Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/1-YogfmKwQf9EC6HAxHp7tGdiSfA.roa
File: 1-YogfmKwQf9EC6HAxHp7tGdiSfA.roa (raw, json)
Hash identifier: WamJOgH5ha0T3xvIYHAVd5Z7Mqz1LNgGq/WmPK/1P8g=
Subject key identifier: F9:8A:20:7E:62:B0:41:FF:44:0B:A1:C0:C4:7A:7B:B4:67:62:49:F0
Certificate issuer: /CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Certificate serial: 018CCA2A9E5DB7AE92AB845D16C0B93BD3E4
Authority key identifier: 5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/1-YogfmKwQf9EC6HAxHp7tGdiSfA.roa
Signing time: Tue 02 Jan 2024 12:33:59 +0000
ROA not before: Tue 02 Jan 2024 12:33:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61400
IP address blocks: 217.199.209.0/24 maxlen: 24
62.76.24.0/22 maxlen: 24
91.107.85.0/24 maxlen: 24
91.107.84.0/24 maxlen: 24
91.107.86.0/23 maxlen: 24
91.107.86.0/24 maxlen: 24
185.126.92.0/22 maxlen: 24
185.62.103.0/24 maxlen: 24
46.21.252.0/22 maxlen: 24
62.76.112.0/22 maxlen: 24
185.111.216.0/23 maxlen: 24
185.111.219.0/24 maxlen: 24
185.111.218.0/24 maxlen: 24
212.8.232.0/22 maxlen: 24
89.248.236.0/24 maxlen: 24
185.40.28.0/22 maxlen: 24
31.200.248.0/21 maxlen: 24
62.76.88.0/22 maxlen: 24
91.227.34.0/23 maxlen: 24
62.76.100.0/22 maxlen: 24
2a03:220::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/XaQypOw7CsTKTk7OwOn01GtJevA.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/XaQypOw7CsTKTk7OwOn01GtJevA.mft
rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 27 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:9e:5d:b7:ae:92:ab:84:5d:16:c0:b9:3b:d3:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Validity
Not Before: Jan 2 12:33:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f98a207e62b041ff440ba1c0c47a7bb4676249f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:c5:3d:a0:20:e9:e1:a2:59:e9:b1:58:18:86:
39:4a:6a:8b:f2:53:3c:7a:9d:f3:27:b8:01:14:f2:
1f:a1:c4:8d:bd:94:f2:1d:e1:7b:95:db:1e:8d:b9:
4c:13:54:39:a2:55:c9:73:f1:2b:2a:ca:e9:a3:f8:
7e:5e:91:3d:bb:6a:d3:7a:29:f5:fc:cc:98:0b:03:
9e:45:01:6f:c3:f9:85:a7:a7:c9:39:14:02:48:fe:
00:80:05:aa:ac:6b:24:df:ae:ee:ad:51:cf:e5:9a:
9a:29:b7:8a:05:d1:58:f1:bd:68:e7:5d:82:77:0f:
9c:3f:5a:c5:93:e9:94:2a:0f:6b:12:c4:02:d1:64:
02:4d:3d:a3:46:43:a6:28:7e:fd:f6:79:f3:17:33:
76:1c:70:49:0b:d7:58:0b:b1:4b:75:31:43:77:7c:
ad:61:50:4a:61:1e:8e:e1:56:e1:0d:0a:91:7a:af:
ea:65:31:ed:fc:8c:dd:ad:dd:2c:2a:fd:0f:47:87:
9e:2b:d4:70:0b:92:9c:bd:7d:d6:fa:46:70:85:89:
c6:fe:76:af:d4:c2:82:8d:1b:13:2d:46:68:5d:80:
46:76:de:fc:ef:3c:b7:54:4c:c0:52:73:f3:af:99:
71:aa:f6:93:d6:ed:48:19:75:66:cb:40:72:8d:2c:
80:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:8A:20:7E:62:B0:41:FF:44:0B:A1:C0:C4:7A:7B:B4:67:62:49:F0
X509v3 Authority Key Identifier:
keyid:5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/1-YogfmKwQf9EC6HAxHp7tGdiSfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/XaQypOw7CsTKTk7OwOn01GtJevA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.200.248.0/21
46.21.252.0/22
62.76.24.0/22
62.76.88.0/22
62.76.100.0/22
62.76.112.0/22
89.248.236.0/24
91.107.84.0/22
91.227.34.0/23
185.40.28.0/22
185.62.103.0/24
185.111.216.0/22
185.126.92.0/22
212.8.232.0/22
217.199.209.0/24
IPv6:
2a03:220::/32
Signature Algorithm: sha256WithRSAEncryption
12:e9:9d:22:bd:9b:71:31:88:db:f8:84:4f:b2:5c:5d:a7:1d:
45:19:f0:cc:30:ce:8e:7c:5e:26:64:f1:38:0f:3f:fc:c8:31:
d1:ca:de:aa:5c:29:17:9c:ec:82:43:72:e3:f4:ac:cd:7c:22:
23:2b:53:49:e6:2d:51:06:d8:43:9a:37:44:85:ea:ec:65:6d:
94:ed:95:90:b4:9e:9c:eb:de:21:5a:40:f9:fc:63:29:1e:a2:
0a:a1:b1:c6:8b:6b:38:7f:e3:73:fe:70:b8:96:1b:69:44:d9:
f0:d4:8c:04:bc:bd:c7:36:c3:43:45:a7:cd:e3:9b:30:94:8f:
3d:5e:2e:e9:65:1b:39:19:cb:f4:13:74:f1:e8:04:57:90:10:
df:9c:1a:cd:0a:4f:36:e3:c3:f1:c5:8f:76:93:34:c5:1d:02:
c7:7a:94:2b:94:3b:3a:b6:72:c5:11:ac:07:d9:a8:2c:82:f9:
a9:a6:d6:20:1d:d9:df:f7:4e:7a:b2:8f:d9:b4:d3:8a:e4:f7:
fd:6d:6a:9b:81:f0:4b:01:ea:e4:27:cf:bc:93:dc:8b:3f:8f:
c8:34:95:14:c6:00:7e:bc:3e:7a:e7:c1:60:b0:b2:ea:98:17:
0e:4c:0a:7b:5b:a0:21:87:66:02:bc:90:3d:a1:04:d8:6e:c5:
d6:a6:07:4d
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAYzKKp5dt66Sq4RdFsC5O9PkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTQzMmE0ZWMzYjBhYzRjYTRlNGVjZWMwZTlmNGQ0NmI0
OTdhZjAwHhcNMjQwMTAyMTIzMzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOThhMjA3ZTYyYjA0MWZmNDQwYmExYzBjNDdhN2JiNDY3NjI0OWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8U9oCDp4aJZ6bFYGIY5SmqL8lM8
ep3zJ7gBFPIfocSNvZTyHeF7ldsejblME1Q5olXJc/ErKsrpo/h+XpE9u2rTein1
/MyYCwOeRQFvw/mFp6fJORQCSP4AgAWqrGsk367urVHP5ZqaKbeKBdFY8b1o512C
dw+cP1rFk+mUKg9rEsQC0WQCTT2jRkOmKH799nnzFzN2HHBJC9dYC7FLdTFDd3yt
YVBKYR6O4VbhDQqReq/qZTHt/Izdrd0sKv0PR4eeK9RwC5KcvX3W+kZwhYnG/nav
1MKCjRsTLUZoXYBGdt787zy3VEzAUnPzr5lxqvaT1u1IGXVmy0ByjSyACQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFPmKIH5isEH/RAuhwMR6e7RnYknwMB8GA1UdIwQY
MBaAFF2kMqTsOwrEyk5OzsDp9NRrSXrwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2Ut
MWJhNTQzZWVhZWQ3LzEvMS1Zb2dmbUt3UWY5RUM2SEF4SHA3dEdkaVNmQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDMvOWU4NDdmLTQxNDYtNDU2Ni04YzNlLTFiYTU0M2VlYWVk
Ny8xL1hhUXlwT3c3Q3NUS1RrN093T24wMUd0SmV2QS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBggYIKwYBBQUHAQcBAf8EczBxMGAEAgABMFoDBAMfyPgD
BAIuFfwDBAI+TBgDBAI+TFgDBAI+TGQDBAI+THADBABZ+OwDBAJba1QDBAFb4yID
BAK5KBwDBAC5PmcDBAK5b9gDBAK5flwDBALUCOgDBADZx9EwDQQCAAIwBwMFACoD
AiAwDQYJKoZIhvcNAQELBQADggEBABLpnSK9m3ExiNv4hE+yXF2nHUUZ8Mwwzo58
XiZk8TgPP/zIMdHK3qpcKRec7IJDcuP0rM18IiMrU0nmLVEG2EOaN0SF6uxlbZTt
lZC0npzr3iFaQPn8YykeogqhscaLazh/43P+cLiWG2lE2fDUjAS8vcc2w0NFp83j
mzCUjz1eLullGzkZy/QTdPHoBFeQEN+cGs0KTzbjw/HFj3aTNMUdAsd6lCuUOzq2
csURrAfZqCyC+amm1iAd2d/3Tnqyj9m004rk9/1tapuB8EsB6uQnz7yT3Is/j8g0
lRTGAH68PnrnwWCwsuqYFw5MCntboCGHZgK8kD2hBNhuxdamB00=
-----END CERTIFICATE-----
Generated at Wed Jun 26 17:01:49 2024 by rpki-client on console-fra.rpki-client.org