Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/Y6CBwhR5AQ0CgIm4JI_wsdmXaYY.roa
File: Y6CBwhR5AQ0CgIm4JI_wsdmXaYY.roa (raw, json)
Hash identifier: KdjuSFBdA9E0WIP7XR5i29Nra94J96wGQ8vUFDrNW30=
Subject key identifier: 63:A0:81:C2:14:79:01:0D:02:80:89:B8:24:8F:F0:B1:D9:97:69:86
Certificate issuer: /CN=8ad240603ec6ebcd62f72d46f1dc00cb7e1f0b2e
Certificate serial: 018DEA7E173852977E0BD8BA450CB6D9968B
Authority key identifier: 8A:D2:40:60:3E:C6:EB:CD:62:F7:2D:46:F1:DC:00:CB:7E:1F:0B:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/itJAYD7G681i9y1G8dwAy34fCy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/Y6CBwhR5AQ0CgIm4JI_wsdmXaYY.roa
Signing time: Tue 27 Feb 2024 12:15:48 +0000
ROA not before: Tue 27 Feb 2024 12:15:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61108
IP address blocks: 62.249.96.0/22 maxlen: 22
88.218.52.0/22 maxlen: 22
185.92.102.0/24 maxlen: 24
185.226.40.0/22 maxlen: 22
2a02:5e0:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/itJAYD7G681i9y1G8dwAy34fCy4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/itJAYD7G681i9y1G8dwAy34fCy4.mft
rsync://rpki.ripe.net/repository/DEFAULT/itJAYD7G681i9y1G8dwAy34fCy4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ea:7e:17:38:52:97:7e:0b:d8:ba:45:0c:b6:d9:96:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ad240603ec6ebcd62f72d46f1dc00cb7e1f0b2e
Validity
Not Before: Feb 27 12:15:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63a081c21479010d028089b8248ff0b1d9976986
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:df:39:74:e6:59:16:0d:01:0f:70:52:2c:26:
7b:9a:39:92:eb:78:e8:be:41:c8:7b:b6:e2:21:c7:
d2:0d:0d:58:c7:39:c8:b5:9c:9b:41:70:f8:e5:82:
70:0e:60:17:2d:30:71:5b:49:a6:a6:80:e5:63:ae:
21:3d:73:5c:2a:f5:d6:af:33:a6:cc:94:5d:ea:8f:
e7:dd:b1:4a:8d:89:bc:a6:fc:b9:51:ac:34:55:7a:
60:c9:4a:b7:ff:ec:4d:cd:01:5d:8a:9b:11:f9:06:
6c:3c:47:dd:b7:1d:15:50:eb:ab:b0:7f:c2:fd:46:
4d:93:55:41:9a:d3:c5:99:df:ed:8b:5b:72:3d:fb:
cc:31:1e:69:8a:d5:b3:07:26:5d:5e:4a:ce:5e:43:
31:81:57:12:17:0e:38:00:7a:bf:fb:01:66:8a:e4:
46:6b:9a:30:a8:ea:b6:df:54:58:a4:76:36:89:4a:
57:bb:be:17:96:33:7f:a8:09:99:31:9c:71:86:9b:
5d:5b:77:79:13:18:85:a0:c8:e8:1f:07:eb:eb:d0:
c6:b2:21:cf:84:e5:a4:4d:fa:3c:1d:ec:3a:fd:7e:
57:51:2f:8c:de:35:3e:bb:b7:b8:56:23:24:8f:f3:
39:07:d6:35:ed:2e:18:f7:0b:50:2a:b0:b9:f1:86:
10:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:A0:81:C2:14:79:01:0D:02:80:89:B8:24:8F:F0:B1:D9:97:69:86
X509v3 Authority Key Identifier:
keyid:8A:D2:40:60:3E:C6:EB:CD:62:F7:2D:46:F1:DC:00:CB:7E:1F:0B:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itJAYD7G681i9y1G8dwAy34fCy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/Y6CBwhR5AQ0CgIm4JI_wsdmXaYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/itJAYD7G681i9y1G8dwAy34fCy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.249.96.0/22
88.218.52.0/22
185.92.102.0/24
185.226.40.0/22
IPv6:
2a02:5e0:2::/48
Signature Algorithm: sha256WithRSAEncryption
8e:e0:cc:dc:66:5a:63:05:74:5d:dc:06:e9:a8:f5:80:be:ee:
08:fa:41:a7:9c:c9:72:d6:92:3e:0d:ca:37:d7:d9:1d:97:fe:
f9:cf:e1:50:1d:54:20:a5:38:ca:6a:11:0c:6b:6f:69:09:0c:
f2:34:53:86:ec:d0:32:d1:5b:d6:e6:9f:48:32:e2:96:a6:d6:
f1:d3:75:42:b9:a4:95:39:bc:46:f9:c3:eb:59:87:e0:74:b0:
0f:6d:48:81:1d:82:76:03:c6:c5:61:99:1d:a9:f6:e1:fb:16:
1f:3e:16:ca:f1:82:90:1c:67:91:e5:95:ba:c0:9e:3e:fb:cf:
a3:ee:b5:91:2d:09:e2:4a:59:9c:23:5c:20:f6:59:ca:7d:29:
ea:2e:fc:94:35:4e:e0:79:9c:7b:4b:e3:9d:98:07:fe:55:f9:
34:b0:af:f2:8a:27:77:b3:ac:c4:1a:6c:26:66:f6:d1:65:26:
da:f3:34:1c:ba:a5:19:19:36:d6:a5:9b:39:20:1f:62:73:b5:
5e:8f:ce:50:08:42:d6:12:aa:9c:88:8a:77:5b:9f:43:bc:0d:
54:0f:0a:d8:3e:1a:5e:a4:98:c5:f9:2f:b6:bf:15:0e:e8:68:
c1:c6:48:88:9e:ff:d6:88:1a:85:b5:99:ea:92:02:28:83:ea:
41:90:f9:7b
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAY3qfhc4Upd+C9i6RQy22ZaLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDI0MDYwM2VjNmViY2Q2MmY3MmQ0NmYxZGMwMGNiN2Ux
ZjBiMmUwHhcNMjQwMjI3MTIxNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2EwODFjMjE0NzkwMTBkMDI4MDg5YjgyNDhmZjBiMWQ5OTc2OTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiN85dOZZFg0BD3BSLCZ7mjmS63jo
vkHIe7biIcfSDQ1YxznItZybQXD45YJwDmAXLTBxW0mmpoDlY64hPXNcKvXWrzOm
zJRd6o/n3bFKjYm8pvy5Uaw0VXpgyUq3/+xNzQFdipsR+QZsPEfdtx0VUOursH/C
/UZNk1VBmtPFmd/ti1tyPfvMMR5pitWzByZdXkrOXkMxgVcSFw44AHq/+wFmiuRG
a5owqOq231RYpHY2iUpXu74XljN/qAmZMZxxhptdW3d5ExiFoMjoHwfr69DGsiHP
hOWkTfo8Hew6/X5XUS+M3jU+u7e4ViMkj/M5B9Y17S4Y9wtQKrC58YYQ6QIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFGOggcIUeQENAoCJuCSP8LHZl2mGMB8GA1UdIwQY
MBaAFIrSQGA+xuvNYvctRvHcAMt+HwsuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRKQVlEN0c2ODFpOXkxRzhkd0F5MzRmQ3k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy80MjUxNDktOWM2OC00MWZiLTgwMzUt
ZDc2YzhjNzM5ODYxLzEvWTZDQndoUjVBUTBDZ0ltNEpJX3dzZG1YYVlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy80MjUxNDktOWM2OC00MWZiLTgwMzUtZDc2YzhjNzM5ODYx
LzEvaXRKQVlEN0c2ODFpOXkxRzhkd0F5MzRmQ3k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQCPvlgAwQC
WNo0AwQAuVxmAwQCueIoMA8EAgACMAkDBwAqAgXgAAIwDQYJKoZIhvcNAQELBQAD
ggEBAI7gzNxmWmMFdF3cBumo9YC+7gj6QaecyXLWkj4NyjfX2R2X/vnP4VAdVCCl
OMpqEQxrb2kJDPI0U4bs0DLRW9bmn0gy4pam1vHTdUK5pJU5vEb5w+tZh+B0sA9t
SIEdgnYDxsVhmR2p9uH7Fh8+FsrxgpAcZ5HllbrAnj77z6PutZEtCeJKWZwjXCD2
Wcp9Keou/JQ1TuB5nHtL452YB/5V+TSwr/KKJ3ezrMQabCZm9tFlJtrzNBy6pRkZ
NtalmzkgH2JztV6PzlAIQtYSqpyIindbn0O8DVQPCtg+Gl6kmMX5L7a/FQ7oaMHG
SIie/9aIGoW1meqSAiiD6kGQ+Xs=
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:43:23 2024 by rpki-client on console-fra.rpki-client.org