Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/031818-0463-4bab-bb56-51485fe222db/1/YdcuT-7Un8gLYyiQ8el5EqoKe6A.roa
File: YdcuT-7Un8gLYyiQ8el5EqoKe6A.roa (raw, json)
Hash identifier: R6BriqrT+Zsit+iO8I1dz6zUUc7bnkGLhsgk/b+dCAA=
Subject key identifier: 61:D7:2E:4F:EE:D4:9F:C8:0B:63:28:90:F1:E9:79:12:AA:0A:7B:A0
Certificate issuer: /CN=07d08df8bc7a383e976dbb03d2a0eb9fe0d786e7
Certificate serial: 018CC3B7260A89B46B66131068C61D72A923
Authority key identifier: 07:D0:8D:F8:BC:7A:38:3E:97:6D:BB:03:D2:A0:EB:9F:E0:D7:86:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B9CN-Lx6OD6XbbsD0qDrn-DXhuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/031818-0463-4bab-bb56-51485fe222db/1/YdcuT-7Un8gLYyiQ8el5EqoKe6A.roa
Signing time: Mon 01 Jan 2024 06:30:09 +0000
ROA not before: Mon 01 Jan 2024 06:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8856
IP address blocks: 195.214.192.0/24 maxlen: 24
195.214.192.0/23 maxlen: 23
195.214.194.0/23 maxlen: 23
195.214.194.0/24 maxlen: 24
195.214.193.0/24 maxlen: 24
195.214.195.0/24 maxlen: 24
212.42.79.0/24 maxlen: 24
212.42.81.0/24 maxlen: 24
212.42.80.0/22 maxlen: 22
212.42.80.0/24 maxlen: 24
212.42.82.0/23 maxlen: 23
212.42.84.0/24 maxlen: 24
212.42.85.0/24 maxlen: 24
212.42.89.0/24 maxlen: 24
212.42.93.0/24 maxlen: 24
212.42.92.0/24 maxlen: 24
212.42.95.0/24 maxlen: 24
212.42.94.0/23 maxlen: 23
212.42.94.0/24 maxlen: 24
212.42.64.0/24 maxlen: 24
212.42.64.0/22 maxlen: 22
212.42.64.0/23 maxlen: 23
212.42.65.0/24 maxlen: 24
212.42.66.0/23 maxlen: 23
212.42.74.0/23 maxlen: 23
212.42.73.0/24 maxlen: 24
212.42.76.0/24 maxlen: 24
212.42.76.0/23 maxlen: 23
212.42.77.0/24 maxlen: 24
212.42.78.0/23 maxlen: 23
212.42.78.0/24 maxlen: 24
212.42.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/031818-0463-4bab-bb56-51485fe222db/1/B9CN-Lx6OD6XbbsD0qDrn-DXhuc.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/031818-0463-4bab-bb56-51485fe222db/1/B9CN-Lx6OD6XbbsD0qDrn-DXhuc.mft
rsync://rpki.ripe.net/repository/DEFAULT/B9CN-Lx6OD6XbbsD0qDrn-DXhuc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:26:0a:89:b4:6b:66:13:10:68:c6:1d:72:a9:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07d08df8bc7a383e976dbb03d2a0eb9fe0d786e7
Validity
Not Before: Jan 1 06:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61d72e4feed49fc80b632890f1e97912aa0a7ba0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:9c:e5:94:c2:ba:5a:ae:89:af:58:e3:33:44:
44:2b:ab:2f:0e:28:a5:a1:fa:a0:0d:2d:06:5b:1a:
88:b6:2b:ea:c5:ce:70:73:45:49:a4:17:bb:7e:de:
2b:56:6b:ba:e2:91:c7:15:9f:4d:d8:a2:7c:a2:6b:
3d:11:1e:0f:7e:2d:ed:7c:b8:36:f0:b2:e6:3d:07:
eb:f4:1a:57:c7:61:9e:1b:2b:fc:92:29:20:dc:e6:
88:5d:23:c8:99:8d:0c:c3:74:bf:4c:7d:1f:7e:0c:
35:14:0d:12:0b:e6:49:d3:42:a3:82:9c:68:69:e3:
c3:c4:11:07:9a:4a:50:d4:ae:b8:2b:cb:3a:1e:49:
ee:4c:d7:0f:35:dc:49:9b:a6:96:63:2a:b7:0f:42:
98:cf:55:a2:8b:1e:f9:d8:e7:4b:3d:c7:cf:cb:9f:
e1:a6:0e:38:d7:54:f0:a2:11:07:f4:39:1c:da:6f:
63:a8:39:0f:7d:77:02:8a:3d:ea:3f:7a:a0:f1:f2:
ff:16:17:8d:77:8d:a8:7f:f3:9b:0c:d7:f1:a5:80:
f1:91:0c:f3:11:4b:bf:30:73:48:e9:75:50:c4:29:
a2:49:f1:08:87:c7:7f:93:e0:23:86:1f:18:0a:f9:
76:a4:85:47:29:d5:44:ba:3b:59:d8:28:13:b5:e7:
3f:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:D7:2E:4F:EE:D4:9F:C8:0B:63:28:90:F1:E9:79:12:AA:0A:7B:A0
X509v3 Authority Key Identifier:
keyid:07:D0:8D:F8:BC:7A:38:3E:97:6D:BB:03:D2:A0:EB:9F:E0:D7:86:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B9CN-Lx6OD6XbbsD0qDrn-DXhuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/031818-0463-4bab-bb56-51485fe222db/1/YdcuT-7Un8gLYyiQ8el5EqoKe6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/031818-0463-4bab-bb56-51485fe222db/1/B9CN-Lx6OD6XbbsD0qDrn-DXhuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.214.192.0/22
212.42.64.0/22
212.42.72.0-212.42.85.255
212.42.89.0/24
212.42.92.0/22
Signature Algorithm: sha256WithRSAEncryption
97:41:85:d5:06:09:c0:1d:09:35:6c:87:18:8a:fe:bb:a2:85:
fd:21:fb:49:9b:7c:5c:8f:d0:04:32:f1:92:09:ad:c5:5d:a6:
15:e2:59:55:1a:f9:1b:da:b5:cc:d3:6f:de:88:f5:4c:04:03:
d1:d0:9a:a8:1b:2c:2a:bc:d6:fc:d8:7d:4a:e8:af:57:0e:b7:
d0:fa:c2:a3:07:7e:ff:d5:23:38:26:33:3d:91:1b:fd:27:fc:
c9:ba:4e:4e:0b:86:ad:33:4f:38:d7:d7:d2:01:45:c3:bf:2b:
2d:18:91:f4:13:7b:a3:e7:b0:40:f2:bb:e3:44:d9:5e:1e:06:
4b:4f:13:b4:c9:43:82:a5:68:20:80:0b:89:7b:b6:60:69:81:
40:4c:72:85:d3:d0:76:24:23:53:19:b5:36:04:5a:71:7a:4f:
d4:c5:95:34:03:f2:e5:ae:c9:5c:2e:d4:71:7c:0a:79:b0:98:
1c:98:5b:27:38:93:de:6e:c2:4c:44:77:07:8c:ab:07:11:94:
3d:4d:b6:bc:83:96:d4:3a:a2:16:22:5f:5d:4f:86:fe:af:cc:
62:7e:99:ad:01:75:7f:c5:4a:7d:a2:32:18:67:8e:22:74:2f:
f8:2a:af:f8:ce:d5:db:e1:62:d7:8c:2e:a0:04:a2:29:cb:be:
6e:34:1b:fc
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzDtyYKibRrZhMQaMYdcqkjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZDA4ZGY4YmM3YTM4M2U5NzZkYmIwM2QyYTBlYjlmZTBk
Nzg2ZTcwHhcNMjQwMTAxMDYzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWQ3MmU0ZmVlZDQ5ZmM4MGI2MzI4OTBmMWU5NzkxMmFhMGE3YmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopzllMK6Wq6Jr1jjM0REK6svDiil
ofqgDS0GWxqItivqxc5wc0VJpBe7ft4rVmu64pHHFZ9N2KJ8oms9ER4Pfi3tfLg2
8LLmPQfr9BpXx2GeGyv8kikg3OaIXSPImY0Mw3S/TH0ffgw1FA0SC+ZJ00Kjgpxo
aePDxBEHmkpQ1K64K8s6HknuTNcPNdxJm6aWYyq3D0KYz1Wiix752OdLPcfPy5/h
pg4411TwohEH9Dkc2m9jqDkPfXcCij3qP3qg8fL/FheNd42of/ObDNfxpYDxkQzz
EUu/MHNI6XVQxCmiSfEIh8d/k+Ajhh8YCvl2pIVHKdVEujtZ2CgTtec/2wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFGHXLk/u1J/IC2MokPHpeRKqCnugMB8GA1UdIwQY
MBaAFAfQjfi8ejg+l227A9Kg65/g14bnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjlDTi1MeDZPRDZYYmJzRDBxRHJuLURYaHVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8wMzE4MTgtMDQ2My00YmFiLWJiNTYt
NTE0ODVmZTIyMmRiLzEvWWRjdVQtN1VuOGdMWXlpUThlbDVFcW9LZTZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8wMzE4MTgtMDQ2My00YmFiLWJiNTYtNTE0ODVmZTIyMmRi
LzEvQjlDTi1MeDZPRDZYYmJzRDBxRHJuLURYaHVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCw9bAAwQC
1CpAMAwDBAPUKkgDBAHUKlQDBADUKlkDBALUKlwwDQYJKoZIhvcNAQELBQADggEB
AJdBhdUGCcAdCTVshxiK/ruihf0h+0mbfFyP0AQy8ZIJrcVdphXiWVUa+RvatczT
b96I9UwEA9HQmqgbLCq81vzYfUror1cOt9D6wqMHfv/VIzgmMz2RG/0n/Mm6Tk4L
hq0zTzjX19IBRcO/Ky0YkfQTe6PnsEDyu+NE2V4eBktPE7TJQ4KlaCCAC4l7tmBp
gUBMcoXT0HYkI1MZtTYEWnF6T9TFlTQD8uWuyVwu1HF8CnmwmByYWyc4k95uwkxE
dweMqwcRlD1NtryDltQ6ohYiX11Phv6vzGJ+ma0BdX/FSn2iMhhnjiJ0L/gqr/jO
1dvhYteMLqAEoinLvm40G/w=
-----END CERTIFICATE-----
Generated at Tue Nov 26 07:08:46 2024 by rpki-client on console-ams.rpki-client.org