Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/f30b54-24f7-4019-91cb-ada6e64307c9/1/yfIQIEY5e0z3kGiSsCEdSwbnJb0.roa
File: yfIQIEY5e0z3kGiSsCEdSwbnJb0.roa (raw, json)
Hash identifier: iurUwQ0NdKkCLKrKwiD5EPdX2eAsm71cth7fx47wsME=
Subject key identifier: C9:F2:10:20:46:39:7B:4C:F7:90:68:92:B0:21:1D:4B:06:E7:25:BD
Certificate issuer: /CN=c8f6a72c343e764776244a2ff11271feb22edff9
Certificate serial: 018CF96786ACF42BAB6C60019C510AEB102E
Authority key identifier: C8:F6:A7:2C:34:3E:76:47:76:24:4A:2F:F1:12:71:FE:B2:2E:DF:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yPanLDQ-dkd2JEov8RJx_rIu3_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/f30b54-24f7-4019-91cb-ada6e64307c9/1/yfIQIEY5e0z3kGiSsCEdSwbnJb0.roa
Signing time: Thu 11 Jan 2024 16:42:40 +0000
ROA not before: Thu 11 Jan 2024 16:42:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43655
IP address blocks: 193.148.2.0/23 maxlen: 23
78.24.138.0/24 maxlen: 24
78.24.138.0/23 maxlen: 23
78.24.137.0/24 maxlen: 24
78.24.136.0/23 maxlen: 23
78.24.136.0/24 maxlen: 24
78.24.136.0/21 maxlen: 21
78.24.139.0/24 maxlen: 24
2a00:e70::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/f30b54-24f7-4019-91cb-ada6e64307c9/1/yPanLDQ-dkd2JEov8RJx_rIu3_k.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/f30b54-24f7-4019-91cb-ada6e64307c9/1/yPanLDQ-dkd2JEov8RJx_rIu3_k.mft
rsync://rpki.ripe.net/repository/DEFAULT/yPanLDQ-dkd2JEov8RJx_rIu3_k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f9:67:86:ac:f4:2b:ab:6c:60:01:9c:51:0a:eb:10:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8f6a72c343e764776244a2ff11271feb22edff9
Validity
Not Before: Jan 11 16:42:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9f2102046397b4cf7906892b0211d4b06e725bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c2:61:16:5b:23:0d:06:88:3b:ff:c8:d0:d7:
f8:7a:19:f8:42:24:bc:52:ae:6d:e6:02:c5:67:bf:
33:95:d0:ca:0e:07:8f:a9:f5:1d:46:ed:0d:ff:95:
90:d4:7c:8f:df:db:4e:cc:51:35:99:e2:8a:32:9f:
fb:40:72:3c:43:af:07:50:dd:00:81:09:54:b1:b2:
1d:0b:c5:3a:13:4c:d3:94:be:b9:5b:92:56:b8:bf:
72:ad:c5:ba:59:22:8f:dc:65:01:eb:53:fc:96:13:
56:8c:11:59:7a:65:a8:ec:26:3b:d8:43:45:a8:2a:
a5:d7:4b:a6:4b:94:38:90:c5:83:3b:c2:aa:96:de:
1b:74:ef:52:d5:d3:9b:6c:4e:c8:ad:0c:47:44:ef:
1d:db:51:34:2f:23:a8:5d:f4:45:0e:aa:e2:33:c4:
69:e1:c1:55:d8:17:5d:ee:fa:aa:67:4a:f1:c1:1e:
54:4e:57:93:2e:17:ed:e8:14:1f:b0:7e:70:06:b8:
43:2a:9f:49:e0:4c:3f:9c:22:6e:0b:be:2c:11:8d:
be:55:8b:66:1f:76:fc:0a:cd:02:50:a7:1e:b5:6d:
ec:44:60:a6:7d:b8:3e:00:66:26:e7:71:07:c2:b8:
4f:87:8a:04:63:8c:90:c8:05:a4:93:58:10:d5:36:
c6:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:F2:10:20:46:39:7B:4C:F7:90:68:92:B0:21:1D:4B:06:E7:25:BD
X509v3 Authority Key Identifier:
keyid:C8:F6:A7:2C:34:3E:76:47:76:24:4A:2F:F1:12:71:FE:B2:2E:DF:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yPanLDQ-dkd2JEov8RJx_rIu3_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/f30b54-24f7-4019-91cb-ada6e64307c9/1/yfIQIEY5e0z3kGiSsCEdSwbnJb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/f30b54-24f7-4019-91cb-ada6e64307c9/1/yPanLDQ-dkd2JEov8RJx_rIu3_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.24.136.0/21
193.148.2.0/23
IPv6:
2a00:e70::/32
Signature Algorithm: sha256WithRSAEncryption
74:ff:f6:99:34:91:9a:ca:7a:44:a1:11:39:35:2c:71:81:66:
d5:cf:da:36:5c:5c:58:bf:a3:0a:d9:ef:9b:e9:c4:82:64:66:
c1:56:b3:75:8e:a6:e7:ae:e3:30:11:bc:f7:86:3a:1d:58:81:
6a:4b:0c:ce:57:36:d4:12:e7:30:0f:ad:87:d1:79:f6:6c:0e:
bb:81:33:c2:a4:01:b7:2e:58:58:54:64:a1:7f:7c:23:00:3e:
76:f6:d8:94:9b:2c:e3:6b:de:be:21:4c:21:86:79:72:e6:43:
a8:aa:30:84:31:68:c7:2e:a9:19:f8:f5:9b:8b:e3:bf:a1:87:
3c:66:c8:c1:44:cd:8c:92:68:79:83:a6:a1:1b:b2:31:4e:3a:
e4:dc:50:09:fd:48:8a:9f:33:f4:5a:49:15:3c:f3:0a:38:10:
f7:61:d5:3d:1e:17:c6:72:f2:55:2a:be:2a:f9:5d:6d:83:2e:
90:01:d9:10:d4:0b:04:38:4c:e0:bb:5c:19:8a:99:db:8e:46:
22:7e:89:67:37:d2:61:bf:12:59:78:42:fa:38:df:4e:15:b6:
01:30:8b:42:c4:44:09:a3:50:09:61:9f:fc:7c:63:d8:28:19:
28:9c:bc:50:28:4b:17:11:e3:2f:a1:26:7c:3d:59:64:50:85:
4c:c2:40:ff
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYz5Z4as9CurbGABnFEK6xAuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZjZhNzJjMzQzZTc2NDc3NjI0NGEyZmYxMTI3MWZlYjIy
ZWRmZjkwHhcNMjQwMTExMTY0MjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWYyMTAyMDQ2Mzk3YjRjZjc5MDY4OTJiMDIxMWQ0YjA2ZTcyNWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8JhFlsjDQaIO//I0Nf4ehn4QiS8
Uq5t5gLFZ78zldDKDgePqfUdRu0N/5WQ1HyP39tOzFE1meKKMp/7QHI8Q68HUN0A
gQlUsbIdC8U6E0zTlL65W5JWuL9yrcW6WSKP3GUB61P8lhNWjBFZemWo7CY72ENF
qCql10umS5Q4kMWDO8Kqlt4bdO9S1dObbE7IrQxHRO8d21E0LyOoXfRFDqriM8Rp
4cFV2Bdd7vqqZ0rxwR5UTleTLhft6BQfsH5wBrhDKp9J4Ew/nCJuC74sEY2+VYtm
H3b8Cs0CUKcetW3sRGCmfbg+AGYm53EHwrhPh4oEY4yQyAWkk1gQ1TbGkwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMnyECBGOXtM95BokrAhHUsG5yW9MB8GA1UdIwQY
MBaAFMj2pyw0PnZHdiRKL/EScf6yLt/5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVBhbkxEUS1ka2QySkVvdjhSSnhfckl1M19rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9mMzBiNTQtMjRmNy00MDE5LTkxY2It
YWRhNmU2NDMwN2M5LzEveWZJUUlFWTVlMHoza0dpU3NDRWRTd2JuSmIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9mMzBiNTQtMjRmNy00MDE5LTkxY2ItYWRhNmU2NDMwN2M5
LzEveVBhbkxEUS1ka2QySkVvdjhSSnhfckl1M19rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDThiIAwQB
wZQCMA0EAgACMAcDBQAqAA5wMA0GCSqGSIb3DQEBCwUAA4IBAQB0//aZNJGaynpE
oRE5NSxxgWbVz9o2XFxYv6MK2e+b6cSCZGbBVrN1jqbnruMwEbz3hjodWIFqSwzO
VzbUEucwD62H0Xn2bA67gTPCpAG3LlhYVGShf3wjAD529tiUmyzja96+IUwhhnly
5kOoqjCEMWjHLqkZ+PWbi+O/oYc8ZsjBRM2Mkmh5g6ahG7IxTjrk3FAJ/UiKnzP0
WkkVPPMKOBD3YdU9HhfGcvJVKr4q+V1tgy6QAdkQ1AsEOEzgu1wZipnbjkYifoln
N9JhvxJZeEL6ON9OFbYBMItCxEQJo1AJYZ/8fGPYKBkonLxQKEsXEeMvoSZ8PVlk
UIVMwkD/
-----END CERTIFICATE-----
Generated at Sat Nov 23 14:27:56 2024 by rpki-client on console-fra.rpki-client.org