Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/yE6nJ7nvB6DrlMa7YPK1HfL5Dy8.roa
File: yE6nJ7nvB6DrlMa7YPK1HfL5Dy8.roa (raw, json)
Hash identifier: c8z2usdNQG+sde9H/D8A+JEd8pHdVfVe9Hv6rFO1CE8=
Subject key identifier: C8:4E:A7:27:B9:EF:07:A0:EB:94:C6:BB:60:F2:B5:1D:F2:F9:0F:2F
Certificate issuer: /CN=fd261d45319e8375187436da44bf5b9adb044a7f
Certificate serial: 018E3866CD51A8B0B8DD844D23A6BA6E9F9A
Authority key identifier: FD:26:1D:45:31:9E:83:75:18:74:36:DA:44:BF:5B:9A:DB:04:4A:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_SYdRTGeg3UYdDbaRL9bmtsESn8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/yE6nJ7nvB6DrlMa7YPK1HfL5Dy8.roa
Signing time: Wed 13 Mar 2024 15:20:45 +0000
ROA not before: Wed 13 Mar 2024 15:20:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8758
IP address blocks: 31.24.8.0/21 maxlen: 24
37.46.144.0/22 maxlen: 24
77.74.96.0/21 maxlen: 24
80.89.208.0/20 maxlen: 24
83.150.0.0/18 maxlen: 24
84.254.80.0/20 maxlen: 24
84.254.96.0/20 maxlen: 24
87.239.200.0/21 maxlen: 24
88.218.24.0/22 maxlen: 24
91.84.64.0/19 maxlen: 24
95.143.48.0/20 maxlen: 24
109.70.112.0/21 maxlen: 24
109.70.115.0/24 maxlen: 24
109.70.116.0/22 maxlen: 24
145.40.192.0/19 maxlen: 24
157.143.0.0/17 maxlen: 24
178.22.104.0/21 maxlen: 24
178.250.130.0/23 maxlen: 24
185.109.164.0/22 maxlen: 24
185.160.244.0/22 maxlen: 24
194.31.128.0/23 maxlen: 24
194.246.118.0/23 maxlen: 24
212.25.0.0/19 maxlen: 24
217.22.128.0/20 maxlen: 24
217.71.240.0/20 maxlen: 24
217.150.224.0/20 maxlen: 24
2001:8e0::/29 maxlen: 32
2a00:10c0::/32 maxlen: 32
2a01:bd00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/_SYdRTGeg3UYdDbaRL9bmtsESn8.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/_SYdRTGeg3UYdDbaRL9bmtsESn8.mft
rsync://rpki.ripe.net/repository/DEFAULT/_SYdRTGeg3UYdDbaRL9bmtsESn8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:38:66:cd:51:a8:b0:b8:dd:84:4d:23:a6:ba:6e:9f:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd261d45319e8375187436da44bf5b9adb044a7f
Validity
Not Before: Mar 13 15:20:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c84ea727b9ef07a0eb94c6bb60f2b51df2f90f2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:e9:c4:1a:3f:f3:7a:3d:c5:29:af:c1:02:6c:
22:d2:d7:18:ad:dd:67:f8:91:e4:f2:49:6f:53:16:
38:18:fa:42:f0:ad:5a:5a:f0:b0:49:fd:6f:c0:6e:
9d:a7:ca:bc:e8:39:06:82:ea:c1:4d:1d:2c:e0:bf:
c8:99:f5:24:e1:0b:37:ce:4b:a4:f7:0d:5c:e7:42:
aa:82:27:b7:41:7b:ca:69:63:50:f8:d2:ee:71:cc:
1e:72:88:34:00:01:5a:50:49:68:33:33:3c:c6:9e:
8a:d7:2f:a8:e6:d4:ea:34:a5:75:57:c5:33:79:89:
ad:db:5f:80:29:93:27:46:5d:92:69:91:dc:1e:2f:
f2:a7:4a:ce:9f:33:90:41:ed:ff:71:d1:a4:08:4c:
95:a3:fb:4f:93:5a:b7:1a:35:53:21:91:18:bc:e5:
a5:35:70:4c:76:af:b9:46:65:df:bd:63:fa:6c:49:
7c:0d:60:d0:2f:9b:fd:8e:54:0d:1b:25:1e:f6:66:
1b:4d:c3:71:e6:da:9b:60:d0:1c:d6:3e:69:d7:ed:
90:ea:f8:27:f9:44:aa:ec:2c:14:6d:bb:be:c2:6f:
4d:18:78:93:23:b7:07:66:92:c4:8e:64:4f:30:47:
ea:cf:70:67:6c:5d:10:6a:85:f1:9d:17:a7:7c:91:
e9:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:4E:A7:27:B9:EF:07:A0:EB:94:C6:BB:60:F2:B5:1D:F2:F9:0F:2F
X509v3 Authority Key Identifier:
keyid:FD:26:1D:45:31:9E:83:75:18:74:36:DA:44:BF:5B:9A:DB:04:4A:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_SYdRTGeg3UYdDbaRL9bmtsESn8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/yE6nJ7nvB6DrlMa7YPK1HfL5Dy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/_SYdRTGeg3UYdDbaRL9bmtsESn8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.8.0/21
37.46.144.0/22
77.74.96.0/21
80.89.208.0/20
83.150.0.0/18
84.254.80.0-84.254.111.255
87.239.200.0/21
88.218.24.0/22
91.84.64.0/19
95.143.48.0/20
109.70.112.0/21
145.40.192.0/19
157.143.0.0/17
178.22.104.0/21
178.250.130.0/23
185.109.164.0/22
185.160.244.0/22
194.31.128.0/23
194.246.118.0/23
212.25.0.0/19
217.22.128.0/20
217.71.240.0/20
217.150.224.0/20
IPv6:
2001:8e0::/29
2a00:10c0::/32
2a01:bd00::/32
Signature Algorithm: sha256WithRSAEncryption
95:f6:f5:a2:8c:b1:13:0b:cb:23:62:df:8b:9f:01:f9:d4:da:
21:05:1d:fd:16:59:f0:c1:05:18:98:42:7a:34:98:a7:ea:a4:
ab:59:90:13:38:06:e0:b8:dd:60:aa:31:1e:2a:c9:74:51:1e:
3e:44:eb:f3:0f:20:1e:85:80:2c:a1:d0:df:c2:a1:f2:a5:87:
14:b8:66:bb:60:49:e5:7c:6f:a6:0b:e4:85:f3:04:fd:99:92:
22:db:36:15:d9:55:22:fb:d3:c9:a5:45:fb:05:eb:0f:6d:1a:
a2:ab:68:4b:07:5c:b7:2c:be:e7:04:59:03:40:e7:df:e1:93:
08:19:62:a2:6c:20:da:bc:d3:6b:63:ae:3f:da:1d:cb:e0:6d:
08:ed:d4:b3:1e:30:59:c4:27:3a:0b:d4:d8:8c:a6:6e:c7:f9:
84:28:68:6e:95:2e:7a:b7:a6:4b:67:0c:dd:5f:f5:dc:84:d5:
73:f8:c1:91:27:34:1d:a0:20:99:7d:ae:76:f4:7d:9f:25:e2:
7f:72:8b:77:4d:49:4b:c7:cd:7b:97:1e:6a:bf:9c:e5:51:9b:
64:a7:68:8b:cd:cc:d1:e1:e3:6c:52:66:02:7f:aa:d2:39:d5:
90:01:90:3c:16:c3:48:af:5c:97:4f:d9:80:8e:eb:3a:36:dc:
79:73:7b:44
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgISAY44Zs1RqLC43YRNI6a6bp+aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMjYxZDQ1MzE5ZTgzNzUxODc0MzZkYTQ0YmY1YjlhZGIw
NDRhN2YwHhcNMjQwMzEzMTUyMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODRlYTcyN2I5ZWYwN2EwZWI5NGM2YmI2MGYyYjUxZGYyZjkwZjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0OnEGj/zej3FKa/BAmwi0tcYrd1n
+JHk8klvUxY4GPpC8K1aWvCwSf1vwG6dp8q86DkGgurBTR0s4L/ImfUk4Qs3zkuk
9w1c50Kqgie3QXvKaWNQ+NLuccwecog0AAFaUEloMzM8xp6K1y+o5tTqNKV1V8Uz
eYmt21+AKZMnRl2SaZHcHi/yp0rOnzOQQe3/cdGkCEyVo/tPk1q3GjVTIZEYvOWl
NXBMdq+5RmXfvWP6bEl8DWDQL5v9jlQNGyUe9mYbTcNx5tqbYNAc1j5p1+2Q6vgn
+USq7CwUbbu+wm9NGHiTI7cHZpLEjmRPMEfqz3BnbF0QaoXxnRenfJHpmQIDAQAB
o4ICtzCCArMwHQYDVR0OBBYEFMhOpye57weg65TGu2DytR3y+Q8vMB8GA1UdIwQY
MBaAFP0mHUUxnoN1GHQ22kS/W5rbBEp/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1NZZFJUR2VnM1VZZERiYVJMOWJtdHNFU244LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS81ODJiMTctZjQ2Zi00MWViLThmZDQt
ZWI1MDkzYjIzMWMxLzEveUU2bko3bnZCNkRybE1hN1lQSzFIZkw1RHk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS81ODJiMTctZjQ2Zi00MWViLThmZDQtZWI1MDkzYjIzMWMx
LzEvX1NZZFJUR2VnM1VZZERiYVJMOWJtdHNFU244LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHMBggrBgEFBQcBBwEB/wSBvDCBuTCBmQQCAAEwgZIDBAMf
GAgDBAIlLpADBANNSmADBARQWdADBAZTlgAwDAMEBFT+UAMEBFT+YAMEA1fvyAME
AljaGAMEBVtUQAMEBF+PMAMEA21GcAMEBZEowAMEB52PAAMEA7IWaAMEAbL6ggME
ArltpAMEArmg9AMEAcIfgAMEAcL2dgMEBdQZAAMEBNkWgAMEBNlH8AMEBNmW4DAb
BAIAAjAVAwUDIAEI4AMFACoAEMADBQAqAb0AMA0GCSqGSIb3DQEBCwUAA4IBAQCV
9vWijLETC8sjYt+LnwH51NohBR39FlnwwQUYmEJ6NJin6qSrWZATOAbguN1gqjEe
Ksl0UR4+ROvzDyAehYAsodDfwqHypYcUuGa7YEnlfG+mC+SF8wT9mZIi2zYV2VUi
+9PJpUX7BesPbRqiq2hLB1y3LL7nBFkDQOff4ZMIGWKibCDavNNrY64/2h3L4G0I
7dSzHjBZxCc6C9TYjKZux/mEKGhulS56t6ZLZwzdX/XchNVz+MGRJzQdoCCZfa52
9H2fJeJ/cot3TUlLx817lx5qv5zlUZtkp2iLzczR4eNsUmYCf6rSOdWQAZA8FsNI
r1yXT9mAjus6Ntx5c3tE
-----END CERTIFICATE-----
Generated at Sat Jun 1 16:46:01 2024 by rpki-client on console-ams.rpki-client.org