Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/YCmoAV6Mjdj8mUQPtUb9Hf5AdoE.roa
File: YCmoAV6Mjdj8mUQPtUb9Hf5AdoE.roa (raw, json)
Hash identifier: cVZ5QG/U9fqxrEU7TsSFdxlb0qAYa7jlZpm5ph7eOys=
Subject key identifier: 60:29:A8:01:5E:8C:8D:D8:FC:99:44:0F:B5:46:FD:1D:FE:40:76:81
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018DF86114A8B5AD83B1AAC85D34D254ACCB
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/YCmoAV6Mjdj8mUQPtUb9Hf5AdoE.roa
Signing time: Fri 01 Mar 2024 04:58:48 +0000
ROA not before: Fri 01 Mar 2024 04:58:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 31.170.55.0/24 maxlen: 24
94.74.152.0/22 maxlen: 24
109.203.160.0/24 maxlen: 24
109.203.168.0/21 maxlen: 24
109.203.176.0/21 maxlen: 24
109.203.184.0/21 maxlen: 24
176.46.132.0/24 maxlen: 24
176.46.140.0/24 maxlen: 24
176.46.145.0/24 maxlen: 24
176.46.147.0/24 maxlen: 24
176.46.151.0/24 maxlen: 24
185.34.160.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f8:61:14:a8:b5:ad:83:b1:aa:c8:5d:34:d2:54:ac:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Mar 1 04:58:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6029a8015e8c8dd8fc99440fb546fd1dfe407681
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:c6:e6:4f:dc:67:3e:67:92:c0:d8:e9:2d:db:
a1:ae:03:bd:0e:5a:57:df:00:20:5b:3a:45:87:e2:
64:3b:1f:2a:cc:38:26:72:11:0d:a5:29:52:ab:cf:
a8:8f:85:38:82:93:fe:26:93:3b:b9:92:c2:19:df:
ff:c3:52:7a:a8:6c:95:82:cd:a2:44:ab:bc:c0:69:
ac:64:7c:b9:ac:1a:60:35:78:22:e2:b0:d6:38:8e:
b5:0f:df:1c:56:1c:52:48:d9:e2:08:5f:f1:7a:41:
58:e4:fc:2f:61:50:96:02:c7:f3:b1:1a:47:b8:9e:
84:e3:70:c6:b9:21:2e:ee:51:77:10:e7:00:04:af:
36:c6:7a:87:70:c0:e0:09:89:b3:30:5b:04:eb:a0:
0e:37:4a:fa:ab:e2:c7:3c:e0:87:64:fe:b9:cb:ae:
a1:d0:ba:ca:72:bd:5c:df:39:4a:03:2d:96:6a:bd:
21:ca:97:3c:73:ff:84:00:19:b7:31:2a:b6:02:1e:
7e:bb:ee:5b:d7:a8:0c:a8:26:9a:36:cc:6c:2a:d5:
af:a4:8d:25:89:2e:59:bc:29:9d:3b:61:96:f4:5a:
61:cf:1f:d7:f7:95:b4:f5:89:ac:fb:29:c0:15:42:
4f:7d:a8:46:6d:1a:13:3b:cf:e5:af:14:b3:80:35:
a1:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:29:A8:01:5E:8C:8D:D8:FC:99:44:0F:B5:46:FD:1D:FE:40:76:81
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/YCmoAV6Mjdj8mUQPtUb9Hf5AdoE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.55.0/24
94.74.152.0/22
109.203.160.0/24
109.203.168.0-109.203.191.255
176.46.132.0/24
176.46.140.0/24
176.46.145.0/24
176.46.147.0/24
176.46.151.0/24
185.34.160.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:35:44:74:59:2b:00:8f:d1:42:32:47:da:ae:f6:0c:b5:f2:
40:1a:f2:7b:2b:5a:e3:14:05:f0:2f:4f:dd:04:a7:31:2b:88:
59:8e:cc:16:35:3f:0a:4e:f4:91:73:fb:55:bc:bb:49:ae:e0:
fa:4a:6e:4d:c7:55:51:ff:d6:b5:a8:e7:17:85:5e:69:33:e7:
f4:ed:f8:9d:d1:9d:22:36:68:75:4e:59:94:ad:36:e7:a4:fb:
05:a4:59:51:70:9f:a4:d1:0d:02:47:57:a8:c8:20:e4:18:21:
cd:e3:06:29:f1:23:5a:3e:b1:0a:a3:cb:f8:d2:ea:13:2a:e3:
8c:cb:da:8f:19:d4:c7:1e:7a:34:25:6f:94:d7:5a:5e:e0:60:
05:d5:5c:00:bd:bd:60:fa:28:69:1c:70:74:ea:69:79:8b:59:
dc:64:37:8c:f2:3a:ce:86:84:d0:1f:47:82:30:b3:78:d9:f2:
64:58:24:df:2f:e3:73:8e:76:ef:22:59:bc:1c:e3:92:95:b2:
1e:9f:41:b6:ba:b3:7c:5b:bf:74:19:bc:e5:05:73:bd:7e:0b:
3e:e4:5a:83:ce:17:0e:ac:8c:ff:b8:88:30:80:a3:ad:70:4f:
6c:0b:e5:23:b6:01:c7:15:67:31:29:11:5a:ee:f6:d1:8e:5f:
80:5e:b8:53
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAY34YRSota2DsarIXTTSVKzLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQwMzAxMDQ1ODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDI5YTgwMTVlOGM4ZGQ4ZmM5OTQ0MGZiNTQ2ZmQxZGZlNDA3NjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6sbmT9xnPmeSwNjpLduhrgO9DlpX
3wAgWzpFh+JkOx8qzDgmchENpSlSq8+oj4U4gpP+JpM7uZLCGd//w1J6qGyVgs2i
RKu8wGmsZHy5rBpgNXgi4rDWOI61D98cVhxSSNniCF/xekFY5PwvYVCWAsfzsRpH
uJ6E43DGuSEu7lF3EOcABK82xnqHcMDgCYmzMFsE66AON0r6q+LHPOCHZP65y66h
0LrKcr1c3zlKAy2War0hypc8c/+EABm3MSq2Ah5+u+5b16gMqCaaNsxsKtWvpI0l
iS5ZvCmdO2GW9Fphzx/X95W09Yms+ynAFUJPfahGbRoTO8/lrxSzgDWhEwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFGApqAFejI3Y/JlED7VG/R3+QHaBMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvWUNtb0FWNk1qZGo4bVVRUHRVYjlIZjVBZG9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQAH6o3AwQC
XkqYAwQAbcugMAwDBANty6gDBAZty4ADBACwLoQDBACwLowDBACwLpEDBACwLpMD
BACwLpcDBAK5IqAwDQYJKoZIhvcNAQELBQADggEBAKE1RHRZKwCP0UIyR9qu9gy1
8kAa8nsrWuMUBfAvT90EpzEriFmOzBY1PwpO9JFz+1W8u0mu4PpKbk3HVVH/1rWo
5xeFXmkz5/Tt+J3RnSI2aHVOWZStNuek+wWkWVFwn6TRDQJHV6jIIOQYIc3jBinx
I1o+sQqjy/jS6hMq44zL2o8Z1MceejQlb5TXWl7gYAXVXAC9vWD6KGkccHTqaXmL
WdxkN4zyOs6GhNAfR4Iws3jZ8mRYJN8v43OOdu8iWbwc45KVsh6fQba6s3xbv3QZ
vOUFc71+Cz7kWoPOFw6sjP+4iDCAo61wT2wL5SO2AccVZzEpEVru9tGOX4BeuFM=
-----END CERTIFICATE-----
Generated at Sat May 4 12:54:49 2024 by rpki-client on console-fra.rpki-client.org