Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/YD357J5AkoUyJkR4rVh-u43zTJY.roa
File: YD357J5AkoUyJkR4rVh-u43zTJY.roa (raw, json)
Hash identifier: i1ERnEWXmNCoT1IT8XWtmg0oSzLZKFvuIJ+a3NyJbe0=
Subject key identifier: 60:3D:F9:EC:9E:40:92:85:32:26:44:78:AD:58:7E:BB:8D:F3:4C:96
Certificate issuer: /CN=58b29e7b8a0ddb9c36c6e0e3f49577817b0ea3a6
Certificate serial: 018DD63BA0CA144C489E687BD46472ABAB73
Authority key identifier: 58:B2:9E:7B:8A:0D:DB:9C:36:C6:E0:E3:F4:95:77:81:7B:0E:A3:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WLKee4oN25w2xuDj9JV3gXsOo6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/YD357J5AkoUyJkR4rVh-u43zTJY.roa
Signing time: Fri 23 Feb 2024 13:50:48 +0000
ROA not before: Fri 23 Feb 2024 13:50:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29180
IP address blocks: 82.132.128.0/22 maxlen: 24
82.132.132.0/22 maxlen: 24
82.132.136.0/23 maxlen: 24
82.132.140.0/23 maxlen: 24
82.132.142.0/23 maxlen: 24
82.132.144.0/21 maxlen: 24
82.132.152.0/21 maxlen: 24
82.132.178.0/23 maxlen: 24
82.132.188.0/23 maxlen: 24
82.132.190.0/23 maxlen: 24
82.132.192.0/23 maxlen: 24
82.132.194.0/23 maxlen: 24
82.132.196.0/23 maxlen: 24
82.132.200.0/23 maxlen: 24
82.132.202.0/23 maxlen: 24
82.132.204.0/23 maxlen: 24
82.132.206.0/23 maxlen: 24
82.132.208.0/23 maxlen: 24
82.132.250.0/23 maxlen: 24
82.132.254.0/23 maxlen: 24
185.238.16.0/23 maxlen: 24
185.238.18.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/WLKee4oN25w2xuDj9JV3gXsOo6Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/WLKee4oN25w2xuDj9JV3gXsOo6Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/WLKee4oN25w2xuDj9JV3gXsOo6Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d6:3b:a0:ca:14:4c:48:9e:68:7b:d4:64:72:ab:ab:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58b29e7b8a0ddb9c36c6e0e3f49577817b0ea3a6
Validity
Not Before: Feb 23 13:50:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=603df9ec9e40928532264478ad587ebb8df34c96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c8:eb:b6:69:e3:fe:a4:b7:29:ba:e5:14:77:
7a:f8:f3:c3:22:9e:2c:2c:5f:49:b5:98:9d:21:4d:
fc:24:e8:0e:f0:a0:bc:b2:e2:0d:30:d0:e7:50:88:
56:9c:46:72:2e:2c:9e:56:50:bb:c0:c3:a6:06:04:
ae:de:e2:4e:ec:42:29:b5:22:34:25:c4:f2:6a:79:
41:9d:b1:c2:37:9b:98:96:34:70:84:d6:6d:d5:f2:
5a:86:1e:fb:8a:5b:f1:72:c3:9e:5f:56:8e:a6:65:
92:88:ba:15:5b:59:a1:b2:ce:e8:e8:d6:9c:da:ad:
8b:cd:5e:aa:9f:70:22:59:d4:e1:6f:0a:34:70:3c:
97:b2:d7:03:4a:ba:fc:30:5c:e6:9c:dc:fa:d7:a5:
b3:6b:1c:1d:bf:9b:16:fc:67:c2:f9:b4:5a:c1:a5:
ce:c4:27:a6:5b:91:3b:29:ce:a1:89:fb:5c:b3:fb:
55:94:9d:7e:46:8e:85:90:ce:04:8f:b7:b6:9d:29:
2b:be:64:5e:d8:49:a9:9b:79:37:e5:b5:10:5f:d4:
a0:ad:6e:a3:f9:f8:87:b8:05:48:7d:e2:cb:dd:c2:
05:58:c0:76:da:4a:a2:01:16:b1:22:78:8c:ad:cf:
99:b2:07:e9:6b:9b:ab:69:b2:f1:a8:3d:f1:54:af:
4c:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:3D:F9:EC:9E:40:92:85:32:26:44:78:AD:58:7E:BB:8D:F3:4C:96
X509v3 Authority Key Identifier:
keyid:58:B2:9E:7B:8A:0D:DB:9C:36:C6:E0:E3:F4:95:77:81:7B:0E:A3:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WLKee4oN25w2xuDj9JV3gXsOo6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/YD357J5AkoUyJkR4rVh-u43zTJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/WLKee4oN25w2xuDj9JV3gXsOo6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.132.128.0-82.132.137.255
82.132.140.0-82.132.159.255
82.132.178.0/23
82.132.188.0-82.132.197.255
82.132.200.0-82.132.209.255
82.132.250.0/23
82.132.254.0/23
185.238.16.0/22
Signature Algorithm: sha256WithRSAEncryption
04:9f:7b:7a:ac:30:85:ab:8f:c8:a2:ad:6d:4f:0a:a1:0a:8d:
96:b3:ab:7f:67:c1:d0:5d:43:0c:c5:55:db:54:ee:ed:06:6c:
e6:41:2e:e4:a7:a6:6d:d5:25:11:fb:11:b3:b5:5b:4e:81:2e:
10:45:91:fb:b3:f3:47:de:69:a1:1d:59:38:ae:9a:69:37:0b:
70:64:2d:bf:e1:81:70:c2:93:26:66:10:3d:30:fe:15:ae:9c:
0e:cc:6c:a1:56:bf:be:94:78:e4:4d:45:77:f3:d4:77:67:f8:
17:64:dd:c8:08:d7:3f:5f:77:de:47:2e:b7:4d:d3:d1:79:08:
b4:22:6d:dd:3b:29:04:22:db:5d:8c:4d:9f:73:86:93:36:00:
9e:a5:04:5f:67:2f:6d:6f:b5:3e:cd:8a:e4:1e:25:44:d8:58:
5e:72:40:82:3a:d4:31:65:4e:d2:d9:61:c2:83:18:a1:d6:a5:
2e:2a:24:bd:f6:78:b0:f8:d4:7e:5f:09:65:1e:c6:69:61:0b:
3b:2d:41:00:b4:f5:c1:9a:e3:de:bf:90:2a:d0:fe:3e:b3:72:
43:45:f4:39:f3:e6:86:0a:4b:49:cf:f6:7d:6c:d7:a8:9b:cd:
a5:05:44:0b:8d:bc:ab:e9:e4:54:4f:c8:77:ad:d5:16:18:d7:
92:c0:ce:23
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAY3WO6DKFExInmh71GRyq6tzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YjI5ZTdiOGEwZGRiOWMzNmM2ZTBlM2Y0OTU3NzgxN2Iw
ZWEzYTYwHhcNMjQwMjIzMTM1MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDNkZjllYzllNDA5Mjg1MzIyNjQ0NzhhZDU4N2ViYjhkZjM0Yzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsjrtmnj/qS3KbrlFHd6+PPDIp4s
LF9JtZidIU38JOgO8KC8suINMNDnUIhWnEZyLiyeVlC7wMOmBgSu3uJO7EIptSI0
JcTyanlBnbHCN5uYljRwhNZt1fJahh77ilvxcsOeX1aOpmWSiLoVW1mhss7o6Nac
2q2LzV6qn3AiWdThbwo0cDyXstcDSrr8MFzmnNz616Wzaxwdv5sW/GfC+bRawaXO
xCemW5E7Kc6hiftcs/tVlJ1+Ro6FkM4Ej7e2nSkrvmRe2Empm3k35bUQX9SgrW6j
+fiHuAVIfeLL3cIFWMB22kqiARaxIniMrc+Zsgfpa5urabLxqD3xVK9MiQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFGA9+eyeQJKFMiZEeK1YfruN80yWMB8GA1UdIwQY
MBaAFFiynnuKDducNsbg4/SVd4F7DqOmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0xLZWU0b04yNXcyeHVEajlKVjNnWHNPbzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yY2IzYmItMGVkMS00ZWNmLThhZjUt
ZWU3M2ZlMjFlZDIzLzEvWUQzNTdKNUFrb1V5SmtSNHJWaC11NDN6VEpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8yY2IzYmItMGVkMS00ZWNmLThhZjUtZWU3M2ZlMjFlZDIz
LzEvV0xLZWU0b04yNXcyeHVEajlKVjNnWHNPbzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQMAwDBAdShIAD
BAFShIgwDAMEAlKEjAMEBVKEgAMEAVKEsjAMAwQCUoS8AwQBUoTEMAwDBANShMgD
BAFShNADBAFShPoDBAFShP4DBAK57hAwDQYJKoZIhvcNAQELBQADggEBAASfe3qs
MIWrj8iirW1PCqEKjZazq39nwdBdQwzFVdtU7u0GbOZBLuSnpm3VJRH7EbO1W06B
LhBFkfuz80feaaEdWTiummk3C3BkLb/hgXDCkyZmED0w/hWunA7MbKFWv76UeORN
RXfz1Hdn+Bdk3cgI1z9fd95HLrdN09F5CLQibd07KQQi212MTZ9zhpM2AJ6lBF9n
L21vtT7NiuQeJUTYWF5yQII61DFlTtLZYcKDGKHWpS4qJL32eLD41H5fCWUexmlh
CzstQQC09cGa496/kCrQ/j6zckNF9Dnz5oYKS0nP9n1s16ibzaUFRAuNvKvp5FRP
yHet1RYY15LAziM=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:36:14 2024 by rpki-client on console-ams.rpki-client.org