Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/212a76-7934-4cc1-82c4-f5618477f8d4/1/1-YSp67ZCOQ-hh3giySmCX4be40Y.roa
File: 1-YSp67ZCOQ-hh3giySmCX4be40Y.roa (raw, json)
Hash identifier: qO8DR5x0JtqjRTd2Y8Y5aryGN/EoaW0HymsTqPbvt7U=
Subject key identifier: F9:84:A9:EB:B6:42:39:0F:A1:87:78:22:C9:29:82:5F:86:DE:E3:46
Certificate issuer: /CN=705de152906664ae7ac9f2087ac4d00685a5d7f0
Certificate serial: 018CC9BC59B3A2319DD58B6BAF68E83115DC
Authority key identifier: 70:5D:E1:52:90:66:64:AE:7A:C9:F2:08:7A:C4:D0:06:85:A5:D7:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cF3hUpBmZK56yfIIesTQBoWl1_A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/212a76-7934-4cc1-82c4-f5618477f8d4/1/1-YSp67ZCOQ-hh3giySmCX4be40Y.roa
Signing time: Tue 02 Jan 2024 10:33:33 +0000
ROA not before: Tue 02 Jan 2024 10:33:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50358
IP address blocks: 195.191.50.0/23 maxlen: 24
91.241.88.0/22 maxlen: 24
2001:67c:26a0::/48 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/212a76-7934-4cc1-82c4-f5618477f8d4/1/cF3hUpBmZK56yfIIesTQBoWl1_A.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/212a76-7934-4cc1-82c4-f5618477f8d4/1/cF3hUpBmZK56yfIIesTQBoWl1_A.mft
rsync://rpki.ripe.net/repository/DEFAULT/cF3hUpBmZK56yfIIesTQBoWl1_A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:59:b3:a2:31:9d:d5:8b:6b:af:68:e8:31:15:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=705de152906664ae7ac9f2087ac4d00685a5d7f0
Validity
Not Before: Jan 2 10:33:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f984a9ebb642390fa1877822c929825f86dee346
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:56:0b:52:39:7f:58:cc:7d:51:8e:23:7a:67:
ce:72:dc:21:66:a2:42:66:a7:df:cb:33:0e:51:bc:
7c:c5:fb:61:a7:fc:5f:dc:ab:2b:aa:c7:8e:fc:67:
d6:09:25:bb:3a:a9:bb:8d:2d:16:ca:6b:7a:40:f7:
20:3a:db:93:b0:ab:a2:82:ba:65:a7:20:97:24:19:
09:95:e3:16:c3:54:a5:1e:83:6b:72:db:3e:e9:1c:
15:7e:b0:df:a9:af:94:01:4d:86:26:e5:be:5f:6d:
a1:d4:15:ac:88:c2:55:54:ce:2c:92:63:44:82:df:
ec:31:bb:cf:b0:6e:5f:24:40:2e:30:5d:26:1a:aa:
66:5e:35:ac:94:3a:79:4a:3a:c6:41:8f:47:4b:cf:
0b:a6:87:a0:f6:d5:57:3f:c6:76:7a:e6:24:b5:3a:
00:cc:af:0e:ac:99:89:03:8f:6c:90:e1:25:ec:4b:
8d:aa:88:4a:37:5e:71:fd:91:43:3c:78:e6:92:b2:
27:5a:b3:87:fa:28:eb:7e:3c:c9:af:78:c2:e7:05:
46:46:07:95:89:18:d8:b5:00:0b:98:12:de:37:22:
91:b8:41:75:df:1a:fc:4f:c4:40:ef:ed:4f:35:4b:
a4:2f:03:a5:9c:8a:16:e0:1a:e6:0f:a2:b6:44:0e:
fa:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:84:A9:EB:B6:42:39:0F:A1:87:78:22:C9:29:82:5F:86:DE:E3:46
X509v3 Authority Key Identifier:
keyid:70:5D:E1:52:90:66:64:AE:7A:C9:F2:08:7A:C4:D0:06:85:A5:D7:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cF3hUpBmZK56yfIIesTQBoWl1_A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/212a76-7934-4cc1-82c4-f5618477f8d4/1/1-YSp67ZCOQ-hh3giySmCX4be40Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/212a76-7934-4cc1-82c4-f5618477f8d4/1/cF3hUpBmZK56yfIIesTQBoWl1_A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.241.88.0/22
195.191.50.0/23
IPv6:
2001:67c:26a0::/48
Signature Algorithm: sha256WithRSAEncryption
0a:95:e4:9d:ae:92:e9:2c:d8:28:d8:99:72:a1:d5:bb:ab:77:
83:1c:9a:be:60:d0:72:c8:1c:d6:fa:d9:a2:bd:cd:8c:72:2e:
66:0f:e4:c8:83:ac:e1:6d:10:14:e7:f6:e9:59:75:51:3c:12:
88:25:07:0b:a1:c6:c8:cf:27:f3:9a:4c:54:38:86:81:bd:6c:
ad:a6:2a:a5:85:e5:36:ce:c2:57:99:3f:a1:d4:dc:2d:15:ea:
2e:58:9e:09:51:ba:72:41:c1:06:af:84:5e:96:ba:31:9a:96:
dd:54:e9:4e:70:09:5c:2f:30:bf:5d:b5:54:52:e4:cb:6f:03:
2d:a9:47:b7:9a:b5:76:bb:69:4b:ba:99:87:e6:1d:2d:f7:9b:
67:cb:f9:24:6f:3e:4f:4c:12:b5:57:29:f0:79:2c:a5:4a:94:
6b:cb:c5:20:d8:a3:67:36:d7:d9:c1:97:fe:8a:1e:e1:79:6c:
f8:b1:cc:f3:e0:94:12:16:cf:d2:16:13:79:ac:e0:98:ab:83:
e1:ce:9d:c7:49:32:6e:4e:40:38:fa:75:29:c6:8c:bc:d6:6f:
95:89:74:bb:24:30:dd:40:e2:19:2c:7e:91:dd:2b:2c:4e:f4:
7f:79:92:95:54:98:47:ac:53:65:7e:ce:62:6e:fa:74:b8:46:
e7:7b:78:4f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzJvFmzojGd1Ytrr2joMRXcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNWRlMTUyOTA2NjY0YWU3YWM5ZjIwODdhYzRkMDA2ODVh
NWQ3ZjAwHhcNMjQwMTAyMTAzMzMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTg0YTllYmI2NDIzOTBmYTE4Nzc4MjJjOTI5ODI1Zjg2ZGVlMzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVYLUjl/WMx9UY4jemfOctwhZqJC
ZqffyzMOUbx8xfthp/xf3KsrqseO/GfWCSW7Oqm7jS0Wymt6QPcgOtuTsKuigrpl
pyCXJBkJleMWw1SlHoNrcts+6RwVfrDfqa+UAU2GJuW+X22h1BWsiMJVVM4skmNE
gt/sMbvPsG5fJEAuMF0mGqpmXjWslDp5SjrGQY9HS88Lpoeg9tVXP8Z2euYktToA
zK8OrJmJA49skOEl7EuNqohKN15x/ZFDPHjmkrInWrOH+ijrfjzJr3jC5wVGRgeV
iRjYtQALmBLeNyKRuEF13xr8T8RA7+1PNUukLwOlnIoW4BrmD6K2RA76BQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPmEqeu2QjkPoYd4Iskpgl+G3uNGMB8GA1UdIwQY
MBaAFHBd4VKQZmSuesnyCHrE0AaFpdfwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0YzaFVwQm1aSzU2eWZJSWVzVFFCb1dsMV9BLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi8yMTJhNzYtNzkzNC00Y2MxLTgyYzQt
ZjU2MTg0NzdmOGQ0LzEvMS1ZU3A2N1pDT1EtaGgzZ2l5U21DWDRiZTQwWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZmIvMjEyYTc2LTc5MzQtNGNjMS04MmM0LWY1NjE4NDc3Zjhk
NC8xL2NGM2hVcEJtWks1NnlmSUllc1RRQm9XbDFfQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA2BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEAlvxWAME
AcO/MjAPBAIAAjAJAwcAIAEGfCagMA0GCSqGSIb3DQEBCwUAA4IBAQAKleSdrpLp
LNgo2JlyodW7q3eDHJq+YNByyBzW+tmivc2Mci5mD+TIg6zhbRAU5/bpWXVRPBKI
JQcLocbIzyfzmkxUOIaBvWytpiqlheU2zsJXmT+h1NwtFeouWJ4JUbpyQcEGr4Re
lroxmpbdVOlOcAlcLzC/XbVUUuTLbwMtqUe3mrV2u2lLupmH5h0t95tny/kkbz5P
TBK1VynweSylSpRry8Ug2KNnNtfZwZf+ih7heWz4sczz4JQSFs/SFhN5rOCYq4Ph
zp3HSTJuTkA4+nUpxoy81m+ViXS7JDDdQOIZLH6R3SssTvR/eZKVVJhHrFNlfs5i
bvp0uEbne3hP
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:55:38 2024 by rpki-client on console-fra.rpki-client.org