Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/abc0f8-1f1f-4c65-bb85-a966ae856926/1/lyYn0kodN-NkNeH7PccGIVanJCs.roa
File: lyYn0kodN-NkNeH7PccGIVanJCs.roa (raw, json)
Hash identifier: GugN+9DdQ4NJFR0vdsaSBJVES475C5yhf7tRrRejnk4=
Subject key identifier: 97:26:27:D2:4A:1D:37:E3:64:35:E1:FB:3D:C7:06:21:56:A7:24:2B
Certificate issuer: /CN=8016ccb1ac77c7c02a4ede606df1f7ef973a0bf9
Certificate serial: 018CC801413C8875BE1D8EC7B20926A76E1E
Authority key identifier: 80:16:CC:B1:AC:77:C7:C0:2A:4E:DE:60:6D:F1:F7:EF:97:3A:0B:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gBbMsax3x8AqTt5gbfH375c6C_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/abc0f8-1f1f-4c65-bb85-a966ae856926/1/lyYn0kodN-NkNeH7PccGIVanJCs.roa
Signing time: Tue 02 Jan 2024 02:29:34 +0000
ROA not before: Tue 02 Jan 2024 02:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211391
IP address blocks: 193.3.57.0/24 maxlen: 24
194.105.36.0/22 maxlen: 22
109.236.168.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/abc0f8-1f1f-4c65-bb85-a966ae856926/1/gBbMsax3x8AqTt5gbfH375c6C_k.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/abc0f8-1f1f-4c65-bb85-a966ae856926/1/gBbMsax3x8AqTt5gbfH375c6C_k.mft
rsync://rpki.ripe.net/repository/DEFAULT/gBbMsax3x8AqTt5gbfH375c6C_k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:41:3c:88:75:be:1d:8e:c7:b2:09:26:a7:6e:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8016ccb1ac77c7c02a4ede606df1f7ef973a0bf9
Validity
Not Before: Jan 2 02:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=972627d24a1d37e36435e1fb3dc7062156a7242b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:1e:c3:f6:94:7a:14:66:d7:b1:7f:cf:c7:9a:
8e:53:e4:e4:78:9f:51:81:ff:1a:c8:fa:43:66:3c:
da:1c:cb:a5:55:8b:f7:a8:2a:5e:b2:82:f0:fc:da:
9b:fa:50:f5:1f:18:e3:0f:65:f3:64:53:4f:e2:02:
db:0c:53:d2:a1:44:7c:3e:01:73:1e:01:06:52:c0:
5e:07:3c:5f:7a:29:b4:42:ca:a7:20:68:1b:5b:b8:
d0:7c:cf:ee:bb:09:30:01:ef:8d:ee:90:a8:f7:ac:
37:90:a2:12:fe:d5:7b:4a:3a:c4:bc:89:ac:fb:f8:
5b:33:7e:c5:35:e9:5f:ef:b3:4d:37:09:e8:fe:c1:
77:43:ed:f2:94:1d:e9:4d:08:b2:09:6d:c1:7c:fa:
75:14:e5:c0:14:cc:e6:7b:26:13:47:e3:4a:2c:6f:
b5:a0:e6:54:44:16:eb:71:45:d2:3e:ae:ca:f4:63:
6e:a8:32:28:82:95:6c:ae:98:93:b5:42:28:b6:ca:
2e:85:18:2f:c4:2e:4c:52:ef:75:28:fe:67:d7:d9:
29:d7:f7:bf:6c:8b:a2:71:f1:d4:a5:fa:9b:08:02:
af:d7:d4:d0:b9:bf:98:d2:6e:d9:74:35:37:3d:9c:
41:b9:88:ac:66:f8:45:27:90:a9:fc:1b:17:d0:f3:
df:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:26:27:D2:4A:1D:37:E3:64:35:E1:FB:3D:C7:06:21:56:A7:24:2B
X509v3 Authority Key Identifier:
keyid:80:16:CC:B1:AC:77:C7:C0:2A:4E:DE:60:6D:F1:F7:EF:97:3A:0B:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gBbMsax3x8AqTt5gbfH375c6C_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/abc0f8-1f1f-4c65-bb85-a966ae856926/1/lyYn0kodN-NkNeH7PccGIVanJCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/abc0f8-1f1f-4c65-bb85-a966ae856926/1/gBbMsax3x8AqTt5gbfH375c6C_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.168.0/21
193.3.57.0/24
194.105.36.0/22
Signature Algorithm: sha256WithRSAEncryption
73:ad:cc:b2:3a:1a:a3:7e:14:86:e0:bd:1b:7e:18:f9:5c:ce:
d4:a2:a0:72:b7:2c:e8:d5:b8:32:a3:8f:61:77:02:c8:f4:42:
13:89:75:48:db:b0:a1:95:f6:94:c2:91:63:f0:38:28:bf:aa:
7e:06:ef:d5:76:31:19:f8:e7:47:59:26:98:bb:35:33:a2:fa:
ab:28:de:de:07:6e:10:e8:a6:ce:89:61:f0:d9:42:c4:08:ad:
80:16:12:60:ce:29:ac:b3:71:95:23:eb:0b:0d:0f:7b:46:97:
45:59:f1:cd:e7:98:56:cc:72:76:55:21:8f:3f:09:ec:47:f8:
7d:c7:fa:3c:6f:4e:5d:59:7d:73:cb:eb:89:19:1d:e4:a1:6d:
b3:29:98:01:d0:65:ab:ed:19:50:d0:5d:22:60:64:7e:6d:f9:
1d:c6:f4:76:88:f3:4b:b7:54:93:3e:ac:20:c2:ed:09:84:3f:
ba:24:7a:6e:f4:c6:00:09:24:6a:b0:2b:30:6b:2f:b9:a4:0f:
04:d8:8e:d5:d3:89:f3:bb:a6:85:9e:00:2e:b1:d1:6f:a1:df:
62:db:10:78:e6:23:51:82:ef:24:92:d8:9f:8f:6d:70:93:c0:
8e:75:62:96:10:df:f7:67:cd:c2:e2:f6:e1:4b:1a:6c:e6:38:
43:0d:4b:32
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIAUE8iHW+HY7Hsgkmp24eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwMTZjY2IxYWM3N2M3YzAyYTRlZGU2MDZkZjFmN2VmOTcz
YTBiZjkwHhcNMjQwMTAyMDIyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzI2MjdkMjRhMWQzN2UzNjQzNWUxZmIzZGM3MDYyMTU2YTcyNDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvR7D9pR6FGbXsX/Px5qOU+TkeJ9R
gf8ayPpDZjzaHMulVYv3qCpesoLw/Nqb+lD1HxjjD2XzZFNP4gLbDFPSoUR8PgFz
HgEGUsBeBzxfeim0QsqnIGgbW7jQfM/uuwkwAe+N7pCo96w3kKIS/tV7SjrEvIms
+/hbM37FNelf77NNNwno/sF3Q+3ylB3pTQiyCW3BfPp1FOXAFMzmeyYTR+NKLG+1
oOZURBbrcUXSPq7K9GNuqDIogpVsrpiTtUIotsouhRgvxC5MUu91KP5n19kp1/e/
bIuicfHUpfqbCAKv19TQub+Y0m7ZdDU3PZxBuYisZvhFJ5Cp/BsX0PPfGQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJcmJ9JKHTfjZDXh+z3HBiFWpyQrMB8GA1UdIwQY
MBaAFIAWzLGsd8fAKk7eYG3x9++XOgv5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0JiTXNheDN4OEFxVHQ1Z2JmSDM3NWM2Q19rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9hYmMwZjgtMWYxZi00YzY1LWJiODUt
YTk2NmFlODU2OTI2LzEvbHlZbjBrb2ROLU5rTmVIN1BjY0dJVmFuSkNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9hYmMwZjgtMWYxZi00YzY1LWJiODUtYTk2NmFlODU2OTI2
LzEvZ0JiTXNheDN4OEFxVHQ1Z2JmSDM3NWM2Q19rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDbeyoAwQA
wQM5AwQCwmkkMA0GCSqGSIb3DQEBCwUAA4IBAQBzrcyyOhqjfhSG4L0bfhj5XM7U
oqBytyzo1bgyo49hdwLI9EITiXVI27ChlfaUwpFj8Dgov6p+Bu/VdjEZ+OdHWSaY
uzUzovqrKN7eB24Q6KbOiWHw2ULECK2AFhJgzimss3GVI+sLDQ97RpdFWfHN55hW
zHJ2VSGPPwnsR/h9x/o8b05dWX1zy+uJGR3koW2zKZgB0GWr7RlQ0F0iYGR+bfkd
xvR2iPNLt1STPqwgwu0JhD+6JHpu9MYACSRqsCsway+5pA8E2I7V04nzu6aFngAu
sdFvod9i2xB45iNRgu8kktifj21wk8COdWKWEN/3Z83C4vbhSxps5jhDDUsy
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:52:51 2024 by rpki-client on console-fra.rpki-client.org