Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/c63b6c-6aad-4a74-807c-10e13d43f0dd/1/YwlKiOmdHzriwW53gMLdHOcf4zA.roa
File: YwlKiOmdHzriwW53gMLdHOcf4zA.roa (raw, json)
Hash identifier: vHQ/S3z/UPxjRp0+Gr0y27R6FZQBNeGgytw9/IVKj+s=
Subject key identifier: 63:09:4A:88:E9:9D:1F:3A:E2:C1:6E:77:80:C2:DD:1C:E7:1F:E3:30
Certificate issuer: /CN=d098e907c63457e6ca6281dfe297d972bffda805
Certificate serial: 018CC3B6E8C572715268ACA799611F223AEF
Authority key identifier: D0:98:E9:07:C6:34:57:E6:CA:62:81:DF:E2:97:D9:72:BF:FD:A8:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0JjpB8Y0V-bKYoHf4pfZcr_9qAU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/c63b6c-6aad-4a74-807c-10e13d43f0dd/1/YwlKiOmdHzriwW53gMLdHOcf4zA.roa
Signing time: Mon 01 Jan 2024 06:29:53 +0000
ROA not before: Mon 01 Jan 2024 06:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39114
IP address blocks: 185.91.15.0/24 maxlen: 24
185.91.12.0/24 maxlen: 24
185.91.12.0/22 maxlen: 22
185.91.13.0/24 maxlen: 24
185.91.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/c63b6c-6aad-4a74-807c-10e13d43f0dd/1/0JjpB8Y0V-bKYoHf4pfZcr_9qAU.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/c63b6c-6aad-4a74-807c-10e13d43f0dd/1/0JjpB8Y0V-bKYoHf4pfZcr_9qAU.mft
rsync://rpki.ripe.net/repository/DEFAULT/0JjpB8Y0V-bKYoHf4pfZcr_9qAU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 13:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:e8:c5:72:71:52:68:ac:a7:99:61:1f:22:3a:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d098e907c63457e6ca6281dfe297d972bffda805
Validity
Not Before: Jan 1 06:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63094a88e99d1f3ae2c16e7780c2dd1ce71fe330
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:69:9b:ec:57:94:b9:97:0a:3d:e1:8e:04:67:
48:ac:93:d7:ae:5e:34:4a:cc:c7:3e:34:2d:4a:12:
74:cf:32:36:d1:22:2a:bb:26:e9:9a:d9:f5:17:84:
38:36:68:14:1f:d9:2b:c9:3e:64:8e:48:1e:28:57:
58:e1:13:80:e2:aa:7d:87:00:13:79:33:e4:0c:af:
bc:0c:9f:16:d2:2b:92:fd:22:72:74:3d:4f:08:9d:
38:7f:1c:0d:78:97:f4:ca:34:c8:0e:ee:8a:73:33:
73:7b:a1:9f:65:9b:ce:06:2e:48:a1:ee:9e:13:f1:
56:d5:3f:48:66:d8:39:25:8c:e2:98:6e:b5:52:db:
17:0e:01:24:33:bb:4e:1b:0c:f0:ab:e6:f1:2f:93:
2f:15:b7:33:31:58:a0:ed:af:1a:1f:6a:06:28:50:
aa:5b:2c:63:a3:3a:8b:85:a8:14:61:f9:70:7f:69:
7a:3b:5a:e8:39:9a:58:bc:53:27:a6:2c:7b:32:c6:
72:67:ad:c4:b9:b9:ae:dd:3b:dc:8e:a9:a7:6d:83:
fb:69:37:bd:16:a7:da:0b:92:ad:09:97:2a:99:4b:
1d:5c:75:44:2c:83:cb:f5:45:aa:de:e1:01:9a:ef:
f6:2e:f2:61:e8:11:28:b3:d7:64:e1:72:43:57:27:
7a:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:09:4A:88:E9:9D:1F:3A:E2:C1:6E:77:80:C2:DD:1C:E7:1F:E3:30
X509v3 Authority Key Identifier:
keyid:D0:98:E9:07:C6:34:57:E6:CA:62:81:DF:E2:97:D9:72:BF:FD:A8:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0JjpB8Y0V-bKYoHf4pfZcr_9qAU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/c63b6c-6aad-4a74-807c-10e13d43f0dd/1/YwlKiOmdHzriwW53gMLdHOcf4zA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/c63b6c-6aad-4a74-807c-10e13d43f0dd/1/0JjpB8Y0V-bKYoHf4pfZcr_9qAU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.91.12.0/22
Signature Algorithm: sha256WithRSAEncryption
95:1f:a8:5e:0a:85:cf:41:78:49:f2:a4:88:e5:f6:b9:33:13:
22:33:68:eb:7c:5d:6b:a3:d8:c4:c1:a2:8c:48:93:78:17:7e:
41:38:1c:17:df:4f:2a:67:b0:5a:e3:84:62:6d:69:58:7c:7d:
4c:95:ba:d0:7b:62:fe:1d:7a:dc:df:3c:4c:c2:d1:6b:79:11:
b5:56:c4:d8:b0:6f:39:c9:04:ad:5c:92:84:4b:da:86:a6:3b:
bb:e8:73:14:09:d3:7a:61:92:5c:75:e8:2d:04:5d:dd:35:a2:
5b:a0:ed:8b:8b:c9:5a:38:9f:85:3f:82:d4:4a:7c:33:d0:43:
bf:87:c0:50:6a:fa:97:a3:15:47:e2:c5:b1:d1:a6:46:be:61:
1d:4d:a0:47:d1:27:66:3f:12:d0:30:b3:4c:48:57:b8:e6:d9:
24:30:24:91:17:5b:e3:5e:ad:28:ec:03:ab:1c:20:8c:00:64:
36:86:6c:5b:55:aa:ac:9b:4e:5a:78:73:be:66:52:db:51:87:
63:b2:b4:1f:91:4e:0d:80:05:4a:4b:f0:a3:23:5a:bd:42:8c:
d2:9d:99:82:7c:e4:c6:cb:f4:b0:aa:c5:49:56:4c:e0:a5:b4:
db:b5:0a:98:2e:84:5a:e2:51:8f:82:ad:62:fa:75:3b:2d:ae:
b1:42:aa:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtujFcnFSaKynmWEfIjrvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOThlOTA3YzYzNDU3ZTZjYTYyODFkZmUyOTdkOTcyYmZm
ZGE4MDUwHhcNMjQwMTAxMDYyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzA5NGE4OGU5OWQxZjNhZTJjMTZlNzc4MGMyZGQxY2U3MWZlMzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2mmb7FeUuZcKPeGOBGdIrJPXrl40
SszHPjQtShJ0zzI20SIquybpmtn1F4Q4NmgUH9kryT5kjkgeKFdY4ROA4qp9hwAT
eTPkDK+8DJ8W0iuS/SJydD1PCJ04fxwNeJf0yjTIDu6KczNze6GfZZvOBi5Ioe6e
E/FW1T9IZtg5JYzimG61UtsXDgEkM7tOGwzwq+bxL5MvFbczMVig7a8aH2oGKFCq
WyxjozqLhagUYflwf2l6O1roOZpYvFMnpix7MsZyZ63Eubmu3TvcjqmnbYP7aTe9
FqfaC5KtCZcqmUsdXHVELIPL9UWq3uEBmu/2LvJh6BEos9dk4XJDVyd65QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGMJSojpnR864sFud4DC3RznH+MwMB8GA1UdIwQY
MBaAFNCY6QfGNFfmymKB3+KX2XK//agFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEpqcEI4WTBWLWJLWW9IZjRwZlpjcl85cUFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS9jNjNiNmMtNmFhZC00YTc0LTgwN2Mt
MTBlMTNkNDNmMGRkLzEvWXdsS2lPbWRIenJpd1c1M2dNTGRIT2NmNHpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS9jNjNiNmMtNmFhZC00YTc0LTgwN2MtMTBlMTNkNDNmMGRk
LzEvMEpqcEI4WTBWLWJLWW9IZjRwZlpjcl85cUFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVsMMA0G
CSqGSIb3DQEBCwUAA4IBAQCVH6heCoXPQXhJ8qSI5fa5MxMiM2jrfF1ro9jEwaKM
SJN4F35BOBwX308qZ7Ba44RibWlYfH1MlbrQe2L+HXrc3zxMwtFreRG1VsTYsG85
yQStXJKES9qGpju76HMUCdN6YZJcdegtBF3dNaJboO2Li8laOJ+FP4LUSnwz0EO/
h8BQavqXoxVH4sWx0aZGvmEdTaBH0SdmPxLQMLNMSFe45tkkMCSRF1vjXq0o7AOr
HCCMAGQ2hmxbVaqsm05aeHO+ZlLbUYdjsrQfkU4NgAVKS/CjI1q9QozSnZmCfOTG
y/SwqsVJVkzgpbTbtQqYLoRa4lGPgq1i+nU7La6xQqqQ
-----END CERTIFICATE-----
Generated at Sun May 19 19:46:06 2024 by rpki-client on console-ams.rpki-client.org