Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/649476-2b03-4cff-b918-8a5fe0ef17b8/1/Yyr0trxomt-jVQSMn2x0xyVuzZ4.roa
File: Yyr0trxomt-jVQSMn2x0xyVuzZ4.roa (raw, json)
Hash identifier: tWWwrDqQybtaI71bMbPLhi+HAhUt1LBUZK0avYAevh4=
Subject key identifier: 63:2A:F4:B6:BC:68:9A:DF:A3:55:04:8C:9F:6C:74:C7:25:6E:CD:9E
Certificate issuer: /CN=3286e129ff26d8adc10714a91ca53d800b06fe25
Certificate serial: 018DD6E7BF47C4F6FA2B1F3784B6500811E8
Authority key identifier: 32:86:E1:29:FF:26:D8:AD:C1:07:14:A9:1C:A5:3D:80:0B:06:FE:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MobhKf8m2K3BBxSpHKU9gAsG_iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/649476-2b03-4cff-b918-8a5fe0ef17b8/1/Yyr0trxomt-jVQSMn2x0xyVuzZ4.roa
Signing time: Fri 23 Feb 2024 16:58:48 +0000
ROA not before: Fri 23 Feb 2024 16:58:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215824
IP address blocks: 185.140.250.0/24 maxlen: 24
2a13:1d80::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/649476-2b03-4cff-b918-8a5fe0ef17b8/1/MobhKf8m2K3BBxSpHKU9gAsG_iU.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/649476-2b03-4cff-b918-8a5fe0ef17b8/1/MobhKf8m2K3BBxSpHKU9gAsG_iU.mft
rsync://rpki.ripe.net/repository/DEFAULT/MobhKf8m2K3BBxSpHKU9gAsG_iU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 07:03:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d6:e7:bf:47:c4:f6:fa:2b:1f:37:84:b6:50:08:11:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3286e129ff26d8adc10714a91ca53d800b06fe25
Validity
Not Before: Feb 23 16:58:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=632af4b6bc689adfa355048c9f6c74c7256ecd9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:6c:af:8f:65:af:2b:43:89:4b:b9:6e:65:e4:
ee:88:8d:aa:b0:96:60:f5:0b:f8:33:f9:a0:31:59:
1e:b3:19:12:d7:f4:a5:65:57:39:2b:87:d5:9d:c4:
8a:3d:d0:7d:c0:97:88:a2:33:78:ec:c1:2a:4c:54:
e6:4b:4a:13:fa:d6:24:52:3a:50:82:9f:fc:6b:73:
79:27:82:6f:c2:0d:06:04:6f:0d:c6:81:98:3d:8e:
d3:79:5a:b9:08:28:59:1f:93:e6:ad:78:cb:18:81:
78:c7:c1:64:c0:4f:d5:07:6c:1e:dc:0a:e4:19:1d:
b2:ff:b5:fb:89:1a:10:2d:3b:ba:f9:af:69:aa:ed:
17:6c:f6:02:ef:2a:27:04:89:34:31:db:a7:c4:2a:
a4:3a:02:5d:91:ab:c0:9b:61:24:27:b5:1a:c3:08:
86:b1:04:d3:5a:01:ea:79:eb:39:83:4d:7d:95:3a:
c0:72:9f:48:c3:ce:17:92:be:ae:6b:f0:24:f3:28:
a3:9d:d5:b6:8e:a0:8c:7d:28:2a:c5:dc:2a:17:fd:
71:5c:19:e7:b1:14:f7:f5:08:25:08:85:61:7d:e1:
2d:0d:d2:a7:65:00:cc:91:d0:ab:3e:5f:15:81:60:
8e:fe:d4:34:75:16:e0:b0:e5:9a:e1:89:e2:d5:03:
a5:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:2A:F4:B6:BC:68:9A:DF:A3:55:04:8C:9F:6C:74:C7:25:6E:CD:9E
X509v3 Authority Key Identifier:
keyid:32:86:E1:29:FF:26:D8:AD:C1:07:14:A9:1C:A5:3D:80:0B:06:FE:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MobhKf8m2K3BBxSpHKU9gAsG_iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/649476-2b03-4cff-b918-8a5fe0ef17b8/1/Yyr0trxomt-jVQSMn2x0xyVuzZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/649476-2b03-4cff-b918-8a5fe0ef17b8/1/MobhKf8m2K3BBxSpHKU9gAsG_iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.140.250.0/24
IPv6:
2a13:1d80::/48
Signature Algorithm: sha256WithRSAEncryption
3f:27:6d:db:c5:f6:62:31:01:ca:21:23:34:0a:0a:dd:6c:16:
fd:96:ea:ab:f3:d3:52:6d:14:a9:15:e4:f0:e2:26:32:37:b9:
01:da:2a:a1:05:08:be:14:ea:48:35:d6:0d:67:92:0f:75:66:
bd:67:26:bf:b0:57:2f:e8:e4:f1:0e:2c:9a:0b:95:63:46:19:
53:5d:0e:60:6f:8d:95:df:d2:87:31:32:2e:3b:07:db:bd:4a:
b1:a5:fb:6c:2b:31:cc:98:5b:65:f4:d2:ba:12:5b:aa:eb:c2:
90:32:4d:79:5b:19:3f:5c:59:18:f5:61:fa:15:f1:d1:d4:b3:
5e:70:88:10:1e:29:e1:b7:8e:03:c4:db:9e:dd:dd:3c:da:ef:
f0:0d:f1:cb:53:97:cb:47:d8:2a:84:63:51:ea:cd:bc:9b:5f:
09:bb:82:61:49:2f:c2:26:43:5c:e8:7f:ab:ba:49:91:d1:28:
37:ad:b7:c2:e1:d3:30:f8:79:e1:02:6b:6d:96:f1:93:04:29:
69:42:bc:1d:89:5c:2b:0f:9f:1c:b5:d3:ff:21:3b:bb:a4:e1:
97:e8:23:c2:42:66:97:27:02:a9:ac:d8:fb:3b:f9:d2:94:70:
15:04:e6:8d:87:7a:16:96:23:be:c5:3b:81:e2:46:d1:ae:34:
bb:5c:45:a7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3W579HxPb6Kx83hLZQCBHoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyODZlMTI5ZmYyNmQ4YWRjMTA3MTRhOTFjYTUzZDgwMGIw
NmZlMjUwHhcNMjQwMjIzMTY1ODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzJhZjRiNmJjNjg5YWRmYTM1NTA0OGM5ZjZjNzRjNzI1NmVjZDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGyvj2WvK0OJS7luZeTuiI2qsJZg
9Qv4M/mgMVkesxkS1/SlZVc5K4fVncSKPdB9wJeIojN47MEqTFTmS0oT+tYkUjpQ
gp/8a3N5J4Jvwg0GBG8NxoGYPY7TeVq5CChZH5PmrXjLGIF4x8FkwE/VB2we3Ark
GR2y/7X7iRoQLTu6+a9pqu0XbPYC7yonBIk0MdunxCqkOgJdkavAm2EkJ7UawwiG
sQTTWgHqees5g019lTrAcp9Iw84Xkr6ua/Ak8yijndW2jqCMfSgqxdwqF/1xXBnn
sRT39QglCIVhfeEtDdKnZQDMkdCrPl8VgWCO/tQ0dRbgsOWa4Yni1QOlgwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGMq9La8aJrfo1UEjJ9sdMclbs2eMB8GA1UdIwQY
MBaAFDKG4Sn/JtitwQcUqRylPYALBv4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW9iaEtmOG0ySzNCQnhTcEhLVTlnQXNHX2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy82NDk0NzYtMmIwMy00Y2ZmLWI5MTgt
OGE1ZmUwZWYxN2I4LzEvWXlyMHRyeG9tdC1qVlFTTW4yeDB4eVZ1elo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy82NDk0NzYtMmIwMy00Y2ZmLWI5MTgtOGE1ZmUwZWYxN2I4
LzEvTW9iaEtmOG0ySzNCQnhTcEhLVTlnQXNHX2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuYz6MA8E
AgACMAkDBwAqEx2AAAAwDQYJKoZIhvcNAQELBQADggEBAD8nbdvF9mIxAcohIzQK
Ct1sFv2W6qvz01JtFKkV5PDiJjI3uQHaKqEFCL4U6kg11g1nkg91Zr1nJr+wVy/o
5PEOLJoLlWNGGVNdDmBvjZXf0ocxMi47B9u9SrGl+2wrMcyYW2X00roSW6rrwpAy
TXlbGT9cWRj1YfoV8dHUs15wiBAeKeG3jgPE257d3Tza7/AN8ctTl8tH2CqEY1Hq
zbybXwm7gmFJL8ImQ1zof6u6SZHRKDett8Lh0zD4eeECa22W8ZMEKWlCvB2JXCsP
nxy10/8hO7uk4ZfoI8JCZpcnAqms2Ps7+dKUcBUE5o2HehaWI77FO4HiRtGuNLtc
Rac=
-----END CERTIFICATE-----
Generated at Sun Jun 16 12:59:18 2024 by rpki-client on console-ams.rpki-client.org