Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/cYs_upIMBFM1qTzwqySxwaPDCLc.roa
File: cYs_upIMBFM1qTzwqySxwaPDCLc.roa (raw, json)
Hash identifier: xI0Q9MYkvDP8hv/SnI33zJTsy3M/0ZO4tON1nbaFCD4=
Subject key identifier: 71:8B:3F:BA:92:0C:04:53:35:A9:3C:F0:AB:24:B1:C1:A3:C3:08:B7
Certificate issuer: /CN=4d0ade54c27e6fcddace262c4fdf790f320fed9c
Certificate serial: 019420D64C6BC21702496EBDFE847CEB0F15
Authority key identifier: 4D:0A:DE:54:C2:7E:6F:CD:DA:CE:26:2C:4F:DF:79:0F:32:0F:ED:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TQreVMJ-b83aziYsT995DzIP7Zw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/cYs_upIMBFM1qTzwqySxwaPDCLc.roa
Signing time: Wed 01 Jan 2025 07:48:22 +0000
ROA not before: Wed 01 Jan 2025 07:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60717
IP address blocks: 176.111.206.0/23 maxlen: 23
185.55.104.0/22 maxlen: 22
185.80.183.0/24 maxlen: 24
2a04:d340::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/TQreVMJ-b83aziYsT995DzIP7Zw.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/TQreVMJ-b83aziYsT995DzIP7Zw.mft
rsync://rpki.ripe.net/repository/DEFAULT/TQreVMJ-b83aziYsT995DzIP7Zw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:4c:6b:c2:17:02:49:6e:bd:fe:84:7c:eb:0f:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d0ade54c27e6fcddace262c4fdf790f320fed9c
Validity
Not Before: Jan 1 07:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=718b3fba920c045335a93cf0ab24b1c1a3c308b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:04:4e:a2:e7:b8:11:ff:f7:95:66:11:10:7a:
af:86:99:f9:ab:8e:40:62:eb:9c:a1:93:97:54:aa:
e0:57:6e:81:a1:19:22:2b:04:16:76:ad:f3:0d:53:
0c:25:50:96:52:2e:f6:60:e2:db:4e:c5:c8:e6:2a:
64:69:1c:38:a0:70:48:bd:6b:a9:09:87:44:33:cc:
01:3f:ba:2a:30:4a:23:d1:2d:71:8b:b1:57:46:9b:
5e:b1:89:6b:61:7b:7c:4a:ab:b7:df:91:e6:09:4a:
37:21:c8:3b:02:d6:57:bb:d5:45:17:6d:ff:1b:43:
65:55:cb:d1:2b:26:ac:61:d6:6e:36:d6:85:0d:ed:
a7:33:49:b6:58:b4:ab:f9:9a:79:bd:a1:20:59:05:
ad:1b:97:f6:d3:50:9a:43:1b:d8:8f:59:ba:08:01:
c3:f1:31:95:d3:d6:77:b5:f5:56:8d:a9:d7:ef:16:
6f:03:0c:f6:f2:0e:ae:f7:19:a1:0c:2d:74:bd:9b:
df:f0:ea:0a:df:bd:cf:0e:3d:33:d3:f8:94:f1:91:
af:4a:f6:4b:9a:17:c9:6e:29:48:f7:db:48:df:49:
12:af:22:f1:8f:8e:04:7f:ad:41:d4:dd:04:34:6a:
ad:06:e5:e7:85:67:75:cd:b3:12:fc:42:c0:9e:df:
b6:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:8B:3F:BA:92:0C:04:53:35:A9:3C:F0:AB:24:B1:C1:A3:C3:08:B7
X509v3 Authority Key Identifier:
keyid:4D:0A:DE:54:C2:7E:6F:CD:DA:CE:26:2C:4F:DF:79:0F:32:0F:ED:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TQreVMJ-b83aziYsT995DzIP7Zw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/cYs_upIMBFM1qTzwqySxwaPDCLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/8efd8b-e516-4c49-92cb-89296ccb35f5/1/TQreVMJ-b83aziYsT995DzIP7Zw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.111.206.0/23
185.55.104.0/22
185.80.183.0/24
IPv6:
2a04:d340::/29
Signature Algorithm: sha256WithRSAEncryption
5a:d7:e6:b8:e4:2d:f6:79:ff:dc:fb:a6:be:08:5a:99:80:f0:
20:3b:bf:ac:b1:96:34:37:23:99:eb:6e:78:3b:05:76:30:d3:
95:2f:1d:cd:f0:11:70:af:1f:8c:c5:6e:67:da:a3:80:b6:3c:
d5:1e:b0:11:01:70:32:a4:2b:5f:85:47:e3:4c:b0:4d:fe:7b:
6b:c2:4d:3c:cd:a6:1c:58:ce:c4:25:9d:35:c4:c3:3a:82:19:
bd:3c:bf:89:89:a8:ff:65:2e:4c:ae:9e:17:5c:88:24:ca:5a:
8f:f2:03:e9:10:a1:27:da:20:24:ae:ed:51:c1:90:8d:e9:37:
ad:f1:92:2c:5e:78:fd:6d:7f:e8:33:96:de:6d:10:ff:c8:f7:
0f:90:34:91:16:ec:a9:cb:cd:f9:92:26:79:39:b0:65:6a:8e:
5f:f3:6b:32:9f:64:c5:7d:77:ab:a8:36:70:fb:e2:00:a6:c9:
67:43:f1:59:a0:6a:81:4e:a4:42:3e:b4:4d:97:ee:a0:80:83:
6e:09:76:4b:72:6f:5e:4b:f1:03:e6:2c:6b:39:f2:eb:4e:6c:
be:12:5d:02:9f:13:c4:aa:cb:c4:78:c9:34:9f:a9:21:25:7e:
be:6e:06:15:cf:63:38:b3:59:29:57:54:62:8c:19:ed:e4:18:
ec:14:4d:d1
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQg1kxrwhcCSW69/oR86w8VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMGFkZTU0YzI3ZTZmY2RkYWNlMjYyYzRmZGY3OTBmMzIw
ZmVkOWMwHhcNMjUwMTAxMDc0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MThiM2ZiYTkyMGMwNDUzMzVhOTNjZjBhYjI0YjFjMWEzYzMwOGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzwROoue4Ef/3lWYREHqvhpn5q45A
YuucoZOXVKrgV26BoRkiKwQWdq3zDVMMJVCWUi72YOLbTsXI5ipkaRw4oHBIvWup
CYdEM8wBP7oqMEoj0S1xi7FXRptesYlrYXt8Squ335HmCUo3Icg7AtZXu9VFF23/
G0NlVcvRKyasYdZuNtaFDe2nM0m2WLSr+Zp5vaEgWQWtG5f201CaQxvYj1m6CAHD
8TGV09Z3tfVWjanX7xZvAwz28g6u9xmhDC10vZvf8OoK373PDj0z0/iU8ZGvSvZL
mhfJbilI99tI30kSryLxj44Ef61B1N0ENGqtBuXnhWd1zbMS/ELAnt+2GQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHGLP7qSDARTNak88KskscGjwwi3MB8GA1UdIwQY
MBaAFE0K3lTCfm/N2s4mLE/feQ8yD+2cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFFyZVZNSi1iODNhemlZc1Q5OTVEeklQN1p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC84ZWZkOGItZTUxNi00YzQ5LTkyY2It
ODkyOTZjY2IzNWY1LzEvY1lzX3VwSU1CRk0xcVR6d3F5U3h3YVBEQ0xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC84ZWZkOGItZTUxNi00YzQ5LTkyY2ItODkyOTZjY2IzNWY1
LzEvVFFyZVZNSi1iODNhemlZc1Q5OTVEeklQN1p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBsG/OAwQC
uTdoAwQAuVC3MA0EAgACMAcDBQMqBNNAMA0GCSqGSIb3DQEBCwUAA4IBAQBa1+a4
5C32ef/c+6a+CFqZgPAgO7+ssZY0NyOZ6254OwV2MNOVLx3N8BFwrx+MxW5n2qOA
tjzVHrARAXAypCtfhUfjTLBN/ntrwk08zaYcWM7EJZ01xMM6ghm9PL+Jiaj/ZS5M
rp4XXIgkylqP8gPpEKEn2iAkru1RwZCN6Tet8ZIsXnj9bX/oM5bebRD/yPcPkDSR
Fuypy835kiZ5ObBlao5f82syn2TFfXerqDZw++IApslnQ/FZoGqBTqRCPrRNl+6g
gINuCXZLcm9eS/ED5ixrOfLrTmy+El0CnxPEqsvEeMk0n6khJX6+bgYVz2M4s1kp
V1RijBnt5BjsFE3R
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:52:07 2025 by rpki-client