Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/6fd5d2-b7ce-4b3d-8f2c-138bbaac7fe2/1/ymRWWWzQY_E7IlYQWXdejg4uh2k.roa
File: ymRWWWzQY_E7IlYQWXdejg4uh2k.roa (raw, json)
Hash identifier: ZOGqxxqY6sdmZU3wdYz6Zh+5OqwObURa5Imri+j02hw=
Subject key identifier: CA:64:56:59:6C:D0:63:F1:3B:22:56:10:59:77:5E:8E:0E:2E:87:69
Certificate issuer: /CN=e6e4687ab8b1eb6de1abd04a07617c86d118518d
Certificate serial: 018CC5DC2D8E67C6A76E614650AA444EBA69
Authority key identifier: E6:E4:68:7A:B8:B1:EB:6D:E1:AB:D0:4A:07:61:7C:86:D1:18:51:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5uRoerix623hq9BKB2F8htEYUY0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/6fd5d2-b7ce-4b3d-8f2c-138bbaac7fe2/1/ymRWWWzQY_E7IlYQWXdejg4uh2k.roa
Signing time: Mon 01 Jan 2024 16:29:50 +0000
ROA not before: Mon 01 Jan 2024 16:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3356
IP address blocks: 185.217.166.0/24 maxlen: 24
2a10:d504::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/6fd5d2-b7ce-4b3d-8f2c-138bbaac7fe2/1/5uRoerix623hq9BKB2F8htEYUY0.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/6fd5d2-b7ce-4b3d-8f2c-138bbaac7fe2/1/5uRoerix623hq9BKB2F8htEYUY0.mft
rsync://rpki.ripe.net/repository/DEFAULT/5uRoerix623hq9BKB2F8htEYUY0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 18 Sep 2024 16:01:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:2d:8e:67:c6:a7:6e:61:46:50:aa:44:4e:ba:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6e4687ab8b1eb6de1abd04a07617c86d118518d
Validity
Not Before: Jan 1 16:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca6456596cd063f13b22561059775e8e0e2e8769
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:56:ee:38:60:21:23:c1:ed:5f:b8:84:d8:a3:
80:11:dc:f2:c7:5d:dd:b2:91:7d:22:3a:9c:5f:45:
2a:60:38:da:22:a5:5a:f9:e4:f2:97:01:21:c9:b9:
4e:16:0c:cc:41:93:01:1f:34:b7:23:02:05:b2:28:
fe:96:39:c0:b7:d0:78:c5:67:37:02:b8:04:c9:2c:
99:63:1c:15:91:0a:6c:53:2b:ec:6f:73:5c:b0:7b:
19:3d:a4:17:ca:38:ea:c9:67:a1:8c:13:6c:80:af:
6f:ff:aa:61:03:1c:64:c5:38:ba:53:16:b4:57:f9:
24:b5:35:cb:00:40:0f:d3:e9:da:a0:20:1a:a1:58:
65:32:4e:bc:d2:0b:33:da:7a:d4:4c:1c:f6:3f:f1:
56:5e:70:6d:98:08:e3:36:3f:30:1a:d3:30:b7:b3:
b0:3a:67:f5:aa:3a:42:15:6b:57:df:79:a6:6c:80:
44:39:f5:d0:01:ad:6d:46:4d:f3:04:37:29:27:7b:
58:c3:a5:2a:18:eb:d7:60:4f:3a:96:6a:44:51:2b:
fb:c8:94:b3:27:c9:a5:2c:82:08:1e:96:17:fa:89:
d8:5e:ce:b5:d5:cc:52:be:12:3d:49:05:c5:6f:9b:
9e:48:ce:fa:a4:68:fc:1b:98:ec:c1:05:47:3f:5b:
72:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:64:56:59:6C:D0:63:F1:3B:22:56:10:59:77:5E:8E:0E:2E:87:69
X509v3 Authority Key Identifier:
keyid:E6:E4:68:7A:B8:B1:EB:6D:E1:AB:D0:4A:07:61:7C:86:D1:18:51:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5uRoerix623hq9BKB2F8htEYUY0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/6fd5d2-b7ce-4b3d-8f2c-138bbaac7fe2/1/ymRWWWzQY_E7IlYQWXdejg4uh2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/6fd5d2-b7ce-4b3d-8f2c-138bbaac7fe2/1/5uRoerix623hq9BKB2F8htEYUY0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.166.0/24
IPv6:
2a10:d504::/48
Signature Algorithm: sha256WithRSAEncryption
b4:89:61:06:1e:67:66:34:78:8b:37:e7:0c:9c:34:62:6e:79:
82:4a:32:ee:8e:d1:7d:e7:53:33:0d:f6:56:c0:73:0c:a5:b8:
bd:b0:b8:81:66:e8:a8:fc:d1:cd:1b:98:72:29:02:22:7e:ca:
63:6d:76:69:e6:38:6d:e1:9c:6a:bd:59:1d:8b:9c:15:14:4f:
ae:5f:ba:0e:44:a7:01:1a:47:2d:7f:48:16:8b:0f:87:03:2c:
b9:cf:df:f9:c2:59:b9:8a:3c:7b:9a:02:fc:eb:81:6a:37:44:
f9:b3:55:86:b9:a9:b2:8e:c3:49:0b:3c:19:da:95:92:ba:fc:
9d:9c:4d:b6:61:47:21:2b:3e:e9:21:d2:a0:5e:8b:f1:14:cb:
96:85:0f:11:af:83:3e:df:36:c5:b8:6c:74:e6:1b:8f:88:45:
7f:93:03:7b:ee:c1:e0:78:ee:ae:4b:9b:13:94:d3:67:4e:a0:
b7:4f:66:f5:db:3b:36:cf:b9:ef:4f:0b:5b:8b:04:89:d2:4d:
36:a8:3f:00:12:00:1b:c3:b3:2d:c4:89:97:90:69:b1:a2:f6:
60:57:9f:ba:99:60:ff:0d:a8:c4:02:11:dc:a9:4b:f8:54:0f:
7e:40:7c:7b:4f:a8:99:1f:7e:09:b5:97:d2:54:4f:64:2b:68:
82:dd:19:6b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzF3C2OZ8anbmFGUKpETrppMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2ZTQ2ODdhYjhiMWViNmRlMWFiZDA0YTA3NjE3Yzg2ZDEx
ODUxOGQwHhcNMjQwMTAxMTYyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTY0NTY1OTZjZDA2M2YxM2IyMjU2MTA1OTc3NWU4ZTBlMmU4NzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1buOGAhI8HtX7iE2KOAEdzyx13d
spF9IjqcX0UqYDjaIqVa+eTylwEhyblOFgzMQZMBHzS3IwIFsij+ljnAt9B4xWc3
ArgEySyZYxwVkQpsUyvsb3NcsHsZPaQXyjjqyWehjBNsgK9v/6phAxxkxTi6Uxa0
V/kktTXLAEAP0+naoCAaoVhlMk680gsz2nrUTBz2P/FWXnBtmAjjNj8wGtMwt7Ow
Omf1qjpCFWtX33mmbIBEOfXQAa1tRk3zBDcpJ3tYw6UqGOvXYE86lmpEUSv7yJSz
J8mlLIIIHpYX+onYXs611cxSvhI9SQXFb5ueSM76pGj8G5jswQVHP1tygQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMpkVlls0GPxOyJWEFl3Xo4OLodpMB8GA1UdIwQY
MBaAFObkaHq4sett4avQSgdhfIbRGFGNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXVSb2VyaXg2MjNocTlCS0IyRjhodEVZVVkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS82ZmQ1ZDItYjdjZS00YjNkLThmMmMt
MTM4YmJhYWM3ZmUyLzEveW1SV1dXelFZX0U3SWxZUVdYZGVqZzR1aDJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS82ZmQ1ZDItYjdjZS00YjNkLThmMmMtMTM4YmJhYWM3ZmUy
LzEvNXVSb2VyaXg2MjNocTlCS0IyRjhodEVZVVkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAudmmMA8E
AgACMAkDBwAqENUEAAAwDQYJKoZIhvcNAQELBQADggEBALSJYQYeZ2Y0eIs35wyc
NGJueYJKMu6O0X3nUzMN9lbAcwyluL2wuIFm6Kj80c0bmHIpAiJ+ymNtdmnmOG3h
nGq9WR2LnBUUT65fug5EpwEaRy1/SBaLD4cDLLnP3/nCWbmKPHuaAvzrgWo3RPmz
VYa5qbKOw0kLPBnalZK6/J2cTbZhRyErPukh0qBei/EUy5aFDxGvgz7fNsW4bHTm
G4+IRX+TA3vuweB47q5LmxOU02dOoLdPZvXbOzbPue9PC1uLBInSTTaoPwASABvD
sy3EiZeQabGi9mBXn7qZYP8NqMQCEdypS/hUD35AfHtPqJkffgm1l9JUT2QraILd
GWs=
-----END CERTIFICATE-----
Generated at Tue Sep 17 20:53:44 2024 by rpki-client on console-ams.rpki-client.org