Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/2Yjy3Fb7SillH2-McFapBuVVIL0.roa
File: 2Yjy3Fb7SillH2-McFapBuVVIL0.roa (raw, json)
Hash identifier: 1zHaq5sD9NUDMNlqxGXHG6NCURbsJVKRndNr2vve9w0=
Subject key identifier: D9:88:F2:DC:56:FB:4A:29:65:1F:6F:8C:70:56:A9:06:E5:55:20:BD
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018CC80296F09D6FAAB7F5EF11A391B41E99
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/2Yjy3Fb7SillH2-McFapBuVVIL0.roa
Signing time: Tue 02 Jan 2024 02:31:02 +0000
ROA not before: Tue 02 Jan 2024 02:31:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212384
IP address blocks: 194.5.66.0/24 maxlen: 24
45.147.225.0/24 maxlen: 24
185.108.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:96:f0:9d:6f:aa:b7:f5:ef:11:a3:91:b4:1e:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 2 02:31:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d988f2dc56fb4a29651f6f8c7056a906e55520bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:e2:1e:85:31:70:0f:42:71:77:ce:ec:f9:a2:
33:cb:38:7c:8f:c0:e7:38:b2:c8:5c:81:f8:b8:f1:
b5:4a:40:49:3a:bf:3f:55:85:78:7c:19:be:06:fa:
3d:bd:98:7b:51:8e:83:16:f8:92:35:9b:d5:40:ac:
61:6d:43:ec:d8:b7:5f:f8:7e:01:fb:83:e9:c0:23:
1f:f0:7b:76:bd:e4:07:96:28:39:2b:92:46:26:ec:
3e:18:97:ba:54:2a:b1:54:4c:a2:7c:3c:da:e0:53:
ec:b4:91:2f:0b:ae:21:d6:b2:3d:07:c6:d6:d9:d0:
f1:24:af:a0:1b:2f:5d:58:df:8a:07:6b:42:1f:2d:
c5:7e:4c:63:81:62:09:b6:dd:5c:d9:c7:6b:70:33:
61:1e:28:e1:dc:ce:6c:53:f0:44:ca:47:81:07:b6:
0b:cb:07:1f:89:f8:7e:8c:21:19:a6:83:c4:5d:05:
ee:bf:16:ff:b1:88:29:27:b6:a7:b3:18:d1:ff:b9:
b0:25:d2:e5:08:26:ec:68:40:33:5a:04:cc:8b:bf:
a2:2e:33:ec:38:63:3e:91:d3:f5:d8:8f:ae:db:9c:
78:57:33:56:9e:01:b0:3b:40:36:50:f3:8e:ae:1f:
34:ae:5c:95:b4:d8:6e:5a:4e:38:35:d0:90:7d:7c:
0e:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:88:F2:DC:56:FB:4A:29:65:1F:6F:8C:70:56:A9:06:E5:55:20:BD
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/2Yjy3Fb7SillH2-McFapBuVVIL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.225.0/24
185.108.207.0/24
194.5.66.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:44:79:9a:d1:09:d9:a1:4f:53:1f:6e:7b:82:2b:de:8b:05:
29:77:95:51:c3:06:5f:c1:fa:1e:73:e1:0a:87:42:1a:ce:58:
78:eb:25:34:62:74:5b:a4:8c:a3:35:9a:34:14:d8:42:4a:a8:
d4:c7:f3:92:71:ab:23:6b:d7:a1:fe:a3:59:6a:d8:44:95:73:
54:49:96:82:3a:f8:1d:96:a2:6b:1d:5c:07:99:12:f3:e3:f6:
6d:8c:75:d2:9b:70:0d:d4:91:61:5e:82:3d:95:74:9c:7e:f6:
6e:e6:9a:80:07:82:ca:08:66:73:a5:20:34:58:3f:83:bd:b5:
ed:3e:ff:f0:1c:da:e0:9c:85:74:5e:2a:f3:62:3f:2a:14:a3:
2d:16:e6:17:03:d5:99:aa:8b:6e:ca:7d:7b:42:e2:84:ef:4b:
7c:84:52:ff:6a:cf:4e:88:51:47:8a:c3:12:46:bb:65:53:69:
33:6e:da:2a:00:3c:05:c8:27:ce:e1:34:15:4b:9c:9e:d1:de:
f4:e9:85:1b:ae:de:3f:74:c0:4e:25:ae:1a:54:fb:ad:0f:cb:
9b:44:a8:2d:f0:f7:06:08:9b:5b:b6:20:da:f1:01:bb:24:76:
d8:f8:29:2a:6a:eb:be:cb:10:92:12:5b:c0:c8:85:9c:3f:46:
b0:a5:b2:ff
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIApbwnW+qt/XvEaORtB6ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMTAyMDIzMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTg4ZjJkYzU2ZmI0YTI5NjUxZjZmOGM3MDU2YTkwNmU1NTUyMGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAguIehTFwD0Jxd87s+aIzyzh8j8Dn
OLLIXIH4uPG1SkBJOr8/VYV4fBm+Bvo9vZh7UY6DFviSNZvVQKxhbUPs2Ldf+H4B
+4PpwCMf8Ht2veQHlig5K5JGJuw+GJe6VCqxVEyifDza4FPstJEvC64h1rI9B8bW
2dDxJK+gGy9dWN+KB2tCHy3FfkxjgWIJtt1c2cdrcDNhHijh3M5sU/BEykeBB7YL
ywcfifh+jCEZpoPEXQXuvxb/sYgpJ7ansxjR/7mwJdLlCCbsaEAzWgTMi7+iLjPs
OGM+kdP12I+u25x4VzNWngGwO0A2UPOOrh80rlyVtNhuWk44NdCQfXwODQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNmI8txW+0opZR9vjHBWqQblVSC9MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMllqeTNGYjdTaWxsSDItTWNGYXBCdVZWSUwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZPhAwQA
uWzPAwQAwgVCMA0GCSqGSIb3DQEBCwUAA4IBAQALRHma0QnZoU9TH257giveiwUp
d5VRwwZfwfoec+EKh0Iazlh46yU0YnRbpIyjNZo0FNhCSqjUx/OScasja9eh/qNZ
athElXNUSZaCOvgdlqJrHVwHmRLz4/ZtjHXSm3AN1JFhXoI9lXScfvZu5pqAB4LK
CGZzpSA0WD+DvbXtPv/wHNrgnIV0XirzYj8qFKMtFuYXA9WZqotuyn17QuKE70t8
hFL/as9OiFFHisMSRrtlU2kzbtoqADwFyCfO4TQVS5ye0d706YUbrt4/dMBOJa4a
VPutD8ubRKgt8PcGCJtbtiDa8QG7JHbY+Ckqauu+yxCSElvAyIWcP0awpbL/
-----END CERTIFICATE-----
Generated at Sat May 4 12:53:07 2024 by rpki-client on console-ams.rpki-client.org