Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/eb013f-5774-4e06-a5d4-ed5d6ce8d7e8/1/Yt1un448e_2Nqd2IaYkiSHKZ-8g.roa
File: Yt1un448e_2Nqd2IaYkiSHKZ-8g.roa (raw, json)
Hash identifier: fRsLG7Ui9/BFu34e0BnTU7BwRr9lXCPLuYl+6ONI1ZU=
Subject key identifier: 62:DD:6E:9F:8E:3C:7B:FD:8D:A9:DD:88:69:89:22:48:72:99:FB:C8
Certificate issuer: /CN=c7c24de99101fafdf74bca293fd6d95060d50a63
Certificate serial: 018CC5DC481BAF7E6E37E26B773EB1C3CC52
Authority key identifier: C7:C2:4D:E9:91:01:FA:FD:F7:4B:CA:29:3F:D6:D9:50:60:D5:0A:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x8JN6ZEB-v33S8opP9bZUGDVCmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/eb013f-5774-4e06-a5d4-ed5d6ce8d7e8/1/Yt1un448e_2Nqd2IaYkiSHKZ-8g.roa
Signing time: Mon 01 Jan 2024 16:29:57 +0000
ROA not before: Mon 01 Jan 2024 16:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5410
IP address blocks: 31.32.0.0/13 maxlen: 24
213.44.0.0/16 maxlen: 24
62.201.128.0/19 maxlen: 24
80.214.248.0/21 maxlen: 24
195.36.128.0/17 maxlen: 24
80.215.0.0/16 maxlen: 24
212.194.0.0/15 maxlen: 24
62.34.0.0/15 maxlen: 24
176.128.0.0/10 maxlen: 24
80.214.192.0/19 maxlen: 24
194.158.96.0/19 maxlen: 24
5.48.0.0/14 maxlen: 24
80.214.0.0/17 maxlen: 24
164.177.0.0/17 maxlen: 24
194.117.192.0/20 maxlen: 24
89.80.0.0/12 maxlen: 24
87.88.0.0/14 maxlen: 24
94.238.0.0/15 maxlen: 24
128.78.0.0/15 maxlen: 24
80.214.128.0/18 maxlen: 24
2a04:cec0::/29 maxlen: 48
2001:860::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/eb013f-5774-4e06-a5d4-ed5d6ce8d7e8/1/x8JN6ZEB-v33S8opP9bZUGDVCmM.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/eb013f-5774-4e06-a5d4-ed5d6ce8d7e8/1/x8JN6ZEB-v33S8opP9bZUGDVCmM.mft
rsync://rpki.ripe.net/repository/DEFAULT/x8JN6ZEB-v33S8opP9bZUGDVCmM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 00:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:48:1b:af:7e:6e:37:e2:6b:77:3e:b1:c3:cc:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7c24de99101fafdf74bca293fd6d95060d50a63
Validity
Not Before: Jan 1 16:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62dd6e9f8e3c7bfd8da9dd88698922487299fbc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:5e:7e:72:02:08:ff:30:cb:58:6a:1a:e4:00:
80:b9:75:7f:d7:77:e6:e7:93:ee:4d:1f:84:8d:bf:
6b:68:8d:5c:a3:2a:78:93:9f:48:69:3f:ae:6f:72:
8f:42:7c:c7:6e:ce:b7:52:42:65:e5:f4:80:d3:98:
63:2f:de:c5:ee:14:f0:b2:1b:9e:57:d6:3e:2c:fd:
ce:bc:bb:d6:d6:00:bb:06:b6:ad:b9:86:ea:31:a3:
1a:48:90:64:a5:9d:e6:6d:97:87:c8:b8:f6:92:4a:
23:11:0c:9d:f4:89:f2:cd:73:9d:bf:f6:71:fc:92:
4f:6e:97:3b:e7:6c:0c:f7:93:b3:3f:6d:8f:7d:ed:
f1:e3:ca:a4:33:83:43:19:ef:e5:66:21:e3:5c:75:
56:12:f0:04:9a:bb:57:81:f2:ae:e2:5e:5c:e0:65:
5f:52:3d:85:de:dc:e4:de:48:39:94:3e:1d:bf:89:
7c:2c:58:da:fb:e6:49:75:94:32:0c:94:70:75:2a:
11:c1:f8:94:e6:8b:d2:c5:7f:f6:fb:56:c5:36:75:
cf:12:45:05:1c:56:81:ab:a3:a5:e2:5f:c1:6b:6b:
28:c3:d8:94:5b:fb:bc:38:b3:13:7e:5b:39:8e:b3:
72:1e:6a:e5:08:8d:d3:1d:c8:70:67:f4:91:80:50:
5b:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:DD:6E:9F:8E:3C:7B:FD:8D:A9:DD:88:69:89:22:48:72:99:FB:C8
X509v3 Authority Key Identifier:
keyid:C7:C2:4D:E9:91:01:FA:FD:F7:4B:CA:29:3F:D6:D9:50:60:D5:0A:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x8JN6ZEB-v33S8opP9bZUGDVCmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/eb013f-5774-4e06-a5d4-ed5d6ce8d7e8/1/Yt1un448e_2Nqd2IaYkiSHKZ-8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/eb013f-5774-4e06-a5d4-ed5d6ce8d7e8/1/x8JN6ZEB-v33S8opP9bZUGDVCmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.48.0.0/14
31.32.0.0/13
62.34.0.0/15
62.201.128.0/19
80.214.0.0-80.214.223.255
80.214.248.0-80.215.255.255
87.88.0.0/14
89.80.0.0/12
94.238.0.0/15
128.78.0.0/15
164.177.0.0/17
176.128.0.0/10
194.117.192.0/20
194.158.96.0/19
195.36.128.0/17
212.194.0.0/15
213.44.0.0/16
IPv6:
2001:860::/29
2a04:cec0::/29
Signature Algorithm: sha256WithRSAEncryption
7f:b9:d2:7f:ae:25:a8:66:b3:ca:d6:ae:d2:a1:44:52:0e:93:
ea:90:f7:6b:ad:dc:7c:00:11:0c:89:cf:a4:9c:f2:d3:61:7b:
e9:9e:db:f5:5f:46:66:c7:b8:b9:5c:56:78:65:f4:98:e7:47:
af:f8:e5:30:27:8c:77:99:9b:ff:20:5d:72:e3:30:f1:21:b5:
5c:6f:45:84:18:95:5e:4e:2e:00:46:e0:01:16:e9:83:c2:d2:
af:ec:c1:36:13:ce:dc:a6:2d:89:de:a9:c4:ea:5d:c9:d2:9e:
2b:32:e1:b4:e1:47:c1:90:20:0e:9d:44:ab:24:0b:0b:bc:29:
e1:38:65:5a:5f:5e:eb:0d:03:c2:21:7a:88:5f:f1:6a:4f:47:
4f:9b:42:42:08:1c:8f:03:00:80:0f:24:37:e9:43:ae:01:fd:
3e:68:49:7f:bd:df:71:8b:2e:91:e9:dd:16:a9:81:49:19:55:
9b:09:76:c5:0e:08:90:c9:c6:dd:a4:6f:69:da:e9:53:8c:a5:
25:f3:99:5c:8c:e8:14:23:3a:91:1d:96:16:f5:03:5b:c3:db:
0d:44:7f:4e:92:e3:33:e9:f7:87:72:96:d6:68:e8:1d:e3:f7:
68:22:13:2a:49:2f:50:3e:41:31:79:4e:2b:c0:46:0d:0d:c2:
cc:12:4f:9d
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgISAYzF3Egbr35uN+Jrdz6xw8xSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3YzI0ZGU5OTEwMWZhZmRmNzRiY2EyOTNmZDZkOTUwNjBk
NTBhNjMwHhcNMjQwMTAxMTYyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmRkNmU5ZjhlM2M3YmZkOGRhOWRkODg2OTg5MjI0ODcyOTlmYmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz15+cgII/zDLWGoa5ACAuXV/13fm
55PuTR+Ejb9raI1coyp4k59IaT+ub3KPQnzHbs63UkJl5fSA05hjL97F7hTwshue
V9Y+LP3OvLvW1gC7BratuYbqMaMaSJBkpZ3mbZeHyLj2kkojEQyd9InyzXOdv/Zx
/JJPbpc752wM95OzP22Pfe3x48qkM4NDGe/lZiHjXHVWEvAEmrtXgfKu4l5c4GVf
Uj2F3tzk3kg5lD4dv4l8LFja++ZJdZQyDJRwdSoRwfiU5ovSxX/2+1bFNnXPEkUF
HFaBq6Ol4l/Ba2sow9iUW/u8OLMTfls5jrNyHmrlCI3THchwZ/SRgFBbdwIDAQAB
o4IChjCCAoIwHQYDVR0OBBYEFGLdbp+OPHv9jandiGmJIkhymfvIMB8GA1UdIwQY
MBaAFMfCTemRAfr990vKKT/W2VBg1QpjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDhKTjZaRUItdjMzUzhvcFA5YlpVR0RWQ21NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9lYjAxM2YtNTc3NC00ZTA2LWE1ZDQt
ZWQ1ZDZjZThkN2U4LzEvWXQxdW40NDhlXzJOcWQySWFZa2lTSEtaLThnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9lYjAxM2YtNTc3NC00ZTA2LWE1ZDQtZWQ1ZDZjZThkN2U4
LzEveDhKTjZaRUItdjMzUzhvcFA5YlpVR0RWQ21NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGbBggrBgEFBQcBBwEB/wSBizCBiDBwBAIAATBqAwMCBTAD
AwMfIAMDAT4iAwQFPsmAMAsDAwFQ1gMEBVDWwDALAwQDUNb4AwMDUNADAwJXWAMD
BFlQAwMBXu4DAwGATgMEB6SxAAMDBrCAAwQEwnXAAwQFwp5gAwQHwySAAwMB1MID
AwDVLDAUBAIAAjAOAwUDIAEIYAMFAyoEzsAwDQYJKoZIhvcNAQELBQADggEBAH+5
0n+uJahms8rWrtKhRFIOk+qQ92ut3HwAEQyJz6Sc8tNhe+me2/VfRmbHuLlcVnhl
9JjnR6/45TAnjHeZm/8gXXLjMPEhtVxvRYQYlV5OLgBG4AEW6YPC0q/swTYTztym
LYneqcTqXcnSnisy4bThR8GQIA6dRKskCwu8KeE4ZVpfXusNA8Iheohf8WpPR0+b
QkIIHI8DAIAPJDfpQ64B/T5oSX+933GLLpHp3RapgUkZVZsJdsUOCJDJxt2kb2na
6VOMpSXzmVyM6BQjOpEdlhb1A1vD2w1Ef06S4zPp94dyltZo6B3j92giEypJL1A+
QTF5TivARg0NwswST50=
-----END CERTIFICATE-----
Generated at Mon Jun 24 10:16:18 2024 by rpki-client on console-fra.rpki-client.org