Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/YbtmoXWxBt60rGetknT9NjzHLrU.roa
File: YbtmoXWxBt60rGetknT9NjzHLrU.roa (raw, json)
Hash identifier: IpaSvuSX3E1JbetXfqBqyMntNE+dfFvSUKX+jHiFImw=
Subject key identifier: 61:BB:66:A1:75:B1:06:DE:B4:AC:67:AD:92:74:FD:36:3C:C7:2E:B5
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 018CC2DB6181275D7993E2E68C9955C07ECD
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/YbtmoXWxBt60rGetknT9NjzHLrU.roa
Signing time: Mon 01 Jan 2024 02:30:06 +0000
ROA not before: Mon 01 Jan 2024 02:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42899
IP address blocks: 84.54.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.mft
rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 05:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:61:81:27:5d:79:93:e2:e6:8c:99:55:c0:7e:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Jan 1 02:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61bb66a175b106deb4ac67ad9274fd363cc72eb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:f4:f6:fa:0f:02:2a:81:a4:f1:67:ce:78:44:
7f:16:4e:86:bc:ac:8d:20:6b:f1:c2:ab:3b:10:21:
c8:cb:e8:03:bd:17:e9:38:48:2f:30:c0:06:76:20:
ef:8b:2a:43:61:fa:32:19:11:53:55:95:7c:67:c4:
19:1b:29:0c:5e:53:1d:13:44:df:a7:0f:78:0c:c1:
1b:68:84:f0:40:b2:4f:b6:d2:20:89:c5:88:98:db:
a5:92:18:96:19:a3:da:15:70:6d:99:38:0b:50:ed:
67:cc:53:9e:76:62:3e:37:ed:5d:b9:e0:38:b3:e4:
88:cb:0c:e2:08:e8:7d:22:2a:1d:f9:c8:1e:5d:0b:
2e:1b:ed:55:31:2e:1d:9d:1c:3e:77:06:89:50:22:
3f:f1:c9:d9:e7:3a:5a:2e:bf:d8:f5:1d:29:61:0b:
5b:cf:a4:d4:de:5e:14:99:b8:d7:29:7c:de:c7:9c:
5d:58:21:ff:bf:7f:7f:45:7d:7b:7c:04:87:b5:30:
2a:b7:2e:66:13:40:ff:35:f8:7c:dd:f7:f8:68:6f:
ca:9c:d4:f6:9c:3a:7c:ef:48:3d:2a:a1:90:da:22:
21:48:d1:44:28:e4:ea:0b:da:d7:4b:85:9b:9b:a1:
ec:48:aa:1a:ea:13:40:3c:bf:05:98:14:94:09:16:
7d:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:BB:66:A1:75:B1:06:DE:B4:AC:67:AD:92:74:FD:36:3C:C7:2E:B5
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/YbtmoXWxBt60rGetknT9NjzHLrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.52.0/24
Signature Algorithm: sha256WithRSAEncryption
55:a3:54:6d:ab:e9:9f:c3:d1:26:0a:12:66:f3:03:11:b0:f7:
a8:c6:dd:76:92:37:5d:c0:89:02:a6:fb:ba:86:d5:2a:d7:d3:
82:80:45:91:fc:25:e0:6c:da:18:fa:2e:38:d9:8b:b9:78:f1:
a3:4f:2c:d0:22:1a:ae:79:92:68:95:73:a4:22:f2:f1:cc:bf:
e7:46:f5:db:22:bf:2b:88:6a:38:92:78:a5:09:72:12:4c:ab:
5e:bc:94:3a:cb:bd:98:38:37:9c:96:c5:d1:51:0e:37:47:cd:
d9:25:57:61:da:d6:a4:47:83:fd:95:de:03:8c:20:54:7f:de:
15:06:6f:52:3b:2c:20:c5:46:0b:87:76:d0:08:33:73:1b:16:
5c:28:e5:bf:44:d9:fe:a2:76:0b:12:8c:64:6d:32:ff:ad:25:
02:7e:b1:ac:9c:56:ca:96:ac:2d:c3:28:10:c4:0c:94:e3:8f:
87:05:08:ca:e3:bd:32:ef:c1:5e:d8:44:4d:53:32:7b:0f:5b:
b0:54:4f:fb:03:6b:e3:ed:ab:72:b4:ad:f1:bf:24:07:97:b1:
24:e6:51:df:55:ae:12:df:96:40:21:dd:d8:df:ba:8e:9d:ba:
c3:c1:b2:c1:41:33:0d:61:f4:4a:92:76:d7:79:75:bb:34:54:
44:93:53:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC22GBJ115k+LmjJlVwH7NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjQwMTAxMDIzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWJiNjZhMTc1YjEwNmRlYjRhYzY3YWQ5Mjc0ZmQzNjNjYzcyZWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfT2+g8CKoGk8WfOeER/Fk6GvKyN
IGvxwqs7ECHIy+gDvRfpOEgvMMAGdiDviypDYfoyGRFTVZV8Z8QZGykMXlMdE0Tf
pw94DMEbaITwQLJPttIgicWImNulkhiWGaPaFXBtmTgLUO1nzFOedmI+N+1dueA4
s+SIywziCOh9Iiod+cgeXQsuG+1VMS4dnRw+dwaJUCI/8cnZ5zpaLr/Y9R0pYQtb
z6TU3l4UmbjXKXzex5xdWCH/v39/RX17fASHtTAqty5mE0D/Nfh83ff4aG/KnNT2
nDp870g9KqGQ2iIhSNFEKOTqC9rXS4Wbm6HsSKoa6hNAPL8FmBSUCRZ9EQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGG7ZqF1sQbetKxnrZJ0/TY8xy61MB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvWWJ0bW9YV3hCdDYwckdldGtuVDlOanpITHJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVDY0MA0G
CSqGSIb3DQEBCwUAA4IBAQBVo1Rtq+mfw9EmChJm8wMRsPeoxt12kjddwIkCpvu6
htUq19OCgEWR/CXgbNoY+i442Yu5ePGjTyzQIhqueZJolXOkIvLxzL/nRvXbIr8r
iGo4knilCXISTKtevJQ6y72YODeclsXRUQ43R83ZJVdh2takR4P9ld4DjCBUf94V
Bm9SOywgxUYLh3bQCDNzGxZcKOW/RNn+onYLEoxkbTL/rSUCfrGsnFbKlqwtwygQ
xAyU44+HBQjK470y78Fe2ERNUzJ7D1uwVE/7A2vj7atytK3xvyQHl7Ek5lHfVa4S
35ZAId3Y37qOnbrDwbLBQTMNYfRKknbXeXW7NFREk1MA
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:01:58 2024 by rpki-client on console-fra.rpki-client.org