Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/YrYKZAtQ5voltUcl3aP5mFQlqww.roa
File: YrYKZAtQ5voltUcl3aP5mFQlqww.roa (raw, json)
Hash identifier: SfAn/A9kH1Vrovk9zm0OR4prYq3AMPzqxW3owo8pLxU=
Subject key identifier: 62:B6:0A:64:0B:50:E6:FA:25:B5:47:25:DD:A3:F9:98:54:25:AB:0C
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 018CC2DAC746C260112CDC230C73482E54E7
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/YrYKZAtQ5voltUcl3aP5mFQlqww.roa
Signing time: Mon 01 Jan 2024 02:29:26 +0000
ROA not before: Mon 01 Jan 2024 02:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197077
IP address blocks: 45.13.202.0/23 maxlen: 23
217.198.192.0/20 maxlen: 24
91.220.70.0/24 maxlen: 24
2a04:a450::/31 maxlen: 31
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 04:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:c7:46:c2:60:11:2c:dc:23:0c:73:48:2e:54:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 1 02:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62b60a640b50e6fa25b54725dda3f9985425ab0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:1e:3e:74:5a:82:44:17:ef:34:f6:96:3a:1e:
c5:08:74:38:ed:7b:05:a8:b3:8b:84:f3:a8:c6:d4:
92:08:f4:0a:4f:bf:20:c1:6e:82:d7:de:9b:9e:3d:
e2:66:1f:5d:c8:03:fa:79:fe:a6:43:63:c3:a8:2e:
2c:04:bb:4f:fd:10:8b:39:fd:15:2a:ba:da:98:bb:
36:5f:94:c7:c2:2e:0e:3b:8d:a0:3e:86:42:7c:29:
2e:b4:9b:41:a0:51:86:30:90:0b:64:8a:af:30:c2:
2a:f6:9d:b2:4b:d3:89:3d:c9:3c:99:18:f5:ac:1e:
65:49:66:d4:08:6d:64:c6:06:9d:97:14:15:e7:af:
a6:ff:58:b3:16:32:8d:22:62:a9:60:ff:3b:28:58:
9b:e3:b4:ad:c0:95:82:17:b6:e1:bd:33:47:bc:7b:
35:02:a3:d5:5b:43:1c:5f:d9:46:51:9b:ed:77:dc:
51:6e:ae:60:d3:ac:70:4d:60:25:c7:1a:38:ff:58:
66:e2:bb:68:25:03:32:c1:af:50:11:a8:4e:41:23:
80:c5:d0:8b:d5:50:b2:46:6b:d2:b0:c8:aa:1e:49:
37:6d:65:e5:df:d7:ba:ab:d7:eb:bc:18:75:be:38:
ed:78:62:56:31:c1:9a:c7:09:41:b3:a7:60:9d:2d:
9f:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:B6:0A:64:0B:50:E6:FA:25:B5:47:25:DD:A3:F9:98:54:25:AB:0C
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/YrYKZAtQ5voltUcl3aP5mFQlqww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.202.0/23
91.220.70.0/24
217.198.192.0/20
IPv6:
2a04:a450::/31
Signature Algorithm: sha256WithRSAEncryption
84:85:c4:da:bc:3b:c2:cb:84:fa:aa:65:b3:8f:97:32:ec:6d:
89:7f:d8:7d:0c:2f:cf:b7:99:1c:f8:e5:56:96:2d:c6:f9:6d:
97:79:e1:bb:4c:9e:35:94:a7:5d:6c:b5:35:92:98:98:4b:15:
cf:54:a6:7e:7f:95:4e:0c:77:3f:75:c4:65:77:e7:de:d2:d9:
18:36:a4:8a:fe:18:66:50:f7:7b:5c:fd:7d:54:1f:91:9e:45:
00:08:2a:8a:3a:fc:56:51:3f:80:52:3f:32:19:f9:9b:2d:ed:
e0:d1:53:8a:16:c0:a3:14:3e:83:c2:c7:60:70:1e:8a:98:55:
52:5e:bf:ef:e4:a7:18:9a:d7:a4:b0:72:f6:ca:7f:c6:6a:78:
4b:58:54:49:6b:11:5e:16:9b:e5:54:bd:f5:4e:e9:41:77:87:
27:b2:75:d3:36:90:af:3d:3b:4a:fd:59:79:38:e4:70:a4:e9:
48:d1:49:e5:c9:b7:7c:af:a3:49:56:90:2e:16:c7:13:bf:2b:
27:19:1d:67:a7:24:50:c0:0a:5d:ed:1e:35:d3:f9:80:93:f4:
af:97:2f:02:f4:d2:60:32:f6:a4:29:b8:aa:48:20:97:81:4f:
6e:ba:7d:91:63:ac:5e:d4:f7:f4:fc:ed:6c:c3:fb:08:3b:ad:
f1:4c:79:96
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzC2sdGwmARLNwjDHNILlTnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjQwMTAxMDIyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmI2MGE2NDBiNTBlNmZhMjViNTQ3MjVkZGEzZjk5ODU0MjVhYjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkR4+dFqCRBfvNPaWOh7FCHQ47XsF
qLOLhPOoxtSSCPQKT78gwW6C196bnj3iZh9dyAP6ef6mQ2PDqC4sBLtP/RCLOf0V
KrramLs2X5THwi4OO42gPoZCfCkutJtBoFGGMJALZIqvMMIq9p2yS9OJPck8mRj1
rB5lSWbUCG1kxgadlxQV56+m/1izFjKNImKpYP87KFib47StwJWCF7bhvTNHvHs1
AqPVW0McX9lGUZvtd9xRbq5g06xwTWAlxxo4/1hm4rtoJQMywa9QEahOQSOAxdCL
1VCyRmvSsMiqHkk3bWXl39e6q9frvBh1vjjteGJWMcGaxwlBs6dgnS2fYQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGK2CmQLUOb6JbVHJd2j+ZhUJasMMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvWXJZS1pBdFE1dm9sdFVjbDNhUDVtRlFscXd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBLQ3KAwQA
W9xGAwQE2cbAMA0EAgACMAcDBQEqBKRQMA0GCSqGSIb3DQEBCwUAA4IBAQCEhcTa
vDvCy4T6qmWzj5cy7G2Jf9h9DC/Pt5kc+OVWli3G+W2XeeG7TJ41lKddbLU1kpiY
SxXPVKZ+f5VODHc/dcRld+fe0tkYNqSK/hhmUPd7XP19VB+RnkUACCqKOvxWUT+A
Uj8yGfmbLe3g0VOKFsCjFD6DwsdgcB6KmFVSXr/v5KcYmteksHL2yn/GanhLWFRJ
axFeFpvlVL31TulBd4cnsnXTNpCvPTtK/Vl5OORwpOlI0Unlybd8r6NJVpAuFscT
vysnGR1npyRQwApd7R410/mAk/Svly8C9NJgMvakKbiqSCCXgU9uun2RY6xe1Pf0
/O1sw/sIO63xTHmW
-----END CERTIFICATE-----
Generated at Sun Jun 2 09:55:09 2024 by rpki-client on console-fra.rpki-client.org