Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/YJ3jox-nZ6JXzjTP7hHzKlrWAQI.roa
File: YJ3jox-nZ6JXzjTP7hHzKlrWAQI.roa (raw, json)
Hash identifier: SDKb7kXv3d+D919Lu8T4cR006IB1O/baSCrtz9ZeaU8=
Subject key identifier: 60:9D:E3:A3:1F:A7:67:A2:57:CE:34:CF:EE:11:F3:2A:5A:D6:01:02
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 019296475CFDE2D4A61475A4E15954A30987
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/YJ3jox-nZ6JXzjTP7hHzKlrWAQI.roa
Signing time: Wed 16 Oct 2024 17:01:52 +0000
ROA not before: Wed 16 Oct 2024 17:01:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35346
IP address blocks: 45.67.116.0/24 maxlen: 24
91.242.64.0/18 maxlen: 24
91.242.68.0/23 maxlen: 24
91.242.70.0/23 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.74.0/24 maxlen: 24
91.242.75.0/24 maxlen: 24
91.242.102.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
91.242.108.0/22 maxlen: 22
91.242.112.0/20 maxlen: 20
91.242.112.0/24 maxlen: 24
91.242.113.0/24 maxlen: 24
91.242.114.0/24 maxlen: 24
91.242.115.0/24 maxlen: 24
91.242.116.0/24 maxlen: 24
91.242.117.0/24 maxlen: 24
91.242.118.0/24 maxlen: 24
91.242.119.0/24 maxlen: 24
91.242.120.0/24 maxlen: 24
91.242.121.0/24 maxlen: 24
91.242.122.0/24 maxlen: 24
178.175.176.0/22 maxlen: 24
194.114.144.0/24 maxlen: 25
194.114.144.128/27 maxlen: 27
2a07:5540::/29 maxlen: 29
2a07:c040::/29 maxlen: 29
2a09:700::/29 maxlen: 29
2a09:15c0::/29 maxlen: 29
2a09:3ac0::/29 maxlen: 29
2a09:4440::/29 maxlen: 29
2a09:4c40::/29 maxlen: 29
2a09:63c0::/29 maxlen: 29
2a09:7640::/29 maxlen: 29
2a09:7b40::/29 maxlen: 29
2a09:7f00::/29 maxlen: 29
2a09:a480::/29 maxlen: 29
2a09:bdc0::/29 maxlen: 29
2a09:ca40::/29 maxlen: 29
2a09:e400::/29 maxlen: 29
2a09:f6c0::/29 maxlen: 29
2a09:f940::/29 maxlen: 29
2a09:fdc0::/29 maxlen: 29
2a0a:3700::/29 maxlen: 29
2a0a:3780::/29 maxlen: 29
2a0a:6000::/29 maxlen: 29
2a0a:ef00::/29 maxlen: 29
2a0b:280::/29 maxlen: 29
2a0b:5d00::/29 maxlen: 29
2a0c:380::/29 maxlen: 29
2a0c:3600::/32 maxlen: 32
2a0c:3780::/29 maxlen: 29
2a0c:57c0::/29 maxlen: 29
2a0c:ae00::/29 maxlen: 29
2a0d:1a00::/29 maxlen: 29
2a0d:dac0::/29 maxlen: 29
2a0d:fb00::/29 maxlen: 29
2a0e:f80::/29 maxlen: 29
2a0e:2080::/29 maxlen: 29
2a0e:2500::/29 maxlen: 29
2a0e:3380::/29 maxlen: 29
2a0e:3540::/29 maxlen: 29
2a0e:3c40::/29 maxlen: 29
2a0e:7880::/29 maxlen: 29
2a0e:b000::/29 maxlen: 29
2a0e:c3c0::/29 maxlen: 29
2a0e:c700::/29 maxlen: 29
2a0e:c800::/29 maxlen: 29
2a0e:d180::/29 maxlen: 29
2a0e:d880::/29 maxlen: 29
2a0e:e540::/29 maxlen: 29
2a0e:e8c0::/29 maxlen: 29
2a0e:e940::/29 maxlen: 29
2a0e:f540::/29 maxlen: 29
2a0f:740::/29 maxlen: 29
2a0f:1b40::/29 maxlen: 29
2a0f:3900::/29 maxlen: 29
2a0f:4840::/29 maxlen: 29
2a0f:6200::/29 maxlen: 29
2a0f:82c0::/29 maxlen: 29
2a0f:9380::/29 maxlen: 29
2a0f:b200::/29 maxlen: 29
2a0f:da00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:96:47:5c:fd:e2:d4:a6:14:75:a4:e1:59:54:a3:09:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Oct 16 17:01:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=609de3a31fa767a257ce34cfee11f32a5ad60102
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:b2:c9:4a:2d:e9:2e:f5:3c:cf:c3:9c:75:d8:
ce:a4:9b:dd:db:78:2d:4d:93:4f:52:b4:af:32:3a:
ec:f6:3d:49:92:7c:f3:aa:4c:60:0a:6f:d1:c5:55:
8b:77:66:7e:5c:d5:b9:a2:ab:e9:b7:43:a3:ca:f0:
c4:8c:96:3a:7f:25:90:61:f8:5a:4a:91:b9:9f:4f:
e9:a8:4f:1f:a9:3c:d8:05:f0:40:19:2e:70:30:3a:
d3:57:e7:e5:e0:a6:13:65:98:9b:58:1d:9b:6c:05:
e6:e1:eb:cb:62:17:11:9d:6f:eb:ba:25:e7:a7:50:
3f:c6:93:92:a3:ce:54:7f:fe:28:0e:0f:c2:86:c6:
48:44:9f:3d:f2:97:40:23:48:e8:43:70:48:eb:71:
7b:a7:b7:07:92:ee:c3:8f:7c:18:59:70:04:0a:24:
8e:23:8d:b8:4b:c2:80:0d:29:e5:04:cf:1c:10:dc:
58:a1:8f:cc:b2:21:51:ca:57:3d:24:74:53:49:e8:
04:78:87:eb:c1:aa:e4:b0:2d:3b:b2:8a:22:1c:c5:
bf:1f:6e:57:a4:68:7f:0c:d7:fd:65:6f:ae:43:97:
e6:eb:74:2c:2f:c2:58:0e:94:20:c6:b8:0f:a9:e6:
41:63:47:a2:b1:95:5a:0c:93:cb:8a:ca:3d:29:92:
d9:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:9D:E3:A3:1F:A7:67:A2:57:CE:34:CF:EE:11:F3:2A:5A:D6:01:02
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/YJ3jox-nZ6JXzjTP7hHzKlrWAQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.116.0/24
91.242.64.0/18
178.175.176.0/22
194.114.144.0/24
IPv6:
2a07:5540::/29
2a07:c040::/29
2a09:700::/29
2a09:15c0::/29
2a09:3ac0::/29
2a09:4440::/29
2a09:4c40::/29
2a09:63c0::/29
2a09:7640::/29
2a09:7b40::/29
2a09:7f00::/29
2a09:a480::/29
2a09:bdc0::/29
2a09:ca40::/29
2a09:e400::/29
2a09:f6c0::/29
2a09:f940::/29
2a09:fdc0::/29
2a0a:3700::/29
2a0a:3780::/29
2a0a:6000::/29
2a0a:ef00::/29
2a0b:280::/29
2a0b:5d00::/29
2a0c:380::/29
2a0c:3600::/32
2a0c:3780::/29
2a0c:57c0::/29
2a0c:ae00::/29
2a0d:1a00::/29
2a0d:dac0::/29
2a0d:fb00::/29
2a0e:f80::/29
2a0e:2080::/29
2a0e:2500::/29
2a0e:3380::/29
2a0e:3540::/29
2a0e:3c40::/29
2a0e:7880::/29
2a0e:b000::/29
2a0e:c3c0::/29
2a0e:c700::/29
2a0e:c800::/29
2a0e:d180::/29
2a0e:d880::/29
2a0e:e540::/29
2a0e:e8c0::/29
2a0e:e940::/29
2a0e:f540::/29
2a0f:740::/29
2a0f:1b40::/29
2a0f:3900::/29
2a0f:4840::/29
2a0f:6200::/29
2a0f:82c0::/29
2a0f:9380::/29
2a0f:b200::/29
2a0f:da00::/29
Signature Algorithm: sha256WithRSAEncryption
2d:67:69:02:9b:08:61:dd:86:21:ce:60:91:d8:3d:45:64:77:
e1:c0:9d:12:a0:46:f1:a2:8d:d3:9c:4b:f3:2a:7b:7c:df:46:
a2:fa:80:18:d3:7d:3b:43:2f:61:5d:55:6f:ee:a8:ba:39:69:
c0:ed:01:64:a3:ee:75:57:b2:0f:61:60:c0:a0:fd:cc:a7:e7:
6b:f1:16:53:d5:47:c3:e3:43:74:e8:cb:41:51:9e:a6:5b:15:
04:a9:4c:b3:d1:e1:f9:e9:ce:7e:02:61:95:e2:b4:5e:7c:b7:
82:f7:1e:7e:af:eb:23:27:ce:88:76:8c:11:fc:53:64:d2:87:
9b:96:68:fa:fe:89:98:da:ae:a3:d6:46:67:51:ca:93:12:3d:
f2:0d:cd:dc:f6:00:76:ed:31:3d:d4:83:df:a7:e5:74:82:15:
02:90:78:2d:cb:aa:96:35:4e:68:07:ab:8b:ee:7e:8d:f1:0b:
ed:5f:62:d2:8d:e8:3f:0f:25:b0:45:39:cf:e5:0a:2f:a5:73:
ae:98:74:c5:be:4b:05:7a:1a:b0:4a:34:06:d9:29:04:1c:66:
2d:75:28:d6:e6:37:8a:7f:25:c4:f2:fe:30:b0:d7:64:54:08:
97:94:b6:92:03:05:ac:77:da:72:01:af:3e:1b:3b:c7:6e:6a:
1f:20:91:b3
-----BEGIN CERTIFICATE-----
MIIGtzCCBZ+gAwIBAgISAZKWR1z94tSmFHWk4VlUowmHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQxMDE2MTcwMTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDlkZTNhMzFmYTc2N2EyNTdjZTM0Y2ZlZTExZjMyYTVhZDYwMTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2rLJSi3pLvU8z8OcddjOpJvd23gt
TZNPUrSvMjrs9j1JknzzqkxgCm/RxVWLd2Z+XNW5oqvpt0OjyvDEjJY6fyWQYfha
SpG5n0/pqE8fqTzYBfBAGS5wMDrTV+fl4KYTZZibWB2bbAXm4evLYhcRnW/ruiXn
p1A/xpOSo85Uf/4oDg/ChsZIRJ898pdAI0joQ3BI63F7p7cHku7Dj3wYWXAECiSO
I424S8KADSnlBM8cENxYoY/MsiFRylc9JHRTSegEeIfrwarksC07sooiHMW/H25X
pGh/DNf9ZW+uQ5fm63QsL8JYDpQgxrgPqeZBY0eisZVaDJPLiso9KZLZAQIDAQAB
o4IDwzCCA78wHQYDVR0OBBYEFGCd46Mfp2eiV840z+4R8ypa1gECMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvWUozam94LW5aNkpYempUUDdoSHpLbHJXQVFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB1wYIKwYBBQUHAQcBAf8EggHGMIIBwjAeBAIAATAYAwQA
LUN0AwQGW/JAAwQCsq+wAwQAwnKQMIIBngQCAAIwggGWAwUDKgdVQAMFAyoHwEAD
BQMqCQcAAwUDKgkVwAMFAyoJOsADBQMqCURAAwUDKglMQAMFAyoJY8ADBQMqCXZA
AwUDKgl7QAMFAyoJfwADBQMqCaSAAwUDKgm9wAMFAyoJykADBQMqCeQAAwUDKgn2
wAMFAyoJ+UADBQMqCf3AAwUDKgo3AAMFAyoKN4ADBQMqCmAAAwUDKgrvAAMFAyoL
AoADBQMqC10AAwUDKgwDgAMFACoMNgADBQMqDDeAAwUDKgxXwAMFAyoMrgADBQMq
DRoAAwUDKg3awAMFAyoN+wADBQMqDg+AAwUDKg4ggAMFAyoOJQADBQMqDjOAAwUD
Kg41QAMFAyoOPEADBQMqDniAAwUDKg6wAAMFAyoOw8ADBQMqDscAAwUDKg7IAAMF
AyoO0YADBQMqDtiAAwUDKg7lQAMFAyoO6MADBQMqDulAAwUDKg71QAMFAyoPB0AD
BQMqDxtAAwUDKg85AAMFAyoPSEADBQMqD2IAAwUDKg+CwAMFAyoPk4ADBQMqD7IA
AwUDKg/aADANBgkqhkiG9w0BAQsFAAOCAQEALWdpApsIYd2GIc5gkdg9RWR34cCd
EqBG8aKN05xL8yp7fN9GovqAGNN9O0MvYV1Vb+6oujlpwO0BZKPudVeyD2FgwKD9
zKfna/EWU9VHw+NDdOjLQVGeplsVBKlMs9Hh+enOfgJhleK0Xny3gvcefq/rIyfO
iHaMEfxTZNKHm5Zo+v6JmNquo9ZGZ1HKkxI98g3N3PYAdu0xPdSD36fldIIVApB4
LcuqljVOaAeri+5+jfEL7V9i0o3oPw8lsEU5z+UKL6Vzrph0xb5LBXoasEo0Btkp
BBxmLXUo1uY3in8lxPL+MLDXZFQIl5S2kgMFrHfacgGvPhs7x25qHyCRsw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:46:31 2024 by rpki-client on console-ams.rpki-client.org