Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/YG4GH2kbor4nZ_HdlU4bXsM_ISU.roa
File: YG4GH2kbor4nZ_HdlU4bXsM_ISU.roa (raw, json)
Hash identifier: orPHPnq001m59xqGhWWhOTcNNv+UhgU5D7ZAydlYwJ0=
Subject key identifier: 60:6E:06:1F:69:1B:A2:BE:27:67:F1:DD:95:4E:1B:5E:C3:3F:21:25
Certificate issuer: /CN=4b529a4d22faef23135d6eff8912266623c49255
Certificate serial: 019426D9F0E94178ED4218911EDB6B9DA030
Authority key identifier: 4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/YG4GH2kbor4nZ_HdlU4bXsM_ISU.roa
Signing time: Thu 02 Jan 2025 11:50:04 +0000
ROA not before: Thu 02 Jan 2025 11:50:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42705
IP address blocks: 5.11.16.0/22 maxlen: 22
5.11.16.0/23 maxlen: 23
5.11.16.0/24 maxlen: 24
5.11.17.0/24 maxlen: 24
5.11.18.0/23 maxlen: 23
5.11.18.0/24 maxlen: 24
5.11.21.0/24 maxlen: 24
5.11.22.0/24 maxlen: 24
5.11.24.0/21 maxlen: 21
5.11.24.0/22 maxlen: 22
5.11.24.0/23 maxlen: 23
5.11.24.0/24 maxlen: 24
5.11.25.0/24 maxlen: 24
5.11.26.0/23 maxlen: 23
5.11.26.0/24 maxlen: 24
5.11.27.0/24 maxlen: 24
80.251.10.0/24 maxlen: 24
80.251.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.mft
rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Apr 2025 11:01:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:f0:e9:41:78:ed:42:18:91:1e:db:6b:9d:a0:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b529a4d22faef23135d6eff8912266623c49255
Validity
Not Before: Jan 2 11:50:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=606e061f691ba2be2767f1dd954e1b5ec33f2125
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:3b:ca:8c:9e:9e:7c:b9:33:b0:9a:8a:7e:08:
83:9d:16:ca:a4:32:fa:a6:31:1d:9a:a4:ac:0f:59:
d5:6b:cc:9f:d5:2b:d0:31:55:60:cc:d0:52:40:10:
fc:20:29:4b:ca:08:23:50:06:a6:b1:8e:98:d5:82:
b9:88:1e:39:91:28:ee:6f:dc:04:1b:f5:d7:58:43:
aa:e1:8b:ad:76:db:b2:44:b3:2e:0c:ee:f4:e8:7b:
8e:8e:59:3d:0b:5c:cc:88:ca:c4:e2:55:6f:b8:e0:
b9:dc:91:d1:df:f6:74:42:d6:53:a9:b6:62:3c:c0:
36:81:22:d9:a8:40:44:78:c8:e2:70:08:ca:6d:3c:
94:8e:77:93:44:89:a2:62:c5:92:c5:af:24:10:dd:
85:ce:bc:31:d5:ae:b3:bf:11:42:8f:5d:71:9a:95:
89:e0:7d:24:1e:ac:a3:30:25:e3:c1:e0:51:6b:51:
7c:b8:31:33:54:b2:ee:8d:17:be:d3:92:d4:0b:44:
40:60:8a:0d:5b:c2:17:be:fb:06:35:01:6c:28:8d:
02:c0:da:12:8e:22:40:d6:61:ee:57:63:00:38:f1:
51:6d:96:3b:d6:49:a6:e2:f1:61:0a:83:79:46:fd:
18:0b:f3:29:bb:aa:48:65:38:0e:d2:9f:57:43:1f:
ae:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:6E:06:1F:69:1B:A2:BE:27:67:F1:DD:95:4E:1B:5E:C3:3F:21:25
X509v3 Authority Key Identifier:
keyid:4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/YG4GH2kbor4nZ_HdlU4bXsM_ISU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.16.0/22
5.11.21.0-5.11.22.255
5.11.24.0/21
80.251.10.0/23
Signature Algorithm: sha256WithRSAEncryption
91:30:fc:24:0d:2e:75:b3:69:96:db:ea:4c:1f:65:d8:05:af:
00:b6:ad:4f:a7:ec:c8:81:82:f9:51:81:e0:1c:6e:41:bc:98:
91:ea:a2:94:27:ea:82:dc:78:12:e1:19:06:96:42:ce:be:9f:
56:cb:f0:2e:43:81:d1:08:84:98:d9:df:10:a5:b8:e6:17:dd:
27:fc:f0:43:0d:d6:ab:9e:ff:5f:0f:a5:c1:e8:c4:b0:d4:49:
01:ff:49:f4:d5:d1:0a:74:ed:28:d2:2d:fa:18:ae:19:a3:e4:
b8:ac:1f:1a:4a:c2:6d:34:e3:12:bd:53:1b:71:2e:6d:d7:45:
43:eb:a2:72:3e:60:0d:6e:2f:de:4b:3e:28:28:79:7c:04:e7:
81:2b:13:89:1c:3a:57:d1:8f:cb:96:9f:90:e5:1a:09:06:92:
dc:4b:07:d3:61:06:06:fc:55:39:45:c7:4f:c2:a4:97:a3:e3:
a3:d9:ae:53:5d:da:af:01:3f:5a:4c:c0:49:03:95:4d:a2:13:
49:4d:91:0b:fc:3c:74:40:d7:ea:f4:89:69:30:22:c0:10:15:
df:78:d9:3e:35:c0:0d:50:8b:b5:f7:45:fd:43:6b:ce:10:bc:
c5:49:d2:33:18:cc:24:7a:d2:84:3a:7f:77:b8:9a:23:bf:aa:
1f:5d:ee:ba
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQm2fDpQXjtQhiRHttrnaAwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNTI5YTRkMjJmYWVmMjMxMzVkNmVmZjg5MTIyNjY2MjNj
NDkyNTUwHhcNMjUwMTAyMTE1MDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDZlMDYxZjY5MWJhMmJlMjc2N2YxZGQ5NTRlMWI1ZWMzM2YyMTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzvKjJ6efLkzsJqKfgiDnRbKpDL6
pjEdmqSsD1nVa8yf1SvQMVVgzNBSQBD8IClLyggjUAamsY6Y1YK5iB45kSjub9wE
G/XXWEOq4YutdtuyRLMuDO706HuOjlk9C1zMiMrE4lVvuOC53JHR3/Z0QtZTqbZi
PMA2gSLZqEBEeMjicAjKbTyUjneTRImiYsWSxa8kEN2Fzrwx1a6zvxFCj11xmpWJ
4H0kHqyjMCXjweBRa1F8uDEzVLLujRe+05LUC0RAYIoNW8IXvvsGNQFsKI0CwNoS
jiJA1mHuV2MAOPFRbZY71kmm4vFhCoN5Rv0YC/Mpu6pIZTgO0p9XQx+uTwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGBuBh9pG6K+J2fx3ZVOG17DPyElMB8GA1UdIwQY
MBaAFEtSmk0i+u8jE11u/4kSJmYjxJJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTct
MzZhZTc2ZWU5ODNlLzEvWUc0R0gya2JvcjRuWl9IZGxVNGJYc01fSVNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTctMzZhZTc2ZWU5ODNl
LzEvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCBQsQMAwD
BAAFCxUDBAAFCxYDBAMFCxgDBAFQ+wowDQYJKoZIhvcNAQELBQADggEBAJEw/CQN
LnWzaZbb6kwfZdgFrwC2rU+n7MiBgvlRgeAcbkG8mJHqopQn6oLceBLhGQaWQs6+
n1bL8C5DgdEIhJjZ3xCluOYX3Sf88EMN1que/18PpcHoxLDUSQH/SfTV0Qp07SjS
LfoYrhmj5LisHxpKwm004xK9UxtxLm3XRUPronI+YA1uL95LPigoeXwE54ErE4kc
OlfRj8uWn5DlGgkGktxLB9NhBgb8VTlFx0/CpJej46PZrlNd2q8BP1pMwEkDlU2i
E0lNkQv8PHRA1+r0iWkwIsAQFd942T41wA1Qi7X3Rf1Da84QvMVJ0jMYzCR60oQ6
f3e4miO/qh9d7ro=
-----END CERTIFICATE-----
Generated at Mon Apr 14 16:40:31 2025 by rpki-client