Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/075377-e426-492f-a59c-ae4c95c94005/1/yjiDu4cN4MjyoOq6KxXRsbIdLVM.roa
File: yjiDu4cN4MjyoOq6KxXRsbIdLVM.roa (raw, json)
Hash identifier: PLqraeBhB6rZMoferjTwmuCy6RnRl/BVYni4+KcbtnA=
Subject key identifier: CA:38:83:BB:87:0D:E0:C8:F2:A0:EA:BA:2B:15:D1:B1:B2:1D:2D:53
Certificate issuer: /CN=dc1fd007dffa508f30063fbe4d53a2b2e1e8c4de
Certificate serial: 018CC26CFBE167B00EFA38A0AEE0C01598B1
Authority key identifier: DC:1F:D0:07:DF:FA:50:8F:30:06:3F:BE:4D:53:A2:B2:E1:E8:C4:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3B_QB9_6UI8wBj--TVOisuHoxN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/075377-e426-492f-a59c-ae4c95c94005/1/yjiDu4cN4MjyoOq6KxXRsbIdLVM.roa
Signing time: Mon 01 Jan 2024 00:29:31 +0000
ROA not before: Mon 01 Jan 2024 00:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12502
IP address blocks: 194.55.100.0/23 maxlen: 23
193.96.243.0/24 maxlen: 24
212.71.192.0/19 maxlen: 24
2001:14f8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/075377-e426-492f-a59c-ae4c95c94005/1/3B_QB9_6UI8wBj--TVOisuHoxN4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/075377-e426-492f-a59c-ae4c95c94005/1/3B_QB9_6UI8wBj--TVOisuHoxN4.mft
rsync://rpki.ripe.net/repository/DEFAULT/3B_QB9_6UI8wBj--TVOisuHoxN4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 05:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:fb:e1:67:b0:0e:fa:38:a0:ae:e0:c0:15:98:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc1fd007dffa508f30063fbe4d53a2b2e1e8c4de
Validity
Not Before: Jan 1 00:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca3883bb870de0c8f2a0eaba2b15d1b1b21d2d53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:22:55:be:c0:b0:8c:c7:62:be:88:0e:c5:bb:
10:dc:c0:67:b1:26:21:92:e9:8d:ac:30:e3:fc:e4:
30:c9:0c:57:d9:eb:3e:90:b6:a9:7e:b0:fd:e9:13:
96:63:38:00:6f:71:d7:e5:5f:ab:f1:1d:ba:73:fc:
19:3d:8f:9d:4b:d2:12:e6:15:c8:42:04:e2:21:ea:
1d:80:6d:8a:5a:59:1d:5f:b1:1a:a2:63:c2:df:9d:
4c:85:66:e4:82:84:3c:0c:55:e1:75:4d:92:68:bb:
36:a1:e5:22:2a:3b:66:41:c3:08:5b:ef:45:91:f8:
81:ce:9b:41:6f:03:ea:26:d2:0f:3f:9b:7c:ef:af:
09:8a:87:b0:24:78:69:d9:67:83:3a:99:ce:ef:30:
37:54:89:99:01:bc:ad:fa:36:fd:52:5c:c2:69:36:
56:68:ce:4d:3a:68:46:45:49:8c:e9:62:7f:e6:20:
6d:a3:39:bb:c2:bd:e7:6e:03:f8:ab:5a:af:08:cd:
a8:68:29:6c:75:ea:d5:a3:0f:67:e7:63:5f:76:cd:
af:4c:ab:b1:92:85:c4:c1:f4:43:ca:94:12:1b:ce:
e7:85:5d:b3:0d:1e:e8:35:d1:78:36:42:9e:31:d0:
5f:54:2c:89:52:f9:06:1e:53:74:92:cd:4b:ae:e6:
66:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:38:83:BB:87:0D:E0:C8:F2:A0:EA:BA:2B:15:D1:B1:B2:1D:2D:53
X509v3 Authority Key Identifier:
keyid:DC:1F:D0:07:DF:FA:50:8F:30:06:3F:BE:4D:53:A2:B2:E1:E8:C4:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3B_QB9_6UI8wBj--TVOisuHoxN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/075377-e426-492f-a59c-ae4c95c94005/1/yjiDu4cN4MjyoOq6KxXRsbIdLVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/075377-e426-492f-a59c-ae4c95c94005/1/3B_QB9_6UI8wBj--TVOisuHoxN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.96.243.0/24
194.55.100.0/23
212.71.192.0/19
IPv6:
2001:14f8::/32
Signature Algorithm: sha256WithRSAEncryption
39:76:b0:e8:e1:e4:76:9c:a7:00:02:6d:84:de:71:15:85:77:
3f:8a:1a:74:39:e9:6c:45:e9:e8:84:81:1a:ff:35:07:e2:ad:
b7:79:b0:84:2c:f0:c4:5c:08:16:00:04:84:b4:3a:77:ce:9a:
99:99:ba:87:42:ff:80:5d:d8:8c:46:56:15:81:b6:d0:1a:a9:
41:56:75:26:5c:98:09:4b:98:5c:a8:81:a9:d2:e3:ff:b2:9f:
78:8d:37:52:85:d9:59:bd:a8:f7:78:f0:2b:ec:e1:95:85:1d:
1a:fc:2c:0b:18:02:5a:3d:3c:86:ab:77:99:a0:e8:b0:c1:76:
4e:5c:2d:3c:14:69:7b:03:62:f9:6a:94:97:b8:ab:fc:b9:ef:
d0:75:4b:60:ee:23:24:b3:ce:b4:54:7b:01:62:05:44:98:dd:
c6:e8:18:1d:3c:31:e4:74:e0:e8:3e:06:c3:e3:00:a2:0f:45:
1d:6f:14:50:32:99:f2:34:aa:d2:38:1a:09:ce:b7:27:71:12:
e9:ab:48:35:41:90:3f:40:e0:06:4a:54:ea:16:bc:a0:60:65:
66:34:d8:59:16:45:3a:6b:b8:a6:60:fd:a1:c9:96:ce:76:ce:
2f:fe:9c:1b:e0:2d:8b:ef:e1:37:94:85:f8:4a:08:4e:00:a4:
45:c5:50:57
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzCbPvhZ7AO+jigruDAFZixMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMWZkMDA3ZGZmYTUwOGYzMDA2M2ZiZTRkNTNhMmIyZTFl
OGM0ZGUwHhcNMjQwMTAxMDAyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTM4ODNiYjg3MGRlMGM4ZjJhMGVhYmEyYjE1ZDFiMWIyMWQyZDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCJVvsCwjMdivogOxbsQ3MBnsSYh
kumNrDDj/OQwyQxX2es+kLapfrD96ROWYzgAb3HX5V+r8R26c/wZPY+dS9IS5hXI
QgTiIeodgG2KWlkdX7EaomPC351MhWbkgoQ8DFXhdU2SaLs2oeUiKjtmQcMIW+9F
kfiBzptBbwPqJtIPP5t8768JioewJHhp2WeDOpnO7zA3VImZAbyt+jb9UlzCaTZW
aM5NOmhGRUmM6WJ/5iBtozm7wr3nbgP4q1qvCM2oaClsderVow9n52Nfds2vTKux
koXEwfRDypQSG87nhV2zDR7oNdF4NkKeMdBfVCyJUvkGHlN0ks1LruZmbwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMo4g7uHDeDI8qDquisV0bGyHS1TMB8GA1UdIwQY
MBaAFNwf0Aff+lCPMAY/vk1TorLh6MTeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JfUUI5XzZVSTh3QmotLVRWT2lzdUhveE40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8wNzUzNzctZTQyNi00OTJmLWE1OWMt
YWU0Yzk1Yzk0MDA1LzEveWppRHU0Y040TWp5b09xNkt4WFJzYklkTFZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8wNzUzNzctZTQyNi00OTJmLWE1OWMtYWU0Yzk1Yzk0MDA1
LzEvM0JfUUI5XzZVSTh3QmotLVRWT2lzdUhveE40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAwWDzAwQB
wjdkAwQF1EfAMA0EAgACMAcDBQAgART4MA0GCSqGSIb3DQEBCwUAA4IBAQA5drDo
4eR2nKcAAm2E3nEVhXc/ihp0OelsRenohIEa/zUH4q23ebCELPDEXAgWAASEtDp3
zpqZmbqHQv+AXdiMRlYVgbbQGqlBVnUmXJgJS5hcqIGp0uP/sp94jTdShdlZvaj3
ePAr7OGVhR0a/CwLGAJaPTyGq3eZoOiwwXZOXC08FGl7A2L5apSXuKv8ue/QdUtg
7iMks860VHsBYgVEmN3G6BgdPDHkdODoPgbD4wCiD0UdbxRQMpnyNKrSOBoJzrcn
cRLpq0g1QZA/QOAGSlTqFrygYGVmNNhZFkU6a7imYP2hyZbOds4v/pwb4C2L7+E3
lIX4SghOAKRFxVBX
-----END CERTIFICATE-----
Generated at Sun May 19 14:49:04 2024 by rpki-client on console-fra.rpki-client.org