Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/YGjVS2FHQ8eHsumhPKDAhP8_o2U.roa
File: YGjVS2FHQ8eHsumhPKDAhP8_o2U.roa (raw, json)
Hash identifier: ULZ/VZg/v1d2ccw++Kz1L9Aj0Vu6BGOtC8VoCX0fU7g=
Subject key identifier: 60:68:D5:4B:61:47:43:C7:87:B2:E9:A1:3C:A0:C0:84:FF:3F:A3:65
Certificate issuer: /CN=fad7100e77ed9119d66e2321bb6711d7e760982b
Certificate serial: 018D2129010C7531DCED7B568097B0BCE550
Authority key identifier: FA:D7:10:0E:77:ED:91:19:D6:6E:23:21:BB:67:11:D7:E7:60:98:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/YGjVS2FHQ8eHsumhPKDAhP8_o2U.roa
Signing time: Fri 19 Jan 2024 09:59:11 +0000
ROA not before: Fri 19 Jan 2024 09:59:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 46.80.0.0/12 maxlen: 12
62.153.0.0/16 maxlen: 16
62.154.0.0/15 maxlen: 15
62.156.0.0/14 maxlen: 14
62.224.0.0/14 maxlen: 14
79.192.0.0/10 maxlen: 10
80.128.0.0/11 maxlen: 11
80.128.0.0/12 maxlen: 12
80.144.0.0/13 maxlen: 13
80.152.0.0/14 maxlen: 14
80.156.0.0/16 maxlen: 16
80.157.0.0/16 maxlen: 16
80.157.8.0/21 maxlen: 21
80.157.16.0/20 maxlen: 20
84.128.0.0/10 maxlen: 10
87.128.0.0/10 maxlen: 10
91.0.0.0/10 maxlen: 10
93.192.0.0/10 maxlen: 10
193.158.0.0/15 maxlen: 15
194.25.0.0/16 maxlen: 16
194.150.228.0/23 maxlen: 23
195.145.0.0/16 maxlen: 16
195.243.0.0/16 maxlen: 16
212.184.0.0/15 maxlen: 15
217.0.0.0/13 maxlen: 13
217.80.0.0/12 maxlen: 12
217.224.0.0/11 maxlen: 11
2003::/19 maxlen: 19
2003::/23 maxlen: 23
2003:8:f401::/48 maxlen: 48
2003:8:f402::/48 maxlen: 48
2003:8:f403::/48 maxlen: 48
2003:8:f404::/48 maxlen: 48
2003:8:f405::/48 maxlen: 48
2003:8:f406::/48 maxlen: 48
2003:8:f407::/48 maxlen: 48
2003:8:f408::/48 maxlen: 48
2003:8:f409::/48 maxlen: 48
2003:8:f40a::/48 maxlen: 48
2003:8:f40b::/48 maxlen: 48
2003:8:f40c::/48 maxlen: 48
2003:8:f40d::/48 maxlen: 48
2003:8:f40e::/48 maxlen: 48
2003:3c0::/28 maxlen: 28
2003:3e0::/28 maxlen: 28
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1-tcQDnftkRnWbiMhu2cR1-dgmCs.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1-tcQDnftkRnWbiMhu2cR1-dgmCs.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 13 May 2024 10:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:21:29:01:0c:75:31:dc:ed:7b:56:80:97:b0:bc:e5:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fad7100e77ed9119d66e2321bb6711d7e760982b
Validity
Not Before: Jan 19 09:59:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6068d54b614743c787b2e9a13ca0c084ff3fa365
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:09:43:8a:a9:46:9e:69:92:b6:9d:79:ce:5a:
50:02:8b:80:6d:01:7b:14:c8:5c:1a:35:a2:d3:26:
5d:3f:a1:1d:48:5e:1f:99:82:75:20:94:5b:70:24:
65:29:24:24:2b:45:4e:f1:b9:f8:40:59:ee:11:89:
b2:be:29:ab:f4:ba:74:d5:49:b5:0e:0c:e5:1a:1e:
80:88:ea:90:23:e2:13:65:aa:0c:24:c9:12:c5:c5:
09:34:f1:42:2b:ae:bf:f5:db:5e:be:77:2b:2e:5e:
ed:58:9b:6c:1f:7b:30:ee:a9:19:0c:2a:af:fb:ed:
94:23:cb:c1:1a:8c:87:26:33:ca:72:88:3d:4f:2d:
89:27:1f:63:62:98:e1:c9:3b:bc:4d:da:66:f0:8a:
2b:85:44:0b:a5:60:19:54:87:ef:30:9b:25:73:89:
7c:8c:6f:d6:ad:14:a0:f9:d6:07:cc:57:43:20:c4:
1c:e8:b9:c5:18:2e:71:59:0a:bf:17:20:1c:9f:67:
de:4c:89:20:dd:76:ab:f1:5a:50:52:2f:6f:3f:6e:
4b:c2:6b:a7:02:6f:ec:ac:bb:c7:c5:e7:d7:11:f9:
5a:5b:0d:a1:b8:0a:85:12:86:f9:a4:d1:56:27:5e:
52:17:cd:3b:78:99:7f:16:ca:33:f5:6b:bf:0e:52:
3d:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:68:D5:4B:61:47:43:C7:87:B2:E9:A1:3C:A0:C0:84:FF:3F:A3:65
X509v3 Authority Key Identifier:
keyid:FA:D7:10:0E:77:ED:91:19:D6:6E:23:21:BB:67:11:D7:E7:60:98:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/YGjVS2FHQ8eHsumhPKDAhP8_o2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1-tcQDnftkRnWbiMhu2cR1-dgmCs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.80.0.0/12
62.153.0.0-62.159.255.255
62.224.0.0/14
79.192.0.0/10
80.128.0.0/11
84.128.0.0/10
87.128.0.0/10
91.0.0.0/10
93.192.0.0/10
193.158.0.0/15
194.25.0.0/16
194.150.228.0/23
195.145.0.0/16
195.243.0.0/16
212.184.0.0/15
217.0.0.0/13
217.80.0.0/12
217.224.0.0/11
IPv6:
2003::/19
Signature Algorithm: sha256WithRSAEncryption
87:fe:71:93:f9:56:ec:da:ef:fc:e0:3d:73:90:b9:9a:a8:39:
16:f3:bc:60:04:a5:0e:40:4a:d5:3d:2a:59:d4:f3:5b:26:d9:
d8:eb:c4:f8:c2:03:91:16:42:6f:d4:62:25:0e:e2:97:2c:f2:
40:34:82:1f:5d:e5:57:d5:ed:3b:ea:8f:ce:0d:3d:a4:81:ae:
d8:8f:8c:fe:f4:bb:a3:90:ac:e9:8f:e8:11:86:fb:3b:b1:ba:
bf:06:22:d6:d3:e8:56:5a:45:3e:59:f6:71:b9:7b:98:fd:04:
ab:46:fd:b3:92:e0:c6:35:0c:95:37:74:b8:d9:30:cf:bb:b0:
70:1e:0b:7c:12:74:b7:25:69:9d:dc:41:43:4d:51:96:50:fc:
23:13:c4:1f:ab:b4:99:a5:36:1c:9e:49:71:2c:26:82:5b:06:
5d:b5:ef:18:81:b6:d3:a6:6f:aa:e1:cf:f4:af:d5:7f:d9:15:
99:00:6f:9c:43:0a:bc:17:39:c8:75:4a:f9:91:b0:46:14:95:
82:37:d7:19:27:cf:3c:ef:db:9f:36:19:51:c9:9c:7c:a2:1c:
e0:50:e0:4a:58:3a:85:a9:9f:5f:87:dc:db:16:ec:38:a4:5d:
1c:58:9b:01:f0:9a:41:5e:bd:73:c0:a8:8c:f8:cb:18:4d:41:
1d:a3:77:cb
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAY0hKQEMdTHc7XtWgJewvOVQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhZDcxMDBlNzdlZDkxMTlkNjZlMjMyMWJiNjcxMWQ3ZTc2
MDk4MmIwHhcNMjQwMTE5MDk1OTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDY4ZDU0YjYxNDc0M2M3ODdiMmU5YTEzY2EwYzA4NGZmM2ZhMzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQlDiqlGnmmStp15zlpQAouAbQF7
FMhcGjWi0yZdP6EdSF4fmYJ1IJRbcCRlKSQkK0VO8bn4QFnuEYmyvimr9Lp01Um1
DgzlGh6AiOqQI+ITZaoMJMkSxcUJNPFCK66/9dtevncrLl7tWJtsH3sw7qkZDCqv
++2UI8vBGoyHJjPKcog9Ty2JJx9jYpjhyTu8Tdpm8IorhUQLpWAZVIfvMJslc4l8
jG/WrRSg+dYHzFdDIMQc6LnFGC5xWQq/FyAcn2feTIkg3Xar8VpQUi9vP25Lwmun
Am/srLvHxefXEflaWw2huAqFEob5pNFWJ15SF807eJl/Fsoz9Wu/DlI92QIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFGBo1UthR0PHh7LpoTygwIT/P6NlMB8GA1UdIwQY
MBaAFPrXEA537ZEZ1m4jIbtnEdfnYJgrMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS10Y1FEbmZ0a1JuV2JpTWh1MmNSMS1kZ21Dcy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2UvMDFkNDExLWQ5MTUtNDI3Ny04ZmUy
LTc2YjBkZGEyYmYzZS8xL1lHalZTMkZIUThlSHN1bWhQS0RBaFA4X28yVS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvM2UvMDFkNDExLWQ5MTUtNDI3Ny04ZmUyLTc2YjBkZGEyYmYz
ZS8xLzEtdGNRRG5mdGtSbldiaU1odTJjUjEtZGdtQ3MuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgYkGCCsGAQUFBwEHAQH/BHoweDBoBAIAATBiAwMELlAw
CgMDAD6ZAwMFPoADAwI+4AMDBk/AAwMFUIADAwZUgAMDBleAAwMGWwADAwZdwAMD
AcGeAwMAwhkDBAHCluQDAwDDkQMDAMPzAwMB1LgDAwPZAAMDBNlQAwMF2eAwDAQC
AAIwBgMEBSADADANBgkqhkiG9w0BAQsFAAOCAQEAh/5xk/lW7Nrv/OA9c5C5mqg5
FvO8YASlDkBK1T0qWdTzWybZ2OvE+MIDkRZCb9RiJQ7ilyzyQDSCH13lV9XtO+qP
zg09pIGu2I+M/vS7o5Cs6Y/oEYb7O7G6vwYi1tPoVlpFPln2cbl7mP0Eq0b9s5Lg
xjUMlTd0uNkwz7uwcB4LfBJ0tyVpndxBQ01RllD8IxPEH6u0maU2HJ5JcSwmglsG
XbXvGIG206ZvquHP9K/Vf9kVmQBvnEMKvBc5yHVK+ZGwRhSVgjfXGSfPPO/bnzYZ
UcmcfKIc4FDgSlg6hamfX4fc2xbsOKRdHFibAfCaQV69c8CojPjLGE1BHaN3yw==
-----END CERTIFICATE-----
Generated at Sun May 12 15:24:20 2024 by rpki-client on console-fra.rpki-client.org