Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/Y5i55AsZU9w5jydALvYCE_bklZI.roa
File: Y5i55AsZU9w5jydALvYCE_bklZI.roa (raw, json)
Hash identifier: ObdkVZP0p4ABTVV/e0wAdXIK4nCMCWrMpZh/NImRaj8=
Subject key identifier: 63:98:B9:E4:0B:19:53:DC:39:8F:27:40:2E:F6:02:13:F6:E4:95:92
Certificate issuer: /CN=3517c9de927fa75beaef7885f0d88f6f4d2a0ed6
Certificate serial: 018CC64A9BFE0DA6684BBE2C67FA12DDA67F
Authority key identifier: 35:17:C9:DE:92:7F:A7:5B:EA:EF:78:85:F0:D8:8F:6F:4D:2A:0E:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRfJ3pJ_p1vq73iF8NiPb00qDtY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/Y5i55AsZU9w5jydALvYCE_bklZI.roa
Signing time: Mon 01 Jan 2024 18:30:27 +0000
ROA not before: Mon 01 Jan 2024 18:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5065
IP address blocks: 185.155.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/NRfJ3pJ_p1vq73iF8NiPb00qDtY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/NRfJ3pJ_p1vq73iF8NiPb00qDtY.mft
rsync://rpki.ripe.net/repository/DEFAULT/NRfJ3pJ_p1vq73iF8NiPb00qDtY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:9b:fe:0d:a6:68:4b:be:2c:67:fa:12:dd:a6:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3517c9de927fa75beaef7885f0d88f6f4d2a0ed6
Validity
Not Before: Jan 1 18:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6398b9e40b1953dc398f27402ef60213f6e49592
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:e2:22:32:37:f2:6d:ec:c5:8e:cc:4c:36:5c:
24:00:4e:4b:82:12:11:ab:fe:6d:ef:de:c1:40:30:
bc:29:a1:3e:7c:bf:bc:31:c8:64:f2:21:56:1f:19:
e2:25:03:51:0e:2e:30:7b:25:85:81:2e:51:9a:4c:
c0:5a:3c:23:fd:c5:22:df:d8:15:ca:cd:02:73:3f:
85:3c:86:30:f2:55:ad:06:1f:40:a1:0c:d5:4c:ea:
17:10:69:de:6d:04:31:fe:36:a2:64:19:5d:d3:ee:
24:e6:5f:cf:87:97:22:df:e5:2e:58:9d:1e:7f:03:
c4:e9:99:73:69:ef:cd:25:aa:82:a3:54:97:a7:08:
0a:48:58:ff:0a:18:74:87:1f:1d:f9:ff:59:ca:9f:
69:04:17:5f:d5:ca:1b:77:92:ef:1a:c7:dd:e1:e7:
db:dd:80:d7:aa:08:22:30:fb:79:03:bf:a3:c1:cc:
ce:47:fc:a4:7b:a0:83:bc:17:ef:12:d8:26:69:ab:
25:1b:42:bd:df:39:c7:00:09:5c:22:92:d0:e8:de:
03:06:67:eb:f7:92:f0:83:93:ac:50:8d:94:36:f0:
ce:22:a4:10:6b:3e:d8:fc:af:70:d4:69:8a:25:fb:
42:00:55:c5:7c:21:73:e2:1c:ca:df:81:c8:12:ae:
b8:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:98:B9:E4:0B:19:53:DC:39:8F:27:40:2E:F6:02:13:F6:E4:95:92
X509v3 Authority Key Identifier:
keyid:35:17:C9:DE:92:7F:A7:5B:EA:EF:78:85:F0:D8:8F:6F:4D:2A:0E:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRfJ3pJ_p1vq73iF8NiPb00qDtY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/Y5i55AsZU9w5jydALvYCE_bklZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/NRfJ3pJ_p1vq73iF8NiPb00qDtY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.155.234.0/24
Signature Algorithm: sha256WithRSAEncryption
63:a0:3e:57:ab:62:bf:a4:91:2b:89:bf:a3:aa:c6:66:7c:5e:
fb:54:26:a0:0c:bc:ed:bb:3b:ac:b0:cc:a1:6a:31:4c:ea:3d:
26:33:2d:9b:df:70:12:89:cd:4d:9a:65:72:b8:bd:a3:34:2a:
42:eb:2f:30:75:7e:00:83:3a:50:4e:5b:d9:3c:15:aa:25:31:
3e:0d:84:9d:10:d8:6e:f9:80:e4:6d:a8:cd:d2:6f:b8:40:48:
a7:9b:32:42:e1:a5:68:dc:07:c6:62:47:87:ca:3c:45:7f:20:
c1:55:4a:92:e6:b8:10:79:3f:d0:6e:6c:ab:d6:30:a4:d8:bb:
84:5a:06:d7:23:45:99:12:03:bd:97:22:47:9c:ce:3f:f6:86:
ff:6d:92:64:be:cb:54:a0:87:b6:af:22:81:8b:6e:2d:d4:71:
cc:d0:a9:0b:74:bb:b9:fe:27:2b:38:5d:17:55:05:e0:69:9b:
85:c3:ad:27:f0:7d:47:11:ae:fa:47:f8:f6:74:af:02:07:12:
16:7b:a6:43:f5:ed:80:eb:38:2b:ce:4e:b2:12:bb:d3:97:2b:
20:33:26:5c:f3:25:33:a6:5e:d2:f4:52:37:b4:90:70:e1:f5:
e9:31:9a:c3:bd:e4:87:11:8f:e1:64:cd:b2:68:fb:4d:4b:01:
af:46:53:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSpv+DaZoS74sZ/oS3aZ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MTdjOWRlOTI3ZmE3NWJlYWVmNzg4NWYwZDg4ZjZmNGQy
YTBlZDYwHhcNMjQwMTAxMTgzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Mzk4YjllNDBiMTk1M2RjMzk4ZjI3NDAyZWY2MDIxM2Y2ZTQ5NTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+IiMjfybezFjsxMNlwkAE5LghIR
q/5t797BQDC8KaE+fL+8Mchk8iFWHxniJQNRDi4weyWFgS5RmkzAWjwj/cUi39gV
ys0Ccz+FPIYw8lWtBh9AoQzVTOoXEGnebQQx/jaiZBld0+4k5l/Ph5ci3+UuWJ0e
fwPE6Zlzae/NJaqCo1SXpwgKSFj/Chh0hx8d+f9Zyp9pBBdf1cobd5LvGsfd4efb
3YDXqggiMPt5A7+jwczOR/yke6CDvBfvEtgmaaslG0K93znHAAlcIpLQ6N4DBmfr
95Lwg5OsUI2UNvDOIqQQaz7Y/K9w1GmKJftCAFXFfCFz4hzK34HIEq641wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGOYueQLGVPcOY8nQC72AhP25JWSMB8GA1UdIwQY
MBaAFDUXyd6Sf6db6u94hfDYj29NKg7WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJmSjNwSl9wMXZxNzNpRjhOaVBiMDBxRHRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy85NTRhZGUtODRiNy00NDZkLWE2ZTIt
ZmQzYjMwMDJjMGJiLzEvWTVpNTVBc1pVOXc1anlkQUx2WUNFX2JrbFpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy85NTRhZGUtODRiNy00NDZkLWE2ZTItZmQzYjMwMDJjMGJi
LzEvTlJmSjNwSl9wMXZxNzNpRjhOaVBiMDBxRHRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZvqMA0G
CSqGSIb3DQEBCwUAA4IBAQBjoD5Xq2K/pJErib+jqsZmfF77VCagDLztuzussMyh
ajFM6j0mMy2b33ASic1NmmVyuL2jNCpC6y8wdX4AgzpQTlvZPBWqJTE+DYSdENhu
+YDkbajN0m+4QEinmzJC4aVo3AfGYkeHyjxFfyDBVUqS5rgQeT/Qbmyr1jCk2LuE
WgbXI0WZEgO9lyJHnM4/9ob/bZJkvstUoIe2ryKBi24t1HHM0KkLdLu5/icrOF0X
VQXgaZuFw60n8H1HEa76R/j2dK8CBxIWe6ZD9e2A6zgrzk6yErvTlysgMyZc8yUz
pl7S9FI3tJBw4fXpMZrDveSHEY/hZM2yaPtNSwGvRlPw
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:10:08 2024 by rpki-client on console-ams.rpki-client.org