Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/066509-7a91-45f9-9e18-a9e7b343bc66/1/YDDlL0-6wGFw3IMtaek7e0yuBOg.roa
File: YDDlL0-6wGFw3IMtaek7e0yuBOg.roa (raw, json)
Hash identifier: v8qOlBg4tm0yqwfFH+uf5cWzdDcHssS3WXjKhrtdenY=
Subject key identifier: 60:30:E5:2F:4F:BA:C0:61:70:DC:83:2D:69:E9:3B:7B:4C:AE:04:E8
Certificate issuer: /CN=a585e5e15aa34287cae4368cb58e7227fd87ecba
Certificate serial: 018CC492B60B535AFE877085DA7A474E23CC
Authority key identifier: A5:85:E5:E1:5A:A3:42:87:CA:E4:36:8C:B5:8E:72:27:FD:87:EC:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pYXl4VqjQofK5DaMtY5yJ_2H7Lo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/066509-7a91-45f9-9e18-a9e7b343bc66/1/YDDlL0-6wGFw3IMtaek7e0yuBOg.roa
Signing time: Mon 01 Jan 2024 10:29:58 +0000
ROA not before: Mon 01 Jan 2024 10:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41966
IP address blocks: 194.153.119.0/24 maxlen: 24
109.206.192.0/19 maxlen: 19
185.20.172.0/22 maxlen: 22
194.11.24.0/24 maxlen: 24
2a00:54c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/066509-7a91-45f9-9e18-a9e7b343bc66/1/pYXl4VqjQofK5DaMtY5yJ_2H7Lo.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/066509-7a91-45f9-9e18-a9e7b343bc66/1/pYXl4VqjQofK5DaMtY5yJ_2H7Lo.mft
rsync://rpki.ripe.net/repository/DEFAULT/pYXl4VqjQofK5DaMtY5yJ_2H7Lo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:b6:0b:53:5a:fe:87:70:85:da:7a:47:4e:23:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a585e5e15aa34287cae4368cb58e7227fd87ecba
Validity
Not Before: Jan 1 10:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6030e52f4fbac06170dc832d69e93b7b4cae04e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:62:67:8e:1c:35:9a:ac:4c:82:ca:72:3a:71:
d4:4b:07:b1:80:16:b5:52:3e:2d:5f:e2:2b:6f:04:
72:8c:e8:ae:16:0a:18:61:52:ec:51:10:f7:f0:e5:
a3:73:3f:42:13:d8:be:a9:0f:22:5e:c3:a3:f3:ca:
9a:3c:9a:f5:b1:8c:65:de:ae:17:de:60:ef:2f:5e:
3e:d8:1d:05:17:05:51:57:f2:00:24:fd:d5:ee:19:
04:22:0a:54:c6:e4:14:45:db:f0:d2:9b:0e:b8:fc:
de:3b:74:4a:29:d4:85:9c:db:c3:a2:d5:42:cf:78:
50:ac:f9:62:f2:d5:f0:1c:af:7e:e1:5a:58:dc:33:
84:b7:18:a0:2e:70:e8:cf:ae:67:f4:4b:49:a7:33:
cf:4c:17:46:0d:37:0b:70:21:88:88:9b:ff:0f:a2:
fe:f7:30:16:4b:18:9d:42:76:e5:77:3a:54:4d:64:
b5:93:4c:c5:f3:5e:20:72:e0:0a:8d:48:03:f2:72:
bb:7f:fa:c7:77:72:63:fa:1d:69:04:1f:b7:12:f0:
28:7e:7f:81:09:b9:db:fa:93:15:04:14:13:d8:f4:
70:af:14:3a:0a:7c:92:4b:39:e2:ee:f4:16:99:cd:
a3:ef:0b:83:d9:d1:51:ba:95:94:73:17:aa:6f:6e:
b7:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:30:E5:2F:4F:BA:C0:61:70:DC:83:2D:69:E9:3B:7B:4C:AE:04:E8
X509v3 Authority Key Identifier:
keyid:A5:85:E5:E1:5A:A3:42:87:CA:E4:36:8C:B5:8E:72:27:FD:87:EC:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pYXl4VqjQofK5DaMtY5yJ_2H7Lo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/066509-7a91-45f9-9e18-a9e7b343bc66/1/YDDlL0-6wGFw3IMtaek7e0yuBOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/066509-7a91-45f9-9e18-a9e7b343bc66/1/pYXl4VqjQofK5DaMtY5yJ_2H7Lo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.206.192.0/19
185.20.172.0/22
194.11.24.0/24
194.153.119.0/24
IPv6:
2a00:54c0::/32
Signature Algorithm: sha256WithRSAEncryption
17:64:d5:03:d0:a4:a4:07:d7:79:0c:ea:f9:a0:8c:35:ca:61:
92:c5:3f:f0:50:b7:df:68:f0:0b:3a:c9:ef:47:9e:81:88:47:
4c:e1:21:1d:60:f1:0e:21:66:42:27:a7:eb:5a:4e:48:cb:77:
75:a1:04:5f:c2:d3:59:72:1b:a0:96:63:67:2d:9f:ea:0f:60:
ad:d9:28:f8:2b:95:f8:22:69:11:08:43:f4:59:0c:64:aa:6a:
79:7c:3f:65:c9:e4:fb:9a:9c:8f:46:c4:c8:55:71:8c:15:f7:
cf:60:dd:13:28:83:51:b4:e8:cc:46:12:bf:d0:8f:b0:74:45:
19:d8:88:55:f3:0b:10:14:ca:e8:83:0a:f6:34:08:d1:03:f3:
1c:79:18:ff:bc:e8:96:62:d7:64:9f:3a:fd:8d:0a:71:05:1d:
d4:9e:8f:28:77:1c:51:3c:bc:24:21:99:b3:5a:c9:3c:d8:f4:
f7:d4:40:b8:be:d1:fe:50:5c:ff:a9:fb:d8:94:ca:10:21:02:
f4:c4:17:6a:74:61:63:a3:8a:df:e7:c5:0b:da:1d:4e:4a:4b:
71:2a:30:1f:cf:a5:55:3c:bb:d6:77:31:4b:b8:01:85:fe:c0:
b5:d9:05:e9:d6:4f:80:34:57:3f:b8:3c:32:f3:81:5d:99:e1:
be:0c:06:16
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzEkrYLU1r+h3CF2npHTiPMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1ODVlNWUxNWFhMzQyODdjYWU0MzY4Y2I1OGU3MjI3ZmQ4
N2VjYmEwHhcNMjQwMTAxMTAyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDMwZTUyZjRmYmFjMDYxNzBkYzgzMmQ2OWU5M2I3YjRjYWUwNGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWJnjhw1mqxMgspyOnHUSwexgBa1
Uj4tX+IrbwRyjOiuFgoYYVLsURD38OWjcz9CE9i+qQ8iXsOj88qaPJr1sYxl3q4X
3mDvL14+2B0FFwVRV/IAJP3V7hkEIgpUxuQURdvw0psOuPzeO3RKKdSFnNvDotVC
z3hQrPli8tXwHK9+4VpY3DOEtxigLnDoz65n9EtJpzPPTBdGDTcLcCGIiJv/D6L+
9zAWSxidQnbldzpUTWS1k0zF814gcuAKjUgD8nK7f/rHd3Jj+h1pBB+3EvAofn+B
Cbnb+pMVBBQT2PRwrxQ6CnySSzni7vQWmc2j7wuD2dFRupWUcxeqb263oQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGAw5S9PusBhcNyDLWnpO3tMrgToMB8GA1UdIwQY
MBaAFKWF5eFao0KHyuQ2jLWOcif9h+y6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFlYbDRWcWpRb2ZLNURhTXRZNXlKXzJIN0xvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy8wNjY1MDktN2E5MS00NWY5LTllMTgt
YTllN2IzNDNiYzY2LzEvWUREbEwwLTZ3R0Z3M0lNdGFlazdlMHl1Qk9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy8wNjY1MDktN2E5MS00NWY5LTllMTgtYTllN2IzNDNiYzY2
LzEvcFlYbDRWcWpRb2ZLNURhTXRZNXlKXzJIN0xvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFbc7AAwQC
uRSsAwQAwgsYAwQAwpl3MA0EAgACMAcDBQAqAFTAMA0GCSqGSIb3DQEBCwUAA4IB
AQAXZNUD0KSkB9d5DOr5oIw1ymGSxT/wULffaPALOsnvR56BiEdM4SEdYPEOIWZC
J6frWk5Iy3d1oQRfwtNZchuglmNnLZ/qD2Ct2Sj4K5X4ImkRCEP0WQxkqmp5fD9l
yeT7mpyPRsTIVXGMFffPYN0TKINRtOjMRhK/0I+wdEUZ2IhV8wsQFMrogwr2NAjR
A/MceRj/vOiWYtdknzr9jQpxBR3Uno8odxxRPLwkIZmzWsk82PT31EC4vtH+UFz/
qfvYlMoQIQL0xBdqdGFjo4rf58UL2h1OSktxKjAfz6VVPLvWdzFLuAGF/sC12QXp
1k+ANFc/uDwy84FdmeG+DAYW
-----END CERTIFICATE-----
Generated at Sat Jun 8 06:08:36 2024 by rpki-client on console-fra.rpki-client.org