Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/c2fd33-fd44-4e08-b424-aa1045220b5b/1/yvRwsOSFZZKsFbEMPLgWT7pnqqM.roa
File: yvRwsOSFZZKsFbEMPLgWT7pnqqM.roa (raw, json)
Hash identifier: WvObjivsL6W97ymu7x6shoJ2Uv7iZ8DHg9Nx+NUcY5w=
Subject key identifier: CA:F4:70:B0:E4:85:65:92:AC:15:B1:0C:3C:B8:16:4F:BA:67:AA:A3
Certificate issuer: /CN=232af36b9c079da091827da3d07c9c8a5236cb54
Certificate serial: 018CC424C174E8243839A6BFACE7313E10F3
Authority key identifier: 23:2A:F3:6B:9C:07:9D:A0:91:82:7D:A3:D0:7C:9C:8A:52:36:CB:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iyrza5wHnaCRgn2j0HycilI2y1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/c2fd33-fd44-4e08-b424-aa1045220b5b/1/yvRwsOSFZZKsFbEMPLgWT7pnqqM.roa
Signing time: Mon 01 Jan 2024 08:29:52 +0000
ROA not before: Mon 01 Jan 2024 08:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200984
IP address blocks: 185.89.180.0/22 maxlen: 24
2a05:da00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/c2fd33-fd44-4e08-b424-aa1045220b5b/1/Iyrza5wHnaCRgn2j0HycilI2y1Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/c2fd33-fd44-4e08-b424-aa1045220b5b/1/Iyrza5wHnaCRgn2j0HycilI2y1Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/Iyrza5wHnaCRgn2j0HycilI2y1Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 29 Jun 2024 16:01:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:c1:74:e8:24:38:39:a6:bf:ac:e7:31:3e:10:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=232af36b9c079da091827da3d07c9c8a5236cb54
Validity
Not Before: Jan 1 08:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=caf470b0e4856592ac15b10c3cb8164fba67aaa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a6:a6:3b:5b:91:21:af:2f:66:ad:20:45:bd:
ba:5c:d7:8d:5c:4f:6e:0a:7b:79:ad:58:70:82:a3:
ec:d7:3c:f8:12:83:2c:81:6b:8b:9a:85:af:0b:b0:
87:1e:25:0d:1b:c4:ec:3c:fd:24:ea:eb:aa:07:cb:
50:51:3c:9b:0d:ea:c6:a3:cb:b4:44:ee:59:97:99:
41:fa:a6:58:d6:19:a6:66:0e:e9:74:8d:c8:a5:14:
4e:1b:bd:07:cb:30:97:25:91:2c:15:eb:3c:93:2b:
bc:e4:8c:b2:0e:a1:87:17:03:41:71:f8:ca:a2:3a:
3d:b5:e6:e3:60:c2:98:99:2d:35:85:eb:ed:04:cc:
59:a4:9e:76:c6:90:08:99:14:8e:f1:1f:c7:c3:6a:
6f:c0:18:07:97:ae:c9:03:f0:b9:83:c1:e0:33:63:
8c:2e:49:8c:2e:e0:66:03:fe:7a:f9:a0:b2:4c:aa:
33:f1:56:64:09:8d:a7:27:95:0b:10:f1:33:5f:ac:
8c:e8:ad:77:ef:06:c2:a5:a2:e1:13:72:cd:0d:dc:
39:15:d1:e3:4b:e9:3d:64:51:c9:af:ba:3c:be:7b:
e5:35:13:f6:5e:c9:ec:13:6f:21:63:f3:d3:0d:15:
6e:48:53:b9:cd:14:3d:6d:42:58:64:24:13:50:0e:
44:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:F4:70:B0:E4:85:65:92:AC:15:B1:0C:3C:B8:16:4F:BA:67:AA:A3
X509v3 Authority Key Identifier:
keyid:23:2A:F3:6B:9C:07:9D:A0:91:82:7D:A3:D0:7C:9C:8A:52:36:CB:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iyrza5wHnaCRgn2j0HycilI2y1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c2fd33-fd44-4e08-b424-aa1045220b5b/1/yvRwsOSFZZKsFbEMPLgWT7pnqqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c2fd33-fd44-4e08-b424-aa1045220b5b/1/Iyrza5wHnaCRgn2j0HycilI2y1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.180.0/22
IPv6:
2a05:da00::/29
Signature Algorithm: sha256WithRSAEncryption
9a:72:81:99:98:ba:dc:0f:b5:39:c1:cb:f7:85:bd:5c:c9:99:
cb:dd:ab:52:c5:33:02:e9:1c:e1:4a:bf:5c:32:5e:a1:3a:99:
2b:bb:9a:04:ed:91:a2:e9:fa:8f:a6:a8:08:ce:ff:cd:99:b5:
26:33:98:65:45:a8:f1:12:b3:d1:52:03:56:a9:d3:76:6d:94:
74:08:51:bd:5f:a4:02:a7:40:15:45:27:1a:98:1e:49:3e:dd:
f4:db:88:ae:f2:eb:7e:50:09:6e:9a:26:53:99:b0:b8:07:ce:
73:4b:b1:36:fb:8d:71:1b:23:93:a6:d4:f2:6d:17:cd:d3:65:
a7:83:80:1c:ea:15:1e:cb:41:eb:bc:ef:ae:f6:55:e6:b2:f0:
bf:39:ba:5b:21:c6:ef:1d:15:d4:ea:01:c6:6e:a9:93:86:ab:
44:4e:d7:37:8a:5a:d5:a7:4f:46:93:2e:07:82:15:e2:8b:98:
af:12:ca:6d:4f:40:14:95:d5:c5:2f:b6:ba:de:37:87:4f:2c:
dd:06:fa:73:2b:1a:a8:74:7b:22:eb:43:8e:48:df:b7:72:88:
ee:8c:f9:53:19:ba:14:87:d3:51:47:97:4a:60:d7:2d:8d:98:
d9:a5:06:6f:4c:6b:a0:92:21:3d:2a:82:9f:95:8f:80:c4:ba:
db:3c:9d:41
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJMF06CQ4Oaa/rOcxPhDzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMmFmMzZiOWMwNzlkYTA5MTgyN2RhM2QwN2M5YzhhNTIz
NmNiNTQwHhcNMjQwMTAxMDgyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWY0NzBiMGU0ODU2NTkyYWMxNWIxMGMzY2I4MTY0ZmJhNjdhYWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqamO1uRIa8vZq0gRb26XNeNXE9u
Cnt5rVhwgqPs1zz4EoMsgWuLmoWvC7CHHiUNG8TsPP0k6uuqB8tQUTybDerGo8u0
RO5Zl5lB+qZY1hmmZg7pdI3IpRROG70HyzCXJZEsFes8kyu85IyyDqGHFwNBcfjK
ojo9tebjYMKYmS01hevtBMxZpJ52xpAImRSO8R/Hw2pvwBgHl67JA/C5g8HgM2OM
LkmMLuBmA/56+aCyTKoz8VZkCY2nJ5ULEPEzX6yM6K137wbCpaLhE3LNDdw5FdHj
S+k9ZFHJr7o8vnvlNRP2XsnsE28hY/PTDRVuSFO5zRQ9bUJYZCQTUA5EiwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMr0cLDkhWWSrBWxDDy4Fk+6Z6qjMB8GA1UdIwQY
MBaAFCMq82ucB52gkYJ9o9B8nIpSNstUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXlyemE1d0huYUNSZ24yajBIeWNpbEkyeTFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jMmZkMzMtZmQ0NC00ZTA4LWI0MjQt
YWExMDQ1MjIwYjViLzEveXZSd3NPU0ZaWktzRmJFTVBMZ1dUN3BucXFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jMmZkMzMtZmQ0NC00ZTA4LWI0MjQtYWExMDQ1MjIwYjVi
LzEvSXlyemE1d0huYUNSZ24yajBIeWNpbEkyeTFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVm0MA0E
AgACMAcDBQMqBdoAMA0GCSqGSIb3DQEBCwUAA4IBAQCacoGZmLrcD7U5wcv3hb1c
yZnL3atSxTMC6RzhSr9cMl6hOpkru5oE7ZGi6fqPpqgIzv/NmbUmM5hlRajxErPR
UgNWqdN2bZR0CFG9X6QCp0AVRScamB5JPt3024iu8ut+UAlumiZTmbC4B85zS7E2
+41xGyOTptTybRfN02Wng4Ac6hUey0HrvO+u9lXmsvC/ObpbIcbvHRXU6gHGbqmT
hqtETtc3ilrVp09Gky4HghXii5ivEsptT0AUldXFL7a63jeHTyzdBvpzKxqodHsi
60OOSN+3cojujPlTGboUh9NRR5dKYNctjZjZpQZvTGugkiE9KoKflY+AxLrbPJ1B
-----END CERTIFICATE-----
Generated at Fri Jun 28 21:13:24 2024 by rpki-client on console-fra.rpki-client.org