Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1532c6-a2f5-48e6-b037-18c5ebef27a8/1/Y_no_JXYm_8sONOzPJQGObXPjBk.roa
File: Y_no_JXYm_8sONOzPJQGObXPjBk.roa (raw, json)
Hash identifier: NKcq1gGxQ5lA3RLI0cIEYW6xR0NOHkPa/1yp0GCXoIc=
Subject key identifier: 63:F9:E8:FC:95:D8:9B:FF:2C:38:D3:B3:3C:94:06:39:B5:CF:8C:19
Certificate issuer: /CN=7404e16f333d89650c6613ac6c95d348dc4b7950
Certificate serial: 01955B3B2DC1AE40738B50DA699F085AE8F8
Authority key identifier: 74:04:E1:6F:33:3D:89:65:0C:66:13:AC:6C:95:D3:48:DC:4B:79:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dAThbzM9iWUMZhOsbJXTSNxLeVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/1532c6-a2f5-48e6-b037-18c5ebef27a8/1/Y_no_JXYm_8sONOzPJQGObXPjBk.roa
Signing time: Mon 03 Mar 2025 08:59:19 +0000
ROA not before: Mon 03 Mar 2025 08:59:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9123
IP address blocks: 185.11.134.0/24 maxlen: 24
185.11.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/1532c6-a2f5-48e6-b037-18c5ebef27a8/1/dAThbzM9iWUMZhOsbJXTSNxLeVA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/1532c6-a2f5-48e6-b037-18c5ebef27a8/1/dAThbzM9iWUMZhOsbJXTSNxLeVA.mft
rsync://rpki.ripe.net/repository/DEFAULT/dAThbzM9iWUMZhOsbJXTSNxLeVA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5b:3b:2d:c1:ae:40:73:8b:50:da:69:9f:08:5a:e8:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7404e16f333d89650c6613ac6c95d348dc4b7950
Validity
Not Before: Mar 3 08:59:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=63f9e8fc95d89bff2c38d3b33c940639b5cf8c19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:2f:13:b4:fb:45:e4:03:60:81:b7:16:37:7e:
4e:91:15:c4:99:1a:53:91:14:23:5e:6a:97:f7:84:
64:d7:2e:6f:96:55:79:5b:9f:e2:07:f6:b1:fb:b9:
e8:1d:53:08:10:ea:1a:7c:cd:70:1d:66:56:59:85:
84:59:2e:a9:f7:18:f1:16:9a:99:c4:d4:a1:06:6b:
aa:93:8b:b5:45:18:84:54:b5:ec:1b:ee:81:ad:d2:
1b:b2:15:b1:33:ac:9e:5a:e7:62:18:53:e6:ba:e4:
86:c6:a3:e4:d9:26:35:8e:90:07:6b:33:68:2c:44:
68:19:bb:16:11:1c:77:ef:83:ab:55:71:b9:02:8e:
87:1e:bb:53:6e:af:b7:63:87:dc:0a:d1:0f:e3:0c:
c3:53:43:67:0b:f4:45:d7:cd:a3:7e:d5:bf:35:7a:
8a:49:e1:a2:5e:ee:95:1b:8e:3e:6d:7f:51:07:04:
93:6c:31:6e:02:fb:1f:65:d8:3f:ce:87:01:4e:4f:
21:5f:73:61:63:f4:82:c0:8e:82:df:26:9b:7d:b4:
95:7e:5c:4a:fc:99:c0:98:cb:aa:69:9d:2a:21:70:
88:c8:77:a6:ec:77:a3:87:af:4f:8c:d1:f3:52:a0:
50:b0:38:99:a1:78:a6:fd:75:56:3b:c6:0a:47:70:
3b:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:F9:E8:FC:95:D8:9B:FF:2C:38:D3:B3:3C:94:06:39:B5:CF:8C:19
X509v3 Authority Key Identifier:
keyid:74:04:E1:6F:33:3D:89:65:0C:66:13:AC:6C:95:D3:48:DC:4B:79:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dAThbzM9iWUMZhOsbJXTSNxLeVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1532c6-a2f5-48e6-b037-18c5ebef27a8/1/Y_no_JXYm_8sONOzPJQGObXPjBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1532c6-a2f5-48e6-b037-18c5ebef27a8/1/dAThbzM9iWUMZhOsbJXTSNxLeVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.11.134.0/23
Signature Algorithm: sha256WithRSAEncryption
46:21:7e:c8:8f:e7:c5:2c:16:c3:d8:38:98:3d:9c:9c:7b:a4:
f8:d9:8a:93:55:35:17:51:17:8c:5a:2e:b5:5d:df:81:1f:70:
d3:a0:69:60:a8:43:81:4d:0c:d2:c5:83:a0:76:e4:9a:c0:2e:
5f:c3:f7:fa:f6:9e:8b:b0:96:1e:77:29:21:32:9c:dd:66:8f:
c7:fe:02:f8:8d:48:9f:5d:c2:d8:5c:df:0b:34:10:3f:d4:d2:
3b:69:ea:fd:90:9a:7f:a2:24:7c:0c:84:2b:2e:bd:e4:21:27:
98:c6:8c:54:61:9d:a6:7f:ba:a4:3d:56:5b:e0:aa:ad:39:99:
88:0f:09:16:95:26:ec:aa:fd:93:c8:ee:ec:8c:fa:e4:50:6c:
25:05:1d:b4:73:77:18:8b:28:2b:52:a6:e2:e1:99:0b:bb:62:
88:a9:ca:ea:b7:a9:25:db:91:d4:47:d3:3a:de:cc:1d:5e:4e:
88:9d:a3:bd:2f:86:dc:f2:ad:9b:37:d0:f9:cf:06:99:49:c7:
30:d0:97:0e:72:a7:0c:29:6b:81:4d:3d:45:d9:03:51:28:e5:
a1:4f:9b:32:c2:e0:93:26:fc:41:f1:93:ea:29:b8:2a:10:a0:
f8:07:13:4a:b1:f7:4c:4b:68:3c:66:29:70:d4:28:64:bf:8d:
29:a3:a9:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVbOy3BrkBzi1DaaZ8IWuj4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MDRlMTZmMzMzZDg5NjUwYzY2MTNhYzZjOTVkMzQ4ZGM0
Yjc5NTAwHhcNMjUwMzAzMDg1OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2Y5ZThmYzk1ZDg5YmZmMmMzOGQzYjMzYzk0MDYzOWI1Y2Y4YzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAry8TtPtF5ANggbcWN35OkRXEmRpT
kRQjXmqX94Rk1y5vllV5W5/iB/ax+7noHVMIEOoafM1wHWZWWYWEWS6p9xjxFpqZ
xNShBmuqk4u1RRiEVLXsG+6BrdIbshWxM6yeWudiGFPmuuSGxqPk2SY1jpAHazNo
LERoGbsWERx374OrVXG5Ao6HHrtTbq+3Y4fcCtEP4wzDU0NnC/RF182jftW/NXqK
SeGiXu6VG44+bX9RBwSTbDFuAvsfZdg/zocBTk8hX3NhY/SCwI6C3yabfbSVflxK
/JnAmMuqaZ0qIXCIyHem7Hejh69PjNHzUqBQsDiZoXim/XVWO8YKR3A78wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGP56PyV2Jv/LDjTszyUBjm1z4wZMB8GA1UdIwQY
MBaAFHQE4W8zPYllDGYTrGyV00jcS3lQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEFUaGJ6TTlpV1VNWmhPc2JKWFRTTnhMZVZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8xNTMyYzYtYTJmNS00OGU2LWIwMzct
MThjNWViZWYyN2E4LzEvWV9ub19KWFltXzhzT05PelBKUUdPYlhQakJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8xNTMyYzYtYTJmNS00OGU2LWIwMzctMThjNWViZWYyN2E4
LzEvZEFUaGJ6TTlpV1VNWmhPc2JKWFRTTnhMZVZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuQuGMA0G
CSqGSIb3DQEBCwUAA4IBAQBGIX7Ij+fFLBbD2DiYPZyce6T42YqTVTUXUReMWi61
Xd+BH3DToGlgqEOBTQzSxYOgduSawC5fw/f69p6LsJYedykhMpzdZo/H/gL4jUif
XcLYXN8LNBA/1NI7aer9kJp/oiR8DIQrLr3kISeYxoxUYZ2mf7qkPVZb4KqtOZmI
DwkWlSbsqv2TyO7sjPrkUGwlBR20c3cYiygrUqbi4ZkLu2KIqcrqt6kl25HUR9M6
3swdXk6InaO9L4bc8q2bN9D5zwaZSccw0JcOcqcMKWuBTT1F2QNRKOWhT5sywuCT
JvxB8ZPqKbgqEKD4BxNKsfdMS2g8Zilw1Chkv40po6n+
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:56:07 2025 by rpki-client