Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/4d2831-12ec-4770-9cea-9ac08c3eaaa1/1/ycaXA7hWysjdG86eUTLTrxZqoWE.roa
File: ycaXA7hWysjdG86eUTLTrxZqoWE.roa (raw, json)
Hash identifier: LRhCyZV1/hdc1rHo1PpHtsXfpequtX/C4VReeeOQCTw=
Subject key identifier: C9:C6:97:03:B8:56:CA:C8:DD:1B:CE:9E:51:32:D3:AF:16:6A:A1:61
Certificate issuer: /CN=88b75aeefe8eea1ac5c219d87505d2e7c5f32f48
Certificate serial: 018CC6B90545F558674DE9232BF9A5590AF1
Authority key identifier: 88:B7:5A:EE:FE:8E:EA:1A:C5:C2:19:D8:75:05:D2:E7:C5:F3:2F:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iLda7v6O6hrFwhnYdQXS58XzL0g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/4d2831-12ec-4770-9cea-9ac08c3eaaa1/1/ycaXA7hWysjdG86eUTLTrxZqoWE.roa
Signing time: Mon 01 Jan 2024 20:31:03 +0000
ROA not before: Mon 01 Jan 2024 20:31:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60162
IP address blocks: 185.51.156.0/22 maxlen: 24
185.143.108.0/22 maxlen: 24
2a01:b420::/32 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/4d2831-12ec-4770-9cea-9ac08c3eaaa1/1/iLda7v6O6hrFwhnYdQXS58XzL0g.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/4d2831-12ec-4770-9cea-9ac08c3eaaa1/1/iLda7v6O6hrFwhnYdQXS58XzL0g.mft
rsync://rpki.ripe.net/repository/DEFAULT/iLda7v6O6hrFwhnYdQXS58XzL0g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:05:45:f5:58:67:4d:e9:23:2b:f9:a5:59:0a:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88b75aeefe8eea1ac5c219d87505d2e7c5f32f48
Validity
Not Before: Jan 1 20:31:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9c69703b856cac8dd1bce9e5132d3af166aa161
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:da:2f:e4:f1:09:08:fe:51:53:98:43:89:36:
b0:92:37:ef:ed:27:f8:26:23:d5:05:53:ea:46:9f:
74:e5:d3:6e:fd:48:aa:58:f2:25:b7:84:ca:20:17:
cd:46:62:44:fa:e3:f5:02:b5:d0:87:6e:af:36:60:
e7:d7:bb:b2:36:da:52:b5:80:74:75:ea:c9:66:93:
39:ae:ba:0a:3a:70:9e:41:9f:c1:7c:95:bf:74:c7:
5c:fb:02:92:d6:03:0c:38:40:f8:97:50:23:74:89:
c9:2f:81:6e:c2:f2:8f:c6:78:57:a4:53:26:cf:a3:
a6:da:3f:b0:28:a7:91:35:33:40:b0:58:fc:59:ff:
05:42:e5:83:8e:89:39:9a:14:51:2b:de:2c:08:96:
bd:51:90:43:8b:fb:34:e0:7e:12:2e:36:ef:6a:7a:
b7:c2:2c:b0:55:97:23:55:38:69:95:57:28:ad:88:
cd:a3:d1:28:67:4b:58:27:3b:95:96:b8:24:07:ad:
ad:f5:bc:4e:eb:0c:0f:d5:40:90:f5:d0:d3:9f:21:
f6:2a:36:bb:0c:fa:07:38:a0:54:10:7f:1e:23:80:
79:30:b7:e8:85:f5:9b:b8:8d:21:18:e5:a1:11:21:
bb:cd:4d:ca:98:ee:d1:26:27:9d:ae:68:6c:3e:81:
60:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:C6:97:03:B8:56:CA:C8:DD:1B:CE:9E:51:32:D3:AF:16:6A:A1:61
X509v3 Authority Key Identifier:
keyid:88:B7:5A:EE:FE:8E:EA:1A:C5:C2:19:D8:75:05:D2:E7:C5:F3:2F:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iLda7v6O6hrFwhnYdQXS58XzL0g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4d2831-12ec-4770-9cea-9ac08c3eaaa1/1/ycaXA7hWysjdG86eUTLTrxZqoWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4d2831-12ec-4770-9cea-9ac08c3eaaa1/1/iLda7v6O6hrFwhnYdQXS58XzL0g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.51.156.0/22
185.143.108.0/22
IPv6:
2a01:b420::/32
Signature Algorithm: sha256WithRSAEncryption
20:36:da:e1:78:ec:8c:84:81:98:68:35:ce:32:73:5d:ae:69:
73:56:b7:0c:dd:62:65:8d:8d:46:d1:f0:2a:ae:62:42:a6:d9:
e2:3e:37:83:b6:07:c1:39:c6:c3:29:d5:8e:72:4e:ba:3d:29:
dd:53:d7:38:11:6c:e1:f3:f8:66:20:cc:12:fa:7a:5d:6c:71:
1e:cb:47:6c:73:ea:dc:51:76:00:5a:12:c6:25:04:f1:c3:e9:
86:71:6a:58:d6:0e:a7:74:60:b0:c1:c2:d6:d2:b5:0d:4c:64:
47:ef:64:7c:a0:d4:e4:16:5e:b2:27:68:30:1d:94:80:55:b6:
5b:4e:c7:79:81:8c:39:da:e7:b3:8e:1c:67:ed:fe:56:91:3b:
1e:cb:5c:46:a9:eb:8f:42:1a:7a:c0:fb:ab:3d:00:2c:0c:c4:
3f:c0:26:f7:bc:56:29:b6:11:1c:91:96:7d:5e:d8:6d:d9:bc:
71:e7:da:2b:42:b4:e9:8e:65:da:70:71:9d:d5:77:80:2a:1a:
59:70:bb:11:17:10:9e:74:fd:6b:07:2e:f2:09:4d:bc:68:6c:
b0:e5:1b:25:c0:2d:74:0e:fa:0a:fe:4b:13:10:9c:ec:c1:3a:
cd:57:26:5c:4a:d3:10:e2:e0:36:13:23:90:81:c3:16:f2:aa:
ad:40:f6:63
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGuQVF9VhnTekjK/mlWQrxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4Yjc1YWVlZmU4ZWVhMWFjNWMyMTlkODc1MDVkMmU3YzVm
MzJmNDgwHhcNMjQwMTAxMjAzMTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWM2OTcwM2I4NTZjYWM4ZGQxYmNlOWU1MTMyZDNhZjE2NmFhMTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidov5PEJCP5RU5hDiTawkjfv7Sf4
JiPVBVPqRp905dNu/UiqWPIlt4TKIBfNRmJE+uP1ArXQh26vNmDn17uyNtpStYB0
derJZpM5rroKOnCeQZ/BfJW/dMdc+wKS1gMMOED4l1AjdInJL4FuwvKPxnhXpFMm
z6Om2j+wKKeRNTNAsFj8Wf8FQuWDjok5mhRRK94sCJa9UZBDi/s04H4SLjbvanq3
wiywVZcjVThplVcorYjNo9EoZ0tYJzuVlrgkB62t9bxO6wwP1UCQ9dDTnyH2Kja7
DPoHOKBUEH8eI4B5MLfohfWbuI0hGOWhESG7zU3KmO7RJiedrmhsPoFgwwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMnGlwO4VsrI3RvOnlEy068WaqFhMB8GA1UdIwQY
MBaAFIi3Wu7+juoaxcIZ2HUF0ufF8y9IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUxkYTd2Nk82aHJGd2huWWRRWFM1OFh6TDBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS80ZDI4MzEtMTJlYy00NzcwLTljZWEt
OWFjMDhjM2VhYWExLzEveWNhWEE3aFd5c2pkRzg2ZVVUTFRyeFpxb1dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS80ZDI4MzEtMTJlYy00NzcwLTljZWEtOWFjMDhjM2VhYWEx
LzEvaUxkYTd2Nk82aHJGd2huWWRRWFM1OFh6TDBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuTOcAwQC
uY9sMA0EAgACMAcDBQAqAbQgMA0GCSqGSIb3DQEBCwUAA4IBAQAgNtrheOyMhIGY
aDXOMnNdrmlzVrcM3WJljY1G0fAqrmJCptniPjeDtgfBOcbDKdWOck66PSndU9c4
EWzh8/hmIMwS+npdbHEey0dsc+rcUXYAWhLGJQTxw+mGcWpY1g6ndGCwwcLW0rUN
TGRH72R8oNTkFl6yJ2gwHZSAVbZbTsd5gYw52uezjhxn7f5WkTsey1xGqeuPQhp6
wPurPQAsDMQ/wCb3vFYpthEckZZ9Xtht2bxx59orQrTpjmXacHGd1XeAKhpZcLsR
FxCedP1rBy7yCU28aGyw5RslwC10DvoK/ksTEJzswTrNVyZcStMQ4uA2EyOQgcMW
8qqtQPZj
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:56:16 2024 by rpki-client on console-ams.rpki-client.org