Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/1acc61-b95a-406e-80fc-88521ad99c7e/1/yEWZ4VYL76v6CXOJZTzc32REVU4.roa
File: yEWZ4VYL76v6CXOJZTzc32REVU4.roa (raw, json)
Hash identifier: oBb7YT9vlq0MEgGYYB2TO36gjMVOVGIRSUTZDLpyMuk=
Subject key identifier: C8:45:99:E1:56:0B:EF:AB:FA:09:73:89:65:3C:DC:DF:64:44:55:4E
Certificate issuer: /CN=41dd1ce4eeb92ff53b633892fd457b011e1171f1
Certificate serial: 018ECD3F62C3B632F6EE42865A285C252B93
Authority key identifier: 41:DD:1C:E4:EE:B9:2F:F5:3B:63:38:92:FD:45:7B:01:1E:11:71:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qd0c5O65L_U7YziS_UV7AR4RcfE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/1acc61-b95a-406e-80fc-88521ad99c7e/1/yEWZ4VYL76v6CXOJZTzc32REVU4.roa
Signing time: Thu 11 Apr 2024 13:01:07 +0000
ROA not before: Thu 11 Apr 2024 13:01:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62359
IP address blocks: 91.242.173.0/24 maxlen: 24
2001:67c:6d8::/48 maxlen: 48
2a14:30c1::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/1acc61-b95a-406e-80fc-88521ad99c7e/1/Qd0c5O65L_U7YziS_UV7AR4RcfE.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/1acc61-b95a-406e-80fc-88521ad99c7e/1/Qd0c5O65L_U7YziS_UV7AR4RcfE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Qd0c5O65L_U7YziS_UV7AR4RcfE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 22:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cd:3f:62:c3:b6:32:f6:ee:42:86:5a:28:5c:25:2b:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41dd1ce4eeb92ff53b633892fd457b011e1171f1
Validity
Not Before: Apr 11 13:01:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c84599e1560befabfa097389653cdcdf6444554e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:9b:07:b4:e9:54:5e:18:03:b1:fb:48:9c:a1:
d9:50:2d:e4:66:a0:78:06:1e:cf:da:4f:e4:6b:ed:
34:1d:e9:94:d3:d0:db:86:6b:00:22:32:00:9f:98:
cb:9e:6b:b1:38:28:81:56:bd:91:ee:c4:4d:c6:2f:
9d:10:ed:34:01:44:95:e7:68:34:db:b1:f1:7c:32:
fd:aa:09:7b:41:0c:e2:c5:32:7a:82:7c:d0:97:4a:
41:22:f7:19:43:9f:e5:45:a6:53:d5:a9:d7:b3:c6:
d5:24:f0:8f:27:4e:03:d9:94:71:e8:1d:25:54:6a:
e1:fb:ed:f0:9f:3e:fd:7c:de:4a:a8:b1:b6:2a:4a:
6f:64:09:c3:1f:b0:8c:a3:b2:13:6f:99:37:64:6a:
47:32:b1:bc:3e:82:22:1d:1a:f7:3c:aa:aa:27:a2:
24:54:22:ca:19:26:a0:3b:35:3b:49:85:f8:9c:bd:
fc:d5:64:c7:79:7b:40:fe:83:99:8b:35:94:00:7d:
87:ea:8e:6f:80:2d:0a:de:81:67:98:a4:6d:06:60:
ba:4f:4b:03:12:cf:42:4d:96:53:35:68:84:7b:d4:
5a:8b:e5:a2:a7:d9:8e:5d:80:45:58:e6:e0:12:a7:
a4:2a:82:18:47:99:ea:e8:e3:fb:e1:d3:d5:12:25:
1e:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:45:99:E1:56:0B:EF:AB:FA:09:73:89:65:3C:DC:DF:64:44:55:4E
X509v3 Authority Key Identifier:
keyid:41:DD:1C:E4:EE:B9:2F:F5:3B:63:38:92:FD:45:7B:01:1E:11:71:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qd0c5O65L_U7YziS_UV7AR4RcfE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/1acc61-b95a-406e-80fc-88521ad99c7e/1/yEWZ4VYL76v6CXOJZTzc32REVU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/1acc61-b95a-406e-80fc-88521ad99c7e/1/Qd0c5O65L_U7YziS_UV7AR4RcfE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.173.0/24
IPv6:
2001:67c:6d8::/48
2a14:30c1::/32
Signature Algorithm: sha256WithRSAEncryption
30:47:52:2c:0f:5e:f4:e3:ee:4b:7e:67:4f:a7:18:09:78:0b:
73:77:a2:7b:e6:44:8b:18:fd:b6:0f:52:71:02:34:b9:13:4f:
47:a0:ae:96:c6:27:97:b9:69:3f:7d:19:6e:5f:15:f9:d8:89:
af:24:34:6e:cf:b6:21:b1:02:09:83:05:0b:91:fc:79:27:52:
50:f1:5b:bb:85:66:1c:88:3d:c4:06:32:8f:87:a9:1d:58:5b:
f2:41:ea:40:b3:12:d1:49:f1:41:34:3e:39:17:13:87:ef:ea:
25:57:a4:e5:4b:81:d0:23:53:88:00:76:0c:59:6b:c1:f6:d0:
7e:50:b6:d6:3d:1a:27:f7:52:52:79:80:e6:bc:16:e6:08:d5:
cd:9f:62:e2:b4:4d:d4:6e:a5:ee:00:9e:7e:fb:67:e1:9a:6f:
b2:d6:3e:dc:de:a3:47:47:80:84:6a:84:83:4f:7a:53:d0:33:
61:19:1c:36:17:1d:b2:c8:74:86:95:16:54:cd:9c:a9:2f:4c:
03:45:5e:b7:b4:13:d0:25:ec:9c:ab:4f:d0:c5:66:0c:a7:9a:
91:99:c3:27:5e:1f:ab:a4:e7:55:f3:7b:80:1b:ea:50:38:9a:
e7:fd:4c:72:c9:24:ab:7d:7c:f2:87:7a:28:f5:9c:5b:a9:75:
41:26:c9:48
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY7NP2LDtjL27kKGWihcJSuTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZGQxY2U0ZWViOTJmZjUzYjYzMzg5MmZkNDU3YjAxMWUx
MTcxZjEwHhcNMjQwNDExMTMwMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODQ1OTllMTU2MGJlZmFiZmEwOTczODk2NTNjZGNkZjY0NDQ1NTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZsHtOlUXhgDsftInKHZUC3kZqB4
Bh7P2k/ka+00HemU09DbhmsAIjIAn5jLnmuxOCiBVr2R7sRNxi+dEO00AUSV52g0
27HxfDL9qgl7QQzixTJ6gnzQl0pBIvcZQ5/lRaZT1anXs8bVJPCPJ04D2ZRx6B0l
VGrh++3wnz79fN5KqLG2KkpvZAnDH7CMo7ITb5k3ZGpHMrG8PoIiHRr3PKqqJ6Ik
VCLKGSagOzU7SYX4nL381WTHeXtA/oOZizWUAH2H6o5vgC0K3oFnmKRtBmC6T0sD
Es9CTZZTNWiEe9Rai+Wip9mOXYBFWObgEqekKoIYR5nq6OP74dPVEiUe5wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMhFmeFWC++r+glziWU83N9kRFVOMB8GA1UdIwQY
MBaAFEHdHOTuuS/1O2M4kv1FewEeEXHxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWQwYzVPNjVMX1U3WXppU19VVjdBUjRSY2ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8xYWNjNjEtYjk1YS00MDZlLTgwZmMt
ODg1MjFhZDk5YzdlLzEveUVXWjRWWUw3NnY2Q1hPSlpUemMzMlJFVlU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8xYWNjNjEtYjk1YS00MDZlLTgwZmMtODg1MjFhZDk5Yzdl
LzEvUWQwYzVPNjVMX1U3WXppU19VVjdBUjRSY2ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQAW/KtMBYE
AgACMBADBwAgAQZ8BtgDBQAqFDDBMA0GCSqGSIb3DQEBCwUAA4IBAQAwR1IsD170
4+5LfmdPpxgJeAtzd6J75kSLGP22D1JxAjS5E09HoK6WxieXuWk/fRluXxX52Imv
JDRuz7YhsQIJgwULkfx5J1JQ8Vu7hWYciD3EBjKPh6kdWFvyQepAsxLRSfFBND45
FxOH7+olV6TlS4HQI1OIAHYMWWvB9tB+ULbWPRon91JSeYDmvBbmCNXNn2LitE3U
bqXuAJ5++2fhmm+y1j7c3qNHR4CEaoSDT3pT0DNhGRw2Fx2yyHSGlRZUzZypL0wD
RV63tBPQJeycq0/QxWYMp5qRmcMnXh+rpOdV83uAG+pQOJrn/UxyySSrfXzyh3oo
9ZxbqXVBJslI
-----END CERTIFICATE-----
Generated at Wed Jun 26 06:01:08 2024 by rpki-client on console-ams.rpki-client.org