Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b15851-a83b-415c-aee5-f9efc0457fb9/1/byXdwyLEO2WvByeX-eILAlsNbM4.roa
File: byXdwyLEO2WvByeX-eILAlsNbM4.roa (raw, json)
Hash identifier: hr0UBg21KvuTuTP8zKvgDDJzxEQ4wbAhcxN+m+G/oOs=
Subject key identifier: 6F:25:DD:C3:22:C4:3B:65:AF:07:27:97:F9:E2:0B:02:5B:0D:6C:CE
Certificate issuer: /CN=582c74fc59b7ab096a257d3b6299d2f6fda46a80
Certificate serial: 0193442EFC331D1D5DDA0F2EC7635A451E18
Authority key identifier: 58:2C:74:FC:59:B7:AB:09:6A:25:7D:3B:62:99:D2:F6:FD:A4:6A:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WCx0_Fm3qwlqJX07YpnS9v2kaoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/b15851-a83b-415c-aee5-f9efc0457fb9/1/byXdwyLEO2WvByeX-eILAlsNbM4.roa
Signing time: Tue 19 Nov 2024 11:29:10 +0000
ROA not before: Tue 19 Nov 2024 11:29:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212598
IP address blocks: 5.42.202.0/24 maxlen: 24
91.142.130.0/24 maxlen: 24
194.31.59.0/24 maxlen: 24
194.31.64.0/24 maxlen: 24
194.31.79.0/24 maxlen: 24
194.31.87.0/24 maxlen: 24
2a0f:a440::/29 maxlen: 29
2a12:1dc7:fffd::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/b15851-a83b-415c-aee5-f9efc0457fb9/1/WCx0_Fm3qwlqJX07YpnS9v2kaoA.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/b15851-a83b-415c-aee5-f9efc0457fb9/1/WCx0_Fm3qwlqJX07YpnS9v2kaoA.mft
rsync://rpki.ripe.net/repository/DEFAULT/WCx0_Fm3qwlqJX07YpnS9v2kaoA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:44:2e:fc:33:1d:1d:5d:da:0f:2e:c7:63:5a:45:1e:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=582c74fc59b7ab096a257d3b6299d2f6fda46a80
Validity
Not Before: Nov 19 11:29:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f25ddc322c43b65af072797f9e20b025b0d6cce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:0a:9b:28:20:98:c3:2c:9a:f7:f4:b8:0a:83:
7f:dd:c0:29:aa:da:0c:03:08:a5:69:71:ea:a1:05:
0e:4e:71:2d:5b:9f:ad:07:ab:f9:ee:9e:69:3b:50:
09:ab:e0:70:f5:93:9f:66:81:17:4a:d8:7b:01:e4:
30:69:4c:54:3a:d6:f5:9d:22:84:7f:04:0b:6c:c1:
9c:15:ef:d6:9a:63:89:d0:1d:f2:1f:d3:36:7e:0d:
ee:78:72:02:fb:be:c1:50:01:ce:8f:26:a1:c1:03:
74:1a:cc:9c:55:ef:da:7e:6d:4b:99:45:da:44:8f:
55:7f:0a:b7:e7:14:66:7f:bb:9d:42:61:a1:dc:ea:
7c:6b:67:e6:f2:8a:7a:ca:4b:61:36:81:55:6a:07:
bb:ce:9d:b1:01:f9:07:c9:46:37:0d:02:bb:d2:92:
ab:0a:18:fb:17:0d:5c:9e:b9:5d:1b:2d:2b:9b:f1:
62:37:64:f5:b7:d1:7e:ba:7c:95:b8:99:20:2c:05:
d8:72:a0:46:7f:f3:5b:44:8f:18:96:b2:ff:14:6c:
a7:94:5b:fa:a5:1b:3c:51:55:03:af:4c:09:ff:14:
f6:1f:73:00:6b:80:f2:74:20:65:42:86:d8:dd:ad:
0d:1a:19:ed:a3:22:f6:a1:51:04:50:38:33:be:16:
97:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:25:DD:C3:22:C4:3B:65:AF:07:27:97:F9:E2:0B:02:5B:0D:6C:CE
X509v3 Authority Key Identifier:
keyid:58:2C:74:FC:59:B7:AB:09:6A:25:7D:3B:62:99:D2:F6:FD:A4:6A:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WCx0_Fm3qwlqJX07YpnS9v2kaoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b15851-a83b-415c-aee5-f9efc0457fb9/1/byXdwyLEO2WvByeX-eILAlsNbM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b15851-a83b-415c-aee5-f9efc0457fb9/1/WCx0_Fm3qwlqJX07YpnS9v2kaoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.202.0/24
91.142.130.0/24
194.31.59.0/24
194.31.64.0/24
194.31.79.0/24
194.31.87.0/24
IPv6:
2a0f:a440::/29
2a12:1dc7:fffd::/48
Signature Algorithm: sha256WithRSAEncryption
19:55:6f:86:12:d4:ae:2a:ab:d1:47:93:d9:3b:e2:d8:f1:ca:
81:3b:76:64:a0:97:24:5e:61:e2:fd:61:ab:fc:da:10:b3:9b:
d0:ad:b6:16:eb:23:e0:04:7b:d1:0c:f4:15:26:00:b7:ce:fb:
1f:7c:47:19:49:83:2c:d8:96:e9:78:90:90:d7:7e:67:14:51:
6d:55:9c:d8:82:01:e5:72:69:9c:79:1d:06:02:b7:1b:02:3f:
82:0a:9d:88:e0:b5:45:5b:44:e3:cf:dd:d5:6e:5b:0f:da:a1:
19:a0:e6:91:6d:21:6a:78:92:72:cb:6e:32:67:1d:ab:76:5e:
31:ce:c5:ed:bb:07:a0:28:f3:03:70:79:0f:4e:d9:72:3f:90:
19:10:b4:42:14:48:d3:f0:5d:4a:e4:f7:cb:74:b5:8d:86:66:
07:48:b2:c9:63:e8:cb:0a:ef:8e:6e:12:83:b0:ea:c4:51:6e:
03:75:9c:8e:bd:a8:1e:26:4f:9d:3d:6c:45:60:10:04:2e:99:
71:5d:ec:69:ae:c8:eb:cc:da:2f:66:4c:b3:a6:80:15:92:a8:
bb:64:c3:f0:b4:b9:6e:83:4b:37:d7:39:03:68:98:62:c4:cf:
8f:95:81:15:48:aa:4e:6c:6b:57:08:96:78:8e:be:1e:89:23:
6e:6b:66:65
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZNELvwzHR1d2g8ux2NaRR4YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MmM3NGZjNTliN2FiMDk2YTI1N2QzYjYyOTlkMmY2ZmRh
NDZhODAwHhcNMjQxMTE5MTEyOTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjI1ZGRjMzIyYzQzYjY1YWYwNzI3OTdmOWUyMGIwMjViMGQ2Y2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQqbKCCYwyya9/S4CoN/3cApqtoM
AwilaXHqoQUOTnEtW5+tB6v57p5pO1AJq+Bw9ZOfZoEXSth7AeQwaUxUOtb1nSKE
fwQLbMGcFe/WmmOJ0B3yH9M2fg3ueHIC+77BUAHOjyahwQN0GsycVe/afm1LmUXa
RI9Vfwq35xRmf7udQmGh3Op8a2fm8op6ykthNoFVage7zp2xAfkHyUY3DQK70pKr
Chj7Fw1cnrldGy0rm/FiN2T1t9F+unyVuJkgLAXYcqBGf/NbRI8YlrL/FGynlFv6
pRs8UVUDr0wJ/xT2H3MAa4DydCBlQobY3a0NGhntoyL2oVEEUDgzvhaX8wIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFG8l3cMixDtlrwcnl/niCwJbDWzOMB8GA1UdIwQY
MBaAFFgsdPxZt6sJaiV9O2KZ0vb9pGqAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0N4MF9GbTNxd2xxSlgwN1lwblM5djJrYW9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iMTU4NTEtYTgzYi00MTVjLWFlZTUt
ZjllZmMwNDU3ZmI5LzEvYnlYZHd5TEVPMld2QnllWC1lSUxBbHNOYk00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iMTU4NTEtYTgzYi00MTVjLWFlZTUtZjllZmMwNDU3ZmI5
LzEvV0N4MF9GbTNxd2xxSlgwN1lwblM5djJrYW9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAqBAIAATAkAwQABSrKAwQA
W46CAwQAwh87AwQAwh9AAwQAwh9PAwQAwh9XMBYEAgACMBADBQMqD6RAAwcAKhId
x//9MA0GCSqGSIb3DQEBCwUAA4IBAQAZVW+GEtSuKqvRR5PZO+LY8cqBO3ZkoJck
XmHi/WGr/NoQs5vQrbYW6yPgBHvRDPQVJgC3zvsffEcZSYMs2JbpeJCQ135nFFFt
VZzYggHlcmmceR0GArcbAj+CCp2I4LVFW0Tjz93VblsP2qEZoOaRbSFqeJJyy24y
Zx2rdl4xzsXtuwegKPMDcHkPTtlyP5AZELRCFEjT8F1K5PfLdLWNhmYHSLLJY+jL
Cu+ObhKDsOrEUW4DdZyOvageJk+dPWxFYBAELplxXexprsjrzNovZkyzpoAVkqi7
ZMPwtLlug0s31zkDaJhixM+PlYEVSKpObGtXCJZ4jr4eiSNua2Zl
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:14:49 2024 by rpki-client on console-fra.rpki-client.org