Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/YYbN8cXFq70cwivkyO9JHkRj9tE.roa
File: YYbN8cXFq70cwivkyO9JHkRj9tE.roa (raw, json)
Hash identifier: 3N+sRHCJE4kR8o4P66VF9pz3wNZBMyDX+jzhR7cl1mE=
Subject key identifier: 61:86:CD:F1:C5:C5:AB:BD:1C:C2:2B:E4:C8:EF:49:1E:44:63:F6:D1
Certificate issuer: /CN=b6c167dfa9882b2aa8f84595f58a97c305ca43c5
Certificate serial: 018F42CE71474F68417F98E958E53E155390
Authority key identifier: B6:C1:67:DF:A9:88:2B:2A:A8:F8:45:95:F5:8A:97:C3:05:CA:43:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tsFn36mIKyqo-EWV9YqXwwXKQ8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/YYbN8cXFq70cwivkyO9JHkRj9tE.roa
Signing time: Sat 04 May 2024 08:52:56 +0000
ROA not before: Sat 04 May 2024 08:52:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57497
IP address blocks: 5.63.8.0/24 maxlen: 24
5.63.9.0/24 maxlen: 24
5.63.10.0/23 maxlen: 23
5.63.10.0/24 maxlen: 24
5.63.11.0/24 maxlen: 24
5.63.12.0/24 maxlen: 24
5.63.13.0/24 maxlen: 24
5.63.14.0/23 maxlen: 23
5.63.14.0/24 maxlen: 24
45.135.240.0/24 maxlen: 24
45.135.241.0/24 maxlen: 24
45.135.242.0/24 maxlen: 24
45.135.243.0/24 maxlen: 24
158.58.184.0/22 maxlen: 22
158.58.184.0/24 maxlen: 24
158.58.185.0/24 maxlen: 24
158.58.186.0/24 maxlen: 24
158.58.187.0/24 maxlen: 24
158.58.188.0/23 maxlen: 23
158.58.188.0/24 maxlen: 24
158.58.189.0/24 maxlen: 24
158.58.190.0/23 maxlen: 23
158.58.190.0/24 maxlen: 24
158.58.191.0/24 maxlen: 24
185.2.12.0/22 maxlen: 22
185.2.12.0/23 maxlen: 24
185.2.14.0/23 maxlen: 24
185.179.90.0/24 maxlen: 24
185.229.204.0/24 maxlen: 24
194.62.17.0/24 maxlen: 24
195.226.223.0/24 maxlen: 24
2a01:4ac0::/48 maxlen: 48
2a01:4ac0:1::/48 maxlen: 48
2a01:4ac0:2::/48 maxlen: 48
2a01:4ac0:3::/48 maxlen: 48
2a01:4ac0:4::/48 maxlen: 48
2a01:4ac0:5::/48 maxlen: 48
2a01:4ac0:6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/tsFn36mIKyqo-EWV9YqXwwXKQ8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/tsFn36mIKyqo-EWV9YqXwwXKQ8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/tsFn36mIKyqo-EWV9YqXwwXKQ8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:42:ce:71:47:4f:68:41:7f:98:e9:58:e5:3e:15:53:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6c167dfa9882b2aa8f84595f58a97c305ca43c5
Validity
Not Before: May 4 08:52:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6186cdf1c5c5abbd1cc22be4c8ef491e4463f6d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a6:38:b6:dc:dd:7d:d8:62:d0:66:31:7d:6e:
d8:96:05:24:e2:f9:3d:d1:3f:a8:e8:ee:b5:d4:40:
b6:6f:76:ed:26:49:e7:e0:ea:25:b0:1b:41:ce:9b:
9c:84:96:53:22:80:e6:e7:e2:1f:7c:17:14:30:b5:
fd:d1:1b:19:f8:d6:d0:52:1f:92:f7:bb:b7:fa:3d:
f8:9b:e3:b4:ed:ee:76:32:c0:d2:17:2e:11:62:69:
1f:d2:0f:31:c1:d4:62:63:8c:5e:41:a0:60:99:d4:
98:b8:72:ab:c5:74:5e:98:79:37:37:ab:66:c5:09:
97:b3:9c:aa:da:03:d6:0a:8f:31:e5:e9:d6:c9:c2:
c5:44:f4:73:61:df:29:ee:a8:cd:eb:93:04:3d:6b:
f9:c1:ac:19:ed:42:eb:99:3b:32:ff:ca:22:3a:0d:
1b:e5:06:b0:29:8a:e5:a5:f0:c8:a2:73:aa:3e:29:
67:f8:08:10:01:99:93:b8:31:78:fd:df:4e:9b:0e:
e4:0c:1b:98:b8:15:f9:f1:5b:8d:41:17:09:30:26:
2f:fd:78:b4:f2:f0:b5:1f:ee:d8:26:96:da:e6:80:
4f:70:5c:ee:52:48:39:42:78:45:ec:c1:64:ba:a2:
e3:f9:59:b2:8c:05:35:2c:c7:68:b8:0a:2d:06:c5:
9f:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:86:CD:F1:C5:C5:AB:BD:1C:C2:2B:E4:C8:EF:49:1E:44:63:F6:D1
X509v3 Authority Key Identifier:
keyid:B6:C1:67:DF:A9:88:2B:2A:A8:F8:45:95:F5:8A:97:C3:05:CA:43:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tsFn36mIKyqo-EWV9YqXwwXKQ8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/YYbN8cXFq70cwivkyO9JHkRj9tE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/tsFn36mIKyqo-EWV9YqXwwXKQ8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.8.0/21
45.135.240.0/22
158.58.184.0/21
185.2.12.0/22
185.179.90.0/24
185.229.204.0/24
194.62.17.0/24
195.226.223.0/24
IPv6:
2a01:4ac0::-2a01:4ac0:6:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
93:b2:f8:ee:bc:a0:69:23:7f:f8:9e:6b:b6:e6:31:b6:f2:95:
98:15:29:00:27:5b:32:60:14:8a:a7:29:ce:36:d8:74:3c:d0:
be:00:d6:7e:f1:ba:cb:85:26:1f:68:dc:f0:c1:e7:1e:11:37:
1e:3d:90:82:f7:93:e8:26:0a:87:04:ac:ff:5c:76:1c:a8:7a:
25:0a:ce:58:f7:fb:0b:12:df:6f:dd:cb:ae:48:7d:61:18:5b:
44:47:d7:90:1c:ab:3b:e7:38:cb:34:dc:4f:86:57:07:59:f6:
eb:2a:e8:01:47:9e:8d:c7:27:0a:3a:59:c0:1f:a4:38:d9:83:
af:58:8c:12:ce:d3:b0:bc:c6:be:d0:b3:fa:1f:77:c4:da:bb:
50:67:e3:32:b7:93:55:b3:35:e2:f2:7c:f0:d4:6e:bf:ce:54:
98:1b:1a:a5:a6:f5:4f:75:6b:54:1d:11:5d:3b:3d:ba:39:eb:
4c:13:23:c2:ea:c8:e5:41:3f:ea:1c:9c:48:81:e2:2e:48:9d:
c5:c1:92:34:68:26:8d:b4:c5:b1:0b:b0:5d:d1:c3:a9:fd:8d:
b5:87:82:71:aa:2a:4e:05:f4:7f:e0:24:43:a1:1f:d8:7a:47:
5e:a0:cf:b7:29:42:bc:84:36:89:05:01:0a:73:2c:af:b7:d7:
aa:1c:6b:66
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAY9CznFHT2hBf5jpWOU+FVOQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2YzE2N2RmYTk4ODJiMmFhOGY4NDU5NWY1OGE5N2MzMDVj
YTQzYzUwHhcNMjQwNTA0MDg1MjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTg2Y2RmMWM1YzVhYmJkMWNjMjJiZTRjOGVmNDkxZTQ0NjNmNmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqY4ttzdfdhi0GYxfW7YlgUk4vk9
0T+o6O611EC2b3btJknn4OolsBtBzpuchJZTIoDm5+IffBcUMLX90RsZ+NbQUh+S
97u3+j34m+O07e52MsDSFy4RYmkf0g8xwdRiY4xeQaBgmdSYuHKrxXRemHk3N6tm
xQmXs5yq2gPWCo8x5enWycLFRPRzYd8p7qjN65MEPWv5wawZ7ULrmTsy/8oiOg0b
5QawKYrlpfDIonOqPiln+AgQAZmTuDF4/d9Omw7kDBuYuBX58VuNQRcJMCYv/Xi0
8vC1H+7YJpba5oBPcFzuUkg5QnhF7MFkuqLj+VmyjAU1LMdouAotBsWfTQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFGGGzfHFxau9HMIr5MjvSR5EY/bRMB8GA1UdIwQY
MBaAFLbBZ9+piCsqqPhFlfWKl8MFykPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHNGbjM2bUlLeXFvLUVXVjlZcVh3d1hLUThVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy83M2JlZWItNmEwNS00Y2NhLTg2YmUt
YWNmYzNkMmMyNTIyLzEvWVliTjhjWEZxNzBjd2l2a3lPOUpIa1JqOXRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy83M2JlZWItNmEwNS00Y2NhLTg2YmUtYWNmYzNkMmMyNTIy
LzEvdHNGbjM2bUlLeXFvLUVXVjlZcVh3d1hLUThVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjA2BAIAATAwAwQDBT8IAwQC
LYfwAwQDnjq4AwQCuQIMAwQAubNaAwQAueXMAwQAwj4RAwQAw+LfMBgEAgACMBIw
EAMFBioBSsADBwAqAUrAAAYwDQYJKoZIhvcNAQELBQADggEBAJOy+O68oGkjf/ie
a7bmMbbylZgVKQAnWzJgFIqnKc422HQ80L4A1n7xusuFJh9o3PDB5x4RNx49kIL3
k+gmCocErP9cdhyoeiUKzlj3+wsS32/dy65IfWEYW0RH15AcqzvnOMs03E+GVwdZ
9usq6AFHno3HJwo6WcAfpDjZg69YjBLO07C8xr7Qs/ofd8Tau1Bn4zK3k1WzNeLy
fPDUbr/OVJgbGqWm9U91a1QdEV07Pbo560wTI8LqyOVBP+ocnEiB4i5IncXBkjRo
Jo20xbELsF3Rw6n9jbWHgnGqKk4F9H/gJEOhH9h6R16gz7cpQryENokFAQpzLK+3
16oca2Y=
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:16:32 2024 by rpki-client on console-fra.rpki-client.org