Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/Ydp7EgPJr_5T0wNxdAifTHb866U.roa
File: Ydp7EgPJr_5T0wNxdAifTHb866U.roa (raw, json)
Hash identifier: xMpvjKZtCtg/YPYf5MrgWcPnutjDY6abxv3LDZlRWM0=
Subject key identifier: 61:DA:7B:12:03:C9:AF:FE:53:D3:03:71:74:08:9F:4C:76:FC:EB:A5
Certificate issuer: /CN=8cdcf26f74860588cac6bae17f99de22dbc49ae6
Certificate serial: 018CC26D5C2E9DDE35CF7B216DE5EE50E593
Authority key identifier: 8C:DC:F2:6F:74:86:05:88:CA:C6:BA:E1:7F:99:DE:22:DB:C4:9A:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jNzyb3SGBYjKxrrhf5neItvEmuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/Ydp7EgPJr_5T0wNxdAifTHb866U.roa
Signing time: Mon 01 Jan 2024 00:29:56 +0000
ROA not before: Mon 01 Jan 2024 00:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41114
IP address blocks: 31.11.40.0/21 maxlen: 24
45.151.16.0/22 maxlen: 22
147.78.164.0/22 maxlen: 22
185.42.112.0/22 maxlen: 22
193.148.80.0/22 maxlen: 22
45.157.248.0/22 maxlen: 22
77.83.228.0/22 maxlen: 22
185.98.64.0/22 maxlen: 22
62.192.140.0/22 maxlen: 22
213.226.72.0/22 maxlen: 22
153.92.104.0/21 maxlen: 21
2a0a:7980::/32 maxlen: 32
2a01:60e0::/32 maxlen: 32
2a0d:e6c0::/32 maxlen: 48
2a09:4380::/32 maxlen: 32
2a09:26c0::/32 maxlen: 32
2a00:7aa0::/32 maxlen: 32
2a0f:d00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/jNzyb3SGBYjKxrrhf5neItvEmuY.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/jNzyb3SGBYjKxrrhf5neItvEmuY.mft
rsync://rpki.ripe.net/repository/DEFAULT/jNzyb3SGBYjKxrrhf5neItvEmuY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 07:03:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:5c:2e:9d:de:35:cf:7b:21:6d:e5:ee:50:e5:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8cdcf26f74860588cac6bae17f99de22dbc49ae6
Validity
Not Before: Jan 1 00:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61da7b1203c9affe53d3037174089f4c76fceba5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ee:d4:1c:6d:c3:ca:db:ef:0a:2f:a6:aa:b9:
26:57:38:37:11:04:83:3a:0c:85:b9:c4:25:1e:fa:
dc:2e:fb:8a:99:73:25:8f:76:25:bc:bd:83:34:23:
4f:24:99:25:fb:bb:f1:a6:10:30:50:7e:43:56:8a:
fe:0b:1f:f2:8d:6f:38:e1:d5:10:4c:d5:8a:35:95:
a1:b1:71:fa:b1:d6:1f:7c:fc:60:cd:14:8d:44:01:
05:db:0e:a2:7d:ee:ee:9d:36:ec:59:17:69:c6:30:
2c:88:26:cc:15:d3:ec:52:8f:9d:1c:96:5b:51:1e:
63:99:b5:a2:91:a8:24:a7:a9:83:02:05:9c:8d:ce:
19:5b:d7:31:20:c4:1d:07:7c:d6:2d:9c:b7:86:2b:
df:5e:43:0b:5e:fa:77:d7:b5:4e:4a:11:42:5e:a7:
8b:99:df:33:16:85:90:66:cb:b1:66:5a:5c:02:39:
88:c3:da:1f:c7:3b:ba:2b:09:e9:35:e7:9d:3b:fa:
77:ae:cf:bd:1c:e3:24:b7:b3:78:93:49:ff:ee:eb:
a2:ff:bf:c8:bd:7e:4a:d5:f6:1b:6f:93:78:c3:52:
d7:f2:83:1a:fb:bf:8a:d4:69:e0:67:76:66:55:98:
67:0e:1a:0b:a4:f8:85:99:80:4e:04:b5:c7:cb:d4:
54:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:DA:7B:12:03:C9:AF:FE:53:D3:03:71:74:08:9F:4C:76:FC:EB:A5
X509v3 Authority Key Identifier:
keyid:8C:DC:F2:6F:74:86:05:88:CA:C6:BA:E1:7F:99:DE:22:DB:C4:9A:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jNzyb3SGBYjKxrrhf5neItvEmuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/Ydp7EgPJr_5T0wNxdAifTHb866U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/jNzyb3SGBYjKxrrhf5neItvEmuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.11.40.0/21
45.151.16.0/22
45.157.248.0/22
62.192.140.0/22
77.83.228.0/22
147.78.164.0/22
153.92.104.0/21
185.42.112.0/22
185.98.64.0/22
193.148.80.0/22
213.226.72.0/22
IPv6:
2a00:7aa0::/32
2a01:60e0::/32
2a09:26c0::/32
2a09:4380::/32
2a0a:7980::/32
2a0d:e6c0::/32
2a0f:d00::/32
Signature Algorithm: sha256WithRSAEncryption
96:4c:5b:d4:b4:49:a8:6c:af:12:6d:02:19:c9:b5:d2:20:9a:
97:b9:53:71:4b:9d:96:5b:87:34:c6:70:17:98:11:f6:f0:eb:
0a:5b:6f:9b:13:2a:ec:fb:8b:f1:e7:73:8a:c2:d5:69:d6:61:
db:fb:58:d7:74:5e:f6:50:95:4d:dd:ee:88:7b:b1:75:fe:5f:
72:89:04:ec:1b:61:86:3e:e6:ed:35:d7:8d:17:99:02:fa:44:
84:e9:0c:95:68:85:07:8b:7e:5d:43:02:0c:5b:75:9f:dc:88:
b9:e6:a9:5d:3a:b0:99:03:bd:8b:fc:22:ad:83:cc:7d:e0:4b:
db:13:0f:24:2f:b7:db:c2:b6:42:34:76:ac:c5:1f:8a:78:a6:
3e:50:51:ce:0a:ce:89:6e:2d:46:7d:93:7c:28:ce:37:c3:7d:
ef:4e:84:e1:6a:cf:be:54:ad:0a:71:e7:b7:de:0d:a6:e7:19:
4c:12:55:14:e4:f9:6d:15:6c:9e:72:4d:82:54:7e:08:6f:18:
1e:70:f2:d9:2a:40:21:7f:3f:fc:d8:67:a8:6c:85:bb:c1:88:
12:12:79:4e:e9:a9:10:17:5b:e6:8a:41:bd:50:36:72:67:f3:
78:0a:04:5f:c5:23:f9:ce:b6:7a:35:35:28:3c:fa:8a:7c:40:
a0:3b:89:28
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYzCbVwund41z3shbeXuUOWTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZGNmMjZmNzQ4NjA1ODhjYWM2YmFlMTdmOTlkZTIyZGJj
NDlhZTYwHhcNMjQwMTAxMDAyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWRhN2IxMjAzYzlhZmZlNTNkMzAzNzE3NDA4OWY0Yzc2ZmNlYmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoO7UHG3DytvvCi+mqrkmVzg3EQSD
OgyFucQlHvrcLvuKmXMlj3YlvL2DNCNPJJkl+7vxphAwUH5DVor+Cx/yjW844dUQ
TNWKNZWhsXH6sdYffPxgzRSNRAEF2w6ife7unTbsWRdpxjAsiCbMFdPsUo+dHJZb
UR5jmbWikagkp6mDAgWcjc4ZW9cxIMQdB3zWLZy3hivfXkMLXvp317VOShFCXqeL
md8zFoWQZsuxZlpcAjmIw9ofxzu6KwnpNeedO/p3rs+9HOMkt7N4k0n/7uui/7/I
vX5K1fYbb5N4w1LX8oMa+7+K1GngZ3ZmVZhnDhoLpPiFmYBOBLXHy9RUkQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFGHaexIDya/+U9MDcXQIn0x2/OulMB8GA1UdIwQY
MBaAFIzc8m90hgWIysa64X+Z3iLbxJrmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvak56eWIzU0dCWWpLeHJyaGY1bmVJdHZFbXVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9kNWIxYTctNDY2ZC00NzFjLWE3MGMt
MmZiMjVhYmZkYzUzLzEvWWRwN0VnUEpyXzVUMHdOeGRBaWZUSGI4NjZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9kNWIxYTctNDY2ZC00NzFjLWE3MGMtMmZiMjVhYmZkYzUz
LzEvak56eWIzU0dCWWpLeHJyaGY1bmVJdHZFbXVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzBIBAIAATBCAwQDHwso
AwQCLZcQAwQCLZ34AwQCPsCMAwQCTVPkAwQCk06kAwQDmVxoAwQCuSpwAwQCuWJA
AwQCwZRQAwQC1eJIMDcEAgACMDEDBQAqAHqgAwUAKgFg4AMFACoJJsADBQAqCUOA
AwUAKgp5gAMFACoN5sADBQAqDw0AMA0GCSqGSIb3DQEBCwUAA4IBAQCWTFvUtEmo
bK8SbQIZybXSIJqXuVNxS52WW4c0xnAXmBH28OsKW2+bEyrs+4vx53OKwtVp1mHb
+1jXdF72UJVN3e6Ie7F1/l9yiQTsG2GGPubtNdeNF5kC+kSE6QyVaIUHi35dQwIM
W3Wf3Ii55qldOrCZA72L/CKtg8x94EvbEw8kL7fbwrZCNHasxR+KeKY+UFHOCs6J
bi1GfZN8KM43w33vToThas++VK0Kcee33g2m5xlMElUU5PltFWyeck2CVH4Ibxge
cPLZKkAhfz/82GeobIW7wYgSEnlO6akQF1vmikG9UDZyZ/N4CgRfxSP5zrZ6NTUo
PPqKfECgO4ko
-----END CERTIFICATE-----
Generated at Sun Jun 16 11:37:07 2024 by rpki-client on console-ams.rpki-client.org