Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/yiOSJxw26L2fEY_GbsERAPNkk_U.roa
File: yiOSJxw26L2fEY_GbsERAPNkk_U.roa (raw, json)
Hash identifier: JIrGnzYrwfJRjV+MdZdaSNSs91Oh6uExOCeEJVv5FCQ=
Subject key identifier: CA:23:92:27:1C:36:E8:BD:9F:11:8F:C6:6E:C1:11:00:F3:64:93:F5
Certificate issuer: /CN=83c103d65a54d6af1efba6ac3e63722028af2bb1
Certificate serial: 018E7D166C430954B59D89A0737C62EA5698
Authority key identifier: 83:C1:03:D6:5A:54:D6:AF:1E:FB:A6:AC:3E:63:72:20:28:AF:2B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g8ED1lpU1q8e-6asPmNyICivK7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/yiOSJxw26L2fEY_GbsERAPNkk_U.roa
Signing time: Tue 26 Mar 2024 23:26:45 +0000
ROA not before: Tue 26 Mar 2024 23:26:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49544
IP address blocks: 66.22.196.0/22 maxlen: 22
66.22.200.0/22 maxlen: 22
66.22.204.0/22 maxlen: 22
66.22.208.0/22 maxlen: 22
66.22.212.0/22 maxlen: 22
66.22.216.0/23 maxlen: 23
66.22.218.0/23 maxlen: 23
66.22.220.0/23 maxlen: 23
66.22.222.0/23 maxlen: 23
66.22.224.0/23 maxlen: 23
66.22.226.0/23 maxlen: 23
66.22.230.0/24 maxlen: 24
66.22.231.0/24 maxlen: 24
66.22.232.0/24 maxlen: 24
66.22.233.0/24 maxlen: 24
66.22.234.0/24 maxlen: 24
66.22.235.0/24 maxlen: 24
66.22.236.0/24 maxlen: 24
66.22.237.0/24 maxlen: 24
66.22.238.0/24 maxlen: 24
66.22.239.0/24 maxlen: 24
66.22.240.0/24 maxlen: 24
66.22.241.0/24 maxlen: 24
66.22.242.0/24 maxlen: 24
66.22.243.0/24 maxlen: 24
66.22.244.0/24 maxlen: 24
66.22.245.0/24 maxlen: 24
66.22.246.0/24 maxlen: 24
66.22.247.0/24 maxlen: 24
66.22.248.0/24 maxlen: 24
2a0e:5940::/44 maxlen: 44
2a0e:5940:10::/44 maxlen: 44
2a0e:5940:20::/44 maxlen: 44
2a0e:5940:30::/44 maxlen: 44
2a0e:5940:40::/44 maxlen: 44
2a0e:5940:50::/44 maxlen: 44
2a0e:5940:60::/44 maxlen: 44
2a0e:5940:70::/44 maxlen: 44
2a0e:5940:80::/44 maxlen: 44
2a0e:5940:90::/44 maxlen: 44
2a0e:5940:a0::/44 maxlen: 44
2a0e:5940:b0::/44 maxlen: 44
2a0e:5940:c0::/44 maxlen: 44
2a0e:5940:d0::/44 maxlen: 44
2a0e:5940:e0::/44 maxlen: 44
2a0e:5940:f0::/44 maxlen: 44
2a0e:5940:100::/44 maxlen: 44
2a0e:5940:110::/44 maxlen: 44
2a0e:5940:120::/44 maxlen: 44
2a0e:5940:130::/44 maxlen: 44
2a0e:5940:140::/44 maxlen: 44
2a0e:5940:150::/44 maxlen: 44
2a0e:5940:160::/44 maxlen: 44
2a0e:5940:170::/44 maxlen: 44
2a0e:5940:180::/44 maxlen: 44
2a0e:5940:190::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/g8ED1lpU1q8e-6asPmNyICivK7E.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/g8ED1lpU1q8e-6asPmNyICivK7E.mft
rsync://rpki.ripe.net/repository/DEFAULT/g8ED1lpU1q8e-6asPmNyICivK7E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7d:16:6c:43:09:54:b5:9d:89:a0:73:7c:62:ea:56:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83c103d65a54d6af1efba6ac3e63722028af2bb1
Validity
Not Before: Mar 26 23:26:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca2392271c36e8bd9f118fc66ec11100f36493f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:77:dc:c4:46:f9:8f:95:35:33:fb:4e:ef:f6:
ce:bc:b7:28:9a:88:cd:f0:b9:06:74:db:d4:cd:95:
09:c1:05:f1:d0:dc:db:85:4d:27:1a:4d:1e:2e:01:
cd:80:60:a7:cc:fe:79:ac:d4:1b:1f:15:73:13:d8:
51:35:eb:53:25:d4:d1:fe:8a:03:94:dc:e7:fb:15:
35:83:0d:38:90:c5:37:ae:07:d0:20:74:1a:7e:e4:
33:cb:54:50:fb:d4:f2:a2:19:47:e6:dc:24:fb:92:
13:3b:c6:25:67:44:00:87:d6:53:b3:e9:da:03:f1:
d2:6d:f5:cb:3c:c3:06:61:47:c2:28:f4:f2:2b:76:
13:9b:5b:aa:f0:8a:dc:99:af:7b:65:0a:e0:de:9c:
e0:88:c7:1b:b1:64:01:14:62:44:ce:da:23:69:d8:
9f:d2:e0:e5:50:67:96:3b:4f:59:e0:1e:56:90:55:
41:85:1a:fc:12:38:de:3b:be:6b:a9:6f:f1:2d:9e:
48:38:52:1c:f5:10:de:35:e1:03:8c:b5:db:a2:b1:
c1:1c:c2:dd:9b:f0:e0:39:a0:68:01:1f:42:db:d2:
3b:67:0d:78:05:0d:a3:64:dc:d7:2e:53:6a:c8:ad:
6c:75:37:a2:e4:94:a4:ba:54:d7:3c:b7:ce:46:50:
7c:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:23:92:27:1C:36:E8:BD:9F:11:8F:C6:6E:C1:11:00:F3:64:93:F5
X509v3 Authority Key Identifier:
keyid:83:C1:03:D6:5A:54:D6:AF:1E:FB:A6:AC:3E:63:72:20:28:AF:2B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g8ED1lpU1q8e-6asPmNyICivK7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/yiOSJxw26L2fEY_GbsERAPNkk_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/081bd4-1210-4021-a864-b50cf5f2aa22/1/g8ED1lpU1q8e-6asPmNyICivK7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.22.196.0-66.22.227.255
66.22.230.0-66.22.248.255
IPv6:
2a0e:5940::-2a0e:5940:19f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4c:66:08:62:25:c9:43:9e:36:2f:51:83:bf:ae:c3:77:52:c5:
ce:75:6e:7f:a0:1d:15:61:39:a5:eb:00:17:05:77:73:bc:03:
1d:32:b2:bd:fc:e4:39:2f:38:35:0a:08:1c:43:6a:e3:75:ac:
69:6b:2b:ff:37:d5:bc:ec:a9:71:1e:35:1c:d4:7f:91:aa:07:
50:b0:20:25:bc:36:c3:fa:a2:94:50:b8:eb:a7:eb:6c:03:b2:
d8:7a:c5:27:ff:f1:c4:b2:3b:59:70:00:37:22:fd:0c:fb:df:
56:00:a4:4d:bd:9d:76:48:a1:fb:8f:35:a4:78:85:23:f1:d5:
06:fd:ec:a0:b5:5e:43:d3:d8:ff:c7:15:34:ab:c6:b6:f8:08:
59:a8:69:ab:10:48:a5:e2:31:0a:ea:43:8a:d5:4e:77:ea:3d:
14:32:b1:12:5e:dd:17:26:72:a8:7a:84:7d:06:ef:ec:a7:59:
69:c5:28:36:65:37:bc:05:b5:b1:0d:0c:e1:7a:83:ed:46:ce:
18:14:0a:33:c0:23:cf:8c:70:5b:df:fc:8d:b1:66:b9:7d:ae:
e7:35:d2:b9:2c:9a:c4:5f:69:09:b5:e9:ce:30:8b:f7:4a:38:
05:dc:d6:44:5c:74:88:7b:4b:14:99:19:da:9d:b3:ab:94:21:
9e:32:93:c4
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY59FmxDCVS1nYmgc3xi6laYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzYzEwM2Q2NWE1NGQ2YWYxZWZiYTZhYzNlNjM3MjIwMjhh
ZjJiYjEwHhcNMjQwMzI2MjMyNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTIzOTIyNzFjMzZlOGJkOWYxMThmYzY2ZWMxMTEwMGYzNjQ5M2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXfcxEb5j5U1M/tO7/bOvLcomojN
8LkGdNvUzZUJwQXx0NzbhU0nGk0eLgHNgGCnzP55rNQbHxVzE9hRNetTJdTR/ooD
lNzn+xU1gw04kMU3rgfQIHQafuQzy1RQ+9TyohlH5twk+5ITO8YlZ0QAh9ZTs+na
A/HSbfXLPMMGYUfCKPTyK3YTm1uq8Ircma97ZQrg3pzgiMcbsWQBFGJEztojadif
0uDlUGeWO09Z4B5WkFVBhRr8EjjeO75rqW/xLZ5IOFIc9RDeNeEDjLXborHBHMLd
m/DgOaBoAR9C29I7Zw14BQ2jZNzXLlNqyK1sdTei5JSkulTXPLfORlB84QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFMojkiccNui9nxGPxm7BEQDzZJP1MB8GA1UdIwQY
MBaAFIPBA9ZaVNavHvumrD5jciAoryuxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzhFRDFscFUxcThlLTZhc1BtTnlJQ2l2SzdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8wODFiZDQtMTIxMC00MDIxLWE4NjQt
YjUwY2Y1ZjJhYTIyLzEveWlPU0p4dzI2TDJmRVlfR2JzRVJBUE5ra19VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8wODFiZDQtMTIxMC00MDIxLWE4NjQtYjUwY2Y1ZjJhYTIy
LzEvZzhFRDFscFUxcThlLTZhc1BtTnlJQ2l2SzdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAiBAIAATAcMAwDBAJCFsQD
BAJCFuAwDAMEAUIW5gMEAEIW+DAYBAIAAjASMBADBQYqDllAAwcFKg5ZQAGAMA0G
CSqGSIb3DQEBCwUAA4IBAQBMZghiJclDnjYvUYO/rsN3UsXOdW5/oB0VYTml6wAX
BXdzvAMdMrK9/OQ5Lzg1CggcQ2rjdaxpayv/N9W87KlxHjUc1H+RqgdQsCAlvDbD
+qKUULjrp+tsA7LYesUn//HEsjtZcAA3Iv0M+99WAKRNvZ12SKH7jzWkeIUj8dUG
/eygtV5D09j/xxU0q8a2+AhZqGmrEEil4jEK6kOK1U536j0UMrESXt0XJnKoeoR9
Bu/sp1lpxSg2ZTe8BbWxDQzheoPtRs4YFAozwCPPjHBb3/yNsWa5fa7nNdK5LJrE
X2kJtenOMIv3SjgF3NZEXHSIe0sUmRnanbOrlCGeMpPE
-----END CERTIFICATE-----
Generated at Fri Jun 7 18:02:24 2024 by rpki-client on console-fra.rpki-client.org