Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/yV-5d2bEsy2B4rMXoK3Ys4VN4Tc.roa
File: yV-5d2bEsy2B4rMXoK3Ys4VN4Tc.roa (raw, json)
Hash identifier: gpS9evnYLKVSFDh5v3DMR7makkyyxrSxS25Bu0CqIAQ=
Subject key identifier: C9:5F:B9:77:66:C4:B3:2D:81:E2:B3:17:A0:AD:D8:B3:85:4D:E1:37
Certificate issuer: /CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Certificate serial: 018CC726621DD544167D763EF44B59F1F20E
Authority key identifier: FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/yV-5d2bEsy2B4rMXoK3Ys4VN4Tc.roa
Signing time: Mon 01 Jan 2024 22:30:30 +0000
ROA not before: Mon 01 Jan 2024 22:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205771
IP address blocks: 89.21.65.0/24 maxlen: 24
128.127.149.0/24 maxlen: 24
128.127.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 07:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:62:1d:d5:44:16:7d:76:3e:f4:4b:59:f1:f2:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Validity
Not Before: Jan 1 22:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c95fb97766c4b32d81e2b317a0add8b3854de137
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f8:ac:f4:ab:3c:67:60:b4:92:c8:a4:cd:63:
8a:0c:4f:9e:47:26:db:d6:b8:34:54:22:09:3e:de:
69:2d:73:2f:d4:3b:24:11:f9:7f:90:c9:fb:fc:e7:
ec:4b:52:35:c7:9e:e8:a0:9c:44:79:d7:d8:c9:73:
96:ba:32:9c:8f:9f:7a:84:77:91:69:af:59:6d:2c:
46:48:4d:ff:5e:61:71:ca:dd:6e:84:3c:81:78:9b:
96:42:d6:0a:eb:b9:c1:4a:eb:66:63:5b:4d:94:79:
0f:d1:f0:04:1a:47:c5:e4:f5:35:6d:a0:69:38:ed:
0f:dc:62:97:33:f1:c2:7f:69:57:ef:4d:1d:84:81:
20:01:b8:f0:dc:23:a1:b1:9c:c5:30:43:ae:9c:78:
d3:12:f9:a4:87:65:48:b3:88:e8:0c:f3:7a:a8:ab:
5b:55:7b:40:25:62:9a:8a:bf:b9:25:44:15:7d:6f:
9a:9c:e1:5d:67:20:bd:fc:2d:7d:41:5a:98:f7:07:
70:02:f8:f6:77:5e:f8:75:34:c8:2e:7a:e2:11:fc:
7c:70:18:cd:d2:d9:25:ab:e6:09:89:aa:e9:84:21:
a9:2c:6e:45:eb:da:c8:d0:b9:5f:ce:91:40:51:79:
97:d7:80:2e:45:08:5d:c2:45:0a:5d:6e:bb:da:f9:
08:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:5F:B9:77:66:C4:B3:2D:81:E2:B3:17:A0:AD:D8:B3:85:4D:E1:37
X509v3 Authority Key Identifier:
keyid:FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/yV-5d2bEsy2B4rMXoK3Ys4VN4Tc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.21.65.0/24
128.127.149.0-128.127.150.255
Signature Algorithm: sha256WithRSAEncryption
48:55:4f:47:8d:53:b8:9e:1c:85:58:33:7f:90:88:44:7b:d1:
6f:b7:3f:75:56:2e:51:90:3e:c6:73:46:b5:c7:0e:4c:f0:da:
81:de:34:58:90:b3:69:fd:42:37:5a:d1:c6:77:ad:39:19:cb:
95:22:15:64:ad:87:68:1d:80:dd:3b:d4:46:2a:72:04:73:06:
d5:1e:bf:8c:e4:d3:70:f1:f3:3a:f9:7b:aa:fb:aa:d4:48:6c:
c7:60:63:7f:e3:ea:7d:1f:bd:ce:a2:87:a4:3f:1f:c1:55:1a:
76:e5:f4:a8:50:38:d4:8f:33:9c:bb:61:f8:bc:65:b5:6b:c0:
e8:cf:1f:06:c0:39:2b:34:98:cf:77:21:eb:10:e0:db:d3:ad:
c7:91:f2:1e:19:56:31:e1:33:19:b6:55:d1:62:d1:a3:26:00:
44:28:c5:c2:db:71:88:66:dc:5b:5e:22:fa:97:74:12:4c:27:
e9:40:f2:16:ab:47:b8:0f:95:12:18:b7:9b:21:5a:2b:98:9c:
49:ba:b2:bb:c8:90:f5:5c:c2:e1:dc:05:ab:b6:3f:39:05:b9:
91:66:b7:79:93:41:e3:d0:11:f5:4e:8d:47:f1:d9:c3:cd:45:
c4:ad:85:be:96:33:f5:03:4d:41:b3:e6:77:14:3b:9a:a5:6e:
8e:54:2a:04
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzHJmId1UQWfXY+9EtZ8fIOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMzdjYzhmMTZiM2M2Y2JkMzM0NmFhM2VkNjE3NzFmM2U4
M2FjOTcwHhcNMjQwMTAxMjIzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTVmYjk3NzY2YzRiMzJkODFlMmIzMTdhMGFkZDhiMzg1NGRlMTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfis9Ks8Z2C0ksikzWOKDE+eRybb
1rg0VCIJPt5pLXMv1DskEfl/kMn7/OfsS1I1x57ooJxEedfYyXOWujKcj596hHeR
aa9ZbSxGSE3/XmFxyt1uhDyBeJuWQtYK67nBSutmY1tNlHkP0fAEGkfF5PU1baBp
OO0P3GKXM/HCf2lX700dhIEgAbjw3COhsZzFMEOunHjTEvmkh2VIs4joDPN6qKtb
VXtAJWKair+5JUQVfW+anOFdZyC9/C19QVqY9wdwAvj2d174dTTILnriEfx8cBjN
0tklq+YJiarphCGpLG5F69rI0LlfzpFAUXmX14AuRQhdwkUKXW672vkI5QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMlfuXdmxLMtgeKzF6Ct2LOFTeE3MB8GA1UdIwQY
MBaAFP03zI8Ws8bL0zRqo+1hdx8+g6yXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMt
N2UwNWFiNDFiNmU0LzEveVYtNWQyYkVzeTJCNHJNWG9LM1lzNFZONFRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMtN2UwNWFiNDFiNmU0
LzEvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAWRVBMAwD
BACAf5UDBACAf5YwDQYJKoZIhvcNAQELBQADggEBAEhVT0eNU7ieHIVYM3+QiER7
0W+3P3VWLlGQPsZzRrXHDkzw2oHeNFiQs2n9Qjda0cZ3rTkZy5UiFWSth2gdgN07
1EYqcgRzBtUev4zk03Dx8zr5e6r7qtRIbMdgY3/j6n0fvc6ih6Q/H8FVGnbl9KhQ
ONSPM5y7Yfi8ZbVrwOjPHwbAOSs0mM93IesQ4NvTrceR8h4ZVjHhMxm2VdFi0aMm
AEQoxcLbcYhm3FteIvqXdBJMJ+lA8harR7gPlRIYt5shWiuYnEm6srvIkPVcwuHc
Bau2PzkFuZFmt3mTQePQEfVOjUfx2cPNRcSthb6WM/UDTUGz5ncUO5qlbo5UKgQ=
-----END CERTIFICATE-----
Generated at Sat Jun 8 11:33:03 2024 by rpki-client on console-ams.rpki-client.org