Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/YMGBAXPMmaM-UVPjn2WwHTw99Dg.roa
File: YMGBAXPMmaM-UVPjn2WwHTw99Dg.roa (raw, json)
Hash identifier: sho3Yzk1N5vFpwylHlhAFYtjqhBGr18UkAS7r1nBk5k=
Subject key identifier: 60:C1:81:01:73:CC:99:A3:3E:51:53:E3:9F:65:B0:1D:3C:3D:F4:38
Certificate issuer: /CN=ed6da9e41686d21c12799c8e84b274aa8241508c
Certificate serial: 019598FECB1FD00B4DAF0459E084F18328BA
Authority key identifier: ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/YMGBAXPMmaM-UVPjn2WwHTw99Dg.roa
Signing time: Sat 15 Mar 2025 08:49:49 +0000
ROA not before: Sat 15 Mar 2025 08:49:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61008
IP address blocks: 46.143.240.0/20 maxlen: 20
2a05:a380::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.mft
rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 17:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:98:fe:cb:1f:d0:0b:4d:af:04:59:e0:84:f1:83:28:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed6da9e41686d21c12799c8e84b274aa8241508c
Validity
Not Before: Mar 15 08:49:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60c1810173cc99a33e5153e39f65b01d3c3df438
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:67:9d:81:46:cb:0c:c4:90:f3:22:4f:28:42:
10:78:93:a3:51:fd:ed:87:36:8d:75:31:28:5e:6e:
62:a6:ca:bd:a7:1e:46:85:37:5f:af:28:7e:7e:76:
97:fe:14:62:d6:a9:28:1a:41:1b:cb:c5:ea:b9:95:
65:97:76:ce:df:47:13:3a:9e:dd:a8:4b:71:c2:24:
7f:45:4e:f5:71:16:5b:1b:10:fc:f1:2b:12:71:c4:
ac:1f:02:8e:9c:65:7d:0e:c8:2f:f4:65:71:5f:dc:
41:0a:53:8e:74:bd:43:8c:24:c6:7e:ea:8f:29:6e:
c5:c9:2f:3a:74:7b:88:fe:bb:8f:3f:63:17:82:a7:
26:1d:1c:38:f1:73:05:78:61:75:40:eb:54:90:e8:
a8:6e:33:48:aa:8e:35:e1:64:ae:09:db:31:1c:c8:
b0:b7:50:f6:f4:d4:f2:94:57:44:44:38:58:a0:ac:
ed:45:f3:5e:98:5b:31:2a:96:54:c7:b4:ce:a8:40:
50:8d:dc:45:c9:d5:7c:f2:e2:ea:4d:bb:59:67:64:
d5:7a:ca:fb:65:cf:20:96:16:c4:e4:80:c6:07:08:
b9:1d:96:89:a2:21:ed:f4:39:bf:47:d3:3c:c2:f1:
fd:8f:62:5f:26:ed:65:92:ca:df:cc:41:7b:00:7f:
d9:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:C1:81:01:73:CC:99:A3:3E:51:53:E3:9F:65:B0:1D:3C:3D:F4:38
X509v3 Authority Key Identifier:
keyid:ED:6D:A9:E4:16:86:D2:1C:12:79:9C:8E:84:B2:74:AA:82:41:50:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/YMGBAXPMmaM-UVPjn2WwHTw99Dg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/ac017c-ff29-43cf-a3d6-29f1beb2f282/1/7W2p5BaG0hwSeZyOhLJ0qoJBUIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.143.240.0/20
IPv6:
2a05:a380::/29
Signature Algorithm: sha256WithRSAEncryption
22:3a:a5:34:00:8c:44:69:d7:0d:11:f2:9d:ea:02:3d:5b:1d:
28:db:72:d8:8f:cc:e6:50:af:50:8d:0a:da:0d:b8:10:35:bd:
59:f8:ea:71:94:d7:1a:e8:58:da:88:69:76:f3:14:9c:b9:80:
58:41:80:4f:85:be:9f:fa:f1:e0:25:bf:83:f3:52:b8:56:09:
cf:cd:c1:fc:d0:62:81:7f:56:96:ec:48:72:61:5a:b6:92:2e:
ce:22:f4:dc:b0:6b:de:d1:6c:15:cc:3b:c6:22:88:a3:04:53:
ad:f3:97:a2:d8:5a:df:1a:2e:09:95:2c:7f:6f:76:83:fd:61:
5a:74:39:3c:24:e8:71:aa:d3:f3:b0:19:6b:01:67:42:2f:e1:
f4:ff:e7:6f:45:5c:ec:e6:8a:fc:d2:21:5d:cc:cd:4d:f7:54:
bf:28:25:0e:10:2b:84:c1:89:08:d2:38:60:71:ae:83:93:07:
75:bb:b4:6d:6b:fe:96:3a:de:73:40:88:ee:94:07:6a:f0:27:
e8:0f:72:c0:a2:00:b0:c2:6b:50:b4:b6:37:5b:0d:af:3b:8a:
e4:8b:04:cd:a5:9c:45:5b:3e:2b:bb:46:b8:8c:57:8e:c1:59:
05:21:76:f0:a0:85:42:64:63:b9:9b:77:f6:e2:76:38:8f:41:
33:64:1e:d2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZWY/ssf0AtNrwRZ4ITxgyi6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNmRhOWU0MTY4NmQyMWMxMjc5OWM4ZTg0YjI3NGFhODI0
MTUwOGMwHhcNMjUwMzE1MDg0OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGMxODEwMTczY2M5OWEzM2U1MTUzZTM5ZjY1YjAxZDNjM2RmNDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGedgUbLDMSQ8yJPKEIQeJOjUf3t
hzaNdTEoXm5ipsq9px5GhTdfryh+fnaX/hRi1qkoGkEby8XquZVll3bO30cTOp7d
qEtxwiR/RU71cRZbGxD88SsSccSsHwKOnGV9Dsgv9GVxX9xBClOOdL1DjCTGfuqP
KW7FyS86dHuI/ruPP2MXgqcmHRw48XMFeGF1QOtUkOiobjNIqo414WSuCdsxHMiw
t1D29NTylFdERDhYoKztRfNemFsxKpZUx7TOqEBQjdxFydV88uLqTbtZZ2TVesr7
Zc8glhbE5IDGBwi5HZaJoiHt9Dm/R9M8wvH9j2JfJu1lksrfzEF7AH/Z1QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGDBgQFzzJmjPlFT459lsB08PfQ4MB8GA1UdIwQY
MBaAFO1tqeQWhtIcEnmcjoSydKqCQVCMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1cycDVCYUcwaHdTZVp5T2hMSjBxb0pCVUl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9hYzAxN2MtZmYyOS00M2NmLWEzZDYt
MjlmMWJlYjJmMjgyLzEvWU1HQkFYUE1tYU0tVVZQam4yV3dIVHc5OURnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9hYzAxN2MtZmYyOS00M2NmLWEzZDYtMjlmMWJlYjJmMjgy
LzEvN1cycDVCYUcwaHdTZVp5T2hMSjBxb0pCVUl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQELo/wMA0E
AgACMAcDBQMqBaOAMA0GCSqGSIb3DQEBCwUAA4IBAQAiOqU0AIxEadcNEfKd6gI9
Wx0o23LYj8zmUK9QjQraDbgQNb1Z+OpxlNca6FjaiGl28xScuYBYQYBPhb6f+vHg
Jb+D81K4VgnPzcH80GKBf1aW7EhyYVq2ki7OIvTcsGve0WwVzDvGIoijBFOt85ei
2FrfGi4JlSx/b3aD/WFadDk8JOhxqtPzsBlrAWdCL+H0/+dvRVzs5or80iFdzM1N
91S/KCUOECuEwYkI0jhgca6Dkwd1u7Rta/6WOt5zQIjulAdq8CfoD3LAogCwwmtQ
tLY3Ww2vO4rkiwTNpZxFWz4ru0a4jFeOwVkFIXbwoIVCZGO5m3f24nY4j0EzZB7S
-----END CERTIFICATE-----
Generated at Sun Apr 27 01:09:11 2025 by rpki-client