Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/YCUiy90Jw4qTY7cYPCKbMqUHd-8.roa
File: YCUiy90Jw4qTY7cYPCKbMqUHd-8.roa (raw, json)
Hash identifier: 8Rzlt7thUsdTJdRr8bceclLfRg/lXj+ZFkte9Psa8MU=
Subject key identifier: 60:25:22:CB:DD:09:C3:8A:93:63:B7:18:3C:22:9B:32:A5:07:77:EF
Certificate issuer: /CN=5a43e9e267956e7f262c17f0089f0f60ba7abefb
Certificate serial: 018CC6B7BB664C96AB0EE9A816D63BAF1F25
Authority key identifier: 5A:43:E9:E2:67:95:6E:7F:26:2C:17:F0:08:9F:0F:60:BA:7A:BE:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/YCUiy90Jw4qTY7cYPCKbMqUHd-8.roa
Signing time: Mon 01 Jan 2024 20:29:38 +0000
ROA not before: Mon 01 Jan 2024 20:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58250
IP address blocks: 78.93.178.0/24 maxlen: 24
78.93.82.0/23 maxlen: 23
86.60.127.0/24 maxlen: 24
212.93.203.0/24 maxlen: 24
86.60.32.0/19 maxlen: 19
78.93.10.0/24 maxlen: 24
78.93.117.0/24 maxlen: 24
86.60.56.0/21 maxlen: 21
2a02:df4::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/WkPp4meVbn8mLBfwCJ8PYLp6vvs.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/WkPp4meVbn8mLBfwCJ8PYLp6vvs.mft
rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 08:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:bb:66:4c:96:ab:0e:e9:a8:16:d6:3b:af:1f:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a43e9e267956e7f262c17f0089f0f60ba7abefb
Validity
Not Before: Jan 1 20:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=602522cbdd09c38a9363b7183c229b32a50777ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:11:b3:8e:fa:14:0d:e0:78:c0:b1:dc:a4:19:
8c:5a:81:b0:e0:54:03:ab:ec:c2:8c:8b:16:a9:f0:
53:bf:fd:a6:8d:69:5e:6c:ab:a0:74:cf:36:f4:dc:
f6:38:22:18:ae:df:5e:45:64:66:f4:45:5f:99:cd:
18:f0:f4:13:37:aa:2e:7b:bc:53:da:17:c2:59:5c:
2a:99:be:53:b9:86:8d:80:bd:e0:2b:dc:f4:c8:99:
68:38:ba:10:04:cc:d7:a4:34:25:d8:f4:69:58:e4:
56:b1:03:be:be:6f:58:ef:7d:7f:1d:44:a7:15:8d:
64:03:f2:1f:45:44:ff:96:2e:99:dc:10:6f:47:b9:
d4:f2:99:9c:9d:d0:d4:76:09:01:b6:6b:e3:84:a3:
a8:95:4a:24:c0:22:e4:0e:4e:b6:02:5a:f9:b6:13:
59:a2:cf:79:48:0c:0c:c4:df:ad:92:05:0d:74:d6:
11:25:1e:2e:d7:10:80:99:0b:6e:00:da:3e:81:d5:
7e:b6:ed:c4:35:9f:0b:5d:3c:aa:2e:50:6e:0c:bb:
b9:dc:b4:9c:28:44:05:8d:9a:f6:84:d2:2a:41:6c:
49:df:fd:54:bd:73:88:8c:46:25:31:97:a6:25:60:
02:2a:ab:30:df:61:03:17:f0:2a:de:58:10:19:4e:
ec:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:25:22:CB:DD:09:C3:8A:93:63:B7:18:3C:22:9B:32:A5:07:77:EF
X509v3 Authority Key Identifier:
keyid:5A:43:E9:E2:67:95:6E:7F:26:2C:17:F0:08:9F:0F:60:BA:7A:BE:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/YCUiy90Jw4qTY7cYPCKbMqUHd-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/WkPp4meVbn8mLBfwCJ8PYLp6vvs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.93.10.0/24
78.93.82.0/23
78.93.117.0/24
78.93.178.0/24
86.60.32.0/19
86.60.127.0/24
212.93.203.0/24
IPv6:
2a02:df4::/32
Signature Algorithm: sha256WithRSAEncryption
6c:8d:94:c2:80:7f:87:b4:0f:34:b1:9b:30:b1:45:b3:ff:37:
45:b1:f9:e8:44:eb:08:ce:59:8d:0c:e6:1a:c2:71:bf:f2:46:
e1:05:01:ef:0c:7d:95:4c:c2:41:9f:c1:15:c9:7e:15:dc:9c:
bc:d9:ec:40:d7:ee:48:fa:8d:a6:37:01:a8:1e:a5:6a:2c:2b:
67:46:ac:83:22:60:38:29:5a:99:d9:36:35:e1:dd:86:66:cd:
f7:87:4e:0f:6f:e8:e2:85:e9:e1:e0:9d:95:cd:9a:ad:8c:a8:
66:61:42:d0:61:78:36:d3:57:83:21:c8:1e:86:42:8f:eb:b7:
f5:8b:01:14:d4:b5:06:4a:64:e3:d8:d6:5d:13:21:26:5b:75:
6e:6a:1e:99:31:1f:09:c5:cc:3e:5f:3a:8f:b5:d9:01:53:26:
0b:3a:5a:06:54:7c:86:b4:04:7b:a0:fc:b3:bc:4d:b3:f2:8d:
dd:f3:98:83:eb:6d:41:3e:9a:34:0a:72:50:ae:16:00:77:eb:
ba:80:ba:34:ae:2e:0c:5e:13:51:26:9c:ed:56:cb:87:42:37:
f3:02:a8:a1:85:ae:1e:82:2d:fe:33:2f:e0:49:70:58:8d:14:
fe:2c:bf:e0:56:57:46:29:d9:3c:4a:4b:98:3f:1f:8c:f1:25:
88:27:2f:6e
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzGt7tmTJarDumoFtY7rx8lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNDNlOWUyNjc5NTZlN2YyNjJjMTdmMDA4OWYwZjYwYmE3
YWJlZmIwHhcNMjQwMTAxMjAyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDI1MjJjYmRkMDljMzhhOTM2M2I3MTgzYzIyOWIzMmE1MDc3N2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxGzjvoUDeB4wLHcpBmMWoGw4FQD
q+zCjIsWqfBTv/2mjWlebKugdM829Nz2OCIYrt9eRWRm9EVfmc0Y8PQTN6oue7xT
2hfCWVwqmb5TuYaNgL3gK9z0yJloOLoQBMzXpDQl2PRpWORWsQO+vm9Y731/HUSn
FY1kA/IfRUT/li6Z3BBvR7nU8pmcndDUdgkBtmvjhKOolUokwCLkDk62Alr5thNZ
os95SAwMxN+tkgUNdNYRJR4u1xCAmQtuANo+gdV+tu3ENZ8LXTyqLlBuDLu53LSc
KEQFjZr2hNIqQWxJ3/1UvXOIjEYlMZemJWACKqsw32EDF/Aq3lgQGU7svQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFGAlIsvdCcOKk2O3GDwimzKlB3fvMB8GA1UdIwQY
MBaAFFpD6eJnlW5/JiwX8AifD2C6er77MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2tQcDRtZVZibjhtTEJmd0NKOFBZTHA2dnZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8wNjQ0NGMtOWQ5Yi00YzZiLTk1MGIt
NzljODk4N2E4YjFjLzEvWUNVaXk5MEp3NHFUWTdjWVBDS2JNcVVIZC04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8wNjQ0NGMtOWQ5Yi00YzZiLTk1MGItNzljODk4N2E4YjFj
LzEvV2tQcDRtZVZibjhtTEJmd0NKOFBZTHA2dnZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQATl0KAwQB
Tl1SAwQATl11AwQATl2yAwQFVjwgAwQAVjx/AwQA1F3LMA0EAgACMAcDBQAqAg30
MA0GCSqGSIb3DQEBCwUAA4IBAQBsjZTCgH+HtA80sZswsUWz/zdFsfnoROsIzlmN
DOYawnG/8kbhBQHvDH2VTMJBn8EVyX4V3Jy82exA1+5I+o2mNwGoHqVqLCtnRqyD
ImA4KVqZ2TY14d2GZs33h04Pb+jihenh4J2VzZqtjKhmYULQYXg201eDIcgehkKP
67f1iwEU1LUGSmTj2NZdEyEmW3Vuah6ZMR8Jxcw+XzqPtdkBUyYLOloGVHyGtAR7
oPyzvE2z8o3d85iD621BPpo0CnJQrhYAd+u6gLo0ri4MXhNRJpztVsuHQjfzAqih
ha4egi3+My/gSXBYjRT+LL/gVldGKdk8SkuYPx+M8SWIJy9u
-----END CERTIFICATE-----
Generated at Sat Jun 1 14:04:59 2024 by rpki-client on console-ams.rpki-client.org