiwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/xRGedSADkvGi8IvpkHMtgEeyiwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dd:ac:b4:0f:a5:d8:28:12:ca:60:96:2b:df:ea:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5119e75200392f1a2f08be990732d8047b28b09
Validity
Not Before: Jan 2 06:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9461d1d16d33afd1dd4c7adb163a0015d07e955
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:b3:65:ce:aa:bd:87:5c:55:0e:b0:a2:34:62:
0a:07:cb:8b:e0:77:70:74:32:89:a5:28:51:2d:d5:
58:38:d1:c5:dd:6b:cf:54:a3:ba:cf:da:22:c0:79:
7e:42:1e:84:6c:f5:ff:20:1e:dd:ef:e4:75:87:e1:
7d:d6:08:8f:cb:44:db:07:b5:c6:1b:ed:fc:b3:da:
4b:63:56:93:1a:95:f1:93:83:f7:63:d4:6c:70:0c:
cb:e4:77:41:86:cf:92:4e:9c:6a:61:14:86:88:05:
e2:6e:f4:84:0c:ec:ad:cd:19:0a:8d:65:91:60:bd:
6f:2b:f1:5f:b8:ff:4e:51:a3:6e:92:ac:0e:2c:3a:
a1:a1:82:37:b7:29:44:bf:92:59:6b:80:cf:3b:5b:
e7:a0:06:29:62:78:38:aa:10:68:bf:ad:96:b4:1a:
97:8e:51:b4:75:38:b8:c9:df:21:14:d4:1e:56:95:
2d:46:7d:cf:02:4e:c4:70:ee:1a:0a:1c:9f:88:0a:
2d:5a:27:9e:96:f5:1a:91:08:18:73:45:97:f8:13:
a7:25:12:2f:66:2c:50:ec:2b:9f:55:ce:b1:69:ba:
f8:ce:d1:e4:2f:dc:09:f4:92:5d:69:ae:f9:d1:14:
a4:3f:ae:f8:fd:78:81:9b:4c:b7:a1:ee:72:ca:d6:
fa:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:46:1D:1D:16:D3:3A:FD:1D:D4:C7:AD:B1:63:A0:01:5D:07:E9:55
X509v3 Authority Key Identifier:
keyid:C5:11:9E:75:20:03:92:F1:A2:F0:8B:E9:90:73:2D:80:47:B2:8B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xRGedSADkvGi8IvpkHMtgEeyiwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/320baf-59dc-46a2-af7d-d819ced5d35a/1/yUYdHRbTOv0d1MetsWOgAV0H6VU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/320baf-59dc-46a2-af7d-d819ced5d35a/1/xRGedSADkvGi8IvpkHMtgEeyiwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.0.24.0/21
185.85.152.0/22
IPv6:
2a02:dd00::/29
Signature Algorithm: sha256WithRSAEncryption
bb:91:3e:e0:50:8e:43:48:ac:c0:ad:78:8a:78:55:65:cb:3f:
d1:0a:62:d8:02:a7:2a:9e:db:26:2c:2b:47:75:15:d5:a8:4f:
09:30:ba:8b:9e:09:38:b1:61:91:ab:b9:52:8c:4b:12:be:bb:
9d:42:ce:2f:78:86:60:1b:4a:1d:f2:31:e8:5a:64:d8:d4:ed:
74:9e:80:ad:e2:aa:de:3f:4d:f5:fb:90:dc:20:48:fe:0c:48:
f3:7f:7e:11:21:2c:51:59:11:a7:9a:8e:00:08:dc:7c:75:40:
21:50:bc:dd:51:f8:44:d3:79:06:ee:4f:d5:7c:c9:fe:e7:bf:
74:27:52:5b:5a:4c:88:40:08:ac:ad:fb:4d:76:37:46:87:b4:
3a:2a:e2:47:0f:4a:41:1f:13:e2:7c:95:2e:2b:66:9d:ae:aa:
ba:91:99:e7:db:b7:40:5e:66:ac:88:2d:85:9e:da:eb:ed:31:
cc:a4:37:f2:21:df:ba:55:76:51:66:c6:78:f7:38:cd:99:9d:
56:81:39:77:78:2f:6d:0e:98:3f:40:44:65:c8:32:b8:85:23:
f6:57:1e:83:42:1a:de:4c:cd:86:a6:ca:65:32:a2:6a:d7:b4:
f9:38:3f:76:ed:ae:d0:3c:29:61:c0:d4:86:67:c2:b5:3e:b0:
8d:ed:b0:4a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzI3ay0D6XYKBLKYJYr3+r/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1MTE5ZTc1MjAwMzkyZjFhMmYwOGJlOTkwNzMyZDgwNDdi
MjhiMDkwHhcNMjQwMTAyMDYzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTQ2MWQxZDE2ZDMzYWZkMWRkNGM3YWRiMTYzYTAwMTVkMDdlOTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2rNlzqq9h1xVDrCiNGIKB8uL4Hdw
dDKJpShRLdVYONHF3WvPVKO6z9oiwHl+Qh6EbPX/IB7d7+R1h+F91giPy0TbB7XG
G+38s9pLY1aTGpXxk4P3Y9RscAzL5HdBhs+STpxqYRSGiAXibvSEDOytzRkKjWWR
YL1vK/FfuP9OUaNukqwOLDqhoYI3tylEv5JZa4DPO1vnoAYpYng4qhBov62WtBqX
jlG0dTi4yd8hFNQeVpUtRn3PAk7EcO4aChyfiAotWieelvUakQgYc0WX+BOnJRIv
ZixQ7CufVc6xabr4ztHkL9wJ9JJdaa750RSkP674/XiBm0y3oe5yytb64QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMlGHR0W0zr9HdTHrbFjoAFdB+lVMB8GA1UdIwQY
MBaAFMURnnUgA5LxovCL6ZBzLYBHsosJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFJHZWRTQURrdkdpOEl2cGtITXRnRWV5aXdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8zMjBiYWYtNTlkYy00NmEyLWFmN2Qt
ZDgxOWNlZDVkMzVhLzEveVVZZEhSYlRPdjBkMU1ldHNXT2dBVjBINlZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy8zMjBiYWYtNTlkYy00NmEyLWFmN2QtZDgxOWNlZDVkMzVh
LzEveFJHZWRTQURrdkdpOEl2cGtITXRnRWV5aXdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDggAYAwQC
uVWYMA0EAgACMAcDBQMqAt0AMA0GCSqGSIb3DQEBCwUAA4IBAQC7kT7gUI5DSKzA
rXiKeFVlyz/RCmLYAqcqntsmLCtHdRXVqE8JMLqLngk4sWGRq7lSjEsSvrudQs4v
eIZgG0od8jHoWmTY1O10noCt4qreP031+5DcIEj+DEjzf34RISxRWRGnmo4ACNx8
dUAhULzdUfhE03kG7k/VfMn+5790J1JbWkyIQAisrftNdjdGh7Q6KuJHD0pBHxPi
fJUuK2adrqq6kZnn27dAXmasiC2Fntrr7THMpDfyId+6VXZRZsZ49zjNmZ1WgTl3
eC9tDpg/QERlyDK4hSP2Vx6DQhreTM2GpsplMqJq17T5OD927a7QPClhwNSGZ8K1
PrCN7bBK
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:23:29 2024 by rpki-client on console-fra.rpki-client.org