Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/Yu8JKbIapVQkQfDDYKDTPLEnq28.roa
File: Yu8JKbIapVQkQfDDYKDTPLEnq28.roa (raw, json)
Hash identifier: IJdiw06TqLvFQc197yosxTK/mOm0c9h3e3pMKaTyGhI=
Subject key identifier: 62:EF:09:29:B2:1A:A5:54:24:41:F0:C3:60:A0:D3:3C:B1:27:AB:6F
Certificate issuer: /CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Certificate serial: 0191BCA2AA4A86C8A03C746CD2A4512D3899
Authority key identifier: 57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/Yu8JKbIapVQkQfDDYKDTPLEnq28.roa
Signing time: Wed 04 Sep 2024 10:44:22 +0000
ROA not before: Wed 04 Sep 2024 10:44:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29119
IP address blocks: 5.253.158.0/24 maxlen: 24
62.122.228.0/22 maxlen: 22
62.122.228.0/24 maxlen: 24
62.122.230.0/24 maxlen: 24
62.122.231.0/24 maxlen: 24
185.167.181.0/24 maxlen: 24
185.204.203.0/24 maxlen: 24
185.218.160.0/24 maxlen: 24
185.218.161.0/24 maxlen: 24
185.218.162.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.mft
rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 01:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bc:a2:aa:4a:86:c8:a0:3c:74:6c:d2:a4:51:2d:38:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Validity
Not Before: Sep 4 10:44:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62ef0929b21aa5542441f0c360a0d33cb127ab6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:89:01:fd:04:47:42:c9:81:f6:29:c2:df:7a:
e4:8a:e5:48:f1:80:95:3d:5d:9a:4c:46:66:7e:1f:
8d:44:fe:30:9b:00:c1:dd:53:7a:ed:fc:bc:e2:f7:
88:26:50:d9:7c:7b:94:fe:90:5f:fb:0f:73:d9:89:
7f:6c:f8:ef:ad:75:e5:4e:70:2d:62:d6:b9:d7:8f:
72:82:6e:4f:9a:2b:f1:f7:51:b5:ba:66:ac:1b:52:
e0:51:38:28:64:60:75:be:8b:4b:cf:68:e3:dc:ad:
39:f8:82:47:15:50:36:07:99:c6:73:eb:ed:c7:db:
d9:1c:d6:eb:b6:24:0a:17:5d:87:1b:56:2a:f9:23:
89:c9:4a:f4:9f:24:93:29:37:f4:d1:e9:69:70:85:
78:f8:a9:1c:c5:8f:c6:9c:ab:bc:9e:e5:82:32:cb:
42:99:56:d2:42:9d:02:5a:56:bd:6e:ea:68:2f:f3:
f9:17:33:e7:72:25:8b:24:7b:de:71:05:46:48:be:
b9:14:f8:6e:bb:62:ea:09:3f:fb:0a:3e:dc:c0:b2:
2b:54:a2:8e:14:58:fa:62:4d:28:a3:b5:e8:54:a0:
48:6e:98:25:0c:f2:e6:15:57:bc:54:e7:04:e0:36:
35:f4:2c:c3:7e:c8:aa:87:98:92:f6:45:a2:33:92:
51:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:EF:09:29:B2:1A:A5:54:24:41:F0:C3:60:A0:D3:3C:B1:27:AB:6F
X509v3 Authority Key Identifier:
keyid:57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/Yu8JKbIapVQkQfDDYKDTPLEnq28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.158.0/24
62.122.228.0/22
185.167.181.0/24
185.204.203.0/24
185.218.160.0-185.218.162.255
Signature Algorithm: sha256WithRSAEncryption
61:a9:ae:ac:9f:df:53:69:84:19:40:53:cd:e5:36:9a:8a:f3:
88:35:48:84:b8:32:60:bc:f5:de:0f:5d:c3:fb:14:40:5c:ae:
92:76:42:08:b8:b7:a9:c3:c9:9d:3d:a5:fa:87:f6:26:d3:2b:
74:dc:8a:d4:3b:7b:f3:40:75:12:17:24:2b:5d:52:ec:7d:8b:
0b:89:2a:7b:2f:65:8a:0c:3f:ed:14:7f:cb:c4:16:3b:dd:d3:
13:f6:2a:ef:31:65:8b:fb:fe:23:aa:3a:1f:b4:3d:58:9d:d2:
00:7a:6e:5d:29:20:2f:5b:0d:c3:04:1b:a8:20:fd:ff:9b:8c:
cf:a6:90:d1:70:78:59:9c:7f:b4:b3:83:4d:8f:10:fe:4d:f1:
1c:da:3c:b4:cd:1a:83:bf:82:7b:b8:df:0f:f6:42:a1:d8:ca:
4f:15:61:d6:09:4c:50:2a:71:b4:2e:dd:ee:e8:18:14:bc:79:
eb:e5:98:88:29:e6:69:b7:45:a2:5f:aa:ec:7d:cf:5f:85:9f:
ce:52:a6:1e:34:c9:62:1b:75:0b:78:ae:ac:a2:21:c7:5b:a3:
e3:7b:cf:89:c6:94:38:ee:9c:52:27:f9:4f:69:c9:ec:7d:53:
42:10:c9:ab:d4:bf:c7:7a:ca:5e:8a:aa:f7:d5:14:60:66:6c:
24:09:d5:29
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZG8oqpKhsigPHRs0qRRLTiZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NzAyMWRjZGY0NGI2YWZkZDM4MTA1NDdjNTVhNzliZDFh
OWZhM2IwHhcNMjQwOTA0MTA0NDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmVmMDkyOWIyMWFhNTU0MjQ0MWYwYzM2MGEwZDMzY2IxMjdhYjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5okB/QRHQsmB9inC33rkiuVI8YCV
PV2aTEZmfh+NRP4wmwDB3VN67fy84veIJlDZfHuU/pBf+w9z2Yl/bPjvrXXlTnAt
Yta5149ygm5Pmivx91G1umasG1LgUTgoZGB1votLz2jj3K05+IJHFVA2B5nGc+vt
x9vZHNbrtiQKF12HG1Yq+SOJyUr0nySTKTf00elpcIV4+KkcxY/GnKu8nuWCMstC
mVbSQp0CWla9bupoL/P5FzPnciWLJHvecQVGSL65FPhuu2LqCT/7Cj7cwLIrVKKO
FFj6Yk0oo7XoVKBIbpglDPLmFVe8VOcE4DY19CzDfsiqh5iS9kWiM5JRgQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFGLvCSmyGqVUJEHww2Cg0zyxJ6tvMB8GA1UdIwQY
MBaAFFdwIdzfRLav3TgQVHxVp5vRqfo7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQt
YzkwN2FlMWMyMTFlLzEvWXU4SktiSWFwVlFrUWZERFlLRFRQTEVucTI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQtYzkwN2FlMWMyMTFl
LzEvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQABf2eAwQC
PnrkAwQAuae1AwQAuczLMAwDBAW52qADBAC52qIwDQYJKoZIhvcNAQELBQADggEB
AGGprqyf31NphBlAU83lNpqK84g1SIS4MmC89d4PXcP7FEBcrpJ2Qgi4t6nDyZ09
pfqH9ibTK3TcitQ7e/NAdRIXJCtdUux9iwuJKnsvZYoMP+0Uf8vEFjvd0xP2Ku8x
ZYv7/iOqOh+0PVid0gB6bl0pIC9bDcMEG6gg/f+bjM+mkNFweFmcf7Szg02PEP5N
8RzaPLTNGoO/gnu43w/2QqHYyk8VYdYJTFAqcbQu3e7oGBS8eevlmIgp5mm3RaJf
qux9z1+Fn85Sph40yWIbdQt4rqyiIcdbo+N7z4nGlDjunFIn+U9pyex9U0IQyavU
v8d6yl6KqvfVFGBmbCQJ1Sk=
-----END CERTIFICATE-----
Generated at Sat Sep 28 08:39:54 2024 by rpki-client on console-ams.rpki-client.org