Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/YSPMh6egrr8HZeNUFwANTuPEgRE.roa
File: YSPMh6egrr8HZeNUFwANTuPEgRE.roa (raw, json)
Hash identifier: T1Ne4TxIsnM9vigRYGlDlm0GhEsZpvLSwApO/M0tRXU=
Subject key identifier: 61:23:CC:87:A7:A0:AE:BF:07:65:E3:54:17:00:0D:4E:E3:C4:81:11
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01934DDE3C196DA5C53DEA73B143F0783DA4
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/YSPMh6egrr8HZeNUFwANTuPEgRE.roa
Signing time: Thu 21 Nov 2024 08:37:10 +0000
ROA not before: Thu 21 Nov 2024 08:37:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/19 maxlen: 32
5.83.128.0/20 maxlen: 32
5.83.151.0/24 maxlen: 32
5.83.153.0/24 maxlen: 24
5.83.154.0/24 maxlen: 24
5.83.156.0/24 maxlen: 24
5.175.128.0/24 maxlen: 32
5.175.129.0/24 maxlen: 32
5.175.130.0/24 maxlen: 32
5.175.131.0/24 maxlen: 32
5.175.133.0/24 maxlen: 32
5.175.218.0/24 maxlen: 32
5.175.219.0/24 maxlen: 32
5.175.220.0/24 maxlen: 32
5.175.225.0/24 maxlen: 32
5.175.226.0/24 maxlen: 32
5.175.227.0/24 maxlen: 32
5.175.228.0/24 maxlen: 32
5.175.229.0/24 maxlen: 32
5.175.230.0/24 maxlen: 32
5.175.231.0/24 maxlen: 32
5.175.232.0/24 maxlen: 32
5.175.235.0/24 maxlen: 32
5.175.240.0/24 maxlen: 32
5.175.241.0/24 maxlen: 32
5.175.242.0/24 maxlen: 32
5.175.243.0/24 maxlen: 32
5.175.244.0/24 maxlen: 32
5.175.251.0/24 maxlen: 32
5.175.252.0/24 maxlen: 32
5.175.253.0/24 maxlen: 32
5.175.254.0/24 maxlen: 32
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.24.0/24 maxlen: 24
5.231.70.0/24 maxlen: 24
5.231.233.0/24 maxlen: 32
77.90.0.0/18 maxlen: 32
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.20.0/24 maxlen: 32
85.118.160.0/21 maxlen: 32
87.239.128.0/21 maxlen: 32
89.106.64.0/19 maxlen: 32
89.144.0.0/18 maxlen: 32
94.103.160.0/20 maxlen: 32
94.249.128.0/17 maxlen: 32
95.215.32.0/22 maxlen: 32
178.18.144.0/20 maxlen: 32
178.18.151.0/24 maxlen: 32
185.13.156.0/22 maxlen: 32
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4d:de:3c:19:6d:a5:c5:3d:ea:73:b1:43:f0:78:3d:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Nov 21 08:37:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6123cc87a7a0aebf0765e35417000d4ee3c48111
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:6b:d1:9a:b5:61:6f:2b:0d:42:0b:5e:55:37:
7b:09:c8:28:0a:79:d5:41:18:e0:54:b4:0d:4d:f6:
77:9b:80:7a:a8:74:f1:2c:ea:0e:67:88:f6:d2:27:
ee:81:a9:ea:83:9e:fc:2f:35:28:6f:f0:93:00:50:
71:07:01:46:c2:57:e2:04:09:77:32:ad:ba:e9:69:
e2:3b:f5:aa:11:70:d9:28:fd:23:b1:63:c8:3e:12:
56:80:a9:91:f2:da:d8:9b:e3:22:ec:f3:98:3e:f5:
0d:97:0c:5d:ff:14:f5:9a:9d:af:93:e3:26:1a:f8:
5e:46:e8:54:09:a5:27:d6:f7:62:9d:e7:9d:78:07:
a4:a0:3c:5d:5d:1a:b9:16:a3:43:f6:8b:91:00:4e:
ea:7e:00:f6:dd:05:11:f3:87:bc:59:51:82:8e:03:
ca:c5:4a:c7:74:73:f4:8e:30:77:8e:bd:87:d4:30:
e6:84:e9:b0:41:bc:96:42:f7:eb:fa:3d:3a:cf:11:
f2:a2:1d:90:3a:c2:4c:5d:96:6e:f5:6f:35:f4:2f:
d5:a7:51:56:e7:85:82:80:78:76:f9:9b:e7:af:55:
ff:71:d3:5f:ce:3c:dc:d9:88:79:8e:85:0a:55:9c:
78:2c:ea:32:4e:89:13:5b:cf:ff:77:58:8b:c5:5b:
a7:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:23:CC:87:A7:A0:AE:BF:07:65:E3:54:17:00:0D:4E:E3:C4:81:11
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/YSPMh6egrr8HZeNUFwANTuPEgRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/19
5.175.128.0/22
5.175.133.0/24
5.175.218.0-5.175.220.255
5.175.225.0-5.175.232.255
5.175.235.0/24
5.175.240.0-5.175.244.255
5.175.251.0-5.175.255.255
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/23
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
9b:ea:0d:3b:07:a8:8b:8b:6b:a4:d9:b2:f8:69:0a:96:0a:28:
a9:6f:09:e2:9e:e5:a5:a1:89:28:2e:a1:9a:ec:d0:3f:e7:d7:
da:df:7c:a6:85:c2:dd:ec:e9:72:64:7f:26:38:48:0d:15:55:
f4:a5:a1:61:23:1e:0e:b5:61:c8:59:93:e8:37:52:c3:99:ce:
97:55:ac:ec:6e:d6:a3:c9:c6:3b:16:37:57:07:f1:95:3f:20:
86:d3:2b:17:57:df:d0:29:a0:cd:02:32:ff:b5:c1:29:f7:51:
6c:19:46:f9:97:1b:c1:07:bc:4c:04:3a:f3:66:bd:20:12:94:
9b:77:7c:2c:d5:9c:c8:ad:a4:fe:7a:83:9e:a1:38:b4:de:46:
51:57:3e:8c:8f:ad:63:c5:b0:14:08:08:84:d5:f2:ee:47:9b:
a3:5b:41:b6:0b:a1:c2:9a:58:cc:16:0d:b0:94:8e:ea:ee:1f:
08:53:b7:58:1b:51:dc:fd:6f:64:0d:07:39:57:d3:fe:bc:8f:
ef:95:df:a6:8a:e6:3b:ed:13:78:a8:23:51:04:1f:f2:23:eb:
53:6c:de:71:35:91:50:3d:d2:5b:bf:98:71:77:54:fe:dd:c8:
44:5b:e8:9b:12:c6:b8:43:00:23:7e:4c:50:6b:90:5c:28:91:
43:61:f3:b7
-----BEGIN CERTIFICATE-----
MIIF6TCCBNGgAwIBAgISAZNN3jwZbaXFPepzsUPweD2kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQxMTIxMDgzNzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTIzY2M4N2E3YTBhZWJmMDc2NWUzNTQxNzAwMGQ0ZWUzYzQ4MTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWvRmrVhbysNQgteVTd7CcgoCnnV
QRjgVLQNTfZ3m4B6qHTxLOoOZ4j20ifuganqg578LzUob/CTAFBxBwFGwlfiBAl3
Mq266WniO/WqEXDZKP0jsWPIPhJWgKmR8trYm+Mi7POYPvUNlwxd/xT1mp2vk+Mm
GvheRuhUCaUn1vdineedeAekoDxdXRq5FqND9ouRAE7qfgD23QUR84e8WVGCjgPK
xUrHdHP0jjB3jr2H1DDmhOmwQbyWQvfr+j06zxHyoh2QOsJMXZZu9W819C/Vp1FW
54WCgHh2+Zvnr1X/cdNfzjzc2Yh5joUKVZx4LOoyTokTW8//d1iLxVun0wIDAQAB
o4IC9TCCAvEwHQYDVR0OBBYEFGEjzIenoK6/B2XjVBcADU7jxIERMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvWVNQTWg2ZWdycjhIWmVOVUZ3QU5UdVBFZ1JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCQYIKwYBBQUHAQcBAf8EgfkwgfYwgcEEAgABMIG6AwQF
BVOAAwQCBa+AAwQABa+FMAwDBAEFr9oDBAAFr9wwDAMEAAWv4QMEAAWv6AMEAAWv
6zAMAwQEBa/wAwQABa/0MAsDBAAFr/sDAwQFoAMDAQXmAwQGTVoAAwQDU/NQAwQF
VV0AAwQDVXagAwQDV++AAwQFWWpAAwQGWZAAAwQEXmegAwQHXvmAAwQCX9cgAwQE
shKQAwQCuQ2cAwQBuS+MAwQAuXlHAwQAwRz7AwQBw24OAwQE2UWgMDAEAgACMCoD
BQMqABLYAwUDKgAZ0AMFACoAzcADBQMqAb1AAwUDKgIHoAMFAyoCL8AwDQYJKoZI
hvcNAQELBQADggEBAJvqDTsHqIuLa6TZsvhpCpYKKKlvCeKe5aWhiSguoZrs0D/n
19rffKaFwt3s6XJkfyY4SA0VVfSloWEjHg61YchZk+g3UsOZzpdVrOxu1qPJxjsW
N1cH8ZU/IIbTKxdX39ApoM0CMv+1wSn3UWwZRvmXG8EHvEwEOvNmvSASlJt3fCzV
nMitpP56g56hOLTeRlFXPoyPrWPFsBQICITV8u5Hm6NbQbYLocKaWMwWDbCUjuru
HwhTt1gbUdz9b2QNBzlX0/68j++V36aK5jvtE3ioI1EEH/Ij61Ns3nE1kVA90lu/
mHF3VP7dyERb6JsSxrhDACN+TFBrkFwokUNh87c=
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:44:44 2024 by rpki-client on console-ams.rpki-client.org