Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/yg_HS_s2OCjXK0jReopP7pxbzEU.roa
File: yg_HS_s2OCjXK0jReopP7pxbzEU.roa (raw, json)
Hash identifier: /cc/484KOb4Fggnc+ZXZkdfaz6dhvpdG37mEdlHjj9I=
Subject key identifier: CA:0F:C7:4B:FB:36:38:28:D7:2B:48:D1:7A:8A:4F:EE:9C:5B:CC:45
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 0196680F3AD43F2BADAB9AF31981A113683E
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/yg_HS_s2OCjXK0jReopP7pxbzEU.roa
Signing time: Thu 24 Apr 2025 13:49:10 +0000
ROA not before: Thu 24 Apr 2025 13:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57844
IP address blocks: 45.83.180.0/24 maxlen: 24
45.83.181.0/24 maxlen: 24
45.83.182.0/24 maxlen: 24
45.83.183.0/24 maxlen: 24
139.28.72.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 13:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:68:0f:3a:d4:3f:2b:ad:ab:9a:f3:19:81:a1:13:68:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Apr 24 13:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca0fc74bfb363828d72b48d17a8a4fee9c5bcc45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:90:61:00:fd:e0:2e:3d:1d:b0:5b:8e:26:7f:
bb:27:2a:fa:0e:c2:91:26:f9:a3:fe:2b:c2:bd:19:
57:f8:29:40:43:1c:90:af:24:31:50:7f:7e:f3:b2:
77:34:18:3a:a7:7d:b0:5b:71:3f:bb:cb:c1:96:0e:
d8:88:db:0d:77:f4:4f:49:a8:d5:75:b8:90:42:54:
fd:25:31:44:3a:2e:5a:25:ad:d3:21:b4:f0:33:c8:
d2:36:e4:ad:e6:3f:15:94:21:26:17:f0:47:ba:31:
c2:75:22:ef:ad:f4:1f:0f:2e:9a:aa:09:29:67:f5:
f1:8d:df:66:b3:f8:19:4a:98:ab:53:61:f7:cd:5a:
ab:12:fd:31:79:df:4c:75:0a:e5:98:b5:9c:a8:5a:
fb:7e:80:10:5c:41:eb:01:68:e3:35:d7:3c:3e:6d:
de:43:14:6f:1e:1e:bf:1e:3e:1c:f6:f2:8e:ed:59:
b8:f9:e6:15:f4:d7:96:eb:0c:3c:00:25:d8:be:32:
3b:c8:df:45:4d:a8:04:5e:6c:d8:f3:0c:ed:3a:3d:
ef:fe:c3:f0:28:f1:31:8e:22:cc:45:d6:9b:e2:19:
a4:16:a0:b8:0e:69:16:09:0d:4a:77:ce:78:63:0c:
1e:2a:a7:89:36:0d:fe:69:94:ba:83:61:06:ec:b2:
18:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:0F:C7:4B:FB:36:38:28:D7:2B:48:D1:7A:8A:4F:EE:9C:5B:CC:45
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/yg_HS_s2OCjXK0jReopP7pxbzEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.180.0/22
139.28.72.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:cc:c2:98:ad:40:58:b6:51:e9:af:ca:af:63:3a:d4:f4:cf:
4e:b2:76:4f:23:0f:66:58:c7:7b:da:2e:29:3c:29:af:66:6b:
aa:cb:a1:cf:99:95:10:18:48:ab:15:ba:30:57:23:74:65:dd:
c1:39:20:99:02:90:56:91:09:ce:f9:70:1a:6b:e5:47:e1:4f:
e8:7c:6e:21:80:b2:bd:7b:4f:f4:69:97:86:25:e9:fa:9a:56:
9c:c9:bc:fa:6c:28:be:6f:03:35:94:16:bf:5e:ed:50:63:c1:
1e:28:d8:55:a8:1e:3f:12:83:6d:dd:fd:b9:c2:0e:7c:08:48:
61:0c:ac:38:37:6c:3a:e5:46:a8:ca:d0:4d:f6:f3:13:88:01:
88:e3:2e:af:4f:75:94:bc:c6:41:9f:73:e9:6d:e9:6d:d7:0d:
92:82:46:97:99:e0:05:0a:13:f0:32:8c:61:76:b3:10:55:f7:
0b:27:65:07:f3:2d:16:50:3b:6a:83:af:65:0b:af:55:e9:f9:
f6:c6:57:a2:d0:74:bb:4e:b3:3a:16:cb:09:43:03:5c:e5:e0:
f5:0f:0c:b6:9f:ab:12:63:2e:a3:8b:62:43:8f:8e:d9:bf:a9:
20:a0:fd:10:a8:ef:22:97:e4:1c:99:99:66:b0:8f:ec:42:82:
5f:86:c6:88
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZZoDzrUPyutq5rzGYGhE2g+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjUwNDI0MTM0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTBmYzc0YmZiMzYzODI4ZDcyYjQ4ZDE3YThhNGZlZTljNWJjYzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpBhAP3gLj0dsFuOJn+7Jyr6DsKR
Jvmj/ivCvRlX+ClAQxyQryQxUH9+87J3NBg6p32wW3E/u8vBlg7YiNsNd/RPSajV
dbiQQlT9JTFEOi5aJa3TIbTwM8jSNuSt5j8VlCEmF/BHujHCdSLvrfQfDy6aqgkp
Z/Xxjd9ms/gZSpirU2H3zVqrEv0xed9MdQrlmLWcqFr7foAQXEHrAWjjNdc8Pm3e
QxRvHh6/Hj4c9vKO7Vm4+eYV9NeW6ww8ACXYvjI7yN9FTagEXmzY8wztOj3v/sPw
KPExjiLMRdab4hmkFqC4DmkWCQ1Kd854YwweKqeJNg3+aZS6g2EG7LIYtwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMoPx0v7Njgo1ytI0XqKT+6cW8xFMB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEveWdfSFNfczJPQ2pYSzBqUmVvcFA3cHhiekVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVO0AwQC
ixxIMA0GCSqGSIb3DQEBCwUAA4IBAQAKzMKYrUBYtlHpr8qvYzrU9M9OsnZPIw9m
WMd72i4pPCmvZmuqy6HPmZUQGEirFbowVyN0Zd3BOSCZApBWkQnO+XAaa+VH4U/o
fG4hgLK9e0/0aZeGJen6mlacybz6bCi+bwM1lBa/Xu1QY8EeKNhVqB4/EoNt3f25
wg58CEhhDKw4N2w65UaoytBN9vMTiAGI4y6vT3WUvMZBn3Ppbelt1w2SgkaXmeAF
ChPwMoxhdrMQVfcLJ2UH8y0WUDtqg69lC69V6fn2xlei0HS7TrM6FssJQwNc5eD1
Dwy2n6sSYy6ji2JDj47Zv6kgoP0QqO8il+QcmZlmsI/sQoJfhsaI
-----END CERTIFICATE-----
Generated at Sun Apr 27 19:40:51 2025 by rpki-client