Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/ALyeecU6SJEN6kevwt9YQyFRDj4.roa
File: ALyeecU6SJEN6kevwt9YQyFRDj4.roa (raw, json)
Hash identifier: eokhnItfiXEoqAQPMC76rt9eAsM9T0EwdllA5KUGmB0=
Subject key identifier: 00:BC:9E:79:C5:3A:48:91:0D:EA:47:AF:C2:DF:58:43:21:51:0E:3E
Certificate issuer: /CN=297c508d23b38315bbf45b726d22050a46127b8c
Certificate serial: 018CC871315E3101F2FA3C496BD3A63CE7E2
Authority key identifier: 29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/ALyeecU6SJEN6kevwt9YQyFRDj4.roa
Signing time: Tue 02 Jan 2024 04:31:50 +0000
ROA not before: Tue 02 Jan 2024 04:31:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57633
IP address blocks: 195.49.132.0/22 maxlen: 22
45.9.244.0/22 maxlen: 22
185.79.220.0/22 maxlen: 22
77.240.192.0/20 maxlen: 20
37.25.72.0/21 maxlen: 21
46.182.208.0/21 maxlen: 21
2a00:1ab0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.mft
rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:31:5e:31:01:f2:fa:3c:49:6b:d3:a6:3c:e7:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297c508d23b38315bbf45b726d22050a46127b8c
Validity
Not Before: Jan 2 04:31:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00bc9e79c53a48910dea47afc2df584321510e3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ab:6b:cf:d6:d0:d9:dc:02:7a:8b:d3:96:10:
52:b3:78:1e:45:5f:ee:17:28:cf:de:d3:b3:4a:1c:
8f:db:c3:66:8d:e7:85:ed:26:29:ab:38:d2:e2:72:
3c:8f:3a:a1:0d:cf:f4:e1:32:5f:20:d3:cb:c3:4e:
49:6b:11:f0:ea:5e:c8:3a:e0:9f:b9:0e:c8:5b:03:
37:ae:80:fc:d3:cd:29:49:0f:7e:10:97:bb:0a:11:
27:5b:c1:e8:1c:a5:72:ba:3e:f7:e6:ab:43:c3:53:
83:df:2e:20:5f:6a:95:a4:95:8d:59:a1:bf:3d:77:
af:ef:c4:bd:3b:05:26:a8:0d:73:8d:44:89:f3:4c:
45:fe:f7:08:1d:99:90:25:bc:aa:fe:3d:60:2f:87:
bb:58:14:ab:42:0f:9c:c8:ec:04:97:d8:e2:aa:ce:
43:0c:68:7e:f4:53:eb:d3:51:c4:a1:6a:fb:49:94:
dd:f9:f3:c1:b6:eb:46:3a:1f:aa:62:e8:2c:f2:69:
fe:0a:c4:15:e2:40:6d:dd:a8:f2:d9:fd:eb:2c:c6:
83:68:b3:18:4a:63:16:4e:a2:d3:97:98:97:6e:11:
4a:54:e6:cb:0a:74:ec:0d:48:60:35:fc:8e:94:82:
4b:a6:aa:07:4f:ed:e8:1b:c4:f7:27:56:cb:4b:7e:
90:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:BC:9E:79:C5:3A:48:91:0D:EA:47:AF:C2:DF:58:43:21:51:0E:3E
X509v3 Authority Key Identifier:
keyid:29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/ALyeecU6SJEN6kevwt9YQyFRDj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.25.72.0/21
45.9.244.0/22
46.182.208.0/21
77.240.192.0/20
185.79.220.0/22
195.49.132.0/22
IPv6:
2a00:1ab0::/32
Signature Algorithm: sha256WithRSAEncryption
5d:05:07:f0:d1:88:32:83:78:e3:f6:08:3c:9d:e4:f7:c7:f5:
33:2a:04:63:20:8f:36:8a:e9:db:f1:7a:0b:4c:b3:d1:06:9d:
13:d3:68:e3:fd:3a:dd:0f:58:cc:70:f0:42:3a:ed:ee:21:f6:
0d:bd:7d:44:70:7a:f6:94:4c:52:21:e0:2c:73:10:4a:0f:5e:
54:9e:71:fc:d8:35:b2:6c:6d:81:f6:d7:2c:72:0c:26:a8:b3:
d0:6b:75:46:15:c6:5c:b4:f0:48:ff:a8:8a:5d:ad:93:87:fb:
95:fa:e7:66:16:e2:31:9e:83:44:90:4b:f4:e1:ac:d6:35:1f:
c4:14:c7:ce:f7:b9:fa:ad:5a:d6:04:7c:e2:5f:5e:a1:3f:6d:
f7:5a:bc:47:15:be:72:6e:f2:f8:80:26:37:6f:89:73:d2:97:
55:b9:ac:73:bd:47:0f:68:08:f7:6a:68:28:c4:f3:48:51:ef:
e0:c1:f5:78:2c:56:d2:79:95:07:87:fe:80:d2:55:45:d3:ae:
e7:11:02:b9:a3:1d:09:fe:14:bf:81:68:97:15:22:bf:cc:60:
4c:19:9e:db:c7:7c:4a:ec:ec:4a:11:c2:77:81:0e:e6:ac:82:
e7:5c:f2:67:85:eb:11:01:13:c5:44:d0:52:ab:11:ad:c1:2f:
9a:54:d0:27
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzIcTFeMQHy+jxJa9OmPOfiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2M1MDhkMjNiMzgzMTViYmY0NWI3MjZkMjIwNTBhNDYx
MjdiOGMwHhcNMjQwMTAyMDQzMTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGJjOWU3OWM1M2E0ODkxMGRlYTQ3YWZjMmRmNTg0MzIxNTEwZTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2qtrz9bQ2dwCeovTlhBSs3geRV/u
FyjP3tOzShyP28NmjeeF7SYpqzjS4nI8jzqhDc/04TJfINPLw05JaxHw6l7IOuCf
uQ7IWwM3roD8080pSQ9+EJe7ChEnW8HoHKVyuj735qtDw1OD3y4gX2qVpJWNWaG/
PXev78S9OwUmqA1zjUSJ80xF/vcIHZmQJbyq/j1gL4e7WBSrQg+cyOwEl9jiqs5D
DGh+9FPr01HEoWr7SZTd+fPBtutGOh+qYugs8mn+CsQV4kBt3ajy2f3rLMaDaLMY
SmMWTqLTl5iXbhFKVObLCnTsDUhgNfyOlIJLpqoHT+3oG8T3J1bLS36QbQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFAC8nnnFOkiRDepHr8LfWEMhUQ4+MB8GA1UdIwQY
MBaAFCl8UI0js4MVu/Rbcm0iBQpGEnuMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTIt
MzZlOWE3OWJkOTUwLzEvQUx5ZWVjVTZTSkVONmtldnd0OVlReUZSRGo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTItMzZlOWE3OWJkOTUw
LzEvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDJRlIAwQC
LQn0AwQDLrbQAwQETfDAAwQCuU/cAwQCwzGEMA0EAgACMAcDBQAqABqwMA0GCSqG
SIb3DQEBCwUAA4IBAQBdBQfw0Ygyg3jj9gg8neT3x/UzKgRjII82iunb8XoLTLPR
Bp0T02jj/TrdD1jMcPBCOu3uIfYNvX1EcHr2lExSIeAscxBKD15UnnH82DWybG2B
9tcscgwmqLPQa3VGFcZctPBI/6iKXa2Th/uV+udmFuIxnoNEkEv04azWNR/EFMfO
97n6rVrWBHziX16hP233WrxHFb5ybvL4gCY3b4lz0pdVuaxzvUcPaAj3amgoxPNI
Ue/gwfV4LFbSeZUHh/6A0lVF067nEQK5ox0J/hS/gWiXFSK/zGBMGZ7bx3xK7OxK
EcJ3gQ7mrILnXPJnhesRARPFRNBSqxGtwS+aVNAn
-----END CERTIFICATE-----
Generated at Wed Jun 26 08:22:01 2024 by rpki-client on console-ams.rpki-client.org