Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/773678-e200-46af-86c1-6bd8022d2eae/1/YPZsDLLgzY_7M-GC9SiCWRi1ybo.roa
File: YPZsDLLgzY_7M-GC9SiCWRi1ybo.roa (raw, json)
Hash identifier: 9PJDi8b5z4045eOIRy/iUo+ovH8jKNIpIEnuC9ZNGWE=
Subject key identifier: 60:F6:6C:0C:B2:E0:CD:8F:FB:33:E1:82:F5:28:82:59:18:B5:C9:BA
Certificate issuer: /CN=1817a5ec18c4f2c44784adc5038356be5ae89429
Certificate serial: 019427B5E717D5028A08C068D5640EA42B1D
Authority key identifier: 18:17:A5:EC:18:C4:F2:C4:47:84:AD:C5:03:83:56:BE:5A:E8:94:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GBel7BjE8sRHhK3FA4NWvlrolCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/773678-e200-46af-86c1-6bd8022d2eae/1/YPZsDLLgzY_7M-GC9SiCWRi1ybo.roa
Signing time: Thu 02 Jan 2025 15:50:20 +0000
ROA not before: Thu 02 Jan 2025 15:50:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60154
IP address blocks: 192.251.230.0/24 maxlen: 24
193.0.129.0/24 maxlen: 24
193.0.184.0/24 maxlen: 24
193.0.212.0/24 maxlen: 24
2a0f:7ac0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/773678-e200-46af-86c1-6bd8022d2eae/1/GBel7BjE8sRHhK3FA4NWvlrolCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/773678-e200-46af-86c1-6bd8022d2eae/1/GBel7BjE8sRHhK3FA4NWvlrolCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/GBel7BjE8sRHhK3FA4NWvlrolCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:e7:17:d5:02:8a:08:c0:68:d5:64:0e:a4:2b:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1817a5ec18c4f2c44784adc5038356be5ae89429
Validity
Not Before: Jan 2 15:50:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60f66c0cb2e0cd8ffb33e182f528825918b5c9ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:bc:24:f0:64:97:d1:73:f6:46:31:76:e5:2e:
54:2f:42:e6:3e:fb:13:e1:ca:38:82:05:69:f1:44:
b3:51:9a:f2:b6:2d:86:c1:8b:fc:50:9c:06:2d:43:
fc:42:c0:13:4a:be:30:f0:02:f6:9a:cc:68:6b:4b:
67:de:bf:61:4d:be:e1:8f:3e:a8:19:1d:49:9f:03:
2d:88:28:0e:08:0a:80:cd:51:39:eb:b0:b9:ca:32:
ae:4e:9a:71:c5:5b:56:70:68:60:f0:9b:27:cb:72:
a5:51:ab:f5:f6:74:58:cf:97:a5:39:46:72:23:c9:
42:fb:17:d5:ec:4a:a6:6a:68:6d:12:8d:d3:c5:58:
73:4d:ca:4f:d9:01:48:3f:05:5d:f3:e3:4a:79:e5:
e2:f5:8e:f6:b1:08:70:d5:5b:5b:6d:a1:b9:37:e1:
da:1f:2d:2f:e4:99:fd:27:f6:8b:c5:8e:45:16:dc:
23:7d:fd:42:e6:13:93:b0:c4:f0:49:7d:25:a7:c5:
5e:f4:a5:e1:1a:02:a0:6b:c0:6f:13:4a:2f:92:83:
29:49:aa:df:91:24:5b:dc:f0:29:e2:9f:8e:cb:c2:
eb:89:5a:f7:1a:66:fd:ca:9b:20:58:6e:2e:c7:31:
cd:c2:f6:91:a9:f7:f1:2c:2a:dd:3f:2d:3b:84:af:
7d:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:F6:6C:0C:B2:E0:CD:8F:FB:33:E1:82:F5:28:82:59:18:B5:C9:BA
X509v3 Authority Key Identifier:
keyid:18:17:A5:EC:18:C4:F2:C4:47:84:AD:C5:03:83:56:BE:5A:E8:94:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBel7BjE8sRHhK3FA4NWvlrolCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/773678-e200-46af-86c1-6bd8022d2eae/1/YPZsDLLgzY_7M-GC9SiCWRi1ybo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/773678-e200-46af-86c1-6bd8022d2eae/1/GBel7BjE8sRHhK3FA4NWvlrolCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.251.230.0/24
193.0.129.0/24
193.0.184.0/24
193.0.212.0/24
IPv6:
2a0f:7ac0::/29
Signature Algorithm: sha256WithRSAEncryption
35:a4:18:ce:66:cb:76:d2:38:5a:b9:73:d5:8e:56:76:dc:34:
29:2b:af:12:be:b7:24:86:f9:b6:ef:83:9d:91:99:12:47:30:
17:71:58:08:6e:a8:ad:09:b9:a1:a8:4d:ff:a1:65:1e:37:e8:
e8:b0:ee:8b:04:c3:a3:59:93:fc:f8:21:24:26:57:17:7e:18:
0b:e3:68:5b:00:23:80:2a:84:d4:4a:35:f0:87:67:4c:0a:6a:
8d:d9:41:36:8e:9b:ba:da:45:2f:a7:af:33:a4:b2:5e:d1:9d:
b9:da:19:67:c4:82:5b:3a:d9:92:a2:ba:c9:49:22:56:c7:fa:
2e:ca:5b:bf:86:e4:62:0e:af:94:36:62:ec:05:c6:4c:9b:67:
ef:4f:49:45:d6:7c:6b:78:08:21:07:25:63:77:e7:87:6c:14:
be:75:8c:82:9b:3d:d5:53:01:21:6e:dd:a4:ed:0b:7f:ae:74:
ed:98:df:f5:fb:3b:91:46:2a:8f:5a:79:c6:5f:2e:ef:90:c9:
22:fe:eb:98:ea:5d:e5:ba:68:dc:1e:32:82:cf:56:92:d0:f1:
ab:cc:78:e2:ab:e4:ab:c3:d7:cd:d8:08:05:e2:6f:ae:49:69:
f4:c7:42:ed:45:7c:75:a1:90:cf:de:0e:a5:af:0e:d3:96:8d:
d3:47:a3:90
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQntecX1QKKCMBo1WQOpCsdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTdhNWVjMThjNGYyYzQ0Nzg0YWRjNTAzODM1NmJlNWFl
ODk0MjkwHhcNMjUwMTAyMTU1MDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGY2NmMwY2IyZTBjZDhmZmIzM2UxODJmNTI4ODI1OTE4YjVjOWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbwk8GSX0XP2RjF25S5UL0LmPvsT
4co4ggVp8USzUZryti2GwYv8UJwGLUP8QsATSr4w8AL2msxoa0tn3r9hTb7hjz6o
GR1JnwMtiCgOCAqAzVE567C5yjKuTppxxVtWcGhg8Jsny3KlUav19nRYz5elOUZy
I8lC+xfV7EqmamhtEo3TxVhzTcpP2QFIPwVd8+NKeeXi9Y72sQhw1VtbbaG5N+Ha
Hy0v5Jn9J/aLxY5FFtwjff1C5hOTsMTwSX0lp8Ve9KXhGgKga8BvE0ovkoMpSarf
kSRb3PAp4p+Oy8LriVr3Gmb9ypsgWG4uxzHNwvaRqffxLCrdPy07hK997QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGD2bAyy4M2P+zPhgvUoglkYtcm6MB8GA1UdIwQY
MBaAFBgXpewYxPLER4StxQODVr5a6JQpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JlbDdCakU4c1JIaEszRkE0Tld2bHJvbENrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC83NzM2NzgtZTIwMC00NmFmLTg2YzEt
NmJkODAyMmQyZWFlLzEvWVBac0RMTGd6WV83TS1HQzlTaUNXUmkxeWJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC83NzM2NzgtZTIwMC00NmFmLTg2YzEtNmJkODAyMmQyZWFl
LzEvR0JlbDdCakU4c1JIaEszRkE0Tld2bHJvbENrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwPvmAwQA
wQCBAwQAwQC4AwQAwQDUMA0EAgACMAcDBQMqD3rAMA0GCSqGSIb3DQEBCwUAA4IB
AQA1pBjOZst20jhauXPVjlZ23DQpK68Svrckhvm274OdkZkSRzAXcVgIbqitCbmh
qE3/oWUeN+josO6LBMOjWZP8+CEkJlcXfhgL42hbACOAKoTUSjXwh2dMCmqN2UE2
jpu62kUvp68zpLJe0Z252hlnxIJbOtmSorrJSSJWx/ouylu/huRiDq+UNmLsBcZM
m2fvT0lF1nxreAghByVjd+eHbBS+dYyCmz3VUwEhbt2k7Qt/rnTtmN/1+zuRRiqP
WnnGXy7vkMki/uuY6l3lumjcHjKCz1aS0PGrzHjiq+Srw9fN2AgF4m+uSWn0x0Lt
RXx1oZDP3g6lrw7Tlo3TR6OQ
-----END CERTIFICATE-----
Generated at Sun Apr 13 15:09:54 2025 by rpki-client