Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/YPhWBSPHGs5SvVUlaCiCKWmqFfE.roa
File: YPhWBSPHGs5SvVUlaCiCKWmqFfE.roa (raw, json)
Hash identifier: 5GbYaE22J8Owy6TgFxnM856qPEXWo4AxIXtfMEPnMxs=
Subject key identifier: 60:F8:56:05:23:C7:1A:CE:52:BD:55:25:68:28:82:29:69:AA:15:F1
Certificate issuer: /CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Certificate serial: 019426D94FD01DDB5C8F5D6A4AE0E448AD3D
Authority key identifier: CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/YPhWBSPHGs5SvVUlaCiCKWmqFfE.roa
Signing time: Thu 02 Jan 2025 11:49:23 +0000
ROA not before: Thu 02 Jan 2025 11:49:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203004
IP address blocks: 89.223.100.0/24 maxlen: 24
92.255.99.0/24 maxlen: 24
2a04:ac00:2::/48 maxlen: 48
2a04:ac00:9::/48 maxlen: 48
2a04:ac00:a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.mft
rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 13:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:4f:d0:1d:db:5c:8f:5d:6a:4a:e0:e4:48:ad:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Validity
Not Before: Jan 2 11:49:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60f8560523c71ace52bd55256828822969aa15f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:bc:99:10:2c:64:85:f3:3a:82:a9:cc:bb:1d:
86:ba:4b:09:5b:9e:53:fd:39:1a:02:97:cd:88:20:
69:bf:88:70:06:5c:17:ce:9b:db:8c:0d:19:d5:72:
38:de:22:f6:07:d2:1c:0a:8d:7c:67:e4:bf:2a:09:
35:96:8f:43:55:5c:99:18:57:81:32:6d:b0:e0:a7:
3f:e2:80:a0:ef:08:17:22:39:0f:18:24:b6:23:c0:
0c:39:0e:5e:b8:ef:cf:40:93:87:f0:66:96:73:ea:
e2:ac:a5:a9:13:e1:a0:d9:9c:32:94:4b:1a:dc:6e:
1f:23:59:66:4e:42:a1:53:43:53:67:4a:3c:5c:06:
37:3e:60:4c:13:95:98:1f:a8:9f:ae:f1:23:94:af:
45:18:c9:0f:61:3c:ff:41:43:a4:d4:9a:2e:da:5a:
32:3e:fc:a7:1f:b3:93:69:d0:bc:2d:a9:89:c7:4b:
3d:7d:db:a6:75:96:b7:78:9b:5b:e5:5e:b9:08:55:
06:a2:79:92:0e:a6:6d:0b:04:0c:3a:74:59:ca:1e:
d5:be:67:c2:5b:c3:b1:55:d9:e3:c2:32:9b:85:e8:
f6:df:b3:6a:82:a1:09:5c:c3:2b:6e:c4:ca:3f:ed:
06:ca:ec:24:ba:60:73:8b:91:87:14:ce:e6:36:0b:
51:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:F8:56:05:23:C7:1A:CE:52:BD:55:25:68:28:82:29:69:AA:15:F1
X509v3 Authority Key Identifier:
keyid:CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/YPhWBSPHGs5SvVUlaCiCKWmqFfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.223.100.0/24
92.255.99.0/24
IPv6:
2a04:ac00:2::/48
2a04:ac00:9::-2a04:ac00:a:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
89:24:24:c9:d9:f6:85:d7:5e:86:07:80:84:50:27:a5:7b:3d:
b5:ed:02:29:27:1d:f2:ed:1a:6d:40:be:8d:0d:7c:f3:78:6b:
7c:33:35:a1:a1:2e:4b:ae:ae:25:f2:7b:66:b7:f5:07:8b:77:
26:85:8b:08:e7:10:ed:09:a7:72:0f:3c:d0:7f:69:7a:a4:1d:
a7:34:c8:7f:51:90:69:a6:44:ed:8f:23:9f:d6:97:5a:9c:e0:
0f:4b:60:fa:2b:93:ca:fa:83:0a:4b:d8:da:3d:7a:5a:b4:bb:
ee:5e:c9:5e:fd:50:fb:96:4e:e8:6d:2c:ab:66:c2:89:6d:4b:
4f:aa:75:58:a6:d5:66:6a:70:c4:b0:38:88:3e:33:11:c9:b3:
64:31:21:b5:fb:7d:85:ae:fa:14:77:b1:c5:6c:2a:7d:9a:56:
5e:ac:bb:81:13:4d:5d:04:94:02:0e:a8:df:ac:d3:ee:97:fb:
73:70:18:5c:d0:16:07:d5:68:53:0d:93:81:1c:5a:ef:fc:8b:
e3:53:80:dd:0b:81:8a:77:53:4b:72:ce:05:1f:c4:98:10:e4:
6c:f7:cf:bf:3b:45:fd:89:b6:07:06:d7:20:31:6a:33:d7:9c:
af:79:32:36:d4:6a:4e:6e:16:f9:6c:cd:4c:28:4f:65:e6:de:
b2:c8:40:58
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZQm2U/QHdtcj11qSuDkSK09MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkODMxM2U0MWU2NDZhMDljZDAxZTJlNmY0NzM5ZDNiZDIz
NmM0ZmYwHhcNMjUwMTAyMTE0OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGY4NTYwNTIzYzcxYWNlNTJiZDU1MjU2ODI4ODIyOTY5YWExNWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7LyZECxkhfM6gqnMux2GuksJW55T
/TkaApfNiCBpv4hwBlwXzpvbjA0Z1XI43iL2B9IcCo18Z+S/Kgk1lo9DVVyZGFeB
Mm2w4Kc/4oCg7wgXIjkPGCS2I8AMOQ5euO/PQJOH8GaWc+rirKWpE+Gg2ZwylEsa
3G4fI1lmTkKhU0NTZ0o8XAY3PmBME5WYH6ifrvEjlK9FGMkPYTz/QUOk1Jou2loy
PvynH7OTadC8LamJx0s9fdumdZa3eJtb5V65CFUGonmSDqZtCwQMOnRZyh7VvmfC
W8OxVdnjwjKbhej237NqgqEJXMMrbsTKP+0GyuwkumBzi5GHFM7mNgtR0wIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFGD4VgUjxxrOUr1VJWgogilpqhXxMB8GA1UdIwQY
MBaAFM2DE+QeZGoJzQHi5vRznTvSNsT/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQt
ODg2MmI1MTczMTdjLzEvWVBoV0JTUEhHczVTdlZVbGFDaUNLV21xRmZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQtODg2MmI1MTczMTdj
LzEvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTASBAIAATAMAwQAWd9kAwQA
XP9jMCMEAgACMB0DBwAqBKwAAAIwEgMHACoErAAACQMHACoErAAACjANBgkqhkiG
9w0BAQsFAAOCAQEAiSQkydn2hddehgeAhFAnpXs9te0CKScd8u0abUC+jQ1883hr
fDM1oaEuS66uJfJ7Zrf1B4t3JoWLCOcQ7Qmncg880H9peqQdpzTIf1GQaaZE7Y8j
n9aXWpzgD0tg+iuTyvqDCkvY2j16WrS77l7JXv1Q+5ZO6G0sq2bCiW1LT6p1WKbV
ZmpwxLA4iD4zEcmzZDEhtft9ha76FHexxWwqfZpWXqy7gRNNXQSUAg6o36zT7pf7
c3AYXNAWB9VoUw2TgRxa7/yL41OA3QuBindTS3LOBR/EmBDkbPfPvztF/Ym2BwbX
IDFqM9ecr3kyNtRqTm4W+WzNTChPZebesshAWA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:07:43 2025 by rpki-client