Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/YdQugoCa9KNRe6zUmrYq0khH0KI.roa
File: YdQugoCa9KNRe6zUmrYq0khH0KI.roa (raw, json)
Hash identifier: +UC7995CdNKIr5GvVL+ucqP68cUQn3ZIgWgARgcID7g=
Subject key identifier: 61:D4:2E:82:80:9A:F4:A3:51:7B:AC:D4:9A:B6:2A:D2:48:47:D0:A2
Certificate issuer: /CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Certificate serial: 0190ED97C4E993EE026D05ADEC85553C8113
Authority key identifier: 0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/YdQugoCa9KNRe6zUmrYq0khH0KI.roa
Signing time: Fri 26 Jul 2024 05:51:04 +0000
ROA not before: Fri 26 Jul 2024 05:51:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205800
IP address blocks: 188.72.40.0/24 maxlen: 24
188.72.41.0/24 maxlen: 24
188.72.46.0/24 maxlen: 24
188.72.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.mft
rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ed:97:c4:e9:93:ee:02:6d:05:ad:ec:85:55:3c:81:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Validity
Not Before: Jul 26 05:51:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61d42e82809af4a3517bacd49ab62ad24847d0a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:3f:d1:e4:71:ea:1b:88:3b:e8:26:0e:d5:64:
cd:32:7d:ab:45:e3:2e:7d:5a:9d:1a:67:26:26:a0:
c7:4e:fe:4e:dc:26:cd:84:8d:bb:30:21:3a:04:83:
a0:11:92:59:c3:bf:af:f5:18:6c:6b:9f:0d:7c:9b:
09:bd:81:98:72:ca:02:d3:eb:e9:74:fc:1a:bd:6c:
6f:72:02:fe:dd:8d:7b:dc:7b:3a:d0:42:f4:50:06:
44:d8:d9:80:e7:3d:e9:67:dc:cb:71:cd:d3:9c:fc:
57:c9:6d:36:12:f0:2f:9b:f2:24:f3:c7:97:7d:0f:
3b:c5:11:78:2b:33:0b:e4:18:3c:46:3f:ea:d3:1b:
3a:41:9b:52:be:03:c5:6d:d1:18:3c:a6:6e:13:d4:
fb:83:16:3b:9d:62:8d:cf:cd:59:9c:65:2c:37:4d:
02:56:6b:8b:95:3b:f2:6d:80:e3:f5:c2:a8:a3:8b:
59:f7:08:d5:22:70:6f:1e:91:09:9e:6d:2d:0b:02:
d7:07:ce:09:ca:fa:9f:c7:75:bf:7e:62:22:06:89:
36:30:9c:66:20:95:83:96:63:8b:94:e9:b0:ac:dc:
52:80:e0:e3:c3:34:fc:33:61:24:3d:81:af:e6:19:
32:fa:b3:81:7d:8a:2e:0b:7c:7b:36:a8:46:79:a9:
6b:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:D4:2E:82:80:9A:F4:A3:51:7B:AC:D4:9A:B6:2A:D2:48:47:D0:A2
X509v3 Authority Key Identifier:
keyid:0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/YdQugoCa9KNRe6zUmrYq0khH0KI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.72.40.0/23
188.72.46.0/24
188.72.49.0/24
Signature Algorithm: sha256WithRSAEncryption
95:54:33:3a:e1:6b:bc:fc:68:d0:1d:11:cb:5c:c4:f6:78:89:
3e:83:68:24:86:27:76:f9:6f:c8:bb:1d:2f:2d:70:0e:29:05:
22:47:5b:4e:06:3a:2a:ae:a2:c0:e5:31:1b:bd:18:a3:ee:e1:
db:02:f8:6a:af:81:db:35:dc:4a:52:23:8f:fa:8b:14:52:ed:
d8:8d:3f:1a:f7:6d:48:17:1b:72:40:10:51:a5:17:aa:22:75:
86:ca:0d:42:85:ea:80:6c:5c:7e:8a:6c:d5:bc:78:82:62:48:
fa:b2:1f:5e:d1:01:9e:a4:66:38:39:34:eb:3d:03:8c:e8:d4:
56:8b:ea:e9:91:74:7a:be:e0:cd:66:46:d6:27:0c:fb:d1:14:
2a:c3:7a:b3:ef:e0:d5:ab:3b:b0:16:2b:5e:09:5b:a5:d5:da:
33:57:15:47:84:2b:fc:c3:42:e4:71:ec:f6:5b:11:35:d5:d0:
32:44:0e:16:2e:f7:34:06:06:5b:22:8a:80:16:9b:3f:c9:2f:
03:e5:22:b5:fd:05:8d:c3:6e:e4:be:8a:5d:22:d8:ef:d8:20:
b9:8c:03:2c:6c:36:89:fd:cc:58:5e:68:61:f5:ce:00:c1:e3:
03:1d:9a:85:ad:ac:2b:94:19:28:ae:c8:77:da:6a:ce:54:e5:
99:4a:ad:f4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZDtl8Tpk+4CbQWt7IVVPIETMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNTE0MDI4MjU5MWY5OTEyZjk2MzllZTE0MTJiNmQxZGNm
ZjA4NjEwHhcNMjQwNzI2MDU1MTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWQ0MmU4MjgwOWFmNGEzNTE3YmFjZDQ5YWI2MmFkMjQ4NDdkMGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4z/R5HHqG4g76CYO1WTNMn2rReMu
fVqdGmcmJqDHTv5O3CbNhI27MCE6BIOgEZJZw7+v9Rhsa58NfJsJvYGYcsoC0+vp
dPwavWxvcgL+3Y173Hs60EL0UAZE2NmA5z3pZ9zLcc3TnPxXyW02EvAvm/Ik88eX
fQ87xRF4KzML5Bg8Rj/q0xs6QZtSvgPFbdEYPKZuE9T7gxY7nWKNz81ZnGUsN00C
VmuLlTvybYDj9cKoo4tZ9wjVInBvHpEJnm0tCwLXB84Jyvqfx3W/fmIiBok2MJxm
IJWDlmOLlOmwrNxSgODjwzT8M2EkPYGv5hky+rOBfYouC3x7NqhGealrWQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGHULoKAmvSjUXus1Jq2KtJIR9CiMB8GA1UdIwQY
MBaAFAxRQCglkfmRL5Y57hQSttHc/whhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUt
ZGU5MTQ2OWQzNzcyLzEvWWRRdWdvQ2E5S05SZTZ6VW1yWXEwa2hIMEtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUtZGU5MTQ2OWQzNzcy
LzEvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBvEgoAwQA
vEguAwQAvEgxMA0GCSqGSIb3DQEBCwUAA4IBAQCVVDM64Wu8/GjQHRHLXMT2eIk+
g2gkhid2+W/Iux0vLXAOKQUiR1tOBjoqrqLA5TEbvRij7uHbAvhqr4HbNdxKUiOP
+osUUu3YjT8a921IFxtyQBBRpReqInWGyg1CheqAbFx+imzVvHiCYkj6sh9e0QGe
pGY4OTTrPQOM6NRWi+rpkXR6vuDNZkbWJwz70RQqw3qz7+DVqzuwFiteCVul1doz
VxVHhCv8w0Lkcez2WxE11dAyRA4WLvc0BgZbIoqAFps/yS8D5SK1/QWNw27kvopd
Itjv2CC5jAMsbDaJ/cxYXmhh9c4AweMDHZqFrawrlBkorsh32mrOVOWZSq30
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:22:53 2024 by rpki-client on console-ams.rpki-client.org