Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/35faed-c2d7-4cb9-97f5-df6f20dcb94b/1/YOCDV5HoGQZZby8BJZ8nPhr2lMA.roa
File: YOCDV5HoGQZZby8BJZ8nPhr2lMA.roa (raw, json)
Hash identifier: 28fd+Sv5NRgjUHeC2elK216Vs+lhZfMJQ/AisVHCrDw=
Subject key identifier: 60:E0:83:57:91:E8:19:06:59:6F:2F:01:25:9F:27:3E:1A:F6:94:C0
Certificate issuer: /CN=37af48131ecd9dca3def2b2de788f15060627755
Certificate serial: 018CC64B877CD86E75C4AED6733E67F526C2
Authority key identifier: 37:AF:48:13:1E:CD:9D:CA:3D:EF:2B:2D:E7:88:F1:50:60:62:77:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N69IEx7Nnco97yst54jxUGBid1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/35faed-c2d7-4cb9-97f5-df6f20dcb94b/1/YOCDV5HoGQZZby8BJZ8nPhr2lMA.roa
Signing time: Mon 01 Jan 2024 18:31:27 +0000
ROA not before: Mon 01 Jan 2024 18:31:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6830
IP address blocks: 109.255.128.0/17 maxlen: 17
188.141.0.0/17 maxlen: 17
188.141.0.0/18 maxlen: 18
185.54.226.0/23 maxlen: 23
185.54.224.0/22 maxlen: 22
185.54.224.0/23 maxlen: 23
79.97.0.0/17 maxlen: 17
79.97.0.0/16 maxlen: 16
188.141.64.0/18 maxlen: 18
79.97.128.0/17 maxlen: 17
37.228.224.0/19 maxlen: 19
89.101.0.0/16 maxlen: 16
46.255.152.0/21 maxlen: 21
46.255.152.0/22 maxlen: 22
46.255.156.0/22 maxlen: 22
37.228.192.0/19 maxlen: 19
37.228.192.0/18 maxlen: 18
46.7.0.0/17 maxlen: 17
46.7.0.0/16 maxlen: 16
176.61.0.0/17 maxlen: 17
176.61.0.0/18 maxlen: 18
176.61.64.0/18 maxlen: 18
89.100.0.0/16 maxlen: 16
5.179.48.0/20 maxlen: 20
109.255.0.0/17 maxlen: 17
89.100.0.0/15 maxlen: 15
109.255.0.0/16 maxlen: 16
5.179.64.0/21 maxlen: 21
5.179.64.0/22 maxlen: 22
5.179.68.0/22 maxlen: 22
46.7.128.0/17 maxlen: 17
78.24.16.0/21 maxlen: 21
78.24.16.0/22 maxlen: 22
78.24.20.0/22 maxlen: 22
5.179.32.0/20 maxlen: 20
5.179.32.0/19 maxlen: 19
2a02:8080::/30 maxlen: 30
2a02:8080::/29 maxlen: 29
2a02:8084::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/35faed-c2d7-4cb9-97f5-df6f20dcb94b/1/N69IEx7Nnco97yst54jxUGBid1U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/35faed-c2d7-4cb9-97f5-df6f20dcb94b/1/N69IEx7Nnco97yst54jxUGBid1U.mft
rsync://rpki.ripe.net/repository/DEFAULT/N69IEx7Nnco97yst54jxUGBid1U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:87:7c:d8:6e:75:c4:ae:d6:73:3e:67:f5:26:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37af48131ecd9dca3def2b2de788f15060627755
Validity
Not Before: Jan 1 18:31:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60e0835791e81906596f2f01259f273e1af694c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:5e:0a:a7:89:cd:72:0b:7f:65:37:d6:42:9f:
80:f8:7c:90:41:fb:b5:1f:3e:fc:35:7b:31:d8:f6:
54:f5:c7:93:00:31:44:91:33:7a:d1:fb:db:79:8c:
e0:aa:98:2f:28:3d:dd:e0:40:05:d0:19:b3:5e:fc:
49:3a:43:89:6b:87:91:60:54:ca:8b:c2:ab:7e:71:
cc:dd:8c:ff:38:94:f3:4d:68:ec:fc:8c:48:4c:c7:
59:ca:f7:fa:87:ef:41:9a:52:58:c3:83:8f:2c:25:
fc:3d:dc:02:5d:eb:bf:2b:97:41:01:c7:e6:bf:ba:
00:ad:4f:74:bc:06:3f:8e:8a:a4:16:90:bd:ff:ac:
64:89:f3:cc:ea:7a:4f:2f:4d:ea:ed:85:f0:3f:09:
86:7b:8f:f5:e1:a1:09:89:b5:8c:55:2c:bb:06:85:
32:ff:ba:e2:48:a4:d7:d5:82:fd:a4:2b:fb:e5:39:
7d:e5:61:ab:9d:6e:c4:f4:a7:4a:13:86:8c:cf:ce:
d8:54:85:2a:80:ef:28:b8:93:e4:04:bf:f5:87:41:
e6:ae:60:ce:7e:09:eb:fa:2d:63:06:a9:f7:35:4f:
1b:f2:af:df:dc:e5:38:a8:dd:2c:ca:fc:8f:9c:14:
0a:4d:27:49:bd:99:e5:dc:13:22:44:e0:a2:83:fb:
70:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:E0:83:57:91:E8:19:06:59:6F:2F:01:25:9F:27:3E:1A:F6:94:C0
X509v3 Authority Key Identifier:
keyid:37:AF:48:13:1E:CD:9D:CA:3D:EF:2B:2D:E7:88:F1:50:60:62:77:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N69IEx7Nnco97yst54jxUGBid1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/35faed-c2d7-4cb9-97f5-df6f20dcb94b/1/YOCDV5HoGQZZby8BJZ8nPhr2lMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/35faed-c2d7-4cb9-97f5-df6f20dcb94b/1/N69IEx7Nnco97yst54jxUGBid1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.179.32.0-5.179.71.255
37.228.192.0/18
46.7.0.0/16
46.255.152.0/21
78.24.16.0/21
79.97.0.0/16
89.100.0.0/15
109.255.0.0/16
176.61.0.0/17
185.54.224.0/22
188.141.0.0/17
IPv6:
2a02:8080::/29
Signature Algorithm: sha256WithRSAEncryption
04:ad:3e:3a:e9:38:c4:8d:bb:7e:ba:f2:71:e5:d9:0d:10:0a:
a5:b3:a8:f0:b6:c2:2d:74:5f:93:80:85:da:86:ed:22:25:45:
6f:dc:3a:ed:39:f0:20:b5:2a:c2:83:9a:ad:1d:bf:6a:e7:7c:
84:29:f4:f1:c0:9d:c5:63:91:dd:92:c7:a8:6b:5f:07:41:52:
95:a7:ff:e4:71:5f:c8:b8:c8:c6:4b:02:a0:0b:f9:06:81:66:
d2:41:3b:fc:9d:72:10:59:be:d2:5b:64:89:c5:4a:93:fa:b5:
9d:9d:2f:bb:7c:83:1e:75:65:b9:26:fe:61:71:49:71:bf:93:
98:08:f1:33:d8:3b:85:0b:73:31:02:4d:6d:e4:8f:9e:c4:e7:
2c:e2:ba:ae:03:73:af:3b:72:e6:51:49:0d:b2:e9:85:63:c7:
82:64:08:42:ad:23:a7:74:8a:73:b0:61:ac:b8:46:60:4e:e0:
81:ac:e5:66:2f:75:ce:df:5c:ec:41:99:b0:08:4a:dd:72:0c:
6f:70:aa:85:35:0b:84:54:7a:2a:33:d3:8d:74:d5:55:e3:0d:
06:33:11:29:19:82:c1:c6:1b:eb:80:c1:96:50:fc:d1:8c:61:
91:4d:ef:1b:3d:65:1f:9d:68:66:65:3e:f0:1b:49:e0:b1:4f:
fc:82:5b:8c
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAYzGS4d82G51xK7Wcz5n9SbCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3YWY0ODEzMWVjZDlkY2EzZGVmMmIyZGU3ODhmMTUwNjA2
Mjc3NTUwHhcNMjQwMTAxMTgzMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGUwODM1NzkxZTgxOTA2NTk2ZjJmMDEyNTlmMjczZTFhZjY5NGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg14Kp4nNcgt/ZTfWQp+A+HyQQfu1
Hz78NXsx2PZU9ceTADFEkTN60fvbeYzgqpgvKD3d4EAF0BmzXvxJOkOJa4eRYFTK
i8KrfnHM3Yz/OJTzTWjs/IxITMdZyvf6h+9BmlJYw4OPLCX8PdwCXeu/K5dBAcfm
v7oArU90vAY/joqkFpC9/6xkifPM6npPL03q7YXwPwmGe4/14aEJibWMVSy7BoUy
/7riSKTX1YL9pCv75Tl95WGrnW7E9KdKE4aMz87YVIUqgO8ouJPkBL/1h0HmrmDO
fgnr+i1jBqn3NU8b8q/f3OU4qN0syvyPnBQKTSdJvZnl3BMiROCig/twqwIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFGDgg1eR6BkGWW8vASWfJz4a9pTAMB8GA1UdIwQY
MBaAFDevSBMezZ3KPe8rLeeI8VBgYndVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjY5SUV4N05uY285N3lzdDU0anhVR0JpZDFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8zNWZhZWQtYzJkNy00Y2I5LTk3ZjUt
ZGY2ZjIwZGNiOTRiLzEvWU9DRFY1SG9HUVpaYnk4QkpaOG5QaHIybE1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8zNWZhZWQtYzJkNy00Y2I5LTk3ZjUtZGY2ZjIwZGNiOTRi
LzEvTjY5SUV4N05uY285N3lzdDU0anhVR0JpZDFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBMBAIAATBGMAwDBAUFsyAD
BAMFs0ADBAYl5MADAwAuBwMEAy7/mAMEA04YEAMDAE9hAwMBWWQDAwBt/wMEB7A9
AAMEArk24AMEB7yNADANBAIAAjAHAwUDKgKAgDANBgkqhkiG9w0BAQsFAAOCAQEA
BK0+Ouk4xI27frryceXZDRAKpbOo8LbCLXRfk4CF2obtIiVFb9w67TnwILUqwoOa
rR2/aud8hCn08cCdxWOR3ZLHqGtfB0FSlaf/5HFfyLjIxksCoAv5BoFm0kE7/J1y
EFm+0ltkicVKk/q1nZ0vu3yDHnVluSb+YXFJcb+TmAjxM9g7hQtzMQJNbeSPnsTn
LOK6rgNzrzty5lFJDbLphWPHgmQIQq0jp3SKc7BhrLhGYE7ggazlZi91zt9c7EGZ
sAhK3XIMb3CqhTULhFR6KjPTjXTVVeMNBjMRKRmCwcYb64DBllD80YxhkU3vGz1l
H51oZmU+8BtJ4LFP/IJbjA==
-----END CERTIFICATE-----
Generated at Mon Nov 25 13:52:46 2024 by rpki-client on console-fra.rpki-client.org