Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/ybluWzRNWJWVkM4LdMhN2qbYNiA.roa
File: ybluWzRNWJWVkM4LdMhN2qbYNiA.roa (raw, json)
Hash identifier: 5VhivqUvJ4H/Xx3dusqAO6SABn9AUoBB/dmwOD8WIII=
Subject key identifier: C9:B9:6E:5B:34:4D:58:95:95:90:CE:0B:74:C8:4D:DA:A6:D8:36:20
Certificate issuer: /CN=4ea65c7edba469d099d76aacd7dc263f4dfec5eb
Certificate serial: 018F4CDB130DCCC17CDC2E29772413520EEE
Authority key identifier: 4E:A6:5C:7E:DB:A4:69:D0:99:D7:6A:AC:D7:DC:26:3F:4D:FE:C5:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TqZcftukadCZ12qs19wmP03-xes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/ybluWzRNWJWVkM4LdMhN2qbYNiA.roa
Signing time: Mon 06 May 2024 07:42:56 +0000
ROA not before: Mon 06 May 2024 07:42:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12946
IP address blocks: 83.97.128.0/17 maxlen: 17
85.152.0.0/16 maxlen: 16
85.152.0.0/19 maxlen: 19
85.152.32.0/19 maxlen: 19
85.152.64.0/19 maxlen: 19
85.152.96.0/19 maxlen: 19
93.156.0.0/17 maxlen: 17
93.156.128.0/18 maxlen: 18
93.156.224.0/19 maxlen: 19
185.54.192.0/22 maxlen: 22
188.171.0.0/16 maxlen: 16
188.171.0.0/20 maxlen: 20
188.171.16.0/20 maxlen: 20
188.171.16.0/21 maxlen: 21
212.89.0.0/19 maxlen: 19
212.89.1.0/24 maxlen: 24
212.89.16.0/20 maxlen: 20
213.141.32.0/19 maxlen: 19
213.141.32.0/20 maxlen: 20
2a00:bec7::/40 maxlen: 40
2a00:bec7:10::/48 maxlen: 48
2a00:bec7:11::/48 maxlen: 48
2a00:bec7:f800::/40 maxlen: 40
2a00:bec7:ff00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/TqZcftukadCZ12qs19wmP03-xes.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/TqZcftukadCZ12qs19wmP03-xes.mft
rsync://rpki.ripe.net/repository/DEFAULT/TqZcftukadCZ12qs19wmP03-xes.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4c:db:13:0d:cc:c1:7c:dc:2e:29:77:24:13:52:0e:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ea65c7edba469d099d76aacd7dc263f4dfec5eb
Validity
Not Before: May 6 07:42:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9b96e5b344d58959590ce0b74c84ddaa6d83620
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:3e:50:a7:f1:b9:dd:34:f5:4e:7c:82:46:68:
15:de:64:99:47:fd:87:a4:fa:e3:b0:94:78:b4:15:
66:07:ff:81:21:4e:43:b7:6b:89:e1:d4:0f:64:a8:
5a:19:af:d6:53:3c:a0:d6:71:49:0f:6f:8b:c7:23:
97:24:80:99:8d:b4:df:ee:a0:87:ae:3d:e2:3b:f5:
00:93:ae:a8:91:cf:95:63:55:eb:77:55:6c:33:33:
70:b7:a6:b7:e3:da:bd:ef:18:45:e9:c2:8f:7e:49:
26:29:e3:ff:e3:fc:ad:69:20:44:77:64:db:90:10:
3c:7a:a0:27:c8:b3:da:a6:24:e2:0e:46:fa:97:f1:
76:8c:6f:4d:39:7e:59:49:d0:df:2c:ea:61:e1:c7:
51:39:f8:e0:01:d4:6d:8c:7b:80:9b:28:7a:83:1d:
ce:d8:7d:7b:e4:8b:d1:ed:b2:b3:b2:3c:cb:ae:c9:
6d:1c:d2:d5:68:d4:17:4e:4c:b9:e8:f2:c3:9a:be:
36:8c:06:54:94:2e:5d:d7:5a:04:51:15:89:52:3f:
c9:c8:89:b9:81:66:a7:eb:e3:f0:74:db:8b:60:27:
e7:dd:47:54:0b:fc:a1:5c:df:5b:09:51:c4:54:71:
44:95:b9:81:4d:bf:fb:6a:8e:fb:a6:e7:a8:47:bf:
a0:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:B9:6E:5B:34:4D:58:95:95:90:CE:0B:74:C8:4D:DA:A6:D8:36:20
X509v3 Authority Key Identifier:
keyid:4E:A6:5C:7E:DB:A4:69:D0:99:D7:6A:AC:D7:DC:26:3F:4D:FE:C5:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TqZcftukadCZ12qs19wmP03-xes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/ybluWzRNWJWVkM4LdMhN2qbYNiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/TqZcftukadCZ12qs19wmP03-xes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.97.128.0/17
85.152.0.0/16
93.156.0.0-93.156.191.255
93.156.224.0/19
185.54.192.0/22
188.171.0.0/16
212.89.0.0/19
213.141.32.0/19
IPv6:
2a00:bec7::/40
2a00:bec7:f800::/40
2a00:bec7:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
c8:33:0b:8e:63:5d:36:37:ae:3a:af:07:32:f6:41:4f:0a:ff:
1b:82:08:cb:5c:b0:51:b1:b1:45:8a:4c:2c:be:df:19:2e:66:
a6:79:ca:ba:4c:7c:8f:90:42:49:3b:fa:46:ba:46:77:de:91:
1c:2b:7a:7f:ac:6d:08:a4:0d:96:27:2e:db:22:21:af:8b:12:
e2:2f:dc:ce:0e:3a:a7:c4:df:7f:08:19:37:ee:f4:5a:b8:c4:
93:b6:19:01:fe:15:e6:b3:50:2e:ff:67:1b:9a:07:f8:7f:71:
ad:66:14:1d:07:cb:be:66:f0:99:e3:e0:67:84:5c:f3:da:99:
00:f1:ba:39:5a:95:fd:b7:74:5a:c6:38:b6:e4:fe:eb:6d:a3:
2a:dc:c8:09:35:74:fd:ba:87:2f:8f:51:89:a0:b7:4f:77:99:
92:7b:fb:6c:64:62:fa:ea:c6:e6:d6:03:2c:bc:bb:1b:58:37:
79:00:ef:aa:27:53:e2:ec:a5:2a:00:3f:20:da:4b:1b:de:68:
ab:a5:28:dc:73:c9:1c:3e:c5:20:70:bb:04:3c:17:0b:e3:6e:
98:45:aa:ed:9b:44:c6:80:19:f4:3b:88:dc:9e:a6:03:0b:48:
ee:fd:c4:19:e5:4c:84:85:29:41:4c:e7:d9:68:e8:9d:06:1f:
dd:7d:70:77
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAY9M2xMNzMF83C4pdyQTUg7uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlYTY1YzdlZGJhNDY5ZDA5OWQ3NmFhY2Q3ZGMyNjNmNGRm
ZWM1ZWIwHhcNMjQwNTA2MDc0MjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWI5NmU1YjM0NGQ1ODk1OTU5MGNlMGI3NGM4NGRkYWE2ZDgzNjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxD5Qp/G53TT1TnyCRmgV3mSZR/2H
pPrjsJR4tBVmB/+BIU5Dt2uJ4dQPZKhaGa/WUzyg1nFJD2+LxyOXJICZjbTf7qCH
rj3iO/UAk66okc+VY1Xrd1VsMzNwt6a349q97xhF6cKPfkkmKeP/4/ytaSBEd2Tb
kBA8eqAnyLPapiTiDkb6l/F2jG9NOX5ZSdDfLOph4cdROfjgAdRtjHuAmyh6gx3O
2H175IvR7bKzsjzLrsltHNLVaNQXTky56PLDmr42jAZUlC5d11oEURWJUj/JyIm5
gWan6+PwdNuLYCfn3UdUC/yhXN9bCVHEVHFElbmBTb/7ao77pueoR7+gPwIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFMm5bls0TViVlZDOC3TITdqm2DYgMB8GA1UdIwQY
MBaAFE6mXH7bpGnQmddqrNfcJj9N/sXrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHFaY2Z0dWthZENaMTJxczE5d21QMDMteGVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8wN2YyNzAtYzZjYy00OWNkLWFlNDYt
NTEwMGEyNmQyNzRiLzEveWJsdVd6Uk5XSldWa000TGRNaE4ycWJZTmlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8wN2YyNzAtYzZjYy00OWNkLWFlNDYtNTEwMGEyNmQyNzRi
LzEvVHFaY2Z0dWthZENaMTJxczE5d21QMDMteGVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTA7BAIAATA1AwQHU2GAAwMA
VZgwCwMDAl2cAwQGXZyAAwQFXZzgAwQCuTbAAwMAvKsDBAXUWQADBAXVjSAwHgQC
AAIwGAMGACoAvscAAwYAKgC+x/gDBgAqAL7H/zANBgkqhkiG9w0BAQsFAAOCAQEA
yDMLjmNdNjeuOq8HMvZBTwr/G4IIy1ywUbGxRYpMLL7fGS5mpnnKukx8j5BCSTv6
RrpGd96RHCt6f6xtCKQNlicu2yIhr4sS4i/czg46p8TffwgZN+70WrjEk7YZAf4V
5rNQLv9nG5oH+H9xrWYUHQfLvmbwmePgZ4Rc89qZAPG6OVqV/bd0WsY4tuT+622j
KtzICTV0/bqHL49RiaC3T3eZknv7bGRi+urG5tYDLLy7G1g3eQDvqidT4uylKgA/
INpLG95oq6Uo3HPJHD7FIHC7BDwXC+NumEWq7ZtExoAZ9DuI3J6mAwtI7v3EGeVM
hIUpQUzn2WjonQYf3X1wdw==
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:47:45 2024 by rpki-client on console-fra.rpki-client.org