Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/f621a7-e080-4255-926d-32ff31ceec8b/1/byjFy0r8r9DoGn3RKk33_9-Gd_I.roa
File: byjFy0r8r9DoGn3RKk33_9-Gd_I.roa (raw, json)
Hash identifier: wsDC//kQOtMsxYACKqbD7vIOHMPQUxF2UHGIQOYk+g4=
Subject key identifier: 6F:28:C5:CB:4A:FC:AF:D0:E8:1A:7D:D1:2A:4D:F7:FF:DF:86:77:F2
Certificate issuer: /CN=8d4dd2d06d920e403933fdb2cd1984893552579c
Certificate serial: 01912D086145DDFE7AF9BA596588AEA79A6E
Authority key identifier: 8D:4D:D2:D0:6D:92:0E:40:39:33:FD:B2:CD:19:84:89:35:52:57:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jU3S0G2SDkA5M_2yzRmEiTVSV5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/f621a7-e080-4255-926d-32ff31ceec8b/1/byjFy0r8r9DoGn3RKk33_9-Gd_I.roa
Signing time: Wed 07 Aug 2024 13:30:09 +0000
ROA not before: Wed 07 Aug 2024 13:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39232
IP address blocks: 46.18.64.0/21 maxlen: 21
46.18.64.0/22 maxlen: 22
46.18.64.0/24 maxlen: 24
46.18.65.0/24 maxlen: 24
46.18.66.0/24 maxlen: 24
46.18.67.0/24 maxlen: 24
46.18.68.0/22 maxlen: 22
46.18.68.0/24 maxlen: 24
46.18.69.0/24 maxlen: 24
46.18.70.0/24 maxlen: 24
46.18.71.0/24 maxlen: 24
89.219.36.0/22 maxlen: 22
89.219.36.0/23 maxlen: 23
89.219.38.0/23 maxlen: 23
89.219.40.0/21 maxlen: 21
89.219.40.0/22 maxlen: 22
89.219.44.0/22 maxlen: 22
89.219.48.0/20 maxlen: 20
89.219.48.0/21 maxlen: 21
89.219.56.0/21 maxlen: 21
89.219.132.0/23 maxlen: 23
89.219.132.0/24 maxlen: 24
89.219.133.0/24 maxlen: 24
89.219.155.0/24 maxlen: 24
89.219.156.0/22 maxlen: 22
89.219.156.0/23 maxlen: 23
89.219.158.0/23 maxlen: 23
89.219.160.0/24 maxlen: 24
89.219.163.0/24 maxlen: 24
89.219.164.0/22 maxlen: 22
89.219.164.0/23 maxlen: 23
89.219.166.0/23 maxlen: 23
89.219.169.0/24 maxlen: 24
89.219.170.0/23 maxlen: 23
89.219.170.0/24 maxlen: 24
89.219.171.0/24 maxlen: 24
89.219.172.0/22 maxlen: 22
89.219.172.0/23 maxlen: 23
89.219.174.0/23 maxlen: 23
89.219.176.0/20 maxlen: 20
89.219.176.0/21 maxlen: 21
89.219.184.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/f621a7-e080-4255-926d-32ff31ceec8b/1/jU3S0G2SDkA5M_2yzRmEiTVSV5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/f621a7-e080-4255-926d-32ff31ceec8b/1/jU3S0G2SDkA5M_2yzRmEiTVSV5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/jU3S0G2SDkA5M_2yzRmEiTVSV5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:2d:08:61:45:dd:fe:7a:f9:ba:59:65:88:ae:a7:9a:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d4dd2d06d920e403933fdb2cd1984893552579c
Validity
Not Before: Aug 7 13:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f28c5cb4afcafd0e81a7dd12a4df7ffdf8677f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:86:5c:d1:f7:a1:46:5a:60:76:dc:ab:8a:a9:
00:3b:e9:1b:cb:57:21:fa:de:46:dd:50:5b:11:55:
d3:73:37:b6:72:fd:0f:ac:fb:31:a6:bd:6a:75:9b:
a0:96:9a:3d:44:a6:be:5b:6d:0d:d1:0c:4e:eb:55:
3c:10:99:70:66:f7:48:9b:77:b3:7d:13:c0:8c:13:
2c:13:50:7e:fc:bb:a1:4b:da:15:de:eb:c7:73:91:
9b:e5:0e:86:4f:8c:6f:70:cd:76:97:c3:e6:e3:11:
8b:63:91:33:2f:97:08:a7:e9:d3:4d:63:29:56:b3:
98:37:55:68:33:94:74:1d:a4:cb:2d:21:c3:3e:d1:
68:bf:ed:aa:ce:d9:88:54:51:07:f0:33:28:79:68:
e4:85:0c:03:05:10:34:72:20:c3:70:70:2c:7f:94:
74:d4:36:f7:c1:3a:63:b5:43:48:e8:6a:0f:7c:65:
cc:7e:2a:be:53:c3:4b:02:db:08:bd:56:9e:f7:d9:
de:f6:1a:ef:41:d4:b3:df:0b:72:c2:59:81:ae:af:
ad:42:21:f3:d7:15:dd:23:e5:4d:e8:1d:47:8a:2c:
ea:54:b3:57:f5:9f:4e:31:f3:db:d0:2c:c3:20:9f:
d5:29:55:c1:9c:4b:0f:f1:70:49:a2:5f:14:67:a5:
74:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:28:C5:CB:4A:FC:AF:D0:E8:1A:7D:D1:2A:4D:F7:FF:DF:86:77:F2
X509v3 Authority Key Identifier:
keyid:8D:4D:D2:D0:6D:92:0E:40:39:33:FD:B2:CD:19:84:89:35:52:57:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jU3S0G2SDkA5M_2yzRmEiTVSV5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f621a7-e080-4255-926d-32ff31ceec8b/1/byjFy0r8r9DoGn3RKk33_9-Gd_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f621a7-e080-4255-926d-32ff31ceec8b/1/jU3S0G2SDkA5M_2yzRmEiTVSV5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.18.64.0/21
89.219.36.0-89.219.63.255
89.219.132.0/23
89.219.155.0-89.219.160.255
89.219.163.0-89.219.167.255
89.219.169.0-89.219.191.255
Signature Algorithm: sha256WithRSAEncryption
d9:79:f7:c1:92:c9:dc:15:9f:26:b2:5c:bc:a0:b5:a7:cd:3b:
25:03:70:dc:9d:7f:1d:6c:41:77:3f:0b:07:1c:e6:3c:8c:15:
42:66:97:9f:33:e2:a5:a6:02:2f:48:30:ac:e0:b5:61:a8:30:
2f:56:ee:a3:7d:54:66:af:0f:30:be:5d:29:63:d0:4b:f7:75:
57:94:1e:4b:0c:1c:ca:d8:01:90:ac:28:b8:44:53:ef:32:cd:
5d:78:95:c0:b0:9d:22:4d:98:b6:ca:8d:bf:6a:f4:bc:4c:78:
fd:3c:ca:6a:fc:b8:a9:a8:10:07:7f:e6:cd:56:4a:88:e1:4f:
2a:5c:ea:8b:5a:f0:29:33:22:eb:39:6c:bb:92:2c:1d:f5:f1:
4c:7c:7a:b8:23:8f:8b:27:91:33:c1:e8:fa:a2:8d:4e:47:91:
06:28:a7:a0:70:f0:60:18:69:81:3e:4e:94:b4:d8:bb:3b:c7:
45:1f:d6:11:8e:d3:20:9b:82:b4:19:7d:32:75:e6:c6:a3:0a:
e9:26:16:cb:6d:63:cb:31:51:71:58:76:af:71:7c:30:25:39:
73:89:46:be:c3:d4:0c:9e:b6:22:7c:e6:ca:b8:a0:27:7f:34:
77:b6:95:67:9f:4b:b0:00:a2:99:95:c6:36:fb:aa:13:ed:a5:
4b:fe:36:35
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZEtCGFF3f56+bpZZYiup5puMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNGRkMmQwNmQ5MjBlNDAzOTMzZmRiMmNkMTk4NDg5MzU1
MjU3OWMwHhcNMjQwODA3MTMzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjI4YzVjYjRhZmNhZmQwZTgxYTdkZDEyYTRkZjdmZmRmODY3N2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4IZc0fehRlpgdtyriqkAO+kby1ch
+t5G3VBbEVXTcze2cv0PrPsxpr1qdZuglpo9RKa+W20N0QxO61U8EJlwZvdIm3ez
fRPAjBMsE1B+/LuhS9oV3uvHc5Gb5Q6GT4xvcM12l8Pm4xGLY5EzL5cIp+nTTWMp
VrOYN1VoM5R0HaTLLSHDPtFov+2qztmIVFEH8DMoeWjkhQwDBRA0ciDDcHAsf5R0
1Db3wTpjtUNI6GoPfGXMfiq+U8NLAtsIvVae99ne9hrvQdSz3wtywlmBrq+tQiHz
1xXdI+VN6B1HiizqVLNX9Z9OMfPb0CzDIJ/VKVXBnEsP8XBJol8UZ6V0SQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFG8oxctK/K/Q6Bp90SpN9//fhnfyMB8GA1UdIwQY
MBaAFI1N0tBtkg5AOTP9ss0ZhIk1UlecMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalUzUzBHMlNEa0E1TV8yeXpSbUVpVFZTVjV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9mNjIxYTctZTA4MC00MjU1LTkyNmQt
MzJmZjMxY2VlYzhiLzEvYnlqRnkwcjhyOURvR24zUktrMzNfOS1HZF9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9mNjIxYTctZTA4MC00MjU1LTkyNmQtMzJmZjMxY2VlYzhi
LzEvalUzUzBHMlNEa0E1TV8yeXpSbUVpVFZTVjV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQDLhJAMAwD
BAJZ2yQDBAZZ2wADBAFZ24QwDAMEAFnbmwMEAFnboDAMAwQAWdujAwQDWdugMAwD
BABZ26kDBAZZ24AwDQYJKoZIhvcNAQELBQADggEBANl598GSydwVnyayXLygtafN
OyUDcNydfx1sQXc/Cwcc5jyMFUJml58z4qWmAi9IMKzgtWGoMC9W7qN9VGavDzC+
XSlj0Ev3dVeUHksMHMrYAZCsKLhEU+8yzV14lcCwnSJNmLbKjb9q9LxMeP08ymr8
uKmoEAd/5s1WSojhTypc6ota8CkzIus5bLuSLB318Ux8ergjj4snkTPB6PqijU5H
kQYop6Bw8GAYaYE+TpS02Ls7x0Uf1hGO0yCbgrQZfTJ15sajCukmFsttY8sxUXFY
dq9xfDAlOXOJRr7D1AyetiJ85sq4oCd/NHe2lWefS7AAopmVxjb7qhPtpUv+NjU=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:14:43 2024 by rpki-client on console-ams.rpki-client.org