Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/yc-gqrsX0Dlayvck585FUtBbJrE.roa
File: yc-gqrsX0Dlayvck585FUtBbJrE.roa (raw, json)
Hash identifier: Ks7WQxTUjzq6wrRJQNHa/tYNzP+1BfHd4p2Dur1U0Q0=
Subject key identifier: C9:CF:A0:AA:BB:17:D0:39:5A:CA:F7:24:E7:CE:45:52:D0:5B:26:B1
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 01963D8E2F907B0A4E540D2C99260B3EE8B5
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/yc-gqrsX0Dlayvck585FUtBbJrE.roa
Signing time: Wed 16 Apr 2025 07:44:10 +0000
ROA not before: Wed 16 Apr 2025 07:44:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 84.1.236.0/24 maxlen: 24
84.2.54.0/24 maxlen: 24
195.56.199.0/24 maxlen: 24
195.228.4.0/24 maxlen: 24
195.228.31.0/24 maxlen: 24
195.228.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.mft
rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3d:8e:2f:90:7b:0a:4e:54:0d:2c:99:26:0b:3e:e8:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Apr 16 07:44:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c9cfa0aabb17d0395acaf724e7ce4552d05b26b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:1f:3a:d2:4d:fa:6a:43:0c:24:b8:58:45:f6:
fc:fe:ce:b3:1f:28:84:9b:69:f0:d8:16:6d:1e:16:
61:6e:36:68:18:86:4f:4f:8f:cd:9f:35:2e:92:44:
b6:98:59:4b:f0:e5:20:53:28:c6:48:55:ac:f7:1f:
bb:75:4e:32:78:6f:31:28:f7:a4:bf:c6:65:be:2f:
c4:b2:80:65:57:f6:7a:85:ca:26:e0:3c:2d:d2:7f:
c2:ba:fc:21:8a:86:c5:f3:e5:3f:7d:02:be:58:cc:
0b:10:c5:ff:3a:b4:c9:3a:a7:0b:55:86:d4:f0:d4:
4b:2f:a7:81:dc:18:42:dd:49:be:46:fd:dd:2e:1d:
06:53:e4:fe:9e:72:41:44:2b:4b:58:bd:f6:64:ee:
fd:ed:2b:92:94:eb:fe:d8:0b:dc:d7:04:14:b9:54:
d9:ae:e0:b9:ad:d3:0d:7f:e6:bb:fe:30:47:d0:80:
04:23:07:ff:f4:b4:4b:9f:d4:27:eb:e7:7b:05:38:
97:42:ea:d1:d1:3e:e6:4b:e2:03:ea:9d:c1:f9:76:
9d:95:03:eb:04:25:68:13:f7:e5:90:4d:ac:c9:44:
f8:33:56:f2:ee:09:08:fe:0c:10:d0:96:d3:be:18:
e7:e9:0e:36:13:8a:e9:80:b7:e8:e0:53:f5:d4:62:
a6:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:CF:A0:AA:BB:17:D0:39:5A:CA:F7:24:E7:CE:45:52:D0:5B:26:B1
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/yc-gqrsX0Dlayvck585FUtBbJrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.1.236.0/24
84.2.54.0/24
195.56.199.0/24
195.228.4.0/24
195.228.31.0/24
195.228.112.0/24
Signature Algorithm: sha256WithRSAEncryption
10:fc:44:70:e0:53:2a:e8:c7:ff:4c:ed:82:3b:8f:3d:d2:a5:
c7:7d:2a:2b:dd:59:ce:37:6f:1d:fa:01:fa:91:26:e1:0e:e6:
d8:ca:f9:04:c8:43:43:80:7d:94:74:28:b2:f8:a5:d7:19:1a:
3b:93:af:46:01:f8:07:c5:69:51:60:2a:03:94:67:81:b2:15:
c0:40:96:15:5d:72:c0:e9:2b:f1:e8:a3:3c:e3:0c:fe:be:ce:
e9:90:9d:f6:ac:68:2d:d2:ce:a4:f2:c5:74:75:e9:82:25:75:
ed:97:25:1a:ea:40:11:9f:21:bd:3c:c1:e0:04:8e:5b:90:6e:
7a:00:8c:a0:db:31:77:aa:98:df:83:b7:80:88:4d:16:99:fe:
d2:b8:18:be:82:20:12:4e:8a:0a:51:1c:a3:c1:0b:9f:91:99:
ab:e7:bb:47:95:41:ec:8d:dd:70:f0:f3:de:56:e5:0e:66:2b:
55:7b:0e:f7:64:46:74:d1:3e:ea:4a:88:f7:42:52:10:72:f1:
a4:42:35:95:ba:ba:00:85:55:ff:fd:69:27:09:45:d1:0f:48:
8e:b3:d4:87:1d:3c:d1:46:98:6a:18:e0:86:e1:63:20:d0:9c:
ea:6d:6e:34:1b:bd:ab:07:3c:ec:cd:63:6e:29:f7:56:c9:09:
2c:a2:88:d3
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZY9ji+QewpOVA0smSYLPui1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjUwNDE2MDc0NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWNmYTBhYWJiMTdkMDM5NWFjYWY3MjRlN2NlNDU1MmQwNWIyNmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqx860k36akMMJLhYRfb8/s6zHyiE
m2nw2BZtHhZhbjZoGIZPT4/NnzUukkS2mFlL8OUgUyjGSFWs9x+7dU4yeG8xKPek
v8Zlvi/EsoBlV/Z6hcom4Dwt0n/CuvwhiobF8+U/fQK+WMwLEMX/OrTJOqcLVYbU
8NRLL6eB3BhC3Um+Rv3dLh0GU+T+nnJBRCtLWL32ZO797SuSlOv+2Avc1wQUuVTZ
ruC5rdMNf+a7/jBH0IAEIwf/9LRLn9Qn6+d7BTiXQurR0T7mS+ID6p3B+XadlQPr
BCVoE/flkE2syUT4M1by7gkI/gwQ0JbTvhjn6Q42E4rpgLfo4FP11GKmzwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMnPoKq7F9A5Wsr3JOfORVLQWyaxMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEveWMtZ3Fyc1gwRGxheXZjazU4NUZVdEJiSnJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVAHsAwQA
VAI2AwQAwzjHAwQAw+QEAwQAw+QfAwQAw+RwMA0GCSqGSIb3DQEBCwUAA4IBAQAQ
/ERw4FMq6Mf/TO2CO4890qXHfSor3VnON28d+gH6kSbhDubYyvkEyENDgH2UdCiy
+KXXGRo7k69GAfgHxWlRYCoDlGeBshXAQJYVXXLA6Svx6KM84wz+vs7pkJ32rGgt
0s6k8sV0demCJXXtlyUa6kARnyG9PMHgBI5bkG56AIyg2zF3qpjfg7eAiE0Wmf7S
uBi+giASTooKURyjwQufkZmr57tHlUHsjd1w8PPeVuUOZitVew73ZEZ00T7qSoj3
QlIQcvGkQjWVuroAhVX//WknCUXRD0iOs9SHHTzRRphqGOCG4WMg0JzqbW40G72r
BzzszWNuKfdWyQksoojT
-----END CERTIFICATE-----
Generated at Tue Apr 29 10:20:19 2025 by rpki-client