Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/fe45de-b463-443d-b7de-37a24e081f68/1/ppYP33-Nyka_Jc0BGg9rHgEtGKM.roa
File: ppYP33-Nyka_Jc0BGg9rHgEtGKM.roa (raw, json)
Hash identifier: 2nbg/OUvVQ94sD1jMBToqRI1Bkv28M8P/0ps15V5ojE=
Subject key identifier: A6:96:0F:DF:7F:8D:CA:46:BF:25:CD:01:1A:0F:6B:1E:01:2D:18:A3
Certificate issuer: /CN=40d88ddb7aed72dea3ff8d69ced6531a52794aa7
Certificate serial: 018CC42553BAF008401466E905470028C814
Authority key identifier: 40:D8:8D:DB:7A:ED:72:DE:A3:FF:8D:69:CE:D6:53:1A:52:79:4A:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QNiN23rtct6j_41pztZTGlJ5Sqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/fe45de-b463-443d-b7de-37a24e081f68/1/ppYP33-Nyka_Jc0BGg9rHgEtGKM.roa
Signing time: Mon 01 Jan 2024 08:30:29 +0000
ROA not before: Mon 01 Jan 2024 08:30:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211786
IP address blocks: 193.108.200.0/24 maxlen: 24
2a10:92c0::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/fe45de-b463-443d-b7de-37a24e081f68/1/QNiN23rtct6j_41pztZTGlJ5Sqc.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/fe45de-b463-443d-b7de-37a24e081f68/1/QNiN23rtct6j_41pztZTGlJ5Sqc.mft
rsync://rpki.ripe.net/repository/DEFAULT/QNiN23rtct6j_41pztZTGlJ5Sqc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:53:ba:f0:08:40:14:66:e9:05:47:00:28:c8:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40d88ddb7aed72dea3ff8d69ced6531a52794aa7
Validity
Not Before: Jan 1 08:30:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6960fdf7f8dca46bf25cd011a0f6b1e012d18a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:c7:af:4d:fc:00:8b:85:64:79:45:f8:7a:14:
fc:23:c6:b4:a7:e4:d6:7a:59:7b:1d:5e:f5:fa:b7:
86:8e:b1:c8:db:94:cf:9e:e0:ae:61:c7:d1:21:48:
2d:5d:83:74:68:ee:30:75:9b:f7:7e:9b:ba:95:e9:
c6:d8:e5:2a:83:1f:e8:d0:6a:13:b5:49:90:65:37:
27:b1:86:ba:9b:83:49:c3:f4:d8:8e:91:e1:43:b6:
30:c4:f0:04:29:7a:52:ff:35:75:88:25:fa:d7:08:
0c:45:a2:d0:6a:b6:4a:fb:49:55:8d:89:af:88:d1:
f3:5a:39:7d:94:16:8b:72:f4:77:1b:a6:4a:ff:5e:
4e:de:67:af:4d:1c:6e:30:da:48:55:ea:0f:d5:4d:
a0:35:a2:44:c1:34:42:bf:3c:c2:04:84:21:73:98:
f9:05:20:32:9e:8e:d9:22:7b:a6:c5:f5:18:a4:da:
5b:5d:0d:89:18:54:b6:f7:74:bc:e2:aa:39:25:c6:
db:1a:ee:7b:bc:63:32:81:04:8d:a0:f6:fd:cf:35:
b9:2b:b0:cd:44:e2:56:f7:be:0f:b5:42:12:d6:9d:
6e:5c:e4:b8:f3:7b:a0:3e:44:a1:d7:e3:2c:c4:c8:
4e:b2:f1:27:cf:ca:c3:27:d6:c9:88:98:d3:36:7f:
2d:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:96:0F:DF:7F:8D:CA:46:BF:25:CD:01:1A:0F:6B:1E:01:2D:18:A3
X509v3 Authority Key Identifier:
keyid:40:D8:8D:DB:7A:ED:72:DE:A3:FF:8D:69:CE:D6:53:1A:52:79:4A:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QNiN23rtct6j_41pztZTGlJ5Sqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/fe45de-b463-443d-b7de-37a24e081f68/1/ppYP33-Nyka_Jc0BGg9rHgEtGKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/fe45de-b463-443d-b7de-37a24e081f68/1/QNiN23rtct6j_41pztZTGlJ5Sqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.200.0/24
IPv6:
2a10:92c0::/29
Signature Algorithm: sha256WithRSAEncryption
39:be:83:dd:fd:45:2f:8f:ef:07:99:ec:3d:32:89:f5:71:c1:
e0:57:d1:cf:1b:2d:7f:71:f9:e4:98:e1:81:0d:a4:b8:6d:c0:
65:ea:df:b0:f0:c5:5f:00:f4:fa:4f:15:fc:4e:65:5c:fa:80:
fc:ae:fc:89:0c:07:df:16:e0:25:33:0b:83:ef:0a:2a:20:ad:
75:b5:1a:f5:7a:3b:ae:b6:eb:2a:a2:c2:5c:75:36:e8:04:55:
27:bf:c3:b1:a9:e1:2d:12:97:89:fe:91:35:31:1b:1b:2d:0c:
7d:31:02:80:d8:71:9a:6b:a7:ea:ed:a8:2d:e6:da:46:2c:12:
51:c0:73:5c:c4:c0:b4:58:0c:bc:1a:68:0b:ee:e5:8e:54:57:
17:4f:78:be:c7:4b:b8:8e:f3:88:8d:33:80:79:5e:18:36:4f:
af:36:9a:a8:bb:4f:a8:7b:e1:91:b0:4e:73:2c:1d:92:8e:bd:
4d:f0:80:8d:4d:db:a4:c4:d9:b1:6c:11:28:fd:a7:00:9c:f9:
5e:c1:cc:ec:71:23:b3:87:bd:3d:63:af:26:30:3c:e8:8a:ee:
2f:15:77:7d:8d:d8:19:a0:0e:da:9a:d9:8a:6c:8a:29:87:61:
a9:01:f0:5c:8e:9b:fe:34:41:16:21:aa:49:8f:77:34:fb:16:
c3:85:dd:54
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJVO68AhAFGbpBUcAKMgUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZDg4ZGRiN2FlZDcyZGVhM2ZmOGQ2OWNlZDY1MzFhNTI3
OTRhYTcwHhcNMjQwMTAxMDgzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjk2MGZkZjdmOGRjYTQ2YmYyNWNkMDExYTBmNmIxZTAxMmQxOGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9sevTfwAi4VkeUX4ehT8I8a0p+TW
ell7HV71+reGjrHI25TPnuCuYcfRIUgtXYN0aO4wdZv3fpu6lenG2OUqgx/o0GoT
tUmQZTcnsYa6m4NJw/TYjpHhQ7YwxPAEKXpS/zV1iCX61wgMRaLQarZK+0lVjYmv
iNHzWjl9lBaLcvR3G6ZK/15O3mevTRxuMNpIVeoP1U2gNaJEwTRCvzzCBIQhc5j5
BSAyno7ZInumxfUYpNpbXQ2JGFS293S84qo5JcbbGu57vGMygQSNoPb9zzW5K7DN
ROJW974PtUIS1p1uXOS483ugPkSh1+MsxMhOsvEnz8rDJ9bJiJjTNn8tvwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKaWD99/jcpGvyXNARoPax4BLRijMB8GA1UdIwQY
MBaAFEDYjdt67XLeo/+Nac7WUxpSeUqnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU5pTjIzcnRjdDZqXzQxcHp0WlRHbEo1U3FjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9mZTQ1ZGUtYjQ2My00NDNkLWI3ZGUt
MzdhMjRlMDgxZjY4LzEvcHBZUDMzLU55a2FfSmMwQkdnOXJIZ0V0R0tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9mZTQ1ZGUtYjQ2My00NDNkLWI3ZGUtMzdhMjRlMDgxZjY4
LzEvUU5pTjIzcnRjdDZqXzQxcHp0WlRHbEo1U3FjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwWzIMA0E
AgACMAcDBQMqEJLAMA0GCSqGSIb3DQEBCwUAA4IBAQA5voPd/UUvj+8Hmew9Mon1
ccHgV9HPGy1/cfnkmOGBDaS4bcBl6t+w8MVfAPT6TxX8TmVc+oD8rvyJDAffFuAl
MwuD7woqIK11tRr1ejuutusqosJcdTboBFUnv8OxqeEtEpeJ/pE1MRsbLQx9MQKA
2HGaa6fq7agt5tpGLBJRwHNcxMC0WAy8GmgL7uWOVFcXT3i+x0u4jvOIjTOAeV4Y
Nk+vNpqou0+oe+GRsE5zLB2Sjr1N8ICNTdukxNmxbBEo/acAnPlewczscSOzh709
Y68mMDzoiu4vFXd9jdgZoA7amtmKbIoph2GpAfBcjpv+NEEWIapJj3c0+xbDhd1U
-----END CERTIFICATE-----
Generated at Sat Jun 8 05:56:54 2024 by rpki-client on console-fra.rpki-client.org