Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/9facae-fd90-4b4c-a2ec-9127e8105699/1/YRQ4Vg3A1i1QaO-e977IcW6KB9E.roa
File: YRQ4Vg3A1i1QaO-e977IcW6KB9E.roa (raw, json)
Hash identifier: rc17/JwW2r6jYEgRn/1E0O8jtu0CDbAtQ0C5kFjlEwU=
Subject key identifier: 61:14:38:56:0D:C0:D6:2D:50:68:EF:9E:F7:BE:C8:71:6E:8A:07:D1
Certificate issuer: /CN=d31e4a8cd2898c5de6d6625f10c4b2e85f461f78
Certificate serial: 019420D5D3D0EB8C484BF6AAA094EC9E19A4
Authority key identifier: D3:1E:4A:8C:D2:89:8C:5D:E6:D6:62:5F:10:C4:B2:E8:5F:46:1F:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0x5KjNKJjF3m1mJfEMSy6F9GH3g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/9facae-fd90-4b4c-a2ec-9127e8105699/1/YRQ4Vg3A1i1QaO-e977IcW6KB9E.roa
Signing time: Wed 01 Jan 2025 07:47:51 +0000
ROA not before: Wed 01 Jan 2025 07:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207982
IP address blocks: 145.66.200.0/24 maxlen: 24
145.66.201.0/24 maxlen: 24
145.66.202.0/24 maxlen: 24
145.66.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/9facae-fd90-4b4c-a2ec-9127e8105699/1/0x5KjNKJjF3m1mJfEMSy6F9GH3g.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/9facae-fd90-4b4c-a2ec-9127e8105699/1/0x5KjNKJjF3m1mJfEMSy6F9GH3g.mft
rsync://rpki.ripe.net/repository/DEFAULT/0x5KjNKJjF3m1mJfEMSy6F9GH3g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 19:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:d3:d0:eb:8c:48:4b:f6:aa:a0:94:ec:9e:19:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d31e4a8cd2898c5de6d6625f10c4b2e85f461f78
Validity
Not Before: Jan 1 07:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=611438560dc0d62d5068ef9ef7bec8716e8a07d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:12:2b:63:9e:66:d0:24:66:31:ef:84:fe:28:
de:44:a2:e4:04:02:6b:47:8b:c3:0b:d0:29:3a:54:
be:12:cc:e0:85:9c:0a:9b:4c:ea:c2:44:63:b8:b7:
d0:64:70:bc:8c:e3:40:44:fb:55:cb:7b:42:be:14:
96:8b:8a:9b:cc:f6:6c:ee:44:0b:5e:c3:90:e8:46:
04:3b:20:7b:a9:63:77:f1:95:ee:b6:29:ff:4a:29:
25:60:bd:be:01:50:07:d0:40:f3:82:a3:e9:71:eb:
1e:3d:73:8b:91:47:10:24:6a:03:20:3c:04:87:6b:
81:7f:79:32:40:76:2b:8c:09:ac:71:bd:58:ce:4d:
33:15:68:6f:16:d4:df:57:2b:68:b6:41:37:e8:39:
24:73:70:1e:d8:18:fa:b7:5d:b3:44:57:ac:c1:fd:
fa:c0:33:25:3b:fe:6f:93:88:65:51:28:e1:ff:c8:
1f:b2:97:4b:7b:88:e8:b7:2b:01:21:1d:b9:6a:ec:
e8:d8:f0:cc:54:32:8b:9a:af:f8:53:87:78:f3:0a:
bb:5e:a3:cb:2f:93:e7:dd:fc:8d:f8:0b:51:19:5e:
e9:9a:98:5a:ee:a0:e2:c3:84:03:1d:8e:1a:b1:40:
3b:82:3a:fd:f5:aa:74:29:7f:f0:9f:d3:51:40:f0:
5c:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:14:38:56:0D:C0:D6:2D:50:68:EF:9E:F7:BE:C8:71:6E:8A:07:D1
X509v3 Authority Key Identifier:
keyid:D3:1E:4A:8C:D2:89:8C:5D:E6:D6:62:5F:10:C4:B2:E8:5F:46:1F:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0x5KjNKJjF3m1mJfEMSy6F9GH3g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/9facae-fd90-4b4c-a2ec-9127e8105699/1/YRQ4Vg3A1i1QaO-e977IcW6KB9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/9facae-fd90-4b4c-a2ec-9127e8105699/1/0x5KjNKJjF3m1mJfEMSy6F9GH3g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.66.200.0/22
Signature Algorithm: sha256WithRSAEncryption
24:88:90:00:db:df:13:4b:b6:09:fa:41:93:1f:03:44:cb:e3:
73:a0:0e:f8:e4:f2:e2:bd:92:9a:26:25:88:6c:7f:e6:e0:5b:
18:95:af:e1:92:31:ba:ee:0d:aa:0a:df:1c:17:12:53:2e:3c:
17:9d:29:ca:0c:d8:30:76:1a:5a:d0:e6:96:e6:fc:c7:77:15:
ca:7e:10:9c:8c:32:b3:1f:16:1e:30:4d:ba:3d:95:fb:9e:d1:
da:38:e3:15:4f:7c:f7:b8:18:1f:91:a2:6a:d9:3e:25:24:a5:
7e:70:15:9d:ff:59:f1:57:54:21:ba:9c:3e:73:48:58:d4:00:
30:ae:0c:4a:9d:ef:43:8d:55:cf:0a:ff:be:c6:5f:3c:da:8a:
16:0b:1c:97:c6:fa:17:f4:12:22:90:d5:b2:ad:e8:54:db:f6:
f3:d6:49:fa:41:10:32:8d:dd:63:3c:07:ce:84:24:a3:78:da:
5c:87:e6:09:60:3b:f2:31:68:48:15:8a:25:42:b9:0f:8a:dd:
ea:68:ac:1f:13:c3:f4:77:e0:17:01:40:dd:6b:d7:45:f9:bd:
03:4e:b5:5c:d2:08:af:b2:2c:a2:81:3c:54:5f:60:f9:a7:6b:
33:2d:a1:9f:09:29:5c:72:e8:9a:82:ff:ec:ba:2b:1e:87:35:
aa:44:a2:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1dPQ64xIS/aqoJTsnhmkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMWU0YThjZDI4OThjNWRlNmQ2NjI1ZjEwYzRiMmU4NWY0
NjFmNzgwHhcNMjUwMTAxMDc0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTE0Mzg1NjBkYzBkNjJkNTA2OGVmOWVmN2JlYzg3MTZlOGEwN2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRIrY55m0CRmMe+E/ijeRKLkBAJr
R4vDC9ApOlS+EszghZwKm0zqwkRjuLfQZHC8jONARPtVy3tCvhSWi4qbzPZs7kQL
XsOQ6EYEOyB7qWN38ZXutin/SiklYL2+AVAH0EDzgqPpcesePXOLkUcQJGoDIDwE
h2uBf3kyQHYrjAmscb1Yzk0zFWhvFtTfVytotkE36Dkkc3Ae2Bj6t12zRFeswf36
wDMlO/5vk4hlUSjh/8gfspdLe4jotysBIR25auzo2PDMVDKLmq/4U4d48wq7XqPL
L5Pn3fyN+AtRGV7pmpha7qDiw4QDHY4asUA7gjr99ap0KX/wn9NRQPBcywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGEUOFYNwNYtUGjvnve+yHFuigfRMB8GA1UdIwQY
MBaAFNMeSozSiYxd5tZiXxDEsuhfRh94MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHg1S2pOS0pqRjNtMW1KZkVNU3k2RjlHSDNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS85ZmFjYWUtZmQ5MC00YjRjLWEyZWMt
OTEyN2U4MTA1Njk5LzEvWVJRNFZnM0ExaTFRYU8tZTk3N0ljVzZLQjlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS85ZmFjYWUtZmQ5MC00YjRjLWEyZWMtOTEyN2U4MTA1Njk5
LzEvMHg1S2pOS0pqRjNtMW1KZkVNU3k2RjlHSDNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCkULIMA0G
CSqGSIb3DQEBCwUAA4IBAQAkiJAA298TS7YJ+kGTHwNEy+NzoA745PLivZKaJiWI
bH/m4FsYla/hkjG67g2qCt8cFxJTLjwXnSnKDNgwdhpa0OaW5vzHdxXKfhCcjDKz
HxYeME26PZX7ntHaOOMVT3z3uBgfkaJq2T4lJKV+cBWd/1nxV1Qhupw+c0hY1AAw
rgxKne9DjVXPCv++xl882ooWCxyXxvoX9BIikNWyrehU2/bz1kn6QRAyjd1jPAfO
hCSjeNpch+YJYDvyMWhIFYolQrkPit3qaKwfE8P0d+AXAUDda9dF+b0DTrVc0giv
siyigTxUX2D5p2szLaGfCSlccuiagv/suisehzWqRKKs
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:54:35 2025 by rpki-client