Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/473924-6f99-473d-a077-f437839095d1/1/ydnI6d9UEJ5EQIgpsAoQ2gAEK50.roa
File: ydnI6d9UEJ5EQIgpsAoQ2gAEK50.roa (raw, json)
Hash identifier: HEHhaZ9z4dqUpFVq1bkB7J2BNi+xfY24uWeH5Vv0u/8=
Subject key identifier: C9:D9:C8:E9:DF:54:10:9E:44:40:88:29:B0:0A:10:DA:00:04:2B:9D
Certificate issuer: /CN=c7f04b78b2eedf998edd5cc1e88671c8d10f1865
Certificate serial: 018CC56DEB6D881ECAF39CE536F1488E1857
Authority key identifier: C7:F0:4B:78:B2:EE:DF:99:8E:DD:5C:C1:E8:86:71:C8:D1:0F:18:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x_BLeLLu35mO3VzB6IZxyNEPGGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/473924-6f99-473d-a077-f437839095d1/1/ydnI6d9UEJ5EQIgpsAoQ2gAEK50.roa
Signing time: Mon 01 Jan 2024 14:29:24 +0000
ROA not before: Mon 01 Jan 2024 14:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206618
IP address blocks: 194.114.80.0/23 maxlen: 23
194.114.85.0/24 maxlen: 24
193.23.96.0/24 maxlen: 24
194.114.96.0/24 maxlen: 24
194.114.96.0/23 maxlen: 23
194.114.96.0/22 maxlen: 22
194.114.94.0/23 maxlen: 23
194.114.98.0/23 maxlen: 23
194.114.97.0/24 maxlen: 24
194.114.100.0/22 maxlen: 22
194.114.104.0/21 maxlen: 21
194.114.104.0/24 maxlen: 24
143.163.67.0/24 maxlen: 24
194.114.112.0/22 maxlen: 22
143.163.66.0/24 maxlen: 24
143.163.66.0/23 maxlen: 23
194.114.116.0/22 maxlen: 22
194.114.125.0/24 maxlen: 24
194.114.126.0/24 maxlen: 24
194.114.32.0/23 maxlen: 23
194.114.40.0/23 maxlen: 23
143.163.1.0/24 maxlen: 24
194.114.44.0/22 maxlen: 22
194.114.48.0/21 maxlen: 21
143.163.12.0/22 maxlen: 22
194.114.56.0/22 maxlen: 22
143.163.16.0/23 maxlen: 23
194.114.61.0/24 maxlen: 24
194.114.64.0/23 maxlen: 23
194.114.62.0/23 maxlen: 23
194.114.62.0/24 maxlen: 24
194.114.63.0/24 maxlen: 24
194.114.66.0/23 maxlen: 23
194.114.70.0/23 maxlen: 23
194.114.74.0/24 maxlen: 24
194.114.78.0/23 maxlen: 23
194.114.77.0/24 maxlen: 24
2a01:4dc0::/42 maxlen: 42
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/473924-6f99-473d-a077-f437839095d1/1/x_BLeLLu35mO3VzB6IZxyNEPGGU.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/473924-6f99-473d-a077-f437839095d1/1/x_BLeLLu35mO3VzB6IZxyNEPGGU.mft
rsync://rpki.ripe.net/repository/DEFAULT/x_BLeLLu35mO3VzB6IZxyNEPGGU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:eb:6d:88:1e:ca:f3:9c:e5:36:f1:48:8e:18:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7f04b78b2eedf998edd5cc1e88671c8d10f1865
Validity
Not Before: Jan 1 14:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9d9c8e9df54109e44408829b00a10da00042b9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:0f:4c:1b:9c:f5:cb:4f:4c:b9:1a:a6:07:6f:
10:f3:fc:9f:71:43:9d:8d:57:8e:7c:26:d6:12:14:
ff:22:4f:57:76:1d:b1:e0:1b:27:48:31:08:41:db:
e7:3f:e4:7b:d6:e5:0e:40:d5:72:f6:8f:4d:86:d1:
15:91:ff:d7:38:2b:b0:6d:f9:5b:f4:b2:86:dc:91:
3a:6c:25:ea:f0:28:cc:bb:ac:1a:17:49:54:dd:64:
50:de:52:73:cb:72:3c:f9:39:5a:c2:3b:c1:2f:ca:
73:2a:af:43:76:6e:29:67:e7:a8:aa:c0:73:73:8e:
af:b2:87:0a:d9:00:4b:d2:fd:48:74:0e:49:5c:6e:
e0:3d:fc:4a:38:a0:51:bc:12:67:57:12:5f:75:de:
a9:8a:2c:0e:c4:ab:75:92:b4:a7:80:bf:13:bb:b1:
58:6e:e5:61:a3:0a:a5:f7:c6:77:ef:75:55:75:e4:
18:f9:81:16:00:7e:1d:37:19:05:7a:48:5f:6b:ef:
00:c2:ec:19:b1:18:21:4d:e1:c9:78:54:1c:72:b8:
b0:95:66:d1:52:d6:c7:e5:9d:03:74:70:98:19:82:
34:28:87:b2:78:75:00:5b:15:eb:5d:3f:8a:cc:c7:
6e:f7:4a:14:3e:3e:93:ae:b8:dc:c9:70:9c:ee:74:
44:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:D9:C8:E9:DF:54:10:9E:44:40:88:29:B0:0A:10:DA:00:04:2B:9D
X509v3 Authority Key Identifier:
keyid:C7:F0:4B:78:B2:EE:DF:99:8E:DD:5C:C1:E8:86:71:C8:D1:0F:18:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x_BLeLLu35mO3VzB6IZxyNEPGGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/473924-6f99-473d-a077-f437839095d1/1/ydnI6d9UEJ5EQIgpsAoQ2gAEK50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/473924-6f99-473d-a077-f437839095d1/1/x_BLeLLu35mO3VzB6IZxyNEPGGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.163.1.0/24
143.163.12.0-143.163.17.255
143.163.66.0/23
193.23.96.0/24
194.114.32.0/23
194.114.40.0/23
194.114.44.0-194.114.59.255
194.114.61.0-194.114.67.255
194.114.70.0/23
194.114.74.0/24
194.114.77.0-194.114.81.255
194.114.85.0/24
194.114.94.0-194.114.119.255
194.114.125.0-194.114.126.255
IPv6:
2a01:4dc0::/42
Signature Algorithm: sha256WithRSAEncryption
8c:52:0a:43:f1:89:4e:8e:37:e1:09:a7:50:a0:33:8e:2b:42:
7d:bb:92:48:51:cc:a2:d1:29:b1:45:1a:ad:47:b7:e0:d3:38:
69:45:a1:31:52:ac:ad:5f:d5:2e:3f:2f:ef:99:2a:72:af:22:
16:b4:21:31:66:f6:6b:b1:b5:50:12:1e:b8:af:0b:a7:94:0c:
31:73:9a:ec:2c:89:87:c7:2e:ae:75:f1:8f:79:90:5b:9d:f5:
94:30:83:db:e1:ed:af:81:43:a3:eb:26:d8:d5:d2:74:0b:e4:
0a:7b:d9:7c:83:09:96:52:88:51:c8:f5:b1:41:70:98:dc:f2:
68:80:88:dc:27:8f:ab:24:6b:1f:5d:66:e4:98:b4:6f:a0:e6:
d6:86:1e:2f:9d:c7:cf:89:13:d7:31:f4:77:b6:d0:1e:47:ed:
f2:33:1d:fa:07:56:bd:75:bb:6b:f2:a6:16:2d:d3:70:e2:f8:
7b:bb:ea:d5:aa:85:e8:36:34:9e:ad:47:57:51:61:ff:99:1b:
30:55:ff:d7:2d:90:b9:6c:2d:04:ba:05:9a:30:76:81:f4:8b:
95:36:82:a5:8a:fb:19:63:3f:90:f6:0f:22:a1:1d:c8:c6:90:
38:25:a2:8a:f5:ad:e2:70:4d:3c:b7:9c:60:b3:bf:30:5f:77:
9d:df:b3:aa
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgISAYzFbettiB7K85zlNvFIjhhXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3ZjA0Yjc4YjJlZWRmOTk4ZWRkNWNjMWU4ODY3MWM4ZDEw
ZjE4NjUwHhcNMjQwMTAxMTQyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWQ5YzhlOWRmNTQxMDllNDQ0MDg4MjliMDBhMTBkYTAwMDQyYjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQ9MG5z1y09MuRqmB28Q8/yfcUOd
jVeOfCbWEhT/Ik9Xdh2x4BsnSDEIQdvnP+R71uUOQNVy9o9NhtEVkf/XOCuwbflb
9LKG3JE6bCXq8CjMu6waF0lU3WRQ3lJzy3I8+TlawjvBL8pzKq9Ddm4pZ+eoqsBz
c46vsocK2QBL0v1IdA5JXG7gPfxKOKBRvBJnVxJfdd6piiwOxKt1krSngL8Tu7FY
buVhowql98Z373VVdeQY+YEWAH4dNxkFekhfa+8AwuwZsRghTeHJeFQccriwlWbR
UtbH5Z0DdHCYGYI0KIeyeHUAWxXrXT+KzMdu90oUPj6TrrjcyXCc7nREEwIDAQAB
o4ICnTCCApkwHQYDVR0OBBYEFMnZyOnfVBCeRECIKbAKENoABCudMB8GA1UdIwQY
MBaAFMfwS3iy7t+Zjt1cweiGccjRDxhlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveF9CTGVMTHUzNW1PM1Z6QjZJWnh5TkVQR0dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy80NzM5MjQtNmY5OS00NzNkLWEwNzct
ZjQzNzgzOTA5NWQxLzEveWRuSTZkOVVFSjVFUUlncHNBb1EyZ0FFSzUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy80NzM5MjQtNmY5OS00NzNkLWEwNzctZjQzNzgzOTA5NWQx
LzEveF9CTGVMTHUzNW1PM1Z6QjZJWnh5TkVQR0dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGyBggrBgEFBQcBBwEB/wSBojCBnzCBiwQCAAEwgYQDBACP
owEwDAMEAo+jDAMEAY+jEAMEAY+jQgMEAMEXYAMEAcJyIAMEAcJyKDAMAwQCwnIs
AwQCwnI4MAwDBADCcj0DBALCckADBAHCckYDBADCckowDAMEAMJyTQMEAcJyUAME
AMJyVTAMAwQBwnJeAwQDwnJwMAwDBADCcn0DBADCcn4wDwQCAAIwCQMHBioBTcAA
ADANBgkqhkiG9w0BAQsFAAOCAQEAjFIKQ/GJTo434QmnUKAzjitCfbuSSFHMotEp
sUUarUe34NM4aUWhMVKsrV/VLj8v75kqcq8iFrQhMWb2a7G1UBIeuK8Lp5QMMXOa
7CyJh8curnXxj3mQW531lDCD2+Htr4FDo+sm2NXSdAvkCnvZfIMJllKIUcj1sUFw
mNzyaICI3CePqyRrH11m5Ji0b6Dm1oYeL53Hz4kT1zH0d7bQHkft8jMd+gdWvXW7
a/KmFi3TcOL4e7vq1aqF6DY0nq1HV1Fh/5kbMFX/1y2QuWwtBLoFmjB2gfSLlTaC
pYr7GWM/kPYPIqEdyMaQOCWiivWt4nBNPLecYLO/MF93nd+zqg==
-----END CERTIFICATE-----
Generated at Fri Jun 7 19:28:14 2024 by rpki-client on console-ams.rpki-client.org