Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/wy3NpXZHiXOBFV6X58raMRovXGU.roa
File: wy3NpXZHiXOBFV6X58raMRovXGU.roa (raw, json)
Hash identifier: 9aYun0UEqJd28/eiBq5m/MXMJBSWvX4TRT7W7R7pndU=
Subject key identifier: C3:2D:CD:A5:76:47:89:73:81:15:5E:97:E7:CA:DA:31:1A:2F:5C:65
Certificate issuer: /CN=b75a0566d0b63a1f862d83458e4f2ea6fd8f7d21
Certificate serial: 018F2F6F8387C6FEE01BDD26F450F6888624
Authority key identifier: B7:5A:05:66:D0:B6:3A:1F:86:2D:83:45:8E:4F:2E:A6:FD:8F:7D:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t1oFZtC2Oh-GLYNFjk8upv2PfSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/wy3NpXZHiXOBFV6X58raMRovXGU.roa
Signing time: Tue 30 Apr 2024 14:36:28 +0000
ROA not before: Tue 30 Apr 2024 14:36:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199775
IP address blocks: 45.94.32.0/22 maxlen: 24
46.36.192.0/21 maxlen: 24
185.6.152.0/22 maxlen: 24
185.65.164.0/22 maxlen: 24
185.95.108.0/22 maxlen: 24
185.168.132.0/22 maxlen: 24
185.182.52.0/22 maxlen: 24
185.208.240.0/22 maxlen: 22
185.242.218.0/24 maxlen: 24
194.126.152.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/t1oFZtC2Oh-GLYNFjk8upv2PfSE.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/t1oFZtC2Oh-GLYNFjk8upv2PfSE.mft
rsync://rpki.ripe.net/repository/DEFAULT/t1oFZtC2Oh-GLYNFjk8upv2PfSE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2f:6f:83:87:c6:fe:e0:1b:dd:26:f4:50:f6:88:86:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b75a0566d0b63a1f862d83458e4f2ea6fd8f7d21
Validity
Not Before: Apr 30 14:36:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c32dcda57647897381155e97e7cada311a2f5c65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:04:13:7c:9a:08:9b:9a:e1:ce:b4:8e:15:bf:
5f:0d:64:fd:39:19:4d:a3:6c:be:e3:b1:77:b7:8a:
d8:18:db:90:48:2a:b1:bb:64:51:ed:dd:9e:6f:39:
33:b6:d8:ad:6b:09:af:76:64:de:9c:90:19:f9:df:
9b:52:cf:40:1a:3d:af:6e:d6:b0:7a:c3:1c:27:86:
72:2c:30:7a:81:f2:e3:80:5c:2c:cf:68:56:34:47:
58:1e:62:74:64:5b:53:52:2c:94:95:74:3e:5a:11:
88:7e:78:2d:4d:ac:ba:f4:b9:93:fd:02:b7:32:f2:
5e:6f:1c:d4:1f:21:41:9c:f5:4f:57:ee:c0:cf:cf:
9c:00:0a:51:5f:22:88:2a:03:38:c6:54:d8:3a:e3:
d4:02:ea:89:d6:e7:f0:2a:91:75:1b:34:af:84:da:
07:b8:a7:84:78:78:f0:1a:a1:d2:96:77:4f:64:f3:
76:db:21:90:ec:7b:97:9f:e6:37:ca:4c:a1:99:bc:
7e:7e:d0:fd:dd:56:71:e9:ab:4e:7b:1f:35:75:79:
de:6f:63:2b:c4:fa:bc:4f:c1:43:88:5b:83:9b:ab:
87:b9:db:7f:9a:dc:05:f4:a6:c6:61:98:9f:b0:6f:
29:01:4b:6f:0e:51:f4:17:01:ab:fe:c1:30:27:70:
e2:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:2D:CD:A5:76:47:89:73:81:15:5E:97:E7:CA:DA:31:1A:2F:5C:65
X509v3 Authority Key Identifier:
keyid:B7:5A:05:66:D0:B6:3A:1F:86:2D:83:45:8E:4F:2E:A6:FD:8F:7D:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t1oFZtC2Oh-GLYNFjk8upv2PfSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/wy3NpXZHiXOBFV6X58raMRovXGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/t1oFZtC2Oh-GLYNFjk8upv2PfSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.32.0/22
46.36.192.0/21
185.6.152.0/22
185.65.164.0/22
185.95.108.0/22
185.168.132.0/22
185.182.52.0/22
185.208.240.0/22
185.242.218.0/24
194.126.152.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:4c:30:f5:31:1b:5e:0e:7c:3f:c7:41:08:83:3d:a6:0e:fa:
c3:27:9d:ab:d0:1f:9b:28:83:7b:ab:de:17:39:9c:6e:23:77:
54:4f:d1:33:f8:de:3d:69:cc:8c:9a:cf:6e:13:6b:87:ad:b3:
bc:e1:81:bf:fb:80:f0:fd:74:bc:c3:ba:0d:9b:ad:a8:04:cc:
89:86:a4:fd:5a:d3:20:11:4b:0e:ec:2d:5f:e2:95:f4:73:6a:
98:de:7a:a5:98:43:8f:1f:ea:ef:91:d6:01:ef:59:58:ee:df:
bb:64:f8:57:5f:52:4b:bf:40:76:62:ca:07:f6:de:49:7d:d8:
ff:f4:2d:bd:95:7a:1f:7d:48:23:3a:c1:94:1d:c7:02:ea:81:
f2:48:7f:40:9a:44:7c:df:11:23:6e:4e:59:a4:f6:77:35:0b:
9f:8e:81:98:42:40:b6:7a:2b:e8:f7:f9:a1:a3:b1:c8:d8:57:
c7:9a:82:a7:9d:e6:36:46:f9:65:74:99:30:6a:ec:e9:5a:c7:
30:d5:4e:b3:f3:81:eb:dc:7e:87:b6:e0:b4:95:ba:c5:62:22:
34:0d:c9:70:a7:ff:a8:d4:d0:96:f0:f5:5e:97:33:64:fc:c2:
fa:5d:04:32:6d:aa:9e:1d:2c:0a:d0:4e:a9:80:f5:ec:83:e0:
f7:f3:95:6e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY8vb4OHxv7gG90m9FD2iIYkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NWEwNTY2ZDBiNjNhMWY4NjJkODM0NThlNGYyZWE2ZmQ4
ZjdkMjEwHhcNMjQwNDMwMTQzNjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzJkY2RhNTc2NDc4OTczODExNTVlOTdlN2NhZGEzMTFhMmY1YzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5QQTfJoIm5rhzrSOFb9fDWT9ORlN
o2y+47F3t4rYGNuQSCqxu2RR7d2ebzkzttitawmvdmTenJAZ+d+bUs9AGj2vbtaw
esMcJ4ZyLDB6gfLjgFwsz2hWNEdYHmJ0ZFtTUiyUlXQ+WhGIfngtTay69LmT/QK3
MvJebxzUHyFBnPVPV+7Az8+cAApRXyKIKgM4xlTYOuPUAuqJ1ufwKpF1GzSvhNoH
uKeEeHjwGqHSlndPZPN22yGQ7HuXn+Y3ykyhmbx+ftD93VZx6atOex81dXneb2Mr
xPq8T8FDiFuDm6uHudt/mtwF9KbGYZifsG8pAUtvDlH0FwGr/sEwJ3Di5QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFMMtzaV2R4lzgRVel+fK2jEaL1xlMB8GA1UdIwQY
MBaAFLdaBWbQtjofhi2DRY5PLqb9j30hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDFvRlp0QzJPaC1HTFlORmprOHVwdjJQZlNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8xMDM1NzAtMWNmNi00MmFjLTgxZDQt
ODNmNjAxYzNmYjU5LzEvd3kzTnBYWkhpWE9CRlY2WDU4cmFNUm92WEdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8xMDM1NzAtMWNmNi00MmFjLTgxZDQtODNmNjAxYzNmYjU5
LzEvdDFvRlp0QzJPaC1HTFlORmprOHVwdjJQZlNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCLV4gAwQD
LiTAAwQCuQaYAwQCuUGkAwQCuV9sAwQCuaiEAwQCubY0AwQCudDwAwQAufLaAwQC
wn6YMA0GCSqGSIb3DQEBCwUAA4IBAQCKTDD1MRteDnw/x0EIgz2mDvrDJ52r0B+b
KIN7q94XOZxuI3dUT9Ez+N49acyMms9uE2uHrbO84YG/+4Dw/XS8w7oNm62oBMyJ
hqT9WtMgEUsO7C1f4pX0c2qY3nqlmEOPH+rvkdYB71lY7t+7ZPhXX1JLv0B2YsoH
9t5Jfdj/9C29lXoffUgjOsGUHccC6oHySH9AmkR83xEjbk5ZpPZ3NQufjoGYQkC2
eivo9/mho7HI2FfHmoKnneY2RvlldJkwauzpWscw1U6z84Hr3H6HtuC0lbrFYiI0
Dclwp/+o1NCW8PVelzNk/ML6XQQybaqeHSwK0E6pgPXsg+D385Vu
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:40:40 2024 by rpki-client on console-fra.rpki-client.org