Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/pyZyzQ6VGVQgm0ilrkPCxvCL_aU.roa
File: pyZyzQ6VGVQgm0ilrkPCxvCL_aU.roa (raw, json)
Hash identifier: T2aIaHuCZcAY+ACjqDTXnMP7s+EaSAwSAtWR+++Pa+A=
Subject key identifier: A7:26:72:CD:0E:95:19:54:20:9B:48:A5:AE:43:C2:C6:F0:8B:FD:A5
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 0191A2E4B38B4CABD4C16A117A6B741A6E10
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/pyZyzQ6VGVQgm0ilrkPCxvCL_aU.roa
Signing time: Fri 30 Aug 2024 10:46:22 +0000
ROA not before: Fri 30 Aug 2024 10:46:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212667
IP address blocks: 2.59.48.0/24 maxlen: 24
31.222.240.0/24 maxlen: 24
31.222.243.0/24 maxlen: 24
31.222.250.0/24 maxlen: 24
37.221.80.0/24 maxlen: 24
45.11.22.0/24 maxlen: 24
45.14.221.0/24 maxlen: 24
45.89.68.0/24 maxlen: 24
45.89.71.0/24 maxlen: 24
45.147.168.0/22 maxlen: 22
91.188.220.0/24 maxlen: 24
94.158.188.0/24 maxlen: 24
176.56.35.0/24 maxlen: 24
176.56.36.0/24 maxlen: 24
176.124.34.0/24 maxlen: 24
185.202.106.0/24 maxlen: 24
185.212.112.0/24 maxlen: 24
185.234.8.0/24 maxlen: 24
188.95.71.0/24 maxlen: 24
193.3.18.0/24 maxlen: 24
193.201.114.0/24 maxlen: 24
194.32.240.0/24 maxlen: 24
195.18.26.0/24 maxlen: 24
195.69.148.0/24 maxlen: 24
195.69.150.0/24 maxlen: 24
195.96.150.0/24 maxlen: 24
195.225.96.0/24 maxlen: 24
212.18.100.0/24 maxlen: 24
212.18.122.0/24 maxlen: 24
212.52.4.0/24 maxlen: 24
213.109.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a2:e4:b3:8b:4c:ab:d4:c1:6a:11:7a:6b:74:1a:6e:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Aug 30 10:46:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a72672cd0e951954209b48a5ae43c2c6f08bfda5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ac:43:1f:a8:56:02:fe:4c:9b:b1:9b:5f:63:
74:04:c2:d9:13:62:a3:91:ce:25:77:0b:57:be:55:
1d:de:bd:a1:7c:99:c2:d4:a1:24:0c:80:9a:b3:27:
34:5b:40:f4:a4:6a:18:b8:c4:05:be:d3:d9:61:f0:
f1:94:d3:d8:87:2c:e1:61:5b:c4:91:b3:85:37:5d:
23:4e:78:c3:c4:48:5e:a8:17:ba:5e:e0:71:c8:7a:
e9:d2:30:f3:64:24:ca:1f:4f:9b:4d:58:1c:2d:82:
2a:17:53:0d:e7:60:d4:e7:d1:45:8c:2f:d3:00:0e:
c9:b4:d6:bd:d4:29:41:95:3f:c6:50:2f:42:10:fa:
fc:ae:3e:73:5a:23:a9:9a:a2:d7:00:d9:b1:fd:a7:
85:b1:65:e7:73:f7:8d:09:b5:8e:0e:8b:24:be:a9:
ed:52:41:c7:f8:af:5d:31:f9:75:81:f8:49:e4:df:
c8:b8:a8:83:bd:0a:ce:c3:27:16:11:61:93:8f:d3:
38:8f:5a:11:c9:d7:e8:1a:e9:36:a7:98:cd:dc:49:
8a:c4:85:ad:c2:ed:da:31:4a:2a:f1:a1:59:b8:2c:
dd:51:49:16:bd:89:de:fe:14:a9:6b:be:e2:cc:85:
c7:b4:1d:c4:f0:7a:83:73:69:c4:99:ed:34:18:05:
68:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:26:72:CD:0E:95:19:54:20:9B:48:A5:AE:43:C2:C6:F0:8B:FD:A5
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/pyZyzQ6VGVQgm0ilrkPCxvCL_aU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.48.0/24
31.222.240.0/24
31.222.243.0/24
31.222.250.0/24
37.221.80.0/24
45.11.22.0/24
45.14.221.0/24
45.89.68.0/24
45.89.71.0/24
45.147.168.0/22
91.188.220.0/24
94.158.188.0/24
176.56.35.0-176.56.36.255
176.124.34.0/24
185.202.106.0/24
185.212.112.0/24
185.234.8.0/24
188.95.71.0/24
193.3.18.0/24
193.201.114.0/24
194.32.240.0/24
195.18.26.0/24
195.69.148.0/24
195.69.150.0/24
195.96.150.0/24
195.225.96.0/24
212.18.100.0/24
212.18.122.0/24
212.52.4.0/24
213.109.206.0/24
Signature Algorithm: sha256WithRSAEncryption
70:07:e4:12:97:33:a7:03:ba:86:5a:78:73:1b:a0:03:40:08:
95:b0:95:da:95:83:0c:03:7c:45:6d:0f:f6:6a:02:0b:bf:f3:
78:b4:2a:19:f9:69:7d:80:28:5b:2e:3c:d1:29:5f:f1:eb:c2:
1e:17:e6:fe:27:c0:22:54:4a:b6:86:66:78:af:a9:40:88:f3:
37:4c:e5:a8:a0:13:86:d6:48:ff:aa:69:6f:f6:43:e8:ae:27:
f3:15:44:2b:c4:40:2d:4c:4d:86:8c:a3:2b:4c:19:10:4e:ab:
33:ef:38:b1:f3:80:2c:54:4d:73:44:de:75:e1:54:fb:a2:71:
11:2e:29:c9:21:bd:14:78:c8:93:ae:c8:bb:8d:17:a1:f5:aa:
06:67:39:af:1a:0b:83:57:4b:d0:92:79:c1:a5:29:65:1b:1f:
73:98:fe:7e:30:04:a0:69:c6:15:0d:6c:9d:5e:b2:3e:d9:4b:
83:ad:db:49:a0:49:25:dd:22:11:ba:11:41:91:32:c2:78:57:
c2:64:84:21:9d:0e:86:76:6b:98:1b:48:75:e0:6b:00:94:1a:
60:07:a1:57:6a:46:38:8d:54:f6:bf:6e:8f:a5:2d:19:ad:13:
95:84:b8:9e:dc:f0:b8:e9:15:89:28:7e:75:f9:b6:f9:3c:9d:
76:a9:b4:2a
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgISAZGi5LOLTKvUwWoRemt0Gm4QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwODMwMTA0NjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzI2NzJjZDBlOTUxOTU0MjA5YjQ4YTVhZTQzYzJjNmYwOGJmZGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKxDH6hWAv5Mm7GbX2N0BMLZE2Kj
kc4ldwtXvlUd3r2hfJnC1KEkDICasyc0W0D0pGoYuMQFvtPZYfDxlNPYhyzhYVvE
kbOFN10jTnjDxEheqBe6XuBxyHrp0jDzZCTKH0+bTVgcLYIqF1MN52DU59FFjC/T
AA7JtNa91ClBlT/GUC9CEPr8rj5zWiOpmqLXANmx/aeFsWXnc/eNCbWODoskvqnt
UkHH+K9dMfl1gfhJ5N/IuKiDvQrOwycWEWGTj9M4j1oRydfoGuk2p5jN3EmKxIWt
wu3aMUoq8aFZuCzdUUkWvYne/hSpa77izIXHtB3E8HqDc2nEme00GAVouQIDAQAB
o4ICxDCCAsAwHQYDVR0OBBYEFKcmcs0OlRlUIJtIpa5Dwsbwi/2lMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvcHlaeXpRNlZHVlFnbTBpbHJrUEN4dkNMX2FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHZBggrBgEFBQcBBwEB/wSByTCBxjCBwwQCAAEwgbwDBAAC
OzADBAAf3vADBAAf3vMDBAAf3voDBAAl3VADBAAtCxYDBAAtDt0DBAAtWUQDBAAt
WUcDBAItk6gDBABbvNwDBABenrwwDAMEALA4IwMEALA4JAMEALB8IgMEALnKagME
ALnUcAMEALnqCAMEALxfRwMEAMEDEgMEAMHJcgMEAMIg8AMEAMMSGgMEAMNFlAME
AMNFlgMEAMNglgMEAMPhYAMEANQSZAMEANQSegMEANQ0BAMEANVtzjANBgkqhkiG
9w0BAQsFAAOCAQEAcAfkEpczpwO6hlp4cxugA0AIlbCV2pWDDAN8RW0P9moCC7/z
eLQqGflpfYAoWy480Slf8evCHhfm/ifAIlRKtoZmeK+pQIjzN0zlqKAThtZI/6pp
b/ZD6K4n8xVEK8RALUxNhoyjK0wZEE6rM+84sfOALFRNc0TedeFU+6JxES4pySG9
FHjIk67Iu40XofWqBmc5rxoLg1dL0JJ5waUpZRsfc5j+fjAEoGnGFQ1snV6yPtlL
g63bSaBJJd0iEboRQZEywnhXwmSEIZ0OhnZrmBtIdeBrAJQaYAehV2pGOI1U9r9u
j6UtGa0TlYS4ntzwuOkViSh+dfm2+Tyddqm0Kg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:08:47 2024 by rpki-client on console-ams.rpki-client.org