Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/yuRbahCEX0XfZB3zsyxk5jtjG70.roa
File: yuRbahCEX0XfZB3zsyxk5jtjG70.roa (raw, json)
Hash identifier: eI39Ms/72pkhlBo3dkzi906eGKagDohJOPt64L2o5Ls=
Subject key identifier: CA:E4:5B:6A:10:84:5F:45:DF:64:1D:F3:B3:2C:64:E6:3B:63:1B:BD
Certificate issuer: /CN=4cbfd3e72d4a0396f95347336b42678f68c26430
Certificate serial: 018F38DA887EE3AE93E531EB9F939239553B
Authority key identifier: 4C:BF:D3:E7:2D:4A:03:96:F9:53:47:33:6B:42:67:8F:68:C2:64:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TL_T5y1KA5b5U0cza0Jnj2jCZDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/yuRbahCEX0XfZB3zsyxk5jtjG70.roa
Signing time: Thu 02 May 2024 10:29:56 +0000
ROA not before: Thu 02 May 2024 10:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199984
IP address blocks: 185.40.84.0/24 maxlen: 24
185.40.85.0/24 maxlen: 24
2a04:8340:8340::/48 maxlen: 48
2a04:8340:8341::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/TL_T5y1KA5b5U0cza0Jnj2jCZDA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/TL_T5y1KA5b5U0cza0Jnj2jCZDA.mft
rsync://rpki.ripe.net/repository/DEFAULT/TL_T5y1KA5b5U0cza0Jnj2jCZDA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:38:da:88:7e:e3:ae:93:e5:31:eb:9f:93:92:39:55:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cbfd3e72d4a0396f95347336b42678f68c26430
Validity
Not Before: May 2 10:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cae45b6a10845f45df641df3b32c64e63b631bbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:93:b1:5b:56:db:45:a8:8f:06:9d:e5:2c:9b:
43:7b:f4:00:5a:1e:8f:94:d2:99:16:70:2c:6a:ab:
86:a7:fa:0a:f9:02:58:1c:e0:a3:f6:3f:b9:3a:e4:
e3:42:cc:35:26:53:2f:e4:9a:5a:0b:8c:66:4e:56:
f2:84:ae:83:1d:b6:6c:b3:07:6b:cd:8c:b3:44:af:
75:cb:a7:66:62:ed:1c:87:dc:aa:d8:99:54:ed:95:
5f:d3:d4:07:ba:ef:8f:8e:6d:4a:4a:0a:5a:9b:b5:
16:16:8c:24:f9:a8:59:6c:d0:c1:c1:f8:5d:d4:2f:
b0:12:32:f6:5a:c2:aa:d5:0a:4e:f8:49:6f:7d:d9:
f0:97:ed:3f:8b:00:a0:04:26:b9:43:bb:a4:61:9b:
0b:4f:a2:ea:20:35:d9:8b:e2:bc:f6:c7:75:64:19:
cf:96:4d:38:3d:0d:1a:9d:53:17:15:28:1c:46:9d:
0b:3c:c0:ad:75:b2:20:5b:2b:5e:d0:05:0e:d0:36:
c1:d9:0e:c4:bd:cc:79:7e:b5:6d:e3:1a:90:02:2f:
5e:9e:fa:4d:a6:1f:bb:fe:d1:37:7e:7b:6f:11:9c:
8a:49:b4:f3:99:04:d0:e7:3a:58:7b:6f:54:28:52:
14:33:fd:75:e0:b4:04:d0:80:d2:34:1c:6e:0d:cd:
77:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:E4:5B:6A:10:84:5F:45:DF:64:1D:F3:B3:2C:64:E6:3B:63:1B:BD
X509v3 Authority Key Identifier:
keyid:4C:BF:D3:E7:2D:4A:03:96:F9:53:47:33:6B:42:67:8F:68:C2:64:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TL_T5y1KA5b5U0cza0Jnj2jCZDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/yuRbahCEX0XfZB3zsyxk5jtjG70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/TL_T5y1KA5b5U0cza0Jnj2jCZDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.84.0/23
IPv6:
2a04:8340:8340::/47
Signature Algorithm: sha256WithRSAEncryption
19:a0:08:ca:65:10:3a:39:14:b6:f5:68:32:5b:16:d9:88:a7:
84:2d:29:e4:c7:4b:8b:08:bc:f8:c5:de:2d:7c:a4:98:4b:d5:
47:27:1c:0e:6f:48:e5:e5:f4:fb:09:49:8e:ef:cf:26:a7:c8:
14:36:bb:06:75:e9:96:8d:77:64:7c:fa:8a:68:0c:f0:99:da:
8e:4a:1d:0b:69:47:dc:d8:85:82:49:32:cd:f9:02:97:ae:82:
25:07:97:cf:a9:d9:e6:b7:18:e4:af:79:c0:36:59:b3:98:f5:
ec:7e:65:34:da:d1:31:70:79:09:07:cc:42:ff:a8:73:22:f0:
0c:b3:55:1a:8f:7e:e5:59:00:91:76:64:a6:28:94:80:f6:f4:
5a:97:c0:8e:97:47:29:d7:23:02:1a:bb:a5:00:39:38:ce:23:
24:ab:d8:dd:d8:2b:54:4f:29:8b:52:de:7c:17:33:92:f7:c7:
54:42:92:0b:3c:a3:f8:04:40:24:01:75:02:2c:fd:0c:4b:98:
25:e4:ae:6a:5a:30:18:b7:f5:ea:e9:eb:a9:f4:a6:35:74:2e:
c8:d4:6d:69:0b:c4:51:30:c0:87:ee:eb:65:3e:c5:2f:b6:dd:
94:45:eb:be:d9:1c:06:39:08:dd:ce:53:39:0e:a7:f8:ce:78:
c4:f2:da:bd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY842oh+466T5THrn5OSOVU7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYmZkM2U3MmQ0YTAzOTZmOTUzNDczMzZiNDI2NzhmNjhj
MjY0MzAwHhcNMjQwNTAyMTAyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWU0NWI2YTEwODQ1ZjQ1ZGY2NDFkZjNiMzJjNjRlNjNiNjMxYmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ZOxW1bbRaiPBp3lLJtDe/QAWh6P
lNKZFnAsaquGp/oK+QJYHOCj9j+5OuTjQsw1JlMv5JpaC4xmTlbyhK6DHbZsswdr
zYyzRK91y6dmYu0ch9yq2JlU7ZVf09QHuu+Pjm1KSgpam7UWFowk+ahZbNDBwfhd
1C+wEjL2WsKq1QpO+Elvfdnwl+0/iwCgBCa5Q7ukYZsLT6LqIDXZi+K89sd1ZBnP
lk04PQ0anVMXFSgcRp0LPMCtdbIgWyte0AUO0DbB2Q7Evcx5frVt4xqQAi9envpN
ph+7/tE3fntvEZyKSbTzmQTQ5zpYe29UKFIUM/114LQE0IDSNBxuDc13ywIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMrkW2oQhF9F32Qd87MsZOY7Yxu9MB8GA1UdIwQY
MBaAFEy/0+ctSgOW+VNHM2tCZ49owmQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVExfVDV5MUtBNWI1VTBjemEwSm5qMmpDWkRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9iNTczM2ItMzg5MS00NDliLTk5NTAt
ZmY2MGUyMThlZDQxLzEveXVSYmFoQ0VYMFhmWkIzenN5eGs1anRqRzcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9iNTczM2ItMzg5MS00NDliLTk5NTAtZmY2MGUyMThlZDQx
LzEvVExfVDV5MUtBNWI1VTBjemEwSm5qMmpDWkRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBuShUMA8E
AgACMAkDBwEqBINAg0AwDQYJKoZIhvcNAQELBQADggEBABmgCMplEDo5FLb1aDJb
FtmIp4QtKeTHS4sIvPjF3i18pJhL1UcnHA5vSOXl9PsJSY7vzyanyBQ2uwZ16ZaN
d2R8+opoDPCZ2o5KHQtpR9zYhYJJMs35ApeugiUHl8+p2ea3GOSvecA2WbOY9ex+
ZTTa0TFweQkHzEL/qHMi8AyzVRqPfuVZAJF2ZKYolID29FqXwI6XRynXIwIau6UA
OTjOIySr2N3YK1RPKYtS3nwXM5L3x1RCkgs8o/gEQCQBdQIs/QxLmCXkrmpaMBi3
9erp66n0pjV0LsjUbWkLxFEwwIfu62U+xS+23ZRF677ZHAY5CN3OUzkOp/jOeMTy
2r0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:53:47 2024 by rpki-client on console-fra.rpki-client.org