Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/YzpkzL1Fy-WVgK85iFCibhPVzA0.roa
File: YzpkzL1Fy-WVgK85iFCibhPVzA0.roa (raw, json)
Hash identifier: zlo2GuU/nv/c1/JGghgGOg2KCHdeHTHwcgn8tFEKnlM=
Subject key identifier: 63:3A:64:CC:BD:45:CB:E5:95:80:AF:39:88:50:A2:6E:13:D5:CC:0D
Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Certificate serial: 018EF577B1D3A21AE3F724E559DE9389BB6E
Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/YzpkzL1Fy-WVgK85iFCibhPVzA0.roa
Signing time: Fri 19 Apr 2024 08:27:25 +0000
ROA not before: Fri 19 Apr 2024 08:27:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197184
IP address blocks: 82.119.88.0/23 maxlen: 23
82.119.89.0/24 maxlen: 24
85.14.8.0/22 maxlen: 22
85.14.8.0/24 maxlen: 24
85.14.9.0/24 maxlen: 24
85.14.10.0/24 maxlen: 24
85.14.11.0/24 maxlen: 24
85.14.52.0/22 maxlen: 22
85.14.52.0/23 maxlen: 23
85.14.52.0/24 maxlen: 24
85.14.53.0/24 maxlen: 24
85.14.54.0/23 maxlen: 23
85.14.54.0/24 maxlen: 24
85.14.55.0/24 maxlen: 24
89.252.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.mft
rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f5:77:b1:d3:a2:1a:e3:f7:24:e5:59:de:93:89:bb:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Validity
Not Before: Apr 19 08:27:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=633a64ccbd45cbe59580af398850a26e13d5cc0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:45:c7:4b:af:fb:9e:e1:ff:ad:a0:35:98:dc:
f0:a2:1b:bc:25:06:65:f3:ea:cb:47:c6:fd:21:bb:
92:8b:82:97:42:07:a0:83:ca:7b:fb:42:0e:15:3b:
97:82:a9:d2:e9:3f:02:fb:70:f5:83:22:d3:55:0f:
44:c1:9d:84:95:af:31:84:af:ff:e6:8e:38:ca:8d:
bb:a0:ec:e7:da:e0:37:25:ff:b2:43:ff:10:5f:b9:
69:9c:a6:d5:2f:68:37:a6:9d:7d:04:69:6d:03:a3:
14:48:74:79:9a:22:3d:da:1b:8d:df:24:f5:ca:e4:
c7:f8:5d:89:51:61:3f:17:ef:b4:55:24:0a:99:d6:
a1:68:10:a6:69:bb:5a:46:d9:93:04:97:64:e0:1c:
b9:4c:b7:d2:0a:a1:ad:82:38:1e:64:64:c1:cd:a0:
86:d9:43:75:eb:20:84:28:7a:c0:2f:83:68:34:d1:
7e:24:8e:b8:09:3a:26:6e:aa:ee:29:73:cb:7d:b2:
14:60:e7:81:ad:d2:ed:d3:76:c7:00:f3:0c:e0:08:
60:e4:db:0f:a1:89:79:16:f6:91:0b:8c:e4:b2:99:
11:f3:81:31:45:d5:cc:41:c0:87:f0:74:65:7d:35:
05:fe:ec:0d:26:45:9f:a4:9a:71:28:81:e4:bd:22:
30:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:3A:64:CC:BD:45:CB:E5:95:80:AF:39:88:50:A2:6E:13:D5:CC:0D
X509v3 Authority Key Identifier:
keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/YzpkzL1Fy-WVgK85iFCibhPVzA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.119.88.0/23
85.14.8.0/22
85.14.52.0/22
89.252.222.0/24
Signature Algorithm: sha256WithRSAEncryption
d5:8f:99:60:78:78:85:4b:91:a6:66:5d:0b:1f:27:cb:1b:42:
2b:37:dd:03:00:97:3c:c9:be:e0:29:5a:93:80:ef:0d:62:39:
25:89:76:77:82:c4:72:10:d6:93:2e:94:a9:13:68:70:05:db:
72:37:49:1a:68:a1:61:1f:9b:44:f2:71:5d:d1:33:f1:1c:e1:
41:33:24:8d:58:07:f1:7d:49:3d:64:45:e9:d3:5a:80:34:6a:
3d:87:9f:a4:57:2c:77:60:18:e8:e2:c1:35:e7:fe:a6:21:71:
65:bf:b5:23:27:67:c7:b9:a7:b3:c8:ca:36:ad:c1:6a:6f:68:
0f:a6:4f:f3:ce:18:bc:bd:dd:e5:b6:50:8e:be:5c:0b:9d:99:
bf:62:70:a0:d2:7b:a2:af:fe:06:dd:b0:c9:44:ac:7e:43:89:
8c:2f:85:d8:7d:93:fe:0e:52:6f:f6:ff:b0:b4:3f:ea:62:f1:
1e:9f:48:23:e2:4f:4c:d1:15:49:fc:e0:63:a5:59:ff:34:b5:
8f:79:dd:aa:f2:c9:cc:02:03:8c:36:34:8d:26:e4:3c:ae:e1:
07:00:7e:45:df:39:94:57:98:86:56:90:ac:d1:ec:54:b4:e5:
a0:4b:e3:dc:61:d9:a4:90:ca:19:38:83:5a:3e:f8:c9:07:ce:
7d:20:95:19
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY71d7HTohrj9yTlWd6TibtuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj
M2YwMGEwHhcNMjQwNDE5MDgyNzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzNhNjRjY2JkNDVjYmU1OTU4MGFmMzk4ODUwYTI2ZTEzZDVjYzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEXHS6/7nuH/raA1mNzwohu8JQZl
8+rLR8b9IbuSi4KXQgegg8p7+0IOFTuXgqnS6T8C+3D1gyLTVQ9EwZ2Ela8xhK//
5o44yo27oOzn2uA3Jf+yQ/8QX7lpnKbVL2g3pp19BGltA6MUSHR5miI92huN3yT1
yuTH+F2JUWE/F++0VSQKmdahaBCmabtaRtmTBJdk4By5TLfSCqGtgjgeZGTBzaCG
2UN16yCEKHrAL4NoNNF+JI64CTombqruKXPLfbIUYOeBrdLt03bHAPMM4Ahg5NsP
oYl5FvaRC4zkspkR84ExRdXMQcCH8HRlfTUF/uwNJkWfpJpxKIHkvSIw4QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGM6ZMy9RcvllYCvOYhQom4T1cwNMB8GA1UdIwQY
MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt
YjI3ZDZlMjc4ZTE4LzEvWXpwa3pMMUZ5LVdWZ0s4NWlGQ2liaFBWekEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4
LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBUndYAwQC
VQ4IAwQCVQ40AwQAWfzeMA0GCSqGSIb3DQEBCwUAA4IBAQDVj5lgeHiFS5GmZl0L
HyfLG0IrN90DAJc8yb7gKVqTgO8NYjkliXZ3gsRyENaTLpSpE2hwBdtyN0kaaKFh
H5tE8nFd0TPxHOFBMySNWAfxfUk9ZEXp01qANGo9h5+kVyx3YBjo4sE15/6mIXFl
v7UjJ2fHuaezyMo2rcFqb2gPpk/zzhi8vd3ltlCOvlwLnZm/YnCg0nuir/4G3bDJ
RKx+Q4mML4XYfZP+DlJv9v+wtD/qYvEen0gj4k9M0RVJ/OBjpVn/NLWPed2q8snM
AgOMNjSNJuQ8ruEHAH5F3zmUV5iGVpCs0exUtOWgS+PcYdmkkMoZOINaPvjJB859
IJUZ
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:38:37 2024 by rpki-client on console-fra.rpki-client.org