Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ypg00VatAkl0XJz_JH-aS139Xm0.roa
File: ypg00VatAkl0XJz_JH-aS139Xm0.roa (raw, json)
Hash identifier: 2MwBKgmUDqF8VG45kpQ8iivFEzF253DGR0ej8sCa+Sw=
Subject key identifier: CA:98:34:D1:56:AD:02:49:74:5C:9C:FF:24:7F:9A:4B:5D:FD:5E:6D
Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial: 0190FDE950E3B8AA83E3D64FE018C8ACABBA
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ypg00VatAkl0XJz_JH-aS139Xm0.roa
Signing time: Mon 29 Jul 2024 09:54:04 +0000
ROA not before: Mon 29 Jul 2024 09:54:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42689
IP address blocks: 77.111.120.0/24 maxlen: 24
77.111.122.0/24 maxlen: 24
91.190.188.0/24 maxlen: 24
91.190.190.0/24 maxlen: 24
92.61.96.0/24 maxlen: 24
92.61.98.0/24 maxlen: 24
92.61.99.0/24 maxlen: 24
92.61.100.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:fd:e9:50:e3:b8:aa:83:e3:d6:4f:e0:18:c8:ac:ab:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Validity
Not Before: Jul 29 09:54:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca9834d156ad0249745c9cff247f9a4b5dfd5e6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e6:7c:fb:c1:38:0d:bb:d3:60:6f:15:06:29:
29:8f:21:12:5f:dd:c2:9d:06:fe:9a:5e:e9:8f:12:
5d:cf:d9:e6:cb:5d:e3:ab:61:3c:f1:f8:d3:46:e8:
87:ca:04:95:a9:cd:5b:72:e4:13:0b:48:d1:58:37:
3e:3b:4a:5e:30:1e:65:0b:f8:c4:6f:43:49:19:fd:
d4:d6:9a:10:38:5e:b7:ff:21:db:f5:34:eb:13:ee:
37:73:65:86:f9:4f:2c:95:78:2f:bc:00:27:aa:21:
92:ec:18:c9:d0:ba:4e:52:4f:22:17:b7:ef:b7:28:
32:cc:da:d4:f4:9c:c4:ce:e4:77:ff:d5:95:2f:51:
ae:ff:bc:97:fe:c0:94:8a:88:6f:9f:d8:ea:db:c3:
0b:3d:72:93:96:cc:df:6a:61:dc:df:0a:e9:53:76:
88:6e:61:9a:bc:ee:26:a9:f7:25:3a:c1:73:74:7f:
7f:41:86:db:70:4a:61:eb:10:bc:66:ba:11:3d:f5:
3f:67:f7:c8:d5:fb:c3:ac:11:7b:9c:ef:83:04:0e:
3f:1c:55:5f:d1:bd:8c:dd:be:39:99:72:6a:0a:d2:
6b:c1:9b:f9:98:c5:c4:0f:ee:71:ac:99:c5:83:a7:
93:64:e6:95:88:53:e9:8d:7c:52:86:1a:78:f6:9c:
c8:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:98:34:D1:56:AD:02:49:74:5C:9C:FF:24:7F:9A:4B:5D:FD:5E:6D
X509v3 Authority Key Identifier:
keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ypg00VatAkl0XJz_JH-aS139Xm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.111.120.0/24
77.111.122.0/24
91.190.188.0/24
91.190.190.0/24
92.61.96.0/24
92.61.98.0-92.61.101.255
Signature Algorithm: sha256WithRSAEncryption
6e:0d:ee:a8:ee:2c:c8:de:77:1c:b3:a4:eb:68:14:ab:32:d0:
73:d4:0a:4c:bb:ef:2a:25:e8:70:ee:18:58:c3:a3:cf:8d:90:
14:e1:86:c8:ec:1c:42:f4:bb:85:53:7e:79:7d:ca:94:0f:11:
c7:61:07:7f:d0:68:3f:cd:a3:f5:25:59:76:40:39:22:7c:bb:
fb:fa:21:f3:28:f6:06:c4:b8:9e:ec:74:54:62:4e:9f:70:2d:
22:c2:73:06:5c:15:6a:67:36:ca:ab:0b:cf:7f:8d:d3:4e:0b:
09:e9:7c:1d:9b:52:08:7a:5e:53:33:a5:e5:6e:d0:32:58:85:
09:c7:3a:fa:de:64:df:ce:6a:83:e9:2f:82:c7:c3:9c:48:ad:
e0:2c:1b:84:cb:ef:35:fe:84:38:51:a9:57:c2:ae:8f:f1:05:
53:e9:d8:ad:5e:22:3a:91:3b:fe:36:95:c0:fc:1b:03:16:a9:
19:69:66:3e:04:cd:15:29:ec:52:a2:03:4f:86:42:60:da:d2:
3a:08:c3:62:83:06:06:ef:c6:47:65:62:a8:1e:e5:22:68:03:
9f:ec:f2:63:08:4d:d1:70:ce:70:9d:43:55:6c:b6:31:b0:97:
02:6b:35:a8:0e:2c:ad:fd:f1:42:b3:aa:94:cb:4f:8b:2b:9a:
46:ad:e0:13
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZD96VDjuKqD49ZP4BjIrKu6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjQwNzI5MDk1NDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTk4MzRkMTU2YWQwMjQ5NzQ1YzljZmYyNDdmOWE0YjVkZmQ1ZTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+Z8+8E4DbvTYG8VBikpjyESX93C
nQb+ml7pjxJdz9nmy13jq2E88fjTRuiHygSVqc1bcuQTC0jRWDc+O0peMB5lC/jE
b0NJGf3U1poQOF63/yHb9TTrE+43c2WG+U8slXgvvAAnqiGS7BjJ0LpOUk8iF7fv
tygyzNrU9JzEzuR3/9WVL1Gu/7yX/sCUiohvn9jq28MLPXKTlszfamHc3wrpU3aI
bmGavO4mqfclOsFzdH9/QYbbcEph6xC8ZroRPfU/Z/fI1fvDrBF7nO+DBA4/HFVf
0b2M3b45mXJqCtJrwZv5mMXED+5xrJnFg6eTZOaViFPpjXxShhp49pzIiwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFMqYNNFWrQJJdFyc/yR/mktd/V5tMB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEveXBnMDBWYXRBa2wwWEp6X0pILWFTMTM5WG0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQATW94AwQA
TW96AwQAW768AwQAW76+AwQAXD1gMAwDBAFcPWIDBAFcPWQwDQYJKoZIhvcNAQEL
BQADggEBAG4N7qjuLMjedxyzpOtoFKsy0HPUCky77yol6HDuGFjDo8+NkBThhsjs
HEL0u4VTfnl9ypQPEcdhB3/QaD/No/UlWXZAOSJ8u/v6IfMo9gbEuJ7sdFRiTp9w
LSLCcwZcFWpnNsqrC89/jdNOCwnpfB2bUgh6XlMzpeVu0DJYhQnHOvreZN/OaoPp
L4LHw5xIreAsG4TL7zX+hDhRqVfCro/xBVPp2K1eIjqRO/42lcD8GwMWqRlpZj4E
zRUp7FKiA0+GQmDa0joIw2KDBgbvxkdlYqge5SJoA5/s8mMITdFwznCdQ1VstjGw
lwJrNagOLK398UKzqpTLT4srmkat4BM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 06:40:52 2024 by rpki-client on console-ams.rpki-client.org