Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/4a293b-4c41-428c-9287-bd98b3e90e43/1/YnQVXFSEtcGKj1ySWNPnigrh_Gc.roa
File: YnQVXFSEtcGKj1ySWNPnigrh_Gc.roa (raw, json)
Hash identifier: VlFeFiluJIvfKSFDOZfcweQlAbqR/4Z279IH3fV7Yp4=
Subject key identifier: 62:74:15:5C:54:84:B5:C1:8A:8F:5C:92:58:D3:E7:8A:0A:E1:FC:67
Certificate issuer: /CN=1bdbc41144448065313ef0b82e1ccf7ae6ea5720
Certificate serial: 018D0CCE43F84AE63A42B131909786F29A46
Authority key identifier: 1B:DB:C4:11:44:44:80:65:31:3E:F0:B8:2E:1C:CF:7A:E6:EA:57:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G9vEEUREgGUxPvC4LhzPeubqVyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/4a293b-4c41-428c-9287-bd98b3e90e43/1/YnQVXFSEtcGKj1ySWNPnigrh_Gc.roa
Signing time: Mon 15 Jan 2024 11:07:40 +0000
ROA not before: Mon 15 Jan 2024 11:07:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13101
IP address blocks: 80.66.192.0/22 maxlen: 22
217.26.232.0/21 maxlen: 21
113.30.180.0/22 maxlen: 22
185.181.128.0/22 maxlen: 22
113.30.220.0/22 maxlen: 22
185.152.144.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/4a293b-4c41-428c-9287-bd98b3e90e43/1/G9vEEUREgGUxPvC4LhzPeubqVyA.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/4a293b-4c41-428c-9287-bd98b3e90e43/1/G9vEEUREgGUxPvC4LhzPeubqVyA.mft
rsync://rpki.ripe.net/repository/DEFAULT/G9vEEUREgGUxPvC4LhzPeubqVyA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0c:ce:43:f8:4a:e6:3a:42:b1:31:90:97:86:f2:9a:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bdbc41144448065313ef0b82e1ccf7ae6ea5720
Validity
Not Before: Jan 15 11:07:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6274155c5484b5c18a8f5c9258d3e78a0ae1fc67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:b0:97:a7:29:33:20:24:a4:c2:52:d4:c1:72:
0b:8f:e1:37:b0:9f:dd:9a:25:ab:d4:b0:d9:25:e5:
67:bf:b5:f1:2c:8a:b8:f3:f0:15:e9:8c:d5:ac:0d:
5e:d8:8a:18:de:2f:cf:d8:15:55:28:8b:14:12:5f:
5d:84:3b:a9:02:39:56:46:7a:f8:6d:2c:6e:65:2b:
58:e9:d8:03:de:4c:36:2c:1a:13:68:97:8e:d2:f5:
bd:58:82:29:fd:f6:be:d4:18:b8:86:1c:d8:6f:dc:
41:66:22:fd:69:dd:cd:93:ee:45:d3:ca:6c:23:d5:
99:59:23:5a:0f:a0:3a:5b:21:d6:51:78:ef:58:cf:
79:62:59:20:97:69:3c:82:65:43:5a:87:29:e4:62:
39:57:2d:ac:32:9d:fb:71:33:fe:97:a6:d9:db:59:
dd:b3:d0:80:e0:8f:d3:29:39:20:58:de:23:08:14:
86:7f:d2:4b:bc:a7:80:cb:c6:0a:0e:f3:82:5a:09:
0c:00:ca:60:5d:b5:b8:6d:6d:57:eb:ed:d5:b5:fc:
5f:2d:b7:55:9a:17:04:37:82:c0:11:4b:56:b5:57:
ce:af:84:1c:03:ed:79:71:6f:b0:95:e8:1d:14:4d:
58:91:b4:06:5c:96:db:dc:54:9f:28:44:44:80:16:
c5:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:74:15:5C:54:84:B5:C1:8A:8F:5C:92:58:D3:E7:8A:0A:E1:FC:67
X509v3 Authority Key Identifier:
keyid:1B:DB:C4:11:44:44:80:65:31:3E:F0:B8:2E:1C:CF:7A:E6:EA:57:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G9vEEUREgGUxPvC4LhzPeubqVyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4a293b-4c41-428c-9287-bd98b3e90e43/1/YnQVXFSEtcGKj1ySWNPnigrh_Gc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/4a293b-4c41-428c-9287-bd98b3e90e43/1/G9vEEUREgGUxPvC4LhzPeubqVyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.192.0/22
113.30.180.0/22
113.30.220.0/22
185.152.144.0/22
185.181.128.0/22
217.26.232.0/21
Signature Algorithm: sha256WithRSAEncryption
7d:61:b9:27:b2:5d:41:27:f1:ee:d5:b5:7f:a7:0b:cc:c4:07:
30:1f:b5:69:0d:52:fc:42:29:9e:67:d9:f2:0a:3e:84:ba:c8:
0b:0a:37:7c:b6:f7:ce:9d:71:cb:d2:54:32:07:26:1e:59:ed:
84:5e:f0:ea:1f:83:3e:0f:bc:4b:3a:cf:99:c6:9c:17:f7:a4:
16:66:8b:cc:83:9c:1e:e8:25:79:f1:a0:c0:3e:0e:88:b1:2f:
82:e7:b1:6b:62:aa:54:f3:d7:d3:89:a2:70:b3:85:d4:38:2a:
04:e9:8f:c4:e2:1f:36:7b:ba:c2:b2:e0:bc:43:7c:27:1e:a4:
7e:df:fa:2a:1f:08:83:bc:48:54:40:5a:c5:51:e1:99:8d:59:
74:d3:cb:79:bd:99:31:d5:39:e9:2c:b4:cf:63:d8:15:9b:44:
85:6a:52:34:69:dd:3c:9d:9f:d8:1a:39:c2:51:de:49:65:b0:
f5:4f:0c:87:c3:fa:6b:a8:46:aa:c6:fa:80:68:10:cc:b1:a4:
1a:81:7e:8c:a2:9d:0c:f3:84:1c:4a:af:b6:3c:26:de:27:35:
46:24:8c:06:40:99:ee:ab:92:87:db:e2:0d:09:50:7a:3a:d3:
05:e2:64:07:93:35:a3:89:21:19:cf:1d:f2:2e:ce:ac:ee:58:
78:79:2f:44
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY0MzkP4SuY6QrExkJeG8ppGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZGJjNDExNDQ0NDgwNjUzMTNlZjBiODJlMWNjZjdhZTZl
YTU3MjAwHhcNMjQwMTE1MTEwNzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Mjc0MTU1YzU0ODRiNWMxOGE4ZjVjOTI1OGQzZTc4YTBhZTFmYzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbCXpykzICSkwlLUwXILj+E3sJ/d
miWr1LDZJeVnv7XxLIq48/AV6YzVrA1e2IoY3i/P2BVVKIsUEl9dhDupAjlWRnr4
bSxuZStY6dgD3kw2LBoTaJeO0vW9WIIp/fa+1Bi4hhzYb9xBZiL9ad3Nk+5F08ps
I9WZWSNaD6A6WyHWUXjvWM95Ylkgl2k8gmVDWocp5GI5Vy2sMp37cTP+l6bZ21nd
s9CA4I/TKTkgWN4jCBSGf9JLvKeAy8YKDvOCWgkMAMpgXbW4bW1X6+3VtfxfLbdV
mhcEN4LAEUtWtVfOr4QcA+15cW+wlegdFE1YkbQGXJbb3FSfKEREgBbFiwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGJ0FVxUhLXBio9ckljT54oK4fxnMB8GA1UdIwQY
MBaAFBvbxBFERIBlMT7wuC4cz3rm6lcgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzl2RUVVUkVnR1V4UHZDNExoelBldWJxVnlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy80YTI5M2ItNGM0MS00MjhjLTkyODct
YmQ5OGIzZTkwZTQzLzEvWW5RVlhGU0V0Y0dLajF5U1dOUG5pZ3JoX0djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy80YTI5M2ItNGM0MS00MjhjLTkyODctYmQ5OGIzZTkwZTQz
LzEvRzl2RUVVUkVnR1V4UHZDNExoelBldWJxVnlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCUELAAwQC
cR60AwQCcR7cAwQCuZiQAwQCubWAAwQD2RroMA0GCSqGSIb3DQEBCwUAA4IBAQB9
Ybknsl1BJ/Hu1bV/pwvMxAcwH7VpDVL8QimeZ9nyCj6EusgLCjd8tvfOnXHL0lQy
ByYeWe2EXvDqH4M+D7xLOs+ZxpwX96QWZovMg5we6CV58aDAPg6IsS+C57FrYqpU
89fTiaJws4XUOCoE6Y/E4h82e7rCsuC8Q3wnHqR+3/oqHwiDvEhUQFrFUeGZjVl0
08t5vZkx1TnpLLTPY9gVm0SFalI0ad08nZ/YGjnCUd5JZbD1TwyHw/prqEaqxvqA
aBDMsaQagX6Mop0M84QcSq+2PCbeJzVGJIwGQJnuq5KH2+INCVB6OtMF4mQHkzWj
iSEZzx3yLs6s7lh4eS9E
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:19:03 2024 by rpki-client on console-ams.rpki-client.org