Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/yYCH4Z-rhIaDIermX5re4cJ2s1o.roa
File: yYCH4Z-rhIaDIermX5re4cJ2s1o.roa (raw, json)
Hash identifier: sJFtRJWEQZO1KMBRzV8t40M9k5h32PaJW8txO3UsSJk=
Subject key identifier: C9:80:87:E1:9F:AB:84:86:83:21:EA:E6:5F:9A:DE:E1:C2:76:B3:5A
Certificate issuer: /CN=66f8206e3311df394f48389b8122b94aa1f0b05c
Certificate serial: 01918FA8FE4AB8C471524BA293D7C03AF2EF
Authority key identifier: 66:F8:20:6E:33:11:DF:39:4F:48:38:9B:81:22:B9:4A:A1:F0:B0:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/yYCH4Z-rhIaDIermX5re4cJ2s1o.roa
Signing time: Mon 26 Aug 2024 17:08:22 +0000
ROA not before: Mon 26 Aug 2024 17:08:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200223
IP address blocks: 185.229.32.0/24 maxlen: 24
2a03:3a61::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/ZvggbjMR3zlPSDibgSK5SqHwsFw.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/ZvggbjMR3zlPSDibgSK5SqHwsFw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8f:a8:fe:4a:b8:c4:71:52:4b:a2:93:d7:c0:3a:f2:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66f8206e3311df394f48389b8122b94aa1f0b05c
Validity
Not Before: Aug 26 17:08:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c98087e19fab84868321eae65f9adee1c276b35a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:75:36:17:7f:52:b1:11:5b:40:e1:32:24:3b:
5f:8e:6b:30:95:2d:b1:6e:db:c7:43:24:19:97:f3:
a5:71:e5:18:07:a1:c1:d1:2e:b8:3a:c0:ed:e0:98:
c6:6c:25:23:92:39:b5:b6:62:88:1f:65:08:de:db:
88:01:ba:99:16:f0:30:15:4b:cb:cb:21:2c:e7:73:
ac:d2:fc:8d:4e:e0:70:d9:e5:50:28:ff:ef:79:5d:
c4:cb:a1:a8:d6:29:6d:da:de:cb:d0:6d:d2:e7:64:
72:4a:a5:b5:8f:22:07:9f:ba:c9:12:7b:a2:00:cf:
92:dd:6a:d0:67:b0:0b:de:63:6e:48:ef:e9:b3:0e:
cd:56:e5:1d:3a:b2:cf:9a:18:7a:db:be:da:8a:25:
67:8a:f2:63:57:2d:5c:9a:ba:dc:31:2c:22:f1:29:
f2:20:8e:b6:2f:2a:d3:12:7c:d5:ef:d0:b3:d1:e8:
6e:8c:8c:16:96:bb:ac:21:b3:f0:16:ad:a8:fd:76:
54:4c:88:02:0d:5e:d4:71:5b:f8:78:5b:fb:62:5f:
22:d0:18:fc:53:a8:9a:17:9d:b3:ff:de:04:39:84:
c4:5f:fc:4e:ea:b6:55:5d:16:5f:7d:b2:6e:bc:32:
21:3b:20:2c:1b:5c:c2:27:56:3b:ec:ee:6e:cb:57:
4d:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:80:87:E1:9F:AB:84:86:83:21:EA:E6:5F:9A:DE:E1:C2:76:B3:5A
X509v3 Authority Key Identifier:
keyid:66:F8:20:6E:33:11:DF:39:4F:48:38:9B:81:22:B9:4A:A1:F0:B0:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/yYCH4Z-rhIaDIermX5re4cJ2s1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/ZvggbjMR3zlPSDibgSK5SqHwsFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.32.0/24
IPv6:
2a03:3a61::/32
Signature Algorithm: sha256WithRSAEncryption
22:85:f8:4a:9a:0f:de:f2:32:65:45:84:cf:9f:a5:ba:91:62:
84:a5:45:f0:2d:b2:ef:d6:49:62:4d:34:2d:86:be:70:ce:5a:
fc:7e:c9:8a:7d:32:54:03:21:aa:b7:f0:6b:cd:5e:0e:b3:9e:
af:85:5f:08:a0:69:c2:9b:25:69:71:eb:67:61:ca:c4:91:29:
3d:93:5e:2f:f1:b6:5a:9d:5e:bf:9b:a1:73:3f:ff:4e:ff:0e:
0b:0b:91:56:ff:b6:4f:e9:2e:82:fe:d9:cf:ac:34:c9:5a:10:
64:17:56:c6:9a:5b:10:dc:3d:f3:09:19:6b:df:71:cb:dc:b9:
fd:b0:ed:25:8d:12:a3:d7:5e:d9:bd:55:dc:b1:b5:18:5e:5a:
ad:f7:9b:f3:51:a5:2f:70:68:11:6a:2b:d2:47:12:3a:3d:6d:
d6:04:5a:76:57:49:57:cc:51:72:09:2f:eb:19:7a:1f:20:a0:
c9:1c:ca:a9:71:06:9f:18:b8:88:3b:3a:7a:fc:ad:a6:1b:50:
a4:f5:7c:29:81:67:6d:f1:51:ee:2e:20:13:00:96:30:12:4a:
40:84:47:f5:4a:c1:cd:7f:6d:52:02:ad:ad:7e:cc:7e:f7:c3:
90:a6:e5:32:1c:a1:76:ea:38:8e:8e:8a:c7:30:86:4c:4f:d8:
4d:ca:b9:51
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZGPqP5KuMRxUkuik9fAOvLvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZjgyMDZlMzMxMWRmMzk0ZjQ4Mzg5YjgxMjJiOTRhYTFm
MGIwNWMwHhcNMjQwODI2MTcwODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTgwODdlMTlmYWI4NDg2ODMyMWVhZTY1ZjlhZGVlMWMyNzZiMzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7XU2F39SsRFbQOEyJDtfjmswlS2x
btvHQyQZl/OlceUYB6HB0S64OsDt4JjGbCUjkjm1tmKIH2UI3tuIAbqZFvAwFUvL
yyEs53Os0vyNTuBw2eVQKP/veV3Ey6Go1ilt2t7L0G3S52RySqW1jyIHn7rJEnui
AM+S3WrQZ7AL3mNuSO/psw7NVuUdOrLPmhh6277aiiVnivJjVy1cmrrcMSwi8Sny
II62LyrTEnzV79Cz0ehujIwWlrusIbPwFq2o/XZUTIgCDV7UcVv4eFv7Yl8i0Bj8
U6iaF52z/94EOYTEX/xO6rZVXRZffbJuvDIhOyAsG1zCJ1Y77O5uy1dNqwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMmAh+Gfq4SGgyHq5l+a3uHCdrNaMB8GA1UdIwQY
MBaAFGb4IG4zEd85T0g4m4EiuUqh8LBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnZnZ2JqTVIzemxQU0RpYmdTSzVTcUh3c0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9iZTFhMjUtNTg1NS00YWVjLThlMTgt
YmJmZDQ1Yzg0YmVhLzEveVlDSDRaLXJoSWFESWVybVg1cmU0Y0oyczFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9iZTFhMjUtNTg1NS00YWVjLThlMTgtYmJmZDQ1Yzg0YmVh
LzEvWnZnZ2JqTVIzemxQU0RpYmdTSzVTcUh3c0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAueUgMA0E
AgACMAcDBQAqAzphMA0GCSqGSIb3DQEBCwUAA4IBAQAihfhKmg/e8jJlRYTPn6W6
kWKEpUXwLbLv1kliTTQthr5wzlr8fsmKfTJUAyGqt/BrzV4Os56vhV8IoGnCmyVp
cetnYcrEkSk9k14v8bZanV6/m6FzP/9O/w4LC5FW/7ZP6S6C/tnPrDTJWhBkF1bG
mlsQ3D3zCRlr33HL3Ln9sO0ljRKj117ZvVXcsbUYXlqt95vzUaUvcGgRaivSRxI6
PW3WBFp2V0lXzFFyCS/rGXofIKDJHMqpcQafGLiIOzp6/K2mG1Ck9XwpgWdt8VHu
LiATAJYwEkpAhEf1SsHNf21SAq2tfsx+98OQpuUyHKF26jiOjorHMIZMT9hNyrlR
-----END CERTIFICATE-----
Generated at Fri Nov 22 23:42:37 2024 by rpki-client on console-fra.rpki-client.org