Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/yryOBFsQJw_4HxXRtJh-1Ze_xmo.roa
File: yryOBFsQJw_4HxXRtJh-1Ze_xmo.roa (raw, json)
Hash identifier: B8wRyfyYCHoeLHcXFlk6qY6Vj2EQbDGblJaDAnu0wlM=
Subject key identifier: CA:BC:8E:04:5B:10:27:0F:F8:1F:15:D1:B4:98:7E:D5:97:BF:C6:6A
Certificate issuer: /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial: 019199DB2A7623AED7D1FE1C30DCE845FDC8
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/yryOBFsQJw_4HxXRtJh-1Ze_xmo.roa
Signing time: Wed 28 Aug 2024 16:39:22 +0000
ROA not before: Wed 28 Aug 2024 16:39:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3356
IP address blocks: 5.159.208.0/21 maxlen: 24
5.181.72.0/22 maxlen: 24
31.192.96.0/21 maxlen: 24
45.8.100.0/22 maxlen: 24
45.132.108.0/22 maxlen: 24
45.137.44.0/22 maxlen: 24
80.74.240.0/21 maxlen: 24
80.74.248.0/21 maxlen: 24
83.150.252.0/22 maxlen: 24
85.95.96.0/19 maxlen: 24
92.42.120.0/21 maxlen: 24
95.129.64.0/21 maxlen: 24
176.58.0.0/21 maxlen: 24
185.79.184.0/22 maxlen: 24
185.90.0.0/22 maxlen: 24
185.94.204.0/22 maxlen: 24
185.99.76.0/22 maxlen: 24
185.145.88.0/22 maxlen: 24
185.178.216.0/22 maxlen: 24
185.182.200.0/23 maxlen: 24
185.204.212.0/22 maxlen: 24
185.229.4.0/22 maxlen: 24
185.246.132.0/22 maxlen: 24
185.247.200.0/22 maxlen: 24
185.248.252.0/24 maxlen: 24
185.248.253.0/24 maxlen: 24
185.248.254.0/24 maxlen: 24
185.248.255.0/24 maxlen: 24
188.94.16.0/21 maxlen: 24
193.24.3.0/24 maxlen: 24
193.24.6.0/24 maxlen: 24
193.24.13.0/24 maxlen: 24
193.24.31.0/24 maxlen: 24
195.26.32.0/19 maxlen: 24
195.88.8.0/23 maxlen: 24
212.11.68.0/22 maxlen: 24
212.11.72.0/22 maxlen: 24
217.145.128.0/20 maxlen: 24
2a00:f1c0::/32 maxlen: 32
2a04:e9c0::/29 maxlen: 29
2a0a:f480::/29 maxlen: 29
2a0d:7680::/29 maxlen: 29
2a0d:bf80::/29 maxlen: 29
2a0e:a1c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:99:db:2a:76:23:ae:d7:d1:fe:1c:30:dc:e8:45:fd:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66df7742890173927935206a28efbf48123e787c
Validity
Not Before: Aug 28 16:39:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cabc8e045b10270ff81f15d1b4987ed597bfc66a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:4e:9e:c2:d4:07:47:82:5c:38:ad:91:f8:c3:
e4:e3:cd:d7:06:64:b8:97:1b:fc:8e:05:2d:32:a3:
90:25:64:a8:42:c5:ff:54:d3:6d:73:4d:19:05:b0:
81:42:33:1f:7e:b6:b7:7a:71:53:97:33:cd:14:a7:
69:83:7c:06:70:92:47:a0:0b:3e:f9:b1:0d:71:5e:
d1:b1:72:44:7a:8d:42:9d:ba:3d:2e:a4:0a:ef:26:
d1:77:ac:15:37:3f:1e:cd:e4:41:fe:dd:60:20:e9:
63:f4:dd:b3:99:e7:a8:a7:8c:dd:f7:69:65:f0:91:
1d:e8:6c:6e:77:72:13:94:7c:90:87:25:a1:06:a7:
58:50:af:83:ef:85:6a:cb:ee:fe:56:7e:2e:d7:24:
7d:f6:c4:61:f2:e7:e8:2c:cf:a2:e0:b4:87:ec:3f:
d9:62:f1:32:db:b8:9b:a8:0a:5e:9a:a0:28:9b:ed:
3f:d4:2e:a7:f7:7d:3b:a7:00:b9:16:53:86:8a:b3:
a6:a4:75:9d:2a:4a:0e:25:57:56:a2:fd:35:c9:da:
8c:56:f6:25:fa:00:fd:60:42:82:7f:e3:9a:06:7e:
d2:93:e4:7d:ad:dd:6c:85:27:1c:9e:c3:dc:2a:4e:
b9:fa:4f:8a:d2:13:2c:a9:21:79:e6:34:69:a7:bd:
09:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:BC:8E:04:5B:10:27:0F:F8:1F:15:D1:B4:98:7E:D5:97:BF:C6:6A
X509v3 Authority Key Identifier:
keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/yryOBFsQJw_4HxXRtJh-1Ze_xmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.208.0/21
5.181.72.0/22
31.192.96.0/21
45.8.100.0/22
45.132.108.0/22
45.137.44.0/22
80.74.240.0/20
83.150.252.0/22
85.95.96.0/19
92.42.120.0/21
95.129.64.0/21
176.58.0.0/21
185.79.184.0/22
185.90.0.0/22
185.94.204.0/22
185.99.76.0/22
185.145.88.0/22
185.178.216.0/22
185.182.200.0/23
185.204.212.0/22
185.229.4.0/22
185.246.132.0/22
185.247.200.0/22
185.248.252.0/22
188.94.16.0/21
193.24.3.0/24
193.24.6.0/24
193.24.13.0/24
193.24.31.0/24
195.26.32.0/19
195.88.8.0/23
212.11.68.0-212.11.75.255
217.145.128.0/20
IPv6:
2a00:f1c0::/32
2a04:e9c0::/29
2a0a:f480::/29
2a0d:7680::/29
2a0d:bf80::/29
2a0e:a1c0::/29
Signature Algorithm: sha256WithRSAEncryption
2a:11:80:fc:50:72:09:44:e5:3e:df:78:f1:30:4d:87:d4:7e:
fa:83:8f:ff:5b:9e:33:48:79:b6:3e:77:2d:97:2b:df:fa:3d:
d8:bf:04:f9:32:69:a9:1a:72:29:18:58:d1:ca:ca:a5:89:35:
b6:78:ea:ca:08:ef:c7:41:0c:12:4a:db:ef:97:bf:cf:64:72:
fb:5b:60:e1:07:f8:62:cb:4d:ec:78:6b:7d:9f:2d:b0:32:82:
55:da:59:8e:b3:1d:b4:a2:64:3e:27:c6:38:69:a7:05:aa:cc:
c0:6c:fa:ad:c3:31:98:d2:94:da:36:44:59:8d:ca:23:7e:9e:
dd:82:c8:fc:ae:4e:a0:5a:71:1c:47:bc:86:d4:b7:d0:a2:9c:
98:5f:87:28:40:62:76:31:ea:1e:23:86:f8:69:2a:3c:3e:95:
a7:5c:53:1c:cc:09:b7:93:96:da:82:1a:6c:ec:93:7a:8d:02:
01:3a:3d:42:40:0a:08:78:64:e9:fb:99:31:81:f1:af:ed:79:
e0:ce:51:c1:3a:c8:f6:a0:dd:08:a1:d5:48:3e:d3:a5:dc:d6:
b1:dd:5c:1b:9d:0a:60:48:5f:a8:b0:4b:7e:4d:aa:a7:0b:be:
f2:cd:dc:e8:36:8b:f6:f1:63:c3:9b:44:f0:d6:11:cf:f8:da:
c0:45:b6:c3
-----BEGIN CERTIFICATE-----
MIIF/zCCBOegAwIBAgISAZGZ2yp2I67X0f4cMNzoRf3IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjQwODI4MTYzOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWJjOGUwNDViMTAyNzBmZjgxZjE1ZDFiNDk4N2VkNTk3YmZjNjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApU6ewtQHR4JcOK2R+MPk483XBmS4
lxv8jgUtMqOQJWSoQsX/VNNtc00ZBbCBQjMffra3enFTlzPNFKdpg3wGcJJHoAs+
+bENcV7RsXJEeo1Cnbo9LqQK7ybRd6wVNz8ezeRB/t1gIOlj9N2zmeeop4zd92ll
8JEd6Gxud3ITlHyQhyWhBqdYUK+D74Vqy+7+Vn4u1yR99sRh8ufoLM+i4LSH7D/Z
YvEy27ibqApemqAom+0/1C6n9307pwC5FlOGirOmpHWdKkoOJVdWov01ydqMVvYl
+gD9YEKCf+OaBn7Sk+R9rd1shSccnsPcKk65+k+K0hMsqSF55jRpp70JhwIDAQAB
o4IDCzCCAwcwHQYDVR0OBBYEFMq8jgRbECcP+B8V0bSYftWXv8ZqMB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEveXJ5T0JGc1FKd180SHhYUnRKaC0xWmVfeG1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYtMDk3ODdmMTUyYWRl
LzEvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHwYIKwYBBQUHAQcBAf8EggEOMIIBCjCB1QQCAAEwgc4D
BAMFn9ADBAIFtUgDBAMfwGADBAItCGQDBAIthGwDBAItiSwDBARQSvADBAJTlvwD
BAVVX2ADBANcKngDBANfgUADBAOwOgADBAK5T7gDBAK5WgADBAK5XswDBAK5Y0wD
BAK5kVgDBAK5stgDBAG5tsgDBAK5zNQDBAK55QQDBAK59oQDBAK598gDBAK5+PwD
BAO8XhADBADBGAMDBADBGAYDBADBGA0DBADBGB8DBAXDGiADBAHDWAgwDAMEAtQL
RAMEAtQLSAMEBNmRgDAwBAIAAjAqAwUAKgDxwAMFAyoE6cADBQMqCvSAAwUDKg12
gAMFAyoNv4ADBQMqDqHAMA0GCSqGSIb3DQEBCwUAA4IBAQAqEYD8UHIJROU+33jx
ME2H1H76g4//W54zSHm2Pnctlyvf+j3YvwT5MmmpGnIpGFjRysqliTW2eOrKCO/H
QQwSStvvl7/PZHL7W2DhB/hiy03seGt9ny2wMoJV2lmOsx20omQ+J8Y4aacFqszA
bPqtwzGY0pTaNkRZjcojfp7dgsj8rk6gWnEcR7yG1LfQopyYX4coQGJ2MeoeI4b4
aSo8PpWnXFMczAm3k5baghps7JN6jQIBOj1CQAoIeGTp+5kxgfGv7XngzlHBOsj2
oN0IodVIPtOl3Nax3VwbnQpgSF+osEt+TaqnC77yzdzoNov28WPDm0Tw1hHP+NrA
RbbD
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:02 2024 by rpki-client on console-ams.rpki-client.org