Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/4e2150-669d-4554-b779-2bb8861a3e4d/1/ys4zbZ-mf_kD8f1F4VvYTCv0698.roa
File: ys4zbZ-mf_kD8f1F4VvYTCv0698.roa (raw, json)
Hash identifier: BzT+OjuQEV/ygi17fkGDSppj9MmGDdxEJN9Q4ag8RuE=
Subject key identifier: CA:CE:33:6D:9F:A6:7F:F9:03:F1:FD:45:E1:5B:D8:4C:2B:F4:EB:DF
Certificate issuer: /CN=cb55656c69d553da92b783850e15b1704e876d93
Certificate serial: 018CC9BB9FA2A495A5EBA84A88E24E9EE420
Authority key identifier: CB:55:65:6C:69:D5:53:DA:92:B7:83:85:0E:15:B1:70:4E:87:6D:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y1VlbGnVU9qSt4OFDhWxcE6HbZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/4e2150-669d-4554-b779-2bb8861a3e4d/1/ys4zbZ-mf_kD8f1F4VvYTCv0698.roa
Signing time: Tue 02 Jan 2024 10:32:45 +0000
ROA not before: Tue 02 Jan 2024 10:32:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197303
IP address blocks: 91.220.11.0/24 maxlen: 24
94.158.18.0/24 maxlen: 24
94.158.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/4e2150-669d-4554-b779-2bb8861a3e4d/1/y1VlbGnVU9qSt4OFDhWxcE6HbZM.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/4e2150-669d-4554-b779-2bb8861a3e4d/1/y1VlbGnVU9qSt4OFDhWxcE6HbZM.mft
rsync://rpki.ripe.net/repository/DEFAULT/y1VlbGnVU9qSt4OFDhWxcE6HbZM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:9f:a2:a4:95:a5:eb:a8:4a:88:e2:4e:9e:e4:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb55656c69d553da92b783850e15b1704e876d93
Validity
Not Before: Jan 2 10:32:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cace336d9fa67ff903f1fd45e15bd84c2bf4ebdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:d2:1d:b2:4c:30:4f:16:63:42:90:ad:58:20:
d5:72:4d:c9:e6:1a:8c:5d:50:95:ae:0a:c7:e4:e2:
51:58:74:77:96:e8:06:a2:b1:ac:83:21:81:bf:3b:
16:8d:30:0c:16:3c:81:f6:b3:bd:07:9d:48:c2:c3:
4a:9d:bc:c6:41:0c:6d:56:de:6d:88:d9:73:52:25:
d3:0f:83:67:4f:e5:88:d6:3a:11:6c:43:6e:a5:11:
66:4e:e1:92:63:51:43:37:2c:31:b0:b0:37:72:6c:
45:36:43:d7:aa:86:ce:d2:b9:47:3b:84:29:71:77:
fa:70:cd:de:2e:53:f0:03:3b:3a:f9:5d:07:11:4b:
3a:3e:56:e6:50:af:7f:78:fa:6b:1b:1c:d5:98:6b:
db:6e:d3:aa:16:28:29:72:52:d8:b3:97:5a:d9:33:
97:f3:ee:f4:2b:a2:c8:67:2c:a7:65:9f:62:f6:be:
3e:09:d4:7e:bc:06:c4:11:5b:f8:08:b9:ea:b5:59:
02:1f:62:9a:c8:6d:04:20:50:ee:a5:0b:ac:41:30:
c1:7f:1e:1b:e9:8a:8d:60:c1:ce:aa:a8:43:2d:52:
ed:29:60:c0:0d:5f:7a:a2:c5:e7:9d:f4:50:38:5e:
7b:6c:32:b1:99:3e:8e:b3:4f:25:be:c0:3c:6e:11:
74:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:CE:33:6D:9F:A6:7F:F9:03:F1:FD:45:E1:5B:D8:4C:2B:F4:EB:DF
X509v3 Authority Key Identifier:
keyid:CB:55:65:6C:69:D5:53:DA:92:B7:83:85:0E:15:B1:70:4E:87:6D:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y1VlbGnVU9qSt4OFDhWxcE6HbZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/4e2150-669d-4554-b779-2bb8861a3e4d/1/ys4zbZ-mf_kD8f1F4VvYTCv0698.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/4e2150-669d-4554-b779-2bb8861a3e4d/1/y1VlbGnVU9qSt4OFDhWxcE6HbZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.11.0/24
94.158.18.0/23
Signature Algorithm: sha256WithRSAEncryption
9c:e2:e3:bf:83:a3:b8:a8:cb:78:ce:3e:59:1a:03:d0:37:e0:
23:4f:24:23:cd:15:df:cc:14:83:8f:24:8d:6e:4b:b4:89:ee:
60:a7:ea:b9:30:61:b8:8c:fb:8b:b0:ec:2b:17:ee:45:89:b1:
33:26:bc:93:98:6d:5c:d1:90:a3:e1:4f:5a:bd:76:ff:f1:c0:
04:ce:f6:66:fb:74:11:7d:18:02:83:dd:36:b0:58:e8:cc:21:
73:f5:98:0e:e7:17:f5:fa:c6:2c:6a:4b:d1:51:78:d7:94:f4:
f0:d0:79:ee:24:ba:85:cb:78:31:67:32:18:a9:93:23:c1:8f:
86:3a:50:dc:4c:a8:12:5e:f4:9b:77:d4:bb:6b:d3:6b:6b:1b:
d4:53:73:37:25:d3:10:11:cf:6b:0e:b0:1d:39:07:da:e6:6a:
77:63:ce:02:9e:8e:2f:4a:a8:73:01:25:a1:7c:95:42:60:ab:
88:a0:8a:03:68:aa:29:2e:1e:05:96:0e:82:74:ba:94:f1:49:
88:8c:de:68:d0:17:05:21:47:e9:17:48:d5:9e:3e:f6:85:b0:
e0:84:1c:e1:36:a3:b4:84:bb:6e:26:cc:04:2b:3e:b4:12:af:
8e:71:2c:94:07:0f:f6:c3:e6:15:b4:06:e5:ca:ef:0e:36:9b:
ca:79:a9:9b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJu5+ipJWl66hKiOJOnuQgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNTU2NTZjNjlkNTUzZGE5MmI3ODM4NTBlMTViMTcwNGU4
NzZkOTMwHhcNMjQwMTAyMTAzMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWNlMzM2ZDlmYTY3ZmY5MDNmMWZkNDVlMTViZDg0YzJiZjRlYmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2tIdskwwTxZjQpCtWCDVck3J5hqM
XVCVrgrH5OJRWHR3lugGorGsgyGBvzsWjTAMFjyB9rO9B51IwsNKnbzGQQxtVt5t
iNlzUiXTD4NnT+WI1joRbENupRFmTuGSY1FDNywxsLA3cmxFNkPXqobO0rlHO4Qp
cXf6cM3eLlPwAzs6+V0HEUs6PlbmUK9/ePprGxzVmGvbbtOqFigpclLYs5da2TOX
8+70K6LIZyynZZ9i9r4+CdR+vAbEEVv4CLnqtVkCH2KayG0EIFDupQusQTDBfx4b
6YqNYMHOqqhDLVLtKWDADV96osXnnfRQOF57bDKxmT6Os08lvsA8bhF0awIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMrOM22fpn/5A/H9ReFb2Ewr9OvfMB8GA1UdIwQY
MBaAFMtVZWxp1VPakreDhQ4VsXBOh22TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTFWbGJHblZVOXFTdDRPRkRoV3hjRTZIYlpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy80ZTIxNTAtNjY5ZC00NTU0LWI3Nzkt
MmJiODg2MWEzZTRkLzEveXM0emJaLW1mX2tEOGYxRjRWdllUQ3YwNjk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy80ZTIxNTAtNjY5ZC00NTU0LWI3NzktMmJiODg2MWEzZTRk
LzEveTFWbGJHblZVOXFTdDRPRkRoV3hjRTZIYlpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9wLAwQB
Xp4SMA0GCSqGSIb3DQEBCwUAA4IBAQCc4uO/g6O4qMt4zj5ZGgPQN+AjTyQjzRXf
zBSDjySNbku0ie5gp+q5MGG4jPuLsOwrF+5FibEzJryTmG1c0ZCj4U9avXb/8cAE
zvZm+3QRfRgCg902sFjozCFz9ZgO5xf1+sYsakvRUXjXlPTw0HnuJLqFy3gxZzIY
qZMjwY+GOlDcTKgSXvSbd9S7a9NraxvUU3M3JdMQEc9rDrAdOQfa5mp3Y84Cno4v
SqhzASWhfJVCYKuIoIoDaKopLh4Flg6CdLqU8UmIjN5o0BcFIUfpF0jVnj72hbDg
hBzhNqO0hLtuJswEKz60Eq+OcSyUBw/2w+YVtAblyu8ONpvKeamb
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:01:42 2024 by rpki-client on console-ams.rpki-client.org