Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/4f955b-2ba5-4fc4-83f5-02dae131246f/1/Y1uXLcbZO8SHz1YiiCvOr72qzto.roa
File: Y1uXLcbZO8SHz1YiiCvOr72qzto.roa (raw, json)
Hash identifier: 03XrAGWG0N77XxqDX/vvL0jc6oXLOSZKSJovkvB+9WU=
Subject key identifier: 63:5B:97:2D:C6:D9:3B:C4:87:CF:56:22:88:2B:CE:AF:BD:AA:CE:DA
Certificate issuer: /CN=5d4fccc994e94131dc11bfc95c64585b345e01f5
Certificate serial: 018CC4934B4CB178173E3401E6063A0975F0
Authority key identifier: 5D:4F:CC:C9:94:E9:41:31:DC:11:BF:C9:5C:64:58:5B:34:5E:01:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XU_MyZTpQTHcEb_JXGRYWzReAfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/4f955b-2ba5-4fc4-83f5-02dae131246f/1/Y1uXLcbZO8SHz1YiiCvOr72qzto.roa
Signing time: Mon 01 Jan 2024 10:30:36 +0000
ROA not before: Mon 01 Jan 2024 10:30:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31424
IP address blocks: 185.83.60.0/22 maxlen: 22
77.245.16.0/20 maxlen: 20
217.147.208.0/20 maxlen: 20
185.22.104.0/22 maxlen: 22
2001:4168::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/4f955b-2ba5-4fc4-83f5-02dae131246f/1/XU_MyZTpQTHcEb_JXGRYWzReAfU.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/4f955b-2ba5-4fc4-83f5-02dae131246f/1/XU_MyZTpQTHcEb_JXGRYWzReAfU.mft
rsync://rpki.ripe.net/repository/DEFAULT/XU_MyZTpQTHcEb_JXGRYWzReAfU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:4b:4c:b1:78:17:3e:34:01:e6:06:3a:09:75:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d4fccc994e94131dc11bfc95c64585b345e01f5
Validity
Not Before: Jan 1 10:30:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=635b972dc6d93bc487cf5622882bceafbdaaceda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:89:71:3d:79:a3:df:0a:42:1e:3e:79:8d:92:
54:46:45:87:66:ce:45:f1:40:3e:66:a6:76:68:7d:
89:6a:20:91:e6:55:3f:42:3f:90:9c:bb:06:26:f1:
83:6c:32:18:5d:4e:bf:43:f1:24:89:95:02:5b:4b:
b4:25:c9:45:60:8e:54:fe:83:2e:ef:a3:18:04:7d:
28:79:6f:80:96:05:45:d3:68:e4:e7:98:f4:21:d5:
9e:12:0d:b4:a8:e0:5e:cc:7d:15:22:14:81:66:db:
f1:b0:b6:a2:85:c7:4d:b2:da:01:49:b6:10:a4:66:
30:6a:b4:4f:ee:07:1c:4f:be:9c:a6:52:ed:62:90:
f4:b3:64:bd:59:7a:9f:12:f2:bc:d4:cf:6e:09:13:
22:e9:9a:5e:ae:06:8c:b6:8f:51:f3:52:26:23:b3:
78:ea:79:2d:9e:c7:90:e5:45:a8:1f:35:7f:31:96:
3f:af:22:96:a1:38:de:1e:d9:0d:1b:41:69:a3:1d:
3b:8b:6d:ea:03:92:9d:1e:b4:23:db:34:ef:44:34:
33:19:4f:1f:f1:de:33:6a:ff:f5:f3:72:01:c6:93:
bd:18:2c:81:d1:86:61:7f:17:de:01:1e:c5:fe:b0:
df:18:20:46:fe:b0:a4:9c:1d:08:10:65:5b:67:f6:
14:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:5B:97:2D:C6:D9:3B:C4:87:CF:56:22:88:2B:CE:AF:BD:AA:CE:DA
X509v3 Authority Key Identifier:
keyid:5D:4F:CC:C9:94:E9:41:31:DC:11:BF:C9:5C:64:58:5B:34:5E:01:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XU_MyZTpQTHcEb_JXGRYWzReAfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4f955b-2ba5-4fc4-83f5-02dae131246f/1/Y1uXLcbZO8SHz1YiiCvOr72qzto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4f955b-2ba5-4fc4-83f5-02dae131246f/1/XU_MyZTpQTHcEb_JXGRYWzReAfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.245.16.0/20
185.22.104.0/22
185.83.60.0/22
217.147.208.0/20
IPv6:
2001:4168::/32
Signature Algorithm: sha256WithRSAEncryption
d9:7a:48:5b:02:e6:04:aa:49:c4:79:af:a9:da:b6:d9:79:88:
2d:f0:d5:26:dc:ba:e7:93:cf:44:19:f3:d9:17:2f:17:4c:01:
88:36:f3:47:19:a8:96:91:d1:2c:91:18:44:a6:97:d0:3b:3d:
ae:70:92:34:86:58:65:df:f8:64:e0:4b:2e:85:79:0f:93:2f:
ba:37:e6:ea:84:f8:05:a3:b6:f6:1f:29:ba:a2:f8:c6:74:3d:
68:09:ac:b3:c6:0c:8e:d5:87:30:16:6f:69:0e:94:68:f4:4a:
05:08:45:85:5b:28:e7:62:41:84:ec:f9:bb:23:4b:e3:68:8c:
d4:c7:77:b3:52:23:2f:7f:63:67:3e:1b:53:87:a5:19:6a:2e:
49:7e:14:41:f1:61:60:6d:75:6c:2a:7e:20:1a:84:b2:81:44:
f3:7c:93:67:78:9c:7f:fb:0e:3e:35:1f:26:4f:99:ba:3e:ab:
fa:20:4e:20:09:ce:97:e6:78:5b:d8:31:22:8f:e1:38:a2:2c:
40:c4:b7:37:44:2f:09:25:7c:82:56:d3:5b:66:33:e3:64:dd:
df:55:70:02:5a:a5:01:53:1b:5d:ce:91:f1:8e:39:ab:2f:15:
25:1b:ef:7b:c8:26:e1:7d:6b:16:cc:af:a1:f1:25:51:42:1e:
14:30:91:3d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzEk0tMsXgXPjQB5gY6CXXwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkNGZjY2M5OTRlOTQxMzFkYzExYmZjOTVjNjQ1ODViMzQ1
ZTAxZjUwHhcNMjQwMTAxMTAzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzViOTcyZGM2ZDkzYmM0ODdjZjU2MjI4ODJiY2VhZmJkYWFjZWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYlxPXmj3wpCHj55jZJURkWHZs5F
8UA+ZqZ2aH2JaiCR5lU/Qj+QnLsGJvGDbDIYXU6/Q/EkiZUCW0u0JclFYI5U/oMu
76MYBH0oeW+AlgVF02jk55j0IdWeEg20qOBezH0VIhSBZtvxsLaihcdNstoBSbYQ
pGYwarRP7gccT76cplLtYpD0s2S9WXqfEvK81M9uCRMi6ZpergaMto9R81ImI7N4
6nktnseQ5UWoHzV/MZY/ryKWoTjeHtkNG0Fpox07i23qA5KdHrQj2zTvRDQzGU8f
8d4zav/183IBxpO9GCyB0YZhfxfeAR7F/rDfGCBG/rCknB0IEGVbZ/YU7QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGNbly3G2TvEh89WIogrzq+9qs7aMB8GA1UdIwQY
MBaAFF1PzMmU6UEx3BG/yVxkWFs0XgH1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFVfTXlaVHBRVEhjRWJfSlhHUllXelJlQWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS80Zjk1NWItMmJhNS00ZmM0LTgzZjUt
MDJkYWUxMzEyNDZmLzEvWTF1WExjYlpPOFNIejFZaWlDdk9yNzJxenRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS80Zjk1NWItMmJhNS00ZmM0LTgzZjUtMDJkYWUxMzEyNDZm
LzEvWFVfTXlaVHBRVEhjRWJfSlhHUllXelJlQWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQETfUQAwQC
uRZoAwQCuVM8AwQE2ZPQMA0EAgACMAcDBQAgAUFoMA0GCSqGSIb3DQEBCwUAA4IB
AQDZekhbAuYEqknEea+p2rbZeYgt8NUm3Lrnk89EGfPZFy8XTAGINvNHGaiWkdEs
kRhEppfQOz2ucJI0hlhl3/hk4EsuhXkPky+6N+bqhPgFo7b2Hym6ovjGdD1oCayz
xgyO1YcwFm9pDpRo9EoFCEWFWyjnYkGE7Pm7I0vjaIzUx3ezUiMvf2NnPhtTh6UZ
ai5JfhRB8WFgbXVsKn4gGoSygUTzfJNneJx/+w4+NR8mT5m6Pqv6IE4gCc6X5nhb
2DEij+E4oixAxLc3RC8JJXyCVtNbZjPjZN3fVXACWqUBUxtdzpHxjjmrLxUlG+97
yCbhfWsWzK+h8SVRQh4UMJE9
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:28:59 2024 by rpki-client on console-ams.rpki-client.org