Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/YcddWRNkcNBtg2GRMDNHHw9mFJ4.roa
File: YcddWRNkcNBtg2GRMDNHHw9mFJ4.roa (raw, json)
Hash identifier: G/xopPnzXkAvpcbYnZmulnHRu0yyJM+YK09jXPq59tw=
Subject key identifier: 61:C7:5D:59:13:64:70:D0:6D:83:61:91:30:33:47:1F:0F:66:14:9E
Certificate issuer: /CN=f4b762950eb7916668bbfa8d1b870560b1ca7739
Certificate serial: 019624FC59B7DA26D503274822ECD322664C
Authority key identifier: F4:B7:62:95:0E:B7:91:66:68:BB:FA:8D:1B:87:05:60:B1:CA:77:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LdilQ63kWZou_qNG4cFYLHKdzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/YcddWRNkcNBtg2GRMDNHHw9mFJ4.roa
Signing time: Fri 11 Apr 2025 13:13:59 +0000
ROA not before: Fri 11 Apr 2025 13:13:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213245
IP address blocks: 84.17.69.0/24 maxlen: 24
84.17.72.0/24 maxlen: 24
84.17.79.0/24 maxlen: 24
84.17.88.0/24 maxlen: 24
84.17.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/9LdilQ63kWZou_qNG4cFYLHKdzk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/9LdilQ63kWZou_qNG4cFYLHKdzk.mft
rsync://rpki.ripe.net/repository/DEFAULT/9LdilQ63kWZou_qNG4cFYLHKdzk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:24:fc:59:b7:da:26:d5:03:27:48:22:ec:d3:22:66:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b762950eb7916668bbfa8d1b870560b1ca7739
Validity
Not Before: Apr 11 13:13:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=61c75d59136470d06d8361913033471f0f66149e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a6:10:1b:34:12:78:49:32:fe:2c:46:3f:be:
9e:a3:c8:a5:5a:f7:52:64:79:3b:17:79:f7:ae:33:
8b:3f:3f:e3:22:11:31:22:c6:fe:3f:63:b4:22:7f:
bd:96:cb:87:68:05:f8:1d:f9:49:6c:a1:f6:a6:c0:
83:1c:84:da:f6:ae:e6:1d:6c:55:24:d0:6d:61:f2:
b3:41:3d:2d:2a:d0:f1:f8:7d:2c:9c:30:d0:1c:b1:
ca:1e:5d:cb:d6:77:01:a1:99:0f:99:9a:6d:bf:f6:
53:ce:41:15:9e:e0:48:9e:97:6c:ff:1b:60:c2:f6:
e9:14:b2:51:66:02:97:e7:07:67:8e:f1:aa:c4:98:
22:e5:ec:b1:88:c2:7b:d7:0c:44:47:88:52:05:08:
76:9c:95:ee:02:6c:39:af:27:df:11:f9:3f:fd:87:
6e:13:af:64:2f:7a:a2:43:a4:ff:3f:e7:53:46:b6:
0e:e4:31:2e:1c:0a:8f:eb:47:2f:35:de:9e:00:9b:
4d:e1:d0:f7:a1:84:0d:f8:a0:ef:c7:56:c9:c4:82:
42:52:8e:59:22:3a:8a:7a:95:1b:fd:09:a7:18:df:
21:ce:9d:68:17:30:45:1d:16:7c:a4:5e:a9:2c:23:
75:70:92:f3:c7:96:71:6c:af:76:d1:29:88:ca:71:
34:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:C7:5D:59:13:64:70:D0:6D:83:61:91:30:33:47:1F:0F:66:14:9E
X509v3 Authority Key Identifier:
keyid:F4:B7:62:95:0E:B7:91:66:68:BB:FA:8D:1B:87:05:60:B1:CA:77:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LdilQ63kWZou_qNG4cFYLHKdzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/YcddWRNkcNBtg2GRMDNHHw9mFJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/9LdilQ63kWZou_qNG4cFYLHKdzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.17.69.0/24
84.17.72.0/24
84.17.79.0/24
84.17.88.0/24
84.17.95.0/24
Signature Algorithm: sha256WithRSAEncryption
84:68:15:57:9a:c0:b8:2b:9d:8b:8a:41:de:09:76:12:54:ab:
83:fb:f4:fb:46:c5:ac:06:b2:fb:d9:58:c5:fd:7e:9a:95:c8:
e3:63:07:73:6a:8e:b9:60:8c:df:c6:21:b2:70:43:7d:38:74:
99:32:55:d2:ed:c6:57:01:1c:b4:5d:21:21:6e:4b:84:ae:9d:
ce:07:ac:02:11:b6:71:de:d5:7c:ad:58:d8:09:31:c8:e7:97:
1a:9a:56:a0:13:7f:14:9b:e7:85:64:8d:af:04:4e:e6:e9:c9:
02:a1:34:fc:f2:e4:52:c6:ea:21:40:3f:d4:f4:93:20:24:cc:
fb:99:b9:38:6e:13:76:f3:6e:64:a2:9e:0a:d3:ca:7f:a6:e3:
00:ae:be:d9:99:d0:b7:f6:59:3f:17:8c:23:30:e2:4d:84:06:
05:d7:2c:42:f1:49:b6:7f:8b:25:ff:8d:c7:0c:5c:32:c0:49:
2a:b3:5a:98:04:e4:fa:8e:d0:d7:e4:dd:f6:99:fe:6a:84:3c:
bc:d5:7f:45:53:79:00:33:8d:fb:84:3d:43:80:c1:b6:74:7c:
fd:5e:1c:fe:54:27:14:c8:96:66:47:f5:b0:37:bf:06:83:82:
cb:a2:9c:5a:cd:97:59:df:b5:9e:e1:43:bb:e7:ce:65:1c:82:
18:55:b7:af
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZYk/Fm32ibVAydIIuzTImZMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0Yjc2Mjk1MGViNzkxNjY2OGJiZmE4ZDFiODcwNTYwYjFj
YTc3MzkwHhcNMjUwNDExMTMxMzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWM3NWQ1OTEzNjQ3MGQwNmQ4MzYxOTEzMDMzNDcxZjBmNjYxNDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKYQGzQSeEky/ixGP76eo8ilWvdS
ZHk7F3n3rjOLPz/jIhExIsb+P2O0In+9lsuHaAX4HflJbKH2psCDHITa9q7mHWxV
JNBtYfKzQT0tKtDx+H0snDDQHLHKHl3L1ncBoZkPmZptv/ZTzkEVnuBInpds/xtg
wvbpFLJRZgKX5wdnjvGqxJgi5eyxiMJ71wxER4hSBQh2nJXuAmw5ryffEfk//Ydu
E69kL3qiQ6T/P+dTRrYO5DEuHAqP60cvNd6eAJtN4dD3oYQN+KDvx1bJxIJCUo5Z
IjqKepUb/QmnGN8hzp1oFzBFHRZ8pF6pLCN1cJLzx5ZxbK920SmIynE09QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGHHXVkTZHDQbYNhkTAzRx8PZhSeMB8GA1UdIwQY
MBaAFPS3YpUOt5FmaLv6jRuHBWCxync5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxkaWxRNjNrV1pvdV9xTkc0Y0ZZTEhLZHprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8wYjIzYzUtMjFiNS00YWIzLTk3YTAt
MmY4ZGYxODdmOThiLzEvWWNkZFdSTmtjTkJ0ZzJHUk1ETkhIdzltRko0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8wYjIzYzUtMjFiNS00YWIzLTk3YTAtMmY4ZGYxODdmOThi
LzEvOUxkaWxRNjNrV1pvdV9xTkc0Y0ZZTEhLZHprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVBFFAwQA
VBFIAwQAVBFPAwQAVBFYAwQAVBFfMA0GCSqGSIb3DQEBCwUAA4IBAQCEaBVXmsC4
K52LikHeCXYSVKuD+/T7RsWsBrL72VjF/X6alcjjYwdzao65YIzfxiGycEN9OHSZ
MlXS7cZXARy0XSEhbkuErp3OB6wCEbZx3tV8rVjYCTHI55camlagE38Um+eFZI2v
BE7m6ckCoTT88uRSxuohQD/U9JMgJMz7mbk4bhN2825kop4K08p/puMArr7ZmdC3
9lk/F4wjMOJNhAYF1yxC8Um2f4sl/43HDFwywEkqs1qYBOT6jtDX5N32mf5qhDy8
1X9FU3kAM437hD1DgMG2dHz9Xhz+VCcUyJZmR/WwN78Gg4LLopxazZdZ37We4UO7
585lHIIYVbev
-----END CERTIFICATE-----
Generated at Sun Jun 8 02:02:29 2025 by rpki-client