Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/yKH8Jin6M64_pJ5NYMmWdETN_Bg.roa
File: yKH8Jin6M64_pJ5NYMmWdETN_Bg.roa (raw, json)
Hash identifier: NbR9rV4UQ+a/fQcAxHzSG2DIKDJrXu1+CuTtsXgjwdA=
Subject key identifier: C8:A1:FC:26:29:FA:33:AE:3F:A4:9E:4D:60:C9:96:74:44:CD:FC:18
Certificate issuer: /CN=dc4e453affe895b6452b84027437c5c00fd37067
Certificate serial: 018CC9BB090F7A324C5002148F7363EA5AE4
Authority key identifier: DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/yKH8Jin6M64_pJ5NYMmWdETN_Bg.roa
Signing time: Tue 02 Jan 2024 10:32:07 +0000
ROA not before: Tue 02 Jan 2024 10:32:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29286
IP address blocks: 37.46.18.0/24 maxlen: 24
37.46.18.0/23 maxlen: 23
37.46.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/3E5FOv_olbZFK4QCdDfFwA_TcGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/3E5FOv_olbZFK4QCdDfFwA_TcGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:09:0f:7a:32:4c:50:02:14:8f:73:63:ea:5a:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc4e453affe895b6452b84027437c5c00fd37067
Validity
Not Before: Jan 2 10:32:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8a1fc2629fa33ae3fa49e4d60c9967444cdfc18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:8b:2a:f1:3a:2b:cd:ba:58:cd:1d:4e:40:dc:
10:5b:2e:b0:90:7c:72:28:36:70:d3:20:7e:f1:78:
7f:ab:5e:1a:84:62:de:16:32:45:dd:4e:75:e4:c3:
00:39:93:5f:ee:70:7a:ee:9c:4f:56:0c:1c:14:d1:
f3:61:45:e4:65:41:2d:8f:11:ad:50:60:7a:3e:9d:
d5:97:22:70:44:33:b0:9c:12:0c:95:8c:39:5c:43:
6b:7b:03:fb:2b:f7:c7:ee:41:57:a0:41:e2:7f:5d:
83:34:c6:3a:bc:ef:b3:96:7b:3a:14:a3:d1:0d:1b:
46:b5:0f:aa:f7:46:88:80:9b:2e:fb:bc:71:34:97:
5f:9f:2a:33:94:f1:c3:02:a3:59:65:75:47:d0:a8:
61:06:ad:82:ed:ef:59:f6:5d:49:fb:b8:52:41:45:
6c:33:9d:7a:19:86:78:58:9c:4c:60:77:11:ec:0d:
79:70:5e:26:3c:d1:dd:07:6d:39:45:78:81:04:4a:
34:6d:70:eb:02:e7:c9:7a:97:bc:64:35:75:fe:c0:
68:e8:75:cb:92:b9:08:ff:dc:89:05:a1:ca:ec:5c:
b5:c3:bd:d0:c9:26:a8:27:e2:68:59:43:04:eb:29:
46:52:35:aa:66:99:db:b6:1b:b1:22:47:bb:0e:59:
37:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:A1:FC:26:29:FA:33:AE:3F:A4:9E:4D:60:C9:96:74:44:CD:FC:18
X509v3 Authority Key Identifier:
keyid:DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/yKH8Jin6M64_pJ5NYMmWdETN_Bg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/3E5FOv_olbZFK4QCdDfFwA_TcGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.18.0/23
Signature Algorithm: sha256WithRSAEncryption
a6:58:66:4c:75:4f:f7:a7:a2:08:12:4b:f7:90:6c:a3:d2:7e:
71:e8:eb:af:bd:e5:7f:26:6e:fd:cb:5e:3b:8e:43:24:4a:ac:
85:ee:5f:55:66:5e:ac:6e:66:e7:cb:b1:cf:4b:40:5e:0e:c3:
18:04:11:62:7e:c9:82:ee:d4:d6:b5:bb:c1:00:ec:d9:ba:95:
2f:d8:84:21:0d:9b:98:9c:ca:85:06:d2:bc:f3:4f:15:45:76:
d8:c8:85:6f:f7:88:25:f1:b3:e6:d2:8d:f3:2c:f4:e6:a4:92:
65:ce:de:08:e3:49:88:3b:c1:8a:18:59:07:a6:84:d9:ab:d8:
e2:13:ac:32:1f:5e:26:54:e7:d6:b5:0d:f8:3a:ef:f3:3e:bd:
9d:bb:bb:ad:8d:d5:de:e2:14:03:6e:3c:ad:2b:20:1a:86:f2:
86:44:0d:dc:86:5d:07:99:c9:58:16:c9:f9:88:a4:a2:93:82:
70:fe:c4:55:47:8c:63:4b:f8:93:09:dc:fd:4f:cd:86:ab:ec:
ee:65:fc:d3:d4:28:46:71:93:81:f6:e4:78:a4:8e:09:33:14:
5c:f9:02:2e:ff:7d:3d:37:83:a1:e8:10:2f:97:83:26:b3:6e:
39:02:2f:8c:a2:b5:aa:16:cf:b2:6e:04:1a:df:62:f0:ed:49:
df:f9:ec:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJuwkPejJMUAIUj3Nj6lrkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNGU0NTNhZmZlODk1YjY0NTJiODQwMjc0MzdjNWMwMGZk
MzcwNjcwHhcNMjQwMTAyMTAzMjA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGExZmMyNjI5ZmEzM2FlM2ZhNDllNGQ2MGM5OTY3NDQ0Y2RmYzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA94sq8TorzbpYzR1OQNwQWy6wkHxy
KDZw0yB+8Xh/q14ahGLeFjJF3U515MMAOZNf7nB67pxPVgwcFNHzYUXkZUEtjxGt
UGB6Pp3VlyJwRDOwnBIMlYw5XENrewP7K/fH7kFXoEHif12DNMY6vO+zlns6FKPR
DRtGtQ+q90aIgJsu+7xxNJdfnyozlPHDAqNZZXVH0KhhBq2C7e9Z9l1J+7hSQUVs
M516GYZ4WJxMYHcR7A15cF4mPNHdB205RXiBBEo0bXDrAufJepe8ZDV1/sBo6HXL
krkI/9yJBaHK7Fy1w73QySaoJ+JoWUME6ylGUjWqZpnbthuxIke7Dlk33wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMih/CYp+jOuP6SeTWDJlnREzfwYMB8GA1UdIwQY
MBaAFNxORTr/6JW2RSuEAnQ3xcAP03BnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEt
MTgyMjg2N2UxNTk2LzEveUtIOEppbjZNNjRfcEo1TllNbVdkRVROX0JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEtMTgyMjg2N2UxNTk2
LzEvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBJS4SMA0G
CSqGSIb3DQEBCwUAA4IBAQCmWGZMdU/3p6IIEkv3kGyj0n5x6OuvveV/Jm79y147
jkMkSqyF7l9VZl6sbmbny7HPS0BeDsMYBBFifsmC7tTWtbvBAOzZupUv2IQhDZuY
nMqFBtK8808VRXbYyIVv94gl8bPm0o3zLPTmpJJlzt4I40mIO8GKGFkHpoTZq9ji
E6wyH14mVOfWtQ34Ou/zPr2du7utjdXe4hQDbjytKyAahvKGRA3chl0HmclYFsn5
iKSik4Jw/sRVR4xjS/iTCdz9T82Gq+zuZfzT1ChGcZOB9uR4pI4JMxRc+QIu/309
N4Oh6BAvl4Mms245Ai+MorWqFs+ybgQa32Lw7Unf+ew4
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:24:37 2024 by rpki-client on console-fra.rpki-client.org