Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/39d734-6fb1-4dc0-a128-d75f595fa7c3/1/yeRaarOsqQL6T8MId8Dw-zjDpyI.roa
File: yeRaarOsqQL6T8MId8Dw-zjDpyI.roa (raw, json)
Hash identifier: PcKi02vr0pDiDVlpa/LbtFTT0UyPuUQNtlWvZyQzOuw=
Subject key identifier: C9:E4:5A:6A:B3:AC:A9:02:FA:4F:C3:08:77:C0:F0:FB:38:C3:A7:22
Certificate issuer: /CN=60c8d57747f729700ef2f5614f6dfdec8d119f2d
Certificate serial: 019425216655244F7EAD19A3856A6C994009
Authority key identifier: 60:C8:D5:77:47:F7:29:70:0E:F2:F5:61:4F:6D:FD:EC:8D:11:9F:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YMjVd0f3KXAO8vVhT2397I0Rny0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/39d734-6fb1-4dc0-a128-d75f595fa7c3/1/yeRaarOsqQL6T8MId8Dw-zjDpyI.roa
Signing time: Thu 02 Jan 2025 03:48:53 +0000
ROA not before: Thu 02 Jan 2025 03:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39402
IP address blocks: 185.130.136.0/24 maxlen: 24
185.130.137.0/24 maxlen: 24
185.130.138.0/24 maxlen: 24
185.130.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/39d734-6fb1-4dc0-a128-d75f595fa7c3/1/YMjVd0f3KXAO8vVhT2397I0Rny0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d6/39d734-6fb1-4dc0-a128-d75f595fa7c3/1/YMjVd0f3KXAO8vVhT2397I0Rny0.mft
rsync://rpki.ripe.net/repository/DEFAULT/YMjVd0f3KXAO8vVhT2397I0Rny0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:66:55:24:4f:7e:ad:19:a3:85:6a:6c:99:40:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60c8d57747f729700ef2f5614f6dfdec8d119f2d
Validity
Not Before: Jan 2 03:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c9e45a6ab3aca902fa4fc30877c0f0fb38c3a722
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:3b:82:ee:78:f7:b5:19:a5:cc:c2:35:06:22:
b8:7a:3c:fe:6d:5c:37:1c:bb:90:cb:fe:a3:4d:d1:
57:73:68:c6:c8:0f:d9:2f:6b:f9:55:65:49:7d:4e:
fa:29:4d:80:15:d5:08:5a:56:33:63:25:b0:cd:d2:
6e:5a:55:29:fa:db:9f:96:5e:7a:23:af:70:81:6b:
93:38:55:39:a2:45:9f:3f:b4:5c:c6:da:4b:55:da:
e2:61:42:ab:68:60:15:e3:39:a3:5a:e3:cf:1f:f4:
5a:22:9e:82:44:3b:a0:e3:29:7f:4f:22:d2:c7:d0:
50:f4:a4:a0:f1:3d:f4:8c:13:64:33:96:21:e6:1b:
cf:50:8c:d6:aa:7b:7a:c1:25:97:d1:7c:be:5f:76:
f3:f6:4a:73:f9:8d:92:1f:99:b1:13:6d:c8:92:ee:
8d:b7:30:b0:12:0b:71:e7:b2:06:03:ce:83:2d:50:
fb:7b:df:6d:12:2f:c7:ad:28:0c:a2:04:06:5c:48:
8b:5d:54:e5:1d:0a:5a:25:fd:0f:39:ab:9b:6e:bf:
d3:f1:79:d8:1f:db:0a:66:ea:9c:07:6a:48:63:d7:
d7:15:41:87:53:74:12:6d:8a:4d:af:04:3c:dc:43:
42:2a:1b:69:1c:ef:9d:68:f2:1b:fe:42:3b:0a:10:
e1:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:E4:5A:6A:B3:AC:A9:02:FA:4F:C3:08:77:C0:F0:FB:38:C3:A7:22
X509v3 Authority Key Identifier:
keyid:60:C8:D5:77:47:F7:29:70:0E:F2:F5:61:4F:6D:FD:EC:8D:11:9F:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YMjVd0f3KXAO8vVhT2397I0Rny0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/39d734-6fb1-4dc0-a128-d75f595fa7c3/1/yeRaarOsqQL6T8MId8Dw-zjDpyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/39d734-6fb1-4dc0-a128-d75f595fa7c3/1/YMjVd0f3KXAO8vVhT2397I0Rny0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.130.136.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:78:5c:12:32:c1:50:f1:dd:9e:db:09:d0:0e:49:26:25:2d:
c9:c5:5e:cc:23:64:27:88:1e:6e:24:a3:dc:a5:66:61:4b:3e:
93:29:73:14:af:b8:2d:4e:08:ee:8c:ce:82:51:26:2d:f3:6b:
55:dc:58:11:59:0b:68:d8:fc:01:e2:c0:5f:d3:5c:92:3f:b1:
ac:44:81:3c:a0:3d:d7:ca:0e:0d:8c:8a:94:16:22:39:0a:84:
a4:9a:a5:3c:d1:93:bb:41:db:9c:70:54:98:e0:b4:bd:bf:c4:
1c:27:99:1a:10:f2:be:f9:24:37:d8:71:43:6e:58:3a:a4:03:
94:05:e0:c3:66:21:21:1a:80:9c:0b:04:56:1e:ee:63:e3:0c:
ef:3b:6f:05:28:6a:e9:7a:61:79:55:70:69:91:87:f3:8c:1a:
17:f4:88:7c:18:23:4e:cd:33:fb:ff:50:44:47:0e:6f:25:76:
2b:4e:f8:9a:d1:42:f9:ec:5e:65:6d:97:18:e3:68:70:db:58:
0f:d0:ea:a1:2b:37:ef:a6:cc:53:34:84:e6:dc:e5:c9:d6:f2:
e3:5c:4f:18:75:31:75:16:14:93:e0:46:56:a5:c0:d2:3b:f1:
30:fa:55:1c:c2:e8:2a:62:74:97:d4:47:a9:a4:50:41:6d:b7:
d7:b5:a5:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIWZVJE9+rRmjhWpsmUAJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYzhkNTc3NDdmNzI5NzAwZWYyZjU2MTRmNmRmZGVjOGQx
MTlmMmQwHhcNMjUwMTAyMDM0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWU0NWE2YWIzYWNhOTAyZmE0ZmMzMDg3N2MwZjBmYjM4YzNhNzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTuC7nj3tRmlzMI1BiK4ejz+bVw3
HLuQy/6jTdFXc2jGyA/ZL2v5VWVJfU76KU2AFdUIWlYzYyWwzdJuWlUp+tufll56
I69wgWuTOFU5okWfP7RcxtpLVdriYUKraGAV4zmjWuPPH/RaIp6CRDug4yl/TyLS
x9BQ9KSg8T30jBNkM5Yh5hvPUIzWqnt6wSWX0Xy+X3bz9kpz+Y2SH5mxE23Iku6N
tzCwEgtx57IGA86DLVD7e99tEi/HrSgMogQGXEiLXVTlHQpaJf0POaubbr/T8XnY
H9sKZuqcB2pIY9fXFUGHU3QSbYpNrwQ83ENCKhtpHO+daPIb/kI7ChDh1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMnkWmqzrKkC+k/DCHfA8Ps4w6ciMB8GA1UdIwQY
MBaAFGDI1XdH9ylwDvL1YU9t/eyNEZ8tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU1qVmQwZjNLWEFPOHZWaFQyMzk3STBSbnkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8zOWQ3MzQtNmZiMS00ZGMwLWExMjgt
ZDc1ZjU5NWZhN2MzLzEveWVSYWFyT3NxUUw2VDhNSWQ4RHctempEcHlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi8zOWQ3MzQtNmZiMS00ZGMwLWExMjgtZDc1ZjU5NWZhN2Mz
LzEvWU1qVmQwZjNLWEFPOHZWaFQyMzk3STBSbnkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYKIMA0G
CSqGSIb3DQEBCwUAA4IBAQB6eFwSMsFQ8d2e2wnQDkkmJS3JxV7MI2QniB5uJKPc
pWZhSz6TKXMUr7gtTgjujM6CUSYt82tV3FgRWQto2PwB4sBf01ySP7GsRIE8oD3X
yg4NjIqUFiI5CoSkmqU80ZO7QduccFSY4LS9v8QcJ5kaEPK++SQ32HFDblg6pAOU
BeDDZiEhGoCcCwRWHu5j4wzvO28FKGrpemF5VXBpkYfzjBoX9Ih8GCNOzTP7/1BE
Rw5vJXYrTvia0UL57F5lbZcY42hw21gP0OqhKzfvpsxTNITm3OXJ1vLjXE8YdTF1
FhST4EZWpcDSO/Ew+lUcwugqYnSX1EeppFBBbbfXtaWI
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:45:53 2025 by rpki-client