Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/3be899-a52f-43ad-8e89-f1cd9fa28cc5/1/ybr8aGIGQEUnc0XEU9RkgKHAaAQ.roa
File: ybr8aGIGQEUnc0XEU9RkgKHAaAQ.roa (raw, json)
Hash identifier: MwlbPRXndofjZQOwiG5FTif9Y78TRkXVVCgKIF4p5F8=
Subject key identifier: C9:BA:FC:68:62:06:40:45:27:73:45:C4:53:D4:64:80:A1:C0:68:04
Certificate issuer: /CN=b79de9458d190e634329f9df1503b5222c1624ee
Certificate serial: 01909D5B72E35964B637992CB6C1724378D9
Authority key identifier: B7:9D:E9:45:8D:19:0E:63:43:29:F9:DF:15:03:B5:22:2C:16:24:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t53pRY0ZDmNDKfnfFQO1IiwWJO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/3be899-a52f-43ad-8e89-f1cd9fa28cc5/1/ybr8aGIGQEUnc0XEU9RkgKHAaAQ.roa
Signing time: Wed 10 Jul 2024 15:55:34 +0000
ROA not before: Wed 10 Jul 2024 15:55:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61076
IP address blocks: 91.198.102.0/24 maxlen: 24
185.231.52.0/24 maxlen: 24
185.231.53.0/24 maxlen: 24
185.231.54.0/24 maxlen: 24
185.231.55.0/24 maxlen: 24
2a0c:4100::/32 maxlen: 32
2a0c:4101::/32 maxlen: 32
2a0c:4102::/32 maxlen: 32
2a0c:4103::/32 maxlen: 32
2a0c:4104::/32 maxlen: 32
2a0c:4105::/32 maxlen: 32
2a0c:4106::/32 maxlen: 32
2a0c:4107::/32 maxlen: 32
2a13:bc80::/32 maxlen: 32
2a13:bc81::/32 maxlen: 32
2a13:bc82::/32 maxlen: 32
2a13:bc83::/32 maxlen: 32
2a13:bc84::/32 maxlen: 32
2a13:bc85::/32 maxlen: 32
2a13:bc86::/32 maxlen: 32
2a13:bc87::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/3be899-a52f-43ad-8e89-f1cd9fa28cc5/1/t53pRY0ZDmNDKfnfFQO1IiwWJO4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/3be899-a52f-43ad-8e89-f1cd9fa28cc5/1/t53pRY0ZDmNDKfnfFQO1IiwWJO4.mft
rsync://rpki.ripe.net/repository/DEFAULT/t53pRY0ZDmNDKfnfFQO1IiwWJO4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9d:5b:72:e3:59:64:b6:37:99:2c:b6:c1:72:43:78:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b79de9458d190e634329f9df1503b5222c1624ee
Validity
Not Before: Jul 10 15:55:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9bafc6862064045277345c453d46480a1c06804
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b0:42:4e:b8:4b:45:5b:3b:cb:a9:2a:d8:ff:
f8:e5:29:ec:b0:7d:e5:23:d7:d4:ef:66:f7:75:1e:
b0:64:98:37:b6:cc:27:23:4e:35:00:48:31:7c:ea:
3c:8b:e4:ba:54:05:12:1f:5d:9a:ae:ae:2c:c1:90:
30:e9:13:19:d3:7f:7c:62:b2:35:82:c5:f8:7a:c6:
6e:f9:e7:df:e8:7e:7d:a3:8a:77:95:3f:e0:91:6f:
d2:58:e0:e2:16:d1:24:bb:21:f8:10:bc:f5:e4:79:
49:53:46:95:5c:93:92:5d:e1:d1:f2:fd:aa:a2:a4:
68:c6:61:23:ec:f4:da:9d:cb:95:6d:3d:50:13:29:
f9:a2:2c:ba:92:e9:0f:72:1a:8a:7d:ca:f6:16:57:
f2:8c:47:f1:4d:bf:fd:0c:5d:2c:83:b6:4c:b7:5a:
2d:b1:18:0a:fe:44:b0:87:a6:2e:36:45:2c:85:8a:
9e:39:ee:67:99:cf:94:20:1c:23:27:79:d1:66:aa:
de:89:8a:04:a9:45:82:61:33:df:2b:3c:60:32:e5:
3d:e1:8d:b3:1d:55:35:2e:a2:92:26:92:2b:57:05:
97:0f:63:ed:0c:6f:20:5b:06:b8:d4:89:46:65:af:
aa:ce:a9:c6:e6:ad:bb:55:cd:09:72:30:75:3a:b9:
6a:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:BA:FC:68:62:06:40:45:27:73:45:C4:53:D4:64:80:A1:C0:68:04
X509v3 Authority Key Identifier:
keyid:B7:9D:E9:45:8D:19:0E:63:43:29:F9:DF:15:03:B5:22:2C:16:24:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t53pRY0ZDmNDKfnfFQO1IiwWJO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/3be899-a52f-43ad-8e89-f1cd9fa28cc5/1/ybr8aGIGQEUnc0XEU9RkgKHAaAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/3be899-a52f-43ad-8e89-f1cd9fa28cc5/1/t53pRY0ZDmNDKfnfFQO1IiwWJO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.102.0/24
185.231.52.0/22
IPv6:
2a0c:4100::/29
2a13:bc80::/29
Signature Algorithm: sha256WithRSAEncryption
0d:a9:6d:03:d6:c2:28:50:1b:78:69:06:dc:b7:17:89:e4:0e:
99:be:f4:f4:53:44:45:d4:1e:b6:13:e7:9e:f2:ba:9e:ff:d9:
61:fb:f3:d4:55:fc:99:56:c3:f4:03:1d:f5:51:82:6d:d8:b1:
84:85:c8:2f:fc:ac:04:d2:d0:00:69:b7:b1:9e:97:83:b3:4d:
3e:ac:16:6e:1a:12:cd:a2:bb:a3:8e:f4:93:91:3b:18:39:f6:
13:fe:a5:7a:9e:1a:1e:4d:11:30:dc:62:5a:d7:35:aa:2d:c6:
10:82:dd:e9:10:5f:da:69:4f:da:6e:42:5e:4a:4a:35:db:d2:
d5:be:b4:70:df:74:90:7f:6e:ee:c9:fe:ad:a8:ac:d8:23:bc:
b1:3d:de:58:1d:13:4a:83:43:e9:39:70:4c:35:fc:05:5c:7b:
3e:fc:57:e2:60:7a:b4:c5:fc:ca:ae:4f:9b:e5:c3:18:48:00:
b6:45:7c:ad:47:df:4c:3a:90:76:34:67:81:9c:e0:91:02:e3:
b4:2e:c0:5a:40:f5:0b:d8:c4:71:8c:be:17:80:d8:28:a0:da:
bc:7e:7b:36:f3:b2:66:42:c2:ea:22:1a:e3:ab:24:5a:1a:99:
45:6b:13:91:9f:8f:93:1e:0e:9b:0c:1d:97:42:ef:63:70:b0:
84:48:df:75
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZCdW3LjWWS2N5kstsFyQ3jZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3OWRlOTQ1OGQxOTBlNjM0MzI5ZjlkZjE1MDNiNTIyMmMx
NjI0ZWUwHhcNMjQwNzEwMTU1NTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWJhZmM2ODYyMDY0MDQ1Mjc3MzQ1YzQ1M2Q0NjQ4MGExYzA2ODA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrBCTrhLRVs7y6kq2P/45SnssH3l
I9fU72b3dR6wZJg3tswnI041AEgxfOo8i+S6VAUSH12arq4swZAw6RMZ0398YrI1
gsX4esZu+eff6H59o4p3lT/gkW/SWODiFtEkuyH4ELz15HlJU0aVXJOSXeHR8v2q
oqRoxmEj7PTancuVbT1QEyn5oiy6kukPchqKfcr2FlfyjEfxTb/9DF0sg7ZMt1ot
sRgK/kSwh6YuNkUshYqeOe5nmc+UIBwjJ3nRZqreiYoEqUWCYTPfKzxgMuU94Y2z
HVU1LqKSJpIrVwWXD2PtDG8gWwa41IlGZa+qzqnG5q27Vc0JcjB1Orlq8QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFMm6/GhiBkBFJ3NFxFPUZIChwGgEMB8GA1UdIwQY
MBaAFLed6UWNGQ5jQyn53xUDtSIsFiTuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDUzcFJZMFpEbU5ES2ZuZkZRTzFJaXdXSk80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8zYmU4OTktYTUyZi00M2FkLThlODkt
ZjFjZDlmYTI4Y2M1LzEveWJyOGFHSUdRRVVuYzBYRVU5UmtnS0hBYUFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8zYmU4OTktYTUyZi00M2FkLThlODktZjFjZDlmYTI4Y2M1
LzEvdDUzcFJZMFpEbU5ES2ZuZkZRTzFJaXdXSk80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQAW8ZmAwQC
uec0MBQEAgACMA4DBQMqDEEAAwUDKhO8gDANBgkqhkiG9w0BAQsFAAOCAQEADalt
A9bCKFAbeGkG3LcXieQOmb709FNERdQethPnnvK6nv/ZYfvz1FX8mVbD9AMd9VGC
bdixhIXIL/ysBNLQAGm3sZ6Xg7NNPqwWbhoSzaK7o470k5E7GDn2E/6lep4aHk0R
MNxiWtc1qi3GEILd6RBf2mlP2m5CXkpKNdvS1b60cN90kH9u7sn+rais2CO8sT3e
WB0TSoND6TlwTDX8BVx7PvxX4mB6tMX8yq5Pm+XDGEgAtkV8rUffTDqQdjRngZzg
kQLjtC7AWkD1C9jEcYy+F4DYKKDavH57NvOyZkLC6iIa46skWhqZRWsTkZ+Pkx4O
mwwdl0LvY3CwhEjfdQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:27:01 2024 by rpki-client on console-ams.rpki-client.org