Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/yuxNU6MO_mM_31zidZRELq1ok-4.roa
File: yuxNU6MO_mM_31zidZRELq1ok-4.roa (raw, json)
Hash identifier: TXTlevC06UgNXbAKGIlXR1AKPL8nnt1j9nA5F96g8r4=
Subject key identifier: CA:EC:4D:53:A3:0E:FE:63:3F:DF:5C:E2:75:94:44:2E:AD:68:93:EE
Certificate issuer: /CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be
Certificate serial: 018D214821D08D00125F78487F271081347A
Authority key identifier: 00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/yuxNU6MO_mM_31zidZRELq1ok-4.roa
Signing time: Fri 19 Jan 2024 10:33:11 +0000
ROA not before: Fri 19 Jan 2024 10:33:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31333
IP address blocks: 31.15.64.0/21 maxlen: 24
79.140.32.0/20 maxlen: 24
80.244.240.0/20 maxlen: 24
83.151.16.0/20 maxlen: 24
2001:4d88::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/AF_5zInGaoo6XXNKDWXGH9yFGL4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/AF_5zInGaoo6XXNKDWXGH9yFGL4.mft
rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 13 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:21:48:21:d0:8d:00:12:5f:78:48:7f:27:10:81:34:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be
Validity
Not Before: Jan 19 10:33:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=caec4d53a30efe633fdf5ce27594442ead6893ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b0:21:0c:a6:34:fd:94:79:07:13:48:0b:16:
17:fa:a9:d9:57:ed:6c:8d:10:fb:b4:6f:29:ee:94:
cf:c7:38:43:61:b2:7e:0e:08:67:61:fa:53:c5:0d:
5f:53:c5:63:f8:d0:ab:52:45:0c:33:de:61:e0:a1:
d5:09:be:7d:b2:64:76:b5:49:f1:20:2b:ea:a8:ef:
4d:5d:62:86:f8:74:7e:f1:bb:5a:e2:d5:91:0f:3b:
78:c0:01:d6:4f:e2:05:06:59:6c:fb:5e:29:cb:6f:
34:dd:78:5d:50:eb:69:c0:7c:1a:9b:20:33:ed:f0:
a9:9c:e3:d6:29:8a:02:ed:90:31:ab:94:0a:be:c8:
28:f7:e4:7e:60:fe:7c:be:49:86:9a:0c:42:06:ae:
58:81:9d:96:68:e8:dc:90:d5:3b:5e:91:bd:80:58:
ee:44:ab:24:b1:c9:ef:76:4e:30:8f:18:4e:98:85:
f4:5d:bd:aa:91:e3:4d:39:b1:b0:1c:2b:25:6d:f8:
aa:9b:a8:9e:be:51:f9:76:69:67:73:a9:82:88:65:
da:12:f5:b1:39:4b:33:38:04:3c:aa:f6:f0:6f:6c:
50:16:3f:c2:cd:6b:93:bd:36:ea:58:07:63:79:34:
7d:41:1c:4c:1b:a9:73:8b:d8:cd:e2:9d:a9:1c:b1:
79:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:EC:4D:53:A3:0E:FE:63:3F:DF:5C:E2:75:94:44:2E:AD:68:93:EE
X509v3 Authority Key Identifier:
keyid:00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/yuxNU6MO_mM_31zidZRELq1ok-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/AF_5zInGaoo6XXNKDWXGH9yFGL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.15.64.0/21
79.140.32.0/20
80.244.240.0/20
83.151.16.0/20
IPv6:
2001:4d88::/32
Signature Algorithm: sha256WithRSAEncryption
4d:1f:d3:73:c2:44:6a:63:16:e4:32:ce:3b:14:fa:33:76:a8:
74:56:29:8f:32:da:00:0e:80:2a:3a:d1:d3:fb:31:c0:28:52:
9c:2e:c5:b5:3e:2a:aa:4e:8b:9c:55:40:f1:bf:af:38:93:db:
9f:47:cb:22:b1:50:ca:f6:0f:79:7d:6d:8e:c0:d9:99:4b:4f:
9a:b6:b7:65:57:60:1d:8d:b4:48:78:1e:5a:1e:8c:75:e7:4c:
48:8b:4f:2b:48:07:4e:2e:0b:d9:aa:1e:c9:5e:ee:d0:8c:89:
6a:be:22:d9:29:e9:32:d1:c6:de:fa:2b:f7:2f:28:cf:01:f9:
03:b8:f4:0c:91:64:f9:99:7f:4e:f0:78:f5:2d:a6:75:61:c9:
9a:a0:19:4f:c7:62:7a:65:c1:76:af:d6:42:ea:9c:e0:1d:f2:
66:d3:d5:5b:d6:7b:37:53:c7:48:65:52:76:d7:c6:63:01:8d:
36:ec:ef:19:9d:31:17:2f:f9:ae:fe:1e:0c:98:fc:19:5a:fa:
4a:78:b8:11:6a:6c:08:18:ea:dc:50:2f:ed:a8:09:ec:08:1f:
0f:8a:06:af:81:32:20:45:d5:02:cc:44:08:bd:a7:0b:fd:66:
e4:db:1c:12:58:d9:11:67:6d:c2:c5:37:f9:57:8b:9b:18:12:
be:5d:83:85
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY0hSCHQjQASX3hIfycQgTR6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNWZmOWNjODljNjZhOGEzYTVkNzM0YTBkNjVjNjFmZGM4
NTE4YmUwHhcNMjQwMTE5MTAzMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWVjNGQ1M2EzMGVmZTYzM2ZkZjVjZTI3NTk0NDQyZWFkNjg5M2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7AhDKY0/ZR5BxNICxYX+qnZV+1s
jRD7tG8p7pTPxzhDYbJ+DghnYfpTxQ1fU8Vj+NCrUkUMM95h4KHVCb59smR2tUnx
ICvqqO9NXWKG+HR+8bta4tWRDzt4wAHWT+IFBlls+14py2803XhdUOtpwHwamyAz
7fCpnOPWKYoC7ZAxq5QKvsgo9+R+YP58vkmGmgxCBq5YgZ2WaOjckNU7XpG9gFju
RKskscnvdk4wjxhOmIX0Xb2qkeNNObGwHCslbfiqm6ievlH5dmlnc6mCiGXaEvWx
OUszOAQ8qvbwb2xQFj/CzWuTvTbqWAdjeTR9QRxMG6lzi9jN4p2pHLF5WwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMrsTVOjDv5jP99c4nWURC6taJPuMB8GA1UdIwQY
MBaAFABf+cyJxmqKOl1zSg1lxh/chRi+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUZfNXpJbkdhb282WFhOS0RXWEdIOXlGR0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9kNTNjNzgtMGQ1Yi00MjM3LTk5OTkt
MGUyZDY5N2IyN2UzLzEveXV4TlU2TU9fbU1fMzF6aWRaUkVMcTFvay00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9kNTNjNzgtMGQ1Yi00MjM3LTk5OTktMGUyZDY5N2IyN2Uz
LzEvQUZfNXpJbkdhb282WFhOS0RXWEdIOXlGR0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDHw9AAwQE
T4wgAwQEUPTwAwQEU5cQMA0EAgACMAcDBQAgAU2IMA0GCSqGSIb3DQEBCwUAA4IB
AQBNH9NzwkRqYxbkMs47FPozdqh0VimPMtoADoAqOtHT+zHAKFKcLsW1PiqqTouc
VUDxv684k9ufR8sisVDK9g95fW2OwNmZS0+atrdlV2AdjbRIeB5aHox150xIi08r
SAdOLgvZqh7JXu7QjIlqviLZKeky0cbe+iv3LyjPAfkDuPQMkWT5mX9O8Hj1LaZ1
YcmaoBlPx2J6ZcF2r9ZC6pzgHfJm09Vb1ns3U8dIZVJ218ZjAY027O8ZnTEXL/mu
/h4MmPwZWvpKeLgRamwIGOrcUC/tqAnsCB8PigavgTIgRdUCzEQIvacL/Wbk2xwS
WNkRZ23CxTf5V4ubGBK+XYOF
-----END CERTIFICATE-----
Generated at Sun May 12 21:35:59 2024 by rpki-client on console-ams.rpki-client.org