Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/18a1bc-967c-4931-85b5-00f00af1c8d7/1/Yd9-FPAj1RqoHDAqyuCbYslKP1M.roa
File: Yd9-FPAj1RqoHDAqyuCbYslKP1M.roa (raw, json)
Hash identifier: a4INqpKqiv77VMikvyEwze9Y2n+YzGk43xPNk5t4Zbo=
Subject key identifier: 61:DF:7E:14:F0:23:D5:1A:A8:1C:30:2A:CA:E0:9B:62:C9:4A:3F:53
Certificate issuer: /CN=a3e6e823f6dda67d283a9f41a72909906ac9a837
Certificate serial: 018CC8015E58411399355AD0C0F8365203DC
Authority key identifier: A3:E6:E8:23:F6:DD:A6:7D:28:3A:9F:41:A7:29:09:90:6A:C9:A8:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o-boI_bdpn0oOp9BpykJkGrJqDc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/18a1bc-967c-4931-85b5-00f00af1c8d7/1/Yd9-FPAj1RqoHDAqyuCbYslKP1M.roa
Signing time: Tue 02 Jan 2024 02:29:42 +0000
ROA not before: Tue 02 Jan 2024 02:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44124
IP address blocks: 195.20.218.0/23 maxlen: 23
195.225.244.0/22 maxlen: 22
78.31.136.0/21 maxlen: 21
193.189.116.0/23 maxlen: 23
185.34.236.0/22 maxlen: 24
81.161.104.0/22 maxlen: 22
79.124.96.0/19 maxlen: 24
2a03:6600::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/18a1bc-967c-4931-85b5-00f00af1c8d7/1/o-boI_bdpn0oOp9BpykJkGrJqDc.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/18a1bc-967c-4931-85b5-00f00af1c8d7/1/o-boI_bdpn0oOp9BpykJkGrJqDc.mft
rsync://rpki.ripe.net/repository/DEFAULT/o-boI_bdpn0oOp9BpykJkGrJqDc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:5e:58:41:13:99:35:5a:d0:c0:f8:36:52:03:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3e6e823f6dda67d283a9f41a72909906ac9a837
Validity
Not Before: Jan 2 02:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61df7e14f023d51aa81c302acae09b62c94a3f53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:d1:41:46:93:91:d3:9b:e3:c7:77:80:a9:14:
e0:04:87:1f:26:3d:f1:6c:6f:a2:f9:ea:74:d3:b2:
71:1b:c2:69:7f:47:81:d1:34:24:75:a6:5a:5e:20:
46:e5:f7:b2:17:02:ee:a5:52:a3:70:11:78:8b:41:
43:fe:55:df:48:14:3b:33:eb:4f:6e:a6:fa:88:cd:
9d:3a:0d:c1:9d:d5:dc:95:01:0b:ba:d3:3c:a7:3a:
b6:84:5e:ba:4e:8c:3c:d1:05:98:6a:6f:3d:ab:04:
50:31:b5:e0:33:33:3a:13:38:3c:52:52:1c:55:ac:
cb:a2:5e:d5:01:ae:59:37:5c:b1:d4:f3:55:13:ce:
e4:ff:f8:9d:7e:28:73:74:b5:41:fe:50:73:e8:ca:
e4:4e:a4:07:7f:74:f9:b5:3e:56:5b:b1:94:65:fc:
5d:0f:61:3d:9f:54:ef:9c:cd:5b:d8:6a:3d:f7:b6:
4a:51:34:76:9f:7a:6f:d6:46:22:7d:63:fd:84:9c:
7b:40:52:ce:b3:57:d5:56:65:28:10:44:74:aa:16:
27:f7:5f:c4:8f:09:b5:a2:46:36:d3:13:43:23:54:
a9:36:9c:7b:ba:25:f6:95:6d:61:bd:64:91:c9:91:
b3:f9:ab:23:44:a3:37:29:f5:4b:d2:36:31:3c:80:
b6:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:DF:7E:14:F0:23:D5:1A:A8:1C:30:2A:CA:E0:9B:62:C9:4A:3F:53
X509v3 Authority Key Identifier:
keyid:A3:E6:E8:23:F6:DD:A6:7D:28:3A:9F:41:A7:29:09:90:6A:C9:A8:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o-boI_bdpn0oOp9BpykJkGrJqDc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/18a1bc-967c-4931-85b5-00f00af1c8d7/1/Yd9-FPAj1RqoHDAqyuCbYslKP1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/18a1bc-967c-4931-85b5-00f00af1c8d7/1/o-boI_bdpn0oOp9BpykJkGrJqDc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.136.0/21
79.124.96.0/19
81.161.104.0/22
185.34.236.0/22
193.189.116.0/23
195.20.218.0/23
195.225.244.0/22
IPv6:
2a03:6600::/32
Signature Algorithm: sha256WithRSAEncryption
1d:0f:79:73:00:b4:9e:2c:d2:86:75:47:d3:a7:c0:ef:0c:f8:
2b:97:4f:6f:8c:a6:b8:f2:cb:1b:04:ec:30:48:a2:40:0a:9a:
6a:ce:11:97:55:f6:ef:fc:65:42:1d:4d:37:ab:5d:a3:44:eb:
3d:25:bd:88:5f:3a:73:ae:9f:99:82:2f:34:bd:39:79:76:8a:
8a:a5:08:9e:6e:85:65:57:82:ab:6b:3a:8b:63:7c:3b:1f:ca:
d5:32:b5:5e:61:f8:99:0c:be:e8:af:9e:07:35:bd:ef:c3:06:
76:0d:fa:87:69:e7:76:b0:69:ec:78:59:2d:54:59:af:f5:c4:
2e:cc:4d:85:13:e8:a5:44:ba:df:00:83:be:f7:d2:43:3d:a4:
29:ac:03:b6:01:6f:53:fc:fb:d1:d4:98:71:05:e1:3b:ea:6d:
96:d0:51:d2:94:15:fe:ab:3b:7e:f7:ed:0e:d1:6e:a9:2e:d9:
ec:b4:78:f3:fa:eb:d8:8c:91:1c:5e:17:27:16:d9:41:d6:4d:
0d:01:f8:ad:bc:0f:a7:30:80:b0:b7:e9:99:46:0b:fb:2d:ab:
72:18:71:b7:5a:c9:dd:f9:bf:c2:1e:f7:ec:a7:13:94:b3:e6:
bc:3f:86:b3:12:7b:f6:3a:c5:e7:e4:c7:64:62:99:f6:7d:96:
26:da:9e:ed
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzIAV5YQROZNVrQwPg2UgPcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZTZlODIzZjZkZGE2N2QyODNhOWY0MWE3MjkwOTkwNmFj
OWE4MzcwHhcNMjQwMTAyMDIyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWRmN2UxNGYwMjNkNTFhYTgxYzMwMmFjYWUwOWI2MmM5NGEzZjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9FBRpOR05vjx3eAqRTgBIcfJj3x
bG+i+ep007JxG8Jpf0eB0TQkdaZaXiBG5feyFwLupVKjcBF4i0FD/lXfSBQ7M+tP
bqb6iM2dOg3BndXclQELutM8pzq2hF66Tow80QWYam89qwRQMbXgMzM6Ezg8UlIc
VazLol7VAa5ZN1yx1PNVE87k//idfihzdLVB/lBz6MrkTqQHf3T5tT5WW7GUZfxd
D2E9n1TvnM1b2Go997ZKUTR2n3pv1kYifWP9hJx7QFLOs1fVVmUoEER0qhYn91/E
jwm1okY20xNDI1SpNpx7uiX2lW1hvWSRyZGz+asjRKM3KfVL0jYxPIC2HwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFGHffhTwI9UaqBwwKsrgm2LJSj9TMB8GA1UdIwQY
MBaAFKPm6CP23aZ9KDqfQacpCZBqyag3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvby1ib0lfYmRwbjBvT3A5QnB5a0prR3JKcURjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8xOGExYmMtOTY3Yy00OTMxLTg1YjUt
MDBmMDBhZjFjOGQ3LzEvWWQ5LUZQQWoxUnFvSERBcXl1Q2JZc2xLUDFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8xOGExYmMtOTY3Yy00OTMxLTg1YjUtMDBmMDBhZjFjOGQ3
LzEvby1ib0lfYmRwbjBvT3A5QnB5a0prR3JKcURjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDTh+IAwQF
T3xgAwQCUaFoAwQCuSLsAwQBwb10AwQBwxTaAwQCw+H0MA0EAgACMAcDBQAqA2YA
MA0GCSqGSIb3DQEBCwUAA4IBAQAdD3lzALSeLNKGdUfTp8DvDPgrl09vjKa48ssb
BOwwSKJACppqzhGXVfbv/GVCHU03q12jROs9Jb2IXzpzrp+Zgi80vTl5doqKpQie
boVlV4KrazqLY3w7H8rVMrVeYfiZDL7or54HNb3vwwZ2DfqHaed2sGnseFktVFmv
9cQuzE2FE+ilRLrfAIO+99JDPaQprAO2AW9T/PvR1JhxBeE76m2W0FHSlBX+qzt+
9+0O0W6pLtnstHjz+uvYjJEcXhcnFtlB1k0NAfitvA+nMICwt+mZRgv7LatyGHG3
Wsnd+b/CHvfspxOUs+a8P4azEnv2OsXn5MdkYpn2fZYm2p7t
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:41:28 2024 by rpki-client on console-ams.rpki-client.org