Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/6db797-a3d3-4241-903a-0c66840198d0/1/KyEfaa89zGfYEOyTQL6wxFwaPsY.roa
File: KyEfaa89zGfYEOyTQL6wxFwaPsY.roa (raw, json)
Hash identifier: NtdMB25MXY5Xo6v6oQaaX0jNkCdbCG2q0Xul3MKaMz8=
Subject key identifier: 2B:21:1F:69:AF:3D:CC:67:D8:10:EC:93:40:BE:B0:C4:5C:1A:3E:C6
Certificate issuer: /CN=6a8edda2f21c885fbe67286218b8318d6ad23896
Certificate serial: 018CCA29AC983F6FD3C1024A545D69FB5961
Authority key identifier: 6A:8E:DD:A2:F2:1C:88:5F:BE:67:28:62:18:B8:31:8D:6A:D2:38:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ao7dovIciF--ZyhiGLgxjWrSOJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/6db797-a3d3-4241-903a-0c66840198d0/1/KyEfaa89zGfYEOyTQL6wxFwaPsY.roa
Signing time: Tue 02 Jan 2024 12:32:57 +0000
ROA not before: Tue 02 Jan 2024 12:32:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198193
IP address blocks: 185.28.216.0/22 maxlen: 24
185.104.164.0/22 maxlen: 24
91.216.73.0/24 maxlen: 24
91.216.77.0/24 maxlen: 24
37.10.108.0/24 maxlen: 24
185.91.192.0/22 maxlen: 24
91.216.100.0/24 maxlen: 24
185.42.20.0/22 maxlen: 24
91.216.122.0/24 maxlen: 24
185.217.112.0/22 maxlen: 24
37.10.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/6db797-a3d3-4241-903a-0c66840198d0/1/ao7dovIciF--ZyhiGLgxjWrSOJY.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/6db797-a3d3-4241-903a-0c66840198d0/1/ao7dovIciF--ZyhiGLgxjWrSOJY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ao7dovIciF--ZyhiGLgxjWrSOJY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Jun 2024 01:03:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:ac:98:3f:6f:d3:c1:02:4a:54:5d:69:fb:59:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a8edda2f21c885fbe67286218b8318d6ad23896
Validity
Not Before: Jan 2 12:32:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b211f69af3dcc67d810ec9340beb0c45c1a3ec6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d3:3a:24:bf:8d:a4:e3:c8:dd:22:61:89:9a:
f6:69:3e:bc:3a:01:37:6b:ba:d0:3e:32:01:80:56:
fc:24:fb:42:76:69:71:cb:44:ad:56:5e:db:ce:37:
79:37:d5:76:8b:c6:55:81:be:a8:db:80:75:c0:27:
8b:a3:24:1e:ae:c1:16:4f:76:19:ae:09:b9:90:5a:
89:ea:e5:df:6a:e7:6f:ac:5f:57:00:5f:e2:68:9a:
70:01:90:c8:b3:4f:59:4d:d6:1d:3a:62:3b:b3:39:
e4:99:60:67:69:0a:aa:b7:ac:7a:49:66:87:40:f2:
bc:6b:22:10:dd:f0:d5:7a:36:42:e9:fd:aa:89:b7:
89:3d:87:8d:6a:19:0e:bf:a2:77:36:82:41:64:ca:
80:35:a6:ef:f7:9d:f6:a5:73:05:00:91:51:54:6c:
82:1c:ed:50:3c:57:d0:71:a5:89:ce:4b:06:2c:bc:
75:ec:be:29:21:2f:e5:e0:8c:59:22:6a:3e:f8:44:
42:29:f0:a7:a3:da:1c:b1:03:72:10:ee:dd:68:54:
a0:b5:fb:04:d2:2c:3c:07:83:92:e1:7b:57:80:0d:
c6:5f:d5:d8:83:be:0c:00:54:97:3c:93:e3:b5:3d:
62:1d:15:b5:64:33:58:cf:58:fa:17:1c:bd:2c:8a:
b5:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:21:1F:69:AF:3D:CC:67:D8:10:EC:93:40:BE:B0:C4:5C:1A:3E:C6
X509v3 Authority Key Identifier:
keyid:6A:8E:DD:A2:F2:1C:88:5F:BE:67:28:62:18:B8:31:8D:6A:D2:38:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ao7dovIciF--ZyhiGLgxjWrSOJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/6db797-a3d3-4241-903a-0c66840198d0/1/KyEfaa89zGfYEOyTQL6wxFwaPsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/6db797-a3d3-4241-903a-0c66840198d0/1/ao7dovIciF--ZyhiGLgxjWrSOJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.10.70.0/24
37.10.108.0/24
91.216.73.0/24
91.216.77.0/24
91.216.100.0/24
91.216.122.0/24
185.28.216.0/22
185.42.20.0/22
185.91.192.0/22
185.104.164.0/22
185.217.112.0/22
Signature Algorithm: sha256WithRSAEncryption
27:93:2c:f5:af:0f:8e:01:2b:e5:1c:14:4d:42:b9:05:1f:79:
b2:c8:8f:fd:a4:a7:02:fc:7b:cc:1e:3d:f0:36:17:59:12:35:
24:60:b0:a1:95:1d:fc:5f:b9:3e:e5:53:59:49:c3:d1:f1:25:
2b:58:32:0f:02:b2:b3:24:66:a0:f4:64:cf:c2:06:ed:6f:9f:
cc:12:20:49:3e:f9:41:c4:1d:01:6a:2e:25:b8:a0:e1:fd:88:
8a:01:66:1a:a5:dc:d7:9d:3b:24:19:9e:72:a9:54:af:25:60:
25:94:4a:3e:73:09:a9:bd:b1:2c:31:a3:fd:26:78:fc:df:15:
97:4d:6a:3e:70:31:f2:51:e6:31:46:d8:39:69:24:9d:46:c3:
36:aa:7a:20:f7:c9:b5:4d:05:a8:39:6a:de:4a:6f:2c:b7:e1:
ac:07:7f:5f:61:cf:01:f0:24:5d:9f:0f:75:d3:2c:6e:bc:07:
d4:5e:b7:d7:e0:fd:8a:2b:c0:33:da:ba:0e:9f:59:04:6d:5b:
ad:70:c6:eb:ef:46:20:c8:a2:45:b6:7d:c2:8a:47:8a:80:50:
a7:15:35:56:e7:1c:57:62:dd:d6:2c:d1:85:f2:c1:b1:55:22:
17:29:5a:1b:ec:b3:cc:dc:68:93:c4:4a:49:0b:fc:1d:aa:fa:
36:1b:19:ca
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYzKKayYP2/TwQJKVF1p+1lhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhOGVkZGEyZjIxYzg4NWZiZTY3Mjg2MjE4YjgzMThkNmFk
MjM4OTYwHhcNMjQwMTAyMTIzMjU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjIxMWY2OWFmM2RjYzY3ZDgxMGVjOTM0MGJlYjBjNDVjMWEzZWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNM6JL+NpOPI3SJhiZr2aT68OgE3
a7rQPjIBgFb8JPtCdmlxy0StVl7bzjd5N9V2i8ZVgb6o24B1wCeLoyQersEWT3YZ
rgm5kFqJ6uXfaudvrF9XAF/iaJpwAZDIs09ZTdYdOmI7sznkmWBnaQqqt6x6SWaH
QPK8ayIQ3fDVejZC6f2qibeJPYeNahkOv6J3NoJBZMqANabv9532pXMFAJFRVGyC
HO1QPFfQcaWJzksGLLx17L4pIS/l4IxZImo++ERCKfCno9ocsQNyEO7daFSgtfsE
0iw8B4OS4XtXgA3GX9XYg74MAFSXPJPjtT1iHRW1ZDNYz1j6Fxy9LIq1NQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFCshH2mvPcxn2BDsk0C+sMRcGj7GMB8GA1UdIwQY
MBaAFGqO3aLyHIhfvmcoYhi4MY1q0jiWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW83ZG92SWNpRi0tWnloaUdMZ3hqV3JTT0pZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82ZGI3OTctYTNkMy00MjQxLTkwM2Et
MGM2Njg0MDE5OGQwLzEvS3lFZmFhODl6R2ZZRU95VFFMNnd4RndhUHNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS82ZGI3OTctYTNkMy00MjQxLTkwM2EtMGM2Njg0MDE5OGQw
LzEvYW83ZG92SWNpRi0tWnloaUdMZ3hqV3JTT0pZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAJQpGAwQA
JQpsAwQAW9hJAwQAW9hNAwQAW9hkAwQAW9h6AwQCuRzYAwQCuSoUAwQCuVvAAwQC
uWikAwQCudlwMA0GCSqGSIb3DQEBCwUAA4IBAQAnkyz1rw+OASvlHBRNQrkFH3my
yI/9pKcC/HvMHj3wNhdZEjUkYLChlR38X7k+5VNZScPR8SUrWDIPArKzJGag9GTP
wgbtb5/MEiBJPvlBxB0Bai4luKDh/YiKAWYapdzXnTskGZ5yqVSvJWAllEo+cwmp
vbEsMaP9Jnj83xWXTWo+cDHyUeYxRtg5aSSdRsM2qnog98m1TQWoOWreSm8st+Gs
B39fYc8B8CRdnw910yxuvAfUXrfX4P2KK8Az2roOn1kEbVutcMbr70YgyKJFtn3C
ikeKgFCnFTVW5xxXYt3WLNGF8sGxVSIXKVob7LPM3GiTxEpJC/wdqvo2GxnK
-----END CERTIFICATE-----
Generated at Fri Jun 14 06:11:58 2024 by rpki-client on console-ams.rpki-client.org