Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/a92eb2-b2ba-4efd-bd09-6abb1ccb6153/1/YtR0PZxBUe0Aw-U5qhwgf09DiPM.roa
File: YtR0PZxBUe0Aw-U5qhwgf09DiPM.roa (raw, json)
Hash identifier: TLwH4jlxYkfI2CAC465j7jyEhTMO/92w9lFXybdbEk4=
Subject key identifier: 62:D4:74:3D:9C:41:51:ED:00:C3:E5:39:AA:1C:20:7F:4F:43:88:F3
Certificate issuer: /CN=93efa2bf90a23728852727f126ede65286c3ca67
Certificate serial: 0191375D9153D2C46CF5062F895F0939CE7B
Authority key identifier: 93:EF:A2:BF:90:A2:37:28:85:27:27:F1:26:ED:E6:52:86:C3:CA:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k--iv5CiNyiFJyfxJu3mUobDymc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/a92eb2-b2ba-4efd-bd09-6abb1ccb6153/1/YtR0PZxBUe0Aw-U5qhwgf09DiPM.roa
Signing time: Fri 09 Aug 2024 13:39:24 +0000
ROA not before: Fri 09 Aug 2024 13:39:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14445
IP address blocks: 164.152.216.0/24 maxlen: 24
2001:3900::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/a92eb2-b2ba-4efd-bd09-6abb1ccb6153/1/k--iv5CiNyiFJyfxJu3mUobDymc.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/a92eb2-b2ba-4efd-bd09-6abb1ccb6153/1/k--iv5CiNyiFJyfxJu3mUobDymc.mft
rsync://rpki.ripe.net/repository/DEFAULT/k--iv5CiNyiFJyfxJu3mUobDymc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:37:5d:91:53:d2:c4:6c:f5:06:2f:89:5f:09:39:ce:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93efa2bf90a23728852727f126ede65286c3ca67
Validity
Not Before: Aug 9 13:39:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62d4743d9c4151ed00c3e539aa1c207f4f4388f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:00:6b:40:eb:70:3d:6e:76:bf:f5:56:ec:f4:
7e:8e:06:77:e8:08:83:82:8b:07:63:62:7c:71:41:
48:56:36:03:f9:8b:29:07:44:35:70:de:20:c4:24:
72:c4:01:87:e9:fc:4b:83:a2:8f:b7:d4:81:b5:de:
0b:a8:a7:30:ab:57:08:24:b6:9c:b9:3a:45:59:cb:
16:0f:1f:74:01:31:5e:a3:e3:b0:d8:c1:6c:63:8f:
50:f5:5e:08:75:e6:30:64:65:e3:54:eb:96:1f:6a:
5f:b4:02:04:9b:0b:b4:dc:9c:2f:da:80:58:49:f2:
68:5e:bf:42:9c:fe:1a:f6:22:ac:3a:96:e5:83:db:
da:1d:6d:75:a6:c0:83:75:87:0e:64:b5:01:11:63:
3e:18:af:e8:6b:72:c9:7d:6a:ae:24:80:83:61:5a:
96:d3:d0:f1:dd:e3:61:8d:3c:e1:65:08:d6:9e:eb:
30:22:03:51:88:ba:da:78:ee:45:87:90:45:aa:76:
bc:93:11:81:e2:33:15:9a:39:0e:22:44:6d:a4:ae:
55:68:91:b2:69:33:b1:65:fd:78:8d:d5:6a:23:74:
bc:1b:da:b1:7d:aa:bf:45:9d:52:5d:ac:81:d8:a0:
e1:07:80:a5:99:35:7e:47:4a:d6:6d:48:4d:c3:ee:
f2:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:D4:74:3D:9C:41:51:ED:00:C3:E5:39:AA:1C:20:7F:4F:43:88:F3
X509v3 Authority Key Identifier:
keyid:93:EF:A2:BF:90:A2:37:28:85:27:27:F1:26:ED:E6:52:86:C3:CA:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k--iv5CiNyiFJyfxJu3mUobDymc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/a92eb2-b2ba-4efd-bd09-6abb1ccb6153/1/YtR0PZxBUe0Aw-U5qhwgf09DiPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/a92eb2-b2ba-4efd-bd09-6abb1ccb6153/1/k--iv5CiNyiFJyfxJu3mUobDymc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.152.216.0/24
IPv6:
2001:3900::/29
Signature Algorithm: sha256WithRSAEncryption
aa:2d:2c:34:2a:8e:1c:88:00:4b:09:2e:ef:b7:52:29:06:d4:
01:71:df:b5:56:9f:24:95:51:37:f6:bf:c1:2d:62:f8:30:82:
6b:58:98:51:05:f7:4f:8b:9b:2f:de:ac:d8:12:e9:cd:46:b0:
86:b9:bc:f3:3d:c2:0c:63:6e:5f:1d:27:88:73:2c:b9:25:12:
2d:d8:46:e5:28:10:b4:b0:2c:a4:41:a1:d4:4b:63:f3:1a:a4:
a1:8e:56:af:62:5f:e0:97:39:f1:8e:54:64:68:ae:28:fc:82:
62:23:c0:2b:16:d5:cc:dd:86:f0:ab:2f:f8:f4:e7:95:53:14:
85:f2:6a:26:a5:8b:a9:58:37:23:5d:e2:0d:62:ad:e6:72:55:
3d:4c:13:d0:35:f6:d7:9d:b7:29:e3:5b:44:c5:6f:93:2d:e0:
69:b4:77:16:22:ca:5c:63:63:f9:8d:27:8a:6d:1b:51:e7:2d:
de:5f:27:f9:13:90:33:4e:31:6c:85:d9:fb:5d:9b:b0:97:3e:
90:a4:df:08:10:36:69:8e:9f:0d:48:59:61:59:26:37:f1:25:
e7:69:1f:9b:de:c6:c3:1a:02:e8:aa:de:52:bf:54:fd:ac:a3:
15:07:31:6c:b4:f0:a0:f6:ee:8f:66:02:c1:e6:b2:51:18:63:
23:40:8f:50
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZE3XZFT0sRs9QYviV8JOc57MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzZWZhMmJmOTBhMjM3Mjg4NTI3MjdmMTI2ZWRlNjUyODZj
M2NhNjcwHhcNMjQwODA5MTMzOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmQ0NzQzZDljNDE1MWVkMDBjM2U1MzlhYTFjMjA3ZjRmNDM4OGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgBrQOtwPW52v/VW7PR+jgZ36AiD
gosHY2J8cUFIVjYD+YspB0Q1cN4gxCRyxAGH6fxLg6KPt9SBtd4LqKcwq1cIJLac
uTpFWcsWDx90ATFeo+Ow2MFsY49Q9V4IdeYwZGXjVOuWH2pftAIEmwu03Jwv2oBY
SfJoXr9CnP4a9iKsOpblg9vaHW11psCDdYcOZLUBEWM+GK/oa3LJfWquJICDYVqW
09Dx3eNhjTzhZQjWnuswIgNRiLraeO5Fh5BFqna8kxGB4jMVmjkOIkRtpK5VaJGy
aTOxZf14jdVqI3S8G9qxfaq/RZ1SXayB2KDhB4ClmTV+R0rWbUhNw+7y5QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGLUdD2cQVHtAMPlOaocIH9PQ4jzMB8GA1UdIwQY
MBaAFJPvor+QojcohScn8Sbt5lKGw8pnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvay0taXY1Q2lOeWlGSnlmeEp1M21Vb2JEeW1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9hOTJlYjItYjJiYS00ZWZkLWJkMDkt
NmFiYjFjY2I2MTUzLzEvWXRSMFBaeEJVZTBBdy1VNXFod2dmMDlEaVBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9hOTJlYjItYjJiYS00ZWZkLWJkMDktNmFiYjFjY2I2MTUz
LzEvay0taXY1Q2lOeWlGSnlmeEp1M21Vb2JEeW1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQApJjYMA0E
AgACMAcDBQMgATkAMA0GCSqGSIb3DQEBCwUAA4IBAQCqLSw0Ko4ciABLCS7vt1Ip
BtQBcd+1Vp8klVE39r/BLWL4MIJrWJhRBfdPi5sv3qzYEunNRrCGubzzPcIMY25f
HSeIcyy5JRIt2EblKBC0sCykQaHUS2PzGqShjlavYl/glznxjlRkaK4o/IJiI8Ar
FtXM3Ybwqy/49OeVUxSF8mompYupWDcjXeINYq3mclU9TBPQNfbXnbcp41tExW+T
LeBptHcWIspcY2P5jSeKbRtR5y3eXyf5E5AzTjFshdn7XZuwlz6QpN8IEDZpjp8N
SFlhWSY38SXnaR+b3sbDGgLoqt5Sv1T9rKMVBzFstPCg9u6PZgLB5rJRGGMjQI9Q
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:11:04 2024 by rpki-client on console-ams.rpki-client.org