Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/59a032-c384-43df-8c9d-ef0b82189444/1/YgQ89rkl9jvV6rLw-Z3NCQCItp0.roa
File: YgQ89rkl9jvV6rLw-Z3NCQCItp0.roa (raw, json)
Hash identifier: St5+oKmDInc2kI6N55PGDT+Ery6915EesQ4gsgyIy54=
Subject key identifier: 62:04:3C:F6:B9:25:F6:3B:D5:EA:B2:F0:F9:9D:CD:09:00:88:B6:9D
Certificate issuer: /CN=e3280c6352a0bfbb79d249c8875ed186ecce8a86
Certificate serial: 018CC3B6A1097761D2862B1C62022803D653
Authority key identifier: E3:28:0C:63:52:A0:BF:BB:79:D2:49:C8:87:5E:D1:86:EC:CE:8A:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4ygMY1Kgv7t50knIh17RhuzOioY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/59a032-c384-43df-8c9d-ef0b82189444/1/YgQ89rkl9jvV6rLw-Z3NCQCItp0.roa
Signing time: Mon 01 Jan 2024 06:29:34 +0000
ROA not before: Mon 01 Jan 2024 06:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57469
IP address blocks: 159.48.56.0/21 maxlen: 22
31.207.96.0/19 maxlen: 22
185.177.32.0/22 maxlen: 22
159.48.16.0/20 maxlen: 22
159.48.48.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/59a032-c384-43df-8c9d-ef0b82189444/1/4ygMY1Kgv7t50knIh17RhuzOioY.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/59a032-c384-43df-8c9d-ef0b82189444/1/4ygMY1Kgv7t50knIh17RhuzOioY.mft
rsync://rpki.ripe.net/repository/DEFAULT/4ygMY1Kgv7t50knIh17RhuzOioY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 20:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:a1:09:77:61:d2:86:2b:1c:62:02:28:03:d6:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3280c6352a0bfbb79d249c8875ed186ecce8a86
Validity
Not Before: Jan 1 06:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62043cf6b925f63bd5eab2f0f99dcd090088b69d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:90:d1:c4:73:37:91:1c:3a:99:d6:f6:3b:32:
8a:19:3d:cd:d9:53:a2:84:9c:dc:03:aa:40:45:d0:
ff:cf:13:8c:45:b6:19:0e:8f:91:4e:3c:90:f4:7f:
6e:1c:53:6f:1a:a6:71:fd:89:bb:f3:94:60:46:36:
9d:a9:51:e6:d9:37:d3:ed:ca:94:14:00:41:1d:12:
6e:63:cd:fb:41:ae:1d:f6:be:2f:7a:bd:24:c7:4a:
79:eb:8e:35:d9:76:a2:ac:7f:11:50:86:3d:3e:1c:
14:e4:0f:44:14:8a:30:af:ae:1c:05:3e:27:73:0b:
f6:8b:c2:4f:c2:58:ea:69:1f:c2:0f:6b:28:30:96:
11:74:1a:cb:e0:ca:74:2a:85:0d:4f:57:e6:46:de:
a8:8c:21:5f:e5:57:2d:12:e7:8c:12:bc:64:20:80:
85:21:22:bb:e8:fd:02:b4:0a:97:d9:db:72:25:b8:
06:ec:98:16:17:e6:c6:6f:f0:a2:d5:4d:98:bd:6c:
33:ea:31:d5:80:cc:48:ab:e9:68:e9:8e:a4:0b:74:
04:c5:ab:49:ce:09:9b:27:6c:79:0f:4d:b9:2b:c9:
9a:54:b3:05:f5:fd:6e:3a:af:64:9f:2d:5b:ac:6c:
d8:4b:a8:29:27:5c:3b:04:c3:26:80:82:3e:9f:7b:
52:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:04:3C:F6:B9:25:F6:3B:D5:EA:B2:F0:F9:9D:CD:09:00:88:B6:9D
X509v3 Authority Key Identifier:
keyid:E3:28:0C:63:52:A0:BF:BB:79:D2:49:C8:87:5E:D1:86:EC:CE:8A:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4ygMY1Kgv7t50knIh17RhuzOioY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/59a032-c384-43df-8c9d-ef0b82189444/1/YgQ89rkl9jvV6rLw-Z3NCQCItp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/59a032-c384-43df-8c9d-ef0b82189444/1/4ygMY1Kgv7t50knIh17RhuzOioY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.207.96.0/19
159.48.16.0/20
159.48.48.0/22
159.48.56.0/21
185.177.32.0/22
Signature Algorithm: sha256WithRSAEncryption
66:b3:74:65:68:cf:0b:d7:14:6a:bb:31:c2:bc:4e:c7:cd:17:
fa:6f:e1:3b:12:0f:f7:2a:03:35:6d:bb:ea:e7:2c:13:99:f6:
90:67:de:04:12:87:9c:7e:11:e6:56:51:c9:8d:7e:91:be:5f:
95:cd:5e:6d:2d:54:68:2d:d5:dd:80:3a:35:fb:fe:6b:9f:91:
a8:af:50:de:05:7d:46:73:d2:46:56:e8:eb:94:8a:f4:41:5e:
55:72:c2:20:f1:2d:7a:90:96:ae:b7:28:df:8c:54:50:00:0b:
d5:4a:f6:b2:af:b1:99:ca:d8:32:ba:3f:45:3d:68:99:73:97:
dd:d1:d3:4f:6b:32:cc:d9:30:37:17:2c:90:24:cc:86:f5:3c:
e9:08:9f:af:db:f0:94:d6:3a:3e:06:4a:2b:97:03:1e:76:14:
b0:9f:80:f1:3e:f4:11:50:81:a8:2b:87:4f:e5:8d:00:50:a1:
95:38:f2:17:73:8a:3e:50:3d:8c:8f:ec:4e:ee:a9:8e:ed:30:
78:03:7d:c0:74:55:ce:67:00:7a:55:6d:21:16:65:3a:93:37:
3f:75:05:f0:d9:11:5c:af:f6:1d:bb:2c:ef:15:77:7a:4f:05:
de:6f:a2:46:0c:a9:7e:92:51:55:55:eb:61:3e:ac:60:46:c2:
00:15:60:7d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzDtqEJd2HShiscYgIoA9ZTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMjgwYzYzNTJhMGJmYmI3OWQyNDljODg3NWVkMTg2ZWNj
ZThhODYwHhcNMjQwMTAxMDYyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjA0M2NmNmI5MjVmNjNiZDVlYWIyZjBmOTlkY2QwOTAwODhiNjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJDRxHM3kRw6mdb2OzKKGT3N2VOi
hJzcA6pARdD/zxOMRbYZDo+RTjyQ9H9uHFNvGqZx/Ym785RgRjadqVHm2TfT7cqU
FABBHRJuY837Qa4d9r4ver0kx0p564412XairH8RUIY9PhwU5A9EFIowr64cBT4n
cwv2i8JPwljqaR/CD2soMJYRdBrL4Mp0KoUNT1fmRt6ojCFf5VctEueMErxkIICF
ISK76P0CtAqX2dtyJbgG7JgWF+bGb/Ci1U2YvWwz6jHVgMxIq+lo6Y6kC3QExatJ
zgmbJ2x5D025K8maVLMF9f1uOq9kny1brGzYS6gpJ1w7BMMmgII+n3tSAwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGIEPPa5JfY71eqy8PmdzQkAiLadMB8GA1UdIwQY
MBaAFOMoDGNSoL+7edJJyIde0YbszoqGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHlnTVkxS2d2N3Q1MGtuSWgxN1JodXpPaW9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC81OWEwMzItYzM4NC00M2RmLThjOWQt
ZWYwYjgyMTg5NDQ0LzEvWWdRODlya2w5anZWNnJMdy1aM05DUUNJdHAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC81OWEwMzItYzM4NC00M2RmLThjOWQtZWYwYjgyMTg5NDQ0
LzEvNHlnTVkxS2d2N3Q1MGtuSWgxN1JodXpPaW9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQFH89gAwQE
nzAQAwQCnzAwAwQDnzA4AwQCubEgMA0GCSqGSIb3DQEBCwUAA4IBAQBms3RlaM8L
1xRquzHCvE7HzRf6b+E7Eg/3KgM1bbvq5ywTmfaQZ94EEoecfhHmVlHJjX6Rvl+V
zV5tLVRoLdXdgDo1+/5rn5Gor1DeBX1Gc9JGVujrlIr0QV5VcsIg8S16kJautyjf
jFRQAAvVSvayr7GZytgyuj9FPWiZc5fd0dNPazLM2TA3FyyQJMyG9TzpCJ+v2/CU
1jo+BkorlwMedhSwn4DxPvQRUIGoK4dP5Y0AUKGVOPIXc4o+UD2Mj+xO7qmO7TB4
A33AdFXOZwB6VW0hFmU6kzc/dQXw2RFcr/YduyzvFXd6TwXeb6JGDKl+klFVVeth
PqxgRsIAFWB9
-----END CERTIFICATE-----
Generated at Sun May 19 00:48:24 2024 by rpki-client on console-ams.rpki-client.org