Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/Y9GnRKxcXwsAJ2_vlV9Zz082RgY.roa
File: Y9GnRKxcXwsAJ2_vlV9Zz082RgY.roa (raw, json)
Hash identifier: S1vPZSAPjpkbXIo7al3kGFJ9dJsSo181dmxO3scf22w=
Subject key identifier: 63:D1:A7:44:AC:5C:5F:0B:00:27:6F:EF:95:5F:59:CF:4F:36:46:06
Certificate issuer: /CN=b62d4cec783305923e3497ed884f1c445b4e78fb
Certificate serial: 0193507F24CA421FE15D76CC0A77A12416F1
Authority key identifier: B6:2D:4C:EC:78:33:05:92:3E:34:97:ED:88:4F:1C:44:5B:4E:78:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ti1M7HgzBZI-NJftiE8cRFtOePs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/Y9GnRKxcXwsAJ2_vlV9Zz082RgY.roa
Signing time: Thu 21 Nov 2024 20:52:09 +0000
ROA not before: Thu 21 Nov 2024 20:52:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44901
IP address blocks: 46.253.0.0/24 maxlen: 24
46.253.1.0/24 maxlen: 24
46.253.4.0/24 maxlen: 24
91.132.60.0/24 maxlen: 24
91.132.62.0/24 maxlen: 24
91.132.63.0/24 maxlen: 24
93.94.142.0/24 maxlen: 24
95.169.202.0/24 maxlen: 24
185.1.156.0/24 maxlen: 24
185.243.213.0/24 maxlen: 24
2a09:be80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/ti1M7HgzBZI-NJftiE8cRFtOePs.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/ti1M7HgzBZI-NJftiE8cRFtOePs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ti1M7HgzBZI-NJftiE8cRFtOePs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:50:7f:24:ca:42:1f:e1:5d:76:cc:0a:77:a1:24:16:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b62d4cec783305923e3497ed884f1c445b4e78fb
Validity
Not Before: Nov 21 20:52:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63d1a744ac5c5f0b00276fef955f59cf4f364606
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b0:4d:97:a6:4b:bb:22:7c:09:b8:88:34:a4:
d9:b8:51:5e:a3:ca:18:86:79:36:c8:65:a6:4c:62:
f7:54:74:7b:5a:81:1e:36:53:38:93:b6:ea:45:82:
2b:da:ca:84:44:77:44:bf:0c:dd:8b:3c:62:0b:a6:
5c:aa:e4:2e:49:23:24:1e:98:90:7c:e5:85:e6:c6:
cf:26:26:1a:12:75:a7:7f:2d:a6:33:40:93:95:aa:
3a:50:c0:8b:61:49:71:7b:87:a6:f2:d6:cd:bf:09:
bb:a4:8d:ef:0c:1d:ff:22:f3:45:e6:c7:81:60:9f:
e9:d0:5d:b4:b1:c5:68:18:2c:7a:2c:72:e1:cc:13:
ba:a5:24:e6:65:41:29:0d:89:e7:f6:8c:49:a4:2b:
db:13:dc:e8:d3:5c:8c:e2:ec:82:c0:95:61:5c:a2:
0f:23:6b:62:ff:cc:71:67:36:e4:90:f9:4b:78:69:
ed:58:33:df:33:39:be:2c:f8:39:28:af:a5:13:3f:
3e:bb:56:f3:15:18:17:bb:1f:38:a3:ae:27:4a:6a:
9f:55:61:b0:f9:4c:b1:9b:f8:f3:ec:40:32:61:44:
08:ab:4c:f3:3c:f5:fe:c7:4c:ed:05:a6:38:1d:59:
fa:fb:6b:bd:c2:aa:0d:9b:1f:69:8b:4b:74:2a:dd:
01:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:D1:A7:44:AC:5C:5F:0B:00:27:6F:EF:95:5F:59:CF:4F:36:46:06
X509v3 Authority Key Identifier:
keyid:B6:2D:4C:EC:78:33:05:92:3E:34:97:ED:88:4F:1C:44:5B:4E:78:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ti1M7HgzBZI-NJftiE8cRFtOePs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/Y9GnRKxcXwsAJ2_vlV9Zz082RgY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/ti1M7HgzBZI-NJftiE8cRFtOePs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.0.0/23
46.253.4.0/24
91.132.60.0/24
91.132.62.0/23
93.94.142.0/24
95.169.202.0/24
185.1.156.0/24
185.243.213.0/24
IPv6:
2a09:be80::/32
Signature Algorithm: sha256WithRSAEncryption
7f:3d:47:8d:18:d2:0c:a3:7d:22:95:ab:db:a1:95:c2:e7:7d:
a2:78:dd:f2:3c:e2:13:d6:db:67:db:04:c8:be:c9:74:74:08:
50:94:a4:9b:26:2a:18:0b:d4:fe:f0:27:ec:5f:c0:77:b6:e5:
1f:a8:84:47:25:30:c4:b4:8b:5c:d6:72:39:8f:7f:f8:9a:d4:
77:b8:96:d7:f6:4f:56:07:04:83:c6:5c:a3:fd:15:fa:02:35:
75:4f:76:d9:68:31:74:b6:14:e5:8a:bd:41:e2:b0:3b:fd:ee:
7d:f8:4f:51:0b:37:0b:21:9c:e2:1b:f9:ab:f4:17:6d:d2:35:
45:fc:36:f4:83:80:ab:ef:fd:c3:08:2c:35:cb:dc:87:ec:bc:
0f:eb:47:21:85:dd:11:44:d6:48:dd:2c:3f:49:5f:c3:e0:88:
03:19:86:4b:7e:bd:1c:03:49:fa:18:a0:93:90:de:69:11:e2:
00:40:7b:3a:e7:7a:ec:d0:e0:5b:3f:0b:03:f1:4e:27:25:86:
b9:28:6d:af:93:67:04:72:61:f6:ff:b1:13:c0:83:57:2b:f9:
92:d6:f3:02:b2:86:6b:fe:8d:68:bf:b4:39:21:97:10:53:c0:
9c:2a:37:94:4c:49:c7:0d:a0:7e:9b:2f:d9:e1:ad:a6:ba:f4:
ad:a7:eb:2e
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZNQfyTKQh/hXXbMCnehJBbxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MmQ0Y2VjNzgzMzA1OTIzZTM0OTdlZDg4NGYxYzQ0NWI0
ZTc4ZmIwHhcNMjQxMTIxMjA1MjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2QxYTc0NGFjNWM1ZjBiMDAyNzZmZWY5NTVmNTljZjRmMzY0NjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbBNl6ZLuyJ8CbiINKTZuFFeo8oY
hnk2yGWmTGL3VHR7WoEeNlM4k7bqRYIr2sqERHdEvwzdizxiC6ZcquQuSSMkHpiQ
fOWF5sbPJiYaEnWnfy2mM0CTlao6UMCLYUlxe4em8tbNvwm7pI3vDB3/IvNF5seB
YJ/p0F20scVoGCx6LHLhzBO6pSTmZUEpDYnn9oxJpCvbE9zo01yM4uyCwJVhXKIP
I2ti/8xxZzbkkPlLeGntWDPfMzm+LPg5KK+lEz8+u1bzFRgXux84o64nSmqfVWGw
+Uyxm/jz7EAyYUQIq0zzPPX+x0ztBaY4HVn6+2u9wqoNmx9pi0t0Kt0BiwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFGPRp0SsXF8LACdv75VfWc9PNkYGMB8GA1UdIwQY
MBaAFLYtTOx4MwWSPjSX7YhPHERbTnj7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGkxTTdIZ3pCWkktTkpmdGlFOGNSRnRPZVBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9mMWIzZGEtYmViZi00NGIwLWFiMTIt
ZDMyZTI3ZmI3ZTU5LzEvWTlHblJLeGNYd3NBSjJfdmxWOVp6MDgyUmdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9mMWIzZGEtYmViZi00NGIwLWFiMTItZDMyZTI3ZmI3ZTU5
LzEvdGkxTTdIZ3pCWkktTkpmdGlFOGNSRnRPZVBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQBLv0AAwQA
Lv0EAwQAW4Q8AwQBW4Q+AwQAXV6OAwQAX6nKAwQAuQGcAwQAufPVMA0EAgACMAcD
BQAqCb6AMA0GCSqGSIb3DQEBCwUAA4IBAQB/PUeNGNIMo30ilavboZXC532ieN3y
POIT1ttn2wTIvsl0dAhQlKSbJioYC9T+8CfsX8B3tuUfqIRHJTDEtItc1nI5j3/4
mtR3uJbX9k9WBwSDxlyj/RX6AjV1T3bZaDF0thTlir1B4rA7/e59+E9RCzcLIZzi
G/mr9Bdt0jVF/Db0g4Cr7/3DCCw1y9yH7LwP60chhd0RRNZI3Sw/SV/D4IgDGYZL
fr0cA0n6GKCTkN5pEeIAQHs653rs0OBbPwsD8U4nJYa5KG2vk2cEcmH2/7ETwINX
K/mS1vMCsoZr/o1ov7Q5IZcQU8CcKjeUTEnHDaB+my/Z4a2muvStp+su
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:06:50 2024 by rpki-client on console-fra.rpki-client.org