Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a38e4f-4d10-4b9f-8f2f-a9893545c3c5/1/yfQlQkQW-nHy0guZL2a919MvCxE.roa
File: yfQlQkQW-nHy0guZL2a919MvCxE.roa (raw, json)
Hash identifier: SZwC9Kr04ikGKCwjl79Fm8RMSqdyj+G1KRzu5AFVJ7Q=
Subject key identifier: C9:F4:25:42:44:16:FA:71:F2:D2:0B:99:2F:66:BD:D7:D3:2F:0B:11
Certificate issuer: /CN=edfffb3c661e2f78a5785be95916044b06af51d2
Certificate serial: 018F4F549E63565338BFAEAE7B59A71341C1
Authority key identifier: ED:FF:FB:3C:66:1E:2F:78:A5:78:5B:E9:59:16:04:4B:06:AF:51:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7f_7PGYeL3ileFvpWRYESwavUdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a38e4f-4d10-4b9f-8f2f-a9893545c3c5/1/yfQlQkQW-nHy0guZL2a919MvCxE.roa
Signing time: Mon 06 May 2024 19:14:56 +0000
ROA not before: Mon 06 May 2024 19:14:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3292
IP address blocks: 5.182.128.0/24 maxlen: 24
5.182.129.0/24 maxlen: 24
193.163.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/a38e4f-4d10-4b9f-8f2f-a9893545c3c5/1/7f_7PGYeL3ileFvpWRYESwavUdI.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/a38e4f-4d10-4b9f-8f2f-a9893545c3c5/1/7f_7PGYeL3ileFvpWRYESwavUdI.mft
rsync://rpki.ripe.net/repository/DEFAULT/7f_7PGYeL3ileFvpWRYESwavUdI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4f:54:9e:63:56:53:38:bf:ae:ae:7b:59:a7:13:41:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=edfffb3c661e2f78a5785be95916044b06af51d2
Validity
Not Before: May 6 19:14:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9f425424416fa71f2d20b992f66bdd7d32f0b11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:3e:f9:fc:ed:14:e4:9e:59:19:5a:a8:4b:c2:
30:89:06:13:0f:cf:16:21:59:95:bf:a1:b4:88:11:
d0:ac:54:34:f1:a1:e7:0e:fb:d6:cd:1b:6d:75:a4:
f9:e3:3f:ab:13:61:e2:11:f8:a1:bf:70:c6:7a:1b:
d4:ce:3f:4d:a8:7c:bf:26:75:5c:94:bb:67:c6:60:
de:2e:d9:09:cf:34:66:d3:63:31:88:ae:3a:0f:53:
8b:a5:3a:cf:b9:bd:b6:ff:93:68:7f:af:6d:cf:5b:
67:00:c8:a4:8f:cc:63:05:96:6e:64:ee:89:71:10:
69:c3:0a:15:b8:36:c9:96:64:80:02:79:38:3e:4d:
85:98:c1:d4:8f:bc:73:7b:a0:6a:fb:30:bc:d2:f5:
be:47:99:42:a6:a3:b3:54:bf:ad:72:9d:3a:65:17:
56:3b:50:fb:a8:cd:cc:80:87:6b:a4:e7:e3:61:d4:
86:d4:8b:c7:b5:2c:3b:b1:cf:04:87:ac:34:22:25:
74:86:50:8d:d8:ff:30:ee:a2:aa:a5:1d:b7:9a:e7:
7f:12:e4:24:68:8b:5d:80:8a:ec:52:44:2f:c9:e1:
c2:64:f3:d4:07:94:91:c2:c4:fb:c1:f2:2e:17:ce:
e9:1b:dd:e8:d1:0a:83:6d:6b:79:09:df:99:7c:25:
93:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:F4:25:42:44:16:FA:71:F2:D2:0B:99:2F:66:BD:D7:D3:2F:0B:11
X509v3 Authority Key Identifier:
keyid:ED:FF:FB:3C:66:1E:2F:78:A5:78:5B:E9:59:16:04:4B:06:AF:51:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f_7PGYeL3ileFvpWRYESwavUdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a38e4f-4d10-4b9f-8f2f-a9893545c3c5/1/yfQlQkQW-nHy0guZL2a919MvCxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a38e4f-4d10-4b9f-8f2f-a9893545c3c5/1/7f_7PGYeL3ileFvpWRYESwavUdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.128.0/23
193.163.41.0/24
Signature Algorithm: sha256WithRSAEncryption
48:a5:19:e0:e3:24:b2:1c:b6:eb:ac:66:ee:bc:55:b4:c7:5e:
ca:8a:60:fc:e6:f2:ba:63:eb:dd:15:2c:e0:a3:cc:6b:37:4b:
94:cd:b9:b5:89:c2:67:86:e6:ae:5f:58:3b:26:08:38:67:8a:
26:e2:fd:1b:79:f7:98:3a:ce:6a:18:d1:45:6a:c4:a3:4c:98:
5d:5b:d9:50:95:11:f8:c5:6a:40:cb:8f:e8:40:a6:e0:f9:f2:
34:75:98:b6:13:7d:09:c7:cc:5d:6b:8c:51:6a:01:b1:f0:d5:
50:80:e6:0e:85:21:62:ce:44:d5:7b:cb:df:14:0a:55:34:aa:
d4:a6:75:3d:92:ff:81:73:95:2c:81:1e:c8:a8:ed:c5:b3:0c:
32:82:19:f1:95:d1:20:56:2b:f3:8a:c6:0f:30:9d:c9:3a:0c:
67:03:0b:1b:60:42:f8:58:8e:23:f1:93:83:36:2c:5e:53:ba:
7d:44:ab:bf:44:49:db:d3:f6:7e:11:92:3a:25:69:4e:ef:dc:
02:44:6c:0f:bf:aa:0f:3b:52:55:a9:83:93:2c:93:24:52:41:
b3:fb:75:fe:4e:07:76:b8:b2:a4:2a:e0:5c:61:9d:d5:39:a4:
1b:83:40:81:e3:e3:d4:9c:04:0a:89:ca:e3:17:52:d5:da:18:
eb:17:38:2a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY9PVJ5jVlM4v66ue1mnE0HBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkZmZmYjNjNjYxZTJmNzhhNTc4NWJlOTU5MTYwNDRiMDZh
ZjUxZDIwHhcNMjQwNTA2MTkxNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWY0MjU0MjQ0MTZmYTcxZjJkMjBiOTkyZjY2YmRkN2QzMmYwYjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9T75/O0U5J5ZGVqoS8IwiQYTD88W
IVmVv6G0iBHQrFQ08aHnDvvWzRttdaT54z+rE2HiEfihv3DGehvUzj9NqHy/JnVc
lLtnxmDeLtkJzzRm02MxiK46D1OLpTrPub22/5Nof69tz1tnAMikj8xjBZZuZO6J
cRBpwwoVuDbJlmSAAnk4Pk2FmMHUj7xze6Bq+zC80vW+R5lCpqOzVL+tcp06ZRdW
O1D7qM3MgIdrpOfjYdSG1IvHtSw7sc8Eh6w0IiV0hlCN2P8w7qKqpR23mud/EuQk
aItdgIrsUkQvyeHCZPPUB5SRwsT7wfIuF87pG93o0QqDbWt5Cd+ZfCWTgQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMn0JUJEFvpx8tILmS9mvdfTLwsRMB8GA1UdIwQY
MBaAFO3/+zxmHi94pXhb6VkWBEsGr1HSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2ZfN1BHWWVMM2lsZUZ2cFdSWUVTd2F2VWRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hMzhlNGYtNGQxMC00YjlmLThmMmYt
YTk4OTM1NDVjM2M1LzEveWZRbFFrUVctbkh5MGd1WkwyYTkxOU12Q3hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hMzhlNGYtNGQxMC00YjlmLThmMmYtYTk4OTM1NDVjM2M1
LzEvN2ZfN1BHWWVMM2lsZUZ2cFdSWUVTd2F2VWRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBBbaAAwQA
waMpMA0GCSqGSIb3DQEBCwUAA4IBAQBIpRng4ySyHLbrrGbuvFW0x17KimD85vK6
Y+vdFSzgo8xrN0uUzbm1icJnhuauX1g7Jgg4Z4om4v0befeYOs5qGNFFasSjTJhd
W9lQlRH4xWpAy4/oQKbg+fI0dZi2E30Jx8xda4xRagGx8NVQgOYOhSFizkTVe8vf
FApVNKrUpnU9kv+Bc5UsgR7IqO3FswwyghnxldEgVivzisYPMJ3JOgxnAwsbYEL4
WI4j8ZODNixeU7p9RKu/REnb0/Z+EZI6JWlO79wCRGwPv6oPO1JVqYOTLJMkUkGz
+3X+Tgd2uLKkKuBcYZ3VOaQbg0CB4+PUnAQKicrjF1LV2hjrFzgq
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:58:40 2024 by rpki-client on console-ams.rpki-client.org