Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/42a193-b30b-403f-befe-3245450d3742/1/Ye8xbyXEduWp7MCs2qpNjnGrJ9s.roa
File: Ye8xbyXEduWp7MCs2qpNjnGrJ9s.roa (raw, json)
Hash identifier: YtDec18J+h/wwtS0ocE2s/AiwigDoyEfgq1IT0+kDHY=
Subject key identifier: 61:EF:31:6F:25:C4:76:E5:A9:EC:C0:AC:DA:AA:4D:8E:71:AB:27:DB
Certificate issuer: /CN=e52acfcbd79f232c5d72a550bc4c66f11107a0e2
Certificate serial: 01924D9F75093CE4BC051974F4497D225C4D
Authority key identifier: E5:2A:CF:CB:D7:9F:23:2C:5D:72:A5:50:BC:4C:66:F1:11:07:A0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5SrPy9efIyxdcqVQvExm8REHoOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/42a193-b30b-403f-befe-3245450d3742/1/Ye8xbyXEduWp7MCs2qpNjnGrJ9s.roa
Signing time: Wed 02 Oct 2024 14:25:48 +0000
ROA not before: Wed 02 Oct 2024 14:25:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206866
IP address blocks: 157.97.88.0/24 maxlen: 24
157.97.89.0/24 maxlen: 24
157.97.90.0/24 maxlen: 24
157.97.91.0/24 maxlen: 24
157.97.92.0/24 maxlen: 24
157.97.93.0/24 maxlen: 24
157.97.94.0/24 maxlen: 24
157.97.95.0/24 maxlen: 24
176.98.216.0/23 maxlen: 23
176.98.218.0/23 maxlen: 23
185.56.180.0/24 maxlen: 24
185.56.181.0/24 maxlen: 24
185.56.182.0/23 maxlen: 24
2a02:52e0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/42a193-b30b-403f-befe-3245450d3742/1/5SrPy9efIyxdcqVQvExm8REHoOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/42a193-b30b-403f-befe-3245450d3742/1/5SrPy9efIyxdcqVQvExm8REHoOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/5SrPy9efIyxdcqVQvExm8REHoOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4d:9f:75:09:3c:e4:bc:05:19:74:f4:49:7d:22:5c:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e52acfcbd79f232c5d72a550bc4c66f11107a0e2
Validity
Not Before: Oct 2 14:25:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61ef316f25c476e5a9ecc0acdaaa4d8e71ab27db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:18:76:b3:3f:bf:fa:14:46:cb:9f:97:79:e9:
ce:f9:33:40:90:e1:de:70:71:ff:cb:0f:9d:eb:b7:
4e:f2:5b:92:84:e0:32:7e:98:1e:82:43:df:09:ad:
05:80:e9:63:79:7b:4e:10:80:65:5e:f6:11:8e:65:
90:30:be:dc:c6:42:bd:0a:82:6c:6d:47:1f:3d:50:
65:83:cc:1e:9f:3c:b6:8b:20:cc:09:86:45:85:4c:
54:50:f5:8a:a6:5b:ca:d0:de:d9:9b:47:7a:57:7b:
e3:6f:5d:5a:7d:ae:7a:bd:5a:63:a2:c4:ef:e7:9c:
bd:14:70:4b:63:f7:0e:e5:2d:7d:97:76:ae:0c:79:
1f:9c:7e:72:6a:9e:09:4b:b7:59:ca:b6:50:34:18:
d0:dd:26:df:7f:df:72:89:70:f4:84:a3:6c:70:6d:
ce:13:ba:4d:7d:89:b7:44:03:eb:d4:3a:62:aa:53:
d6:bc:f9:da:54:58:c8:a2:d7:71:71:e2:57:85:ff:
6b:df:e5:92:13:ab:0c:bc:d4:cb:57:f5:f2:fb:e1:
16:9c:18:30:9f:bc:99:65:0c:a3:99:08:8a:1d:6e:
cd:c4:d0:82:a1:87:42:3a:db:21:9c:14:10:95:5e:
be:d1:9a:58:b4:40:0c:7e:73:aa:d4:35:15:73:45:
fc:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:EF:31:6F:25:C4:76:E5:A9:EC:C0:AC:DA:AA:4D:8E:71:AB:27:DB
X509v3 Authority Key Identifier:
keyid:E5:2A:CF:CB:D7:9F:23:2C:5D:72:A5:50:BC:4C:66:F1:11:07:A0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5SrPy9efIyxdcqVQvExm8REHoOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/42a193-b30b-403f-befe-3245450d3742/1/Ye8xbyXEduWp7MCs2qpNjnGrJ9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/42a193-b30b-403f-befe-3245450d3742/1/5SrPy9efIyxdcqVQvExm8REHoOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.97.88.0/21
176.98.216.0/22
185.56.180.0/22
IPv6:
2a02:52e0::/32
Signature Algorithm: sha256WithRSAEncryption
ba:15:2b:8c:87:a6:da:52:56:59:6c:84:04:9f:2f:39:0e:61:
ff:fb:2a:3b:1b:5f:68:c5:1c:99:86:ea:c6:09:12:9d:a4:5c:
5a:e6:e9:24:61:25:3f:5d:cb:02:7e:7b:99:32:d2:64:70:ab:
36:be:9b:89:a5:56:18:16:1c:b4:8a:84:32:1c:32:9b:66:86:
c2:40:98:1c:39:19:32:51:46:65:15:29:da:68:11:58:28:d5:
e2:fe:3d:44:2d:95:c8:1a:c4:f5:db:84:bc:32:22:7b:f5:16:
f9:a1:40:b7:95:59:d5:03:7e:e5:19:26:57:e4:d3:0b:06:49:
e3:5e:2c:ab:c9:c6:41:b7:9e:00:a0:14:49:5d:05:03:1e:a6:
a3:c5:ef:e4:7e:d4:60:f2:9d:4a:a2:e9:fe:3b:83:de:db:96:
04:0d:82:d6:12:f5:8b:0a:aa:8f:2b:41:9a:9d:fd:15:68:96:
21:35:b0:23:7e:90:b7:85:27:13:62:fd:99:78:82:f3:a9:79:
16:27:c5:1c:ae:a5:38:f2:c9:ff:89:1a:b5:fd:35:51:f3:e1:
9f:36:70:0d:4e:c1:53:10:c4:74:a0:a0:82:dd:64:d5:46:7b:
b1:7a:fd:1b:3e:49:79:6b:2f:f1:67:fe:9a:50:1f:9d:b7:63:
6d:7c:13:30
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZJNn3UJPOS8BRl09El9IlxNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MmFjZmNiZDc5ZjIzMmM1ZDcyYTU1MGJjNGM2NmYxMTEw
N2EwZTIwHhcNMjQxMDAyMTQyNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWVmMzE2ZjI1YzQ3NmU1YTllY2MwYWNkYWFhNGQ4ZTcxYWIyN2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRh2sz+/+hRGy5+XeenO+TNAkOHe
cHH/yw+d67dO8luShOAyfpgegkPfCa0FgOljeXtOEIBlXvYRjmWQML7cxkK9CoJs
bUcfPVBlg8wenzy2iyDMCYZFhUxUUPWKplvK0N7Zm0d6V3vjb11afa56vVpjosTv
55y9FHBLY/cO5S19l3auDHkfnH5yap4JS7dZyrZQNBjQ3Sbff99yiXD0hKNscG3O
E7pNfYm3RAPr1DpiqlPWvPnaVFjIotdxceJXhf9r3+WSE6sMvNTLV/Xy++EWnBgw
n7yZZQyjmQiKHW7NxNCCoYdCOtshnBQQlV6+0ZpYtEAMfnOq1DUVc0X85QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGHvMW8lxHblqezArNqqTY5xqyfbMB8GA1UdIwQY
MBaAFOUqz8vXnyMsXXKlULxMZvERB6DiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVNyUHk5ZWZJeXhkY3FWUXZFeG04UkVIb09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS80MmExOTMtYjMwYi00MDNmLWJlZmUt
MzI0NTQ1MGQzNzQyLzEvWWU4eGJ5WEVkdVdwN01DczJxcE5qbkdySjlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS80MmExOTMtYjMwYi00MDNmLWJlZmUtMzI0NTQ1MGQzNzQy
LzEvNVNyUHk5ZWZJeXhkY3FWUXZFeG04UkVIb09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDnWFYAwQC
sGLYAwQCuTi0MA0EAgACMAcDBQAqAlLgMA0GCSqGSIb3DQEBCwUAA4IBAQC6FSuM
h6baUlZZbIQEny85DmH/+yo7G19oxRyZhurGCRKdpFxa5ukkYSU/XcsCfnuZMtJk
cKs2vpuJpVYYFhy0ioQyHDKbZobCQJgcORkyUUZlFSnaaBFYKNXi/j1ELZXIGsT1
24S8MiJ79Rb5oUC3lVnVA37lGSZX5NMLBknjXiyrycZBt54AoBRJXQUDHqajxe/k
ftRg8p1Koun+O4Pe25YEDYLWEvWLCqqPK0Ganf0VaJYhNbAjfpC3hScTYv2ZeILz
qXkWJ8UcrqU48sn/iRq1/TVR8+GfNnANTsFTEMR0oKCC3WTVRnuxev0bPkl5ay/x
Z/6aUB+dt2NtfBMw
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:13:59 2024 by rpki-client on console-fra.rpki-client.org