Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/YrvzDqkd1B5xtAgrJG6_vPA5hTY.roa
File: YrvzDqkd1B5xtAgrJG6_vPA5hTY.roa (raw, json)
Hash identifier: bB+zAHFh3cSESWCCORFSQjv/+zrxpyhh7DN+eN8kYLM=
Subject key identifier: 62:BB:F3:0E:A9:1D:D4:1E:71:B4:08:2B:24:6E:BF:BC:F0:39:85:36
Certificate issuer: /CN=af121cd6e11da095f856d79deec469d0c6358494
Certificate serial: 018E9F4A86699A5F0AC1C011B4721E913428
Authority key identifier: AF:12:1C:D6:E1:1D:A0:95:F8:56:D7:9D:EE:C4:69:D0:C6:35:84:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rxIc1uEdoJX4Vted7sRp0MY1hJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/YrvzDqkd1B5xtAgrJG6_vPA5hTY.roa
Signing time: Tue 02 Apr 2024 14:50:45 +0000
ROA not before: Tue 02 Apr 2024 14:50:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 55293
IP address blocks: 85.187.128.0/19 maxlen: 24
114.129.128.0/19 maxlen: 24
185.52.148.0/22 maxlen: 24
185.62.136.0/22 maxlen: 24
185.132.4.0/22 maxlen: 24
185.133.20.0/22 maxlen: 24
185.141.188.0/22 maxlen: 24
185.143.44.0/22 maxlen: 24
185.146.20.0/22 maxlen: 24
185.146.28.0/22 maxlen: 24
185.148.44.0/22 maxlen: 24
185.148.128.0/22 maxlen: 24
185.149.112.0/22 maxlen: 24
185.151.48.0/22 maxlen: 24
185.160.65.0/24 maxlen: 24
185.160.66.0/23 maxlen: 24
185.166.145.0/24 maxlen: 24
185.166.146.0/23 maxlen: 24
185.168.108.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/rxIc1uEdoJX4Vted7sRp0MY1hJQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/rxIc1uEdoJX4Vted7sRp0MY1hJQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/rxIc1uEdoJX4Vted7sRp0MY1hJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 21:03:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9f:4a:86:69:9a:5f:0a:c1:c0:11:b4:72:1e:91:34:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af121cd6e11da095f856d79deec469d0c6358494
Validity
Not Before: Apr 2 14:50:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62bbf30ea91dd41e71b4082b246ebfbcf0398536
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:60:85:1f:a0:0c:a2:01:de:d3:11:bc:ee:a5:
af:63:92:db:59:1e:88:57:45:57:1a:65:30:00:35:
b7:a4:35:9c:35:be:17:ee:0c:72:82:13:23:6a:2b:
ec:8d:7f:c4:6a:18:81:44:6d:4f:50:48:e9:dd:c9:
38:ab:e1:4a:1e:65:d5:1f:cd:0c:7f:01:45:be:6e:
7a:2e:60:0e:b7:f3:2d:79:ed:7b:e6:a7:c8:a1:0b:
3c:cb:71:96:1c:d8:c2:d4:e2:7a:52:da:a8:64:13:
82:78:ab:fd:1a:c6:78:05:00:27:e7:39:a0:8d:1a:
4c:f1:59:60:3e:39:d5:d4:d1:e1:a5:92:59:e7:20:
62:d8:11:3a:b7:bc:78:dc:eb:c9:96:71:3f:df:69:
4e:d4:e2:80:f2:d5:ac:95:3a:dc:e9:c6:1b:03:62:
b6:f3:76:29:72:fb:dc:70:c0:6c:4a:d1:32:0e:9e:
a8:a3:a0:61:f0:79:d9:81:ce:07:d6:2f:08:a4:5d:
ba:56:05:c3:c3:64:6a:2d:12:86:ff:6f:dd:54:db:
62:a7:d5:b4:70:60:2b:e4:7c:af:c6:38:70:fd:4c:
af:13:74:ec:b2:c5:b9:90:3b:ba:ca:4b:8b:40:85:
4e:56:32:dd:fb:d5:28:aa:20:ab:e3:65:aa:36:ab:
8b:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:BB:F3:0E:A9:1D:D4:1E:71:B4:08:2B:24:6E:BF:BC:F0:39:85:36
X509v3 Authority Key Identifier:
keyid:AF:12:1C:D6:E1:1D:A0:95:F8:56:D7:9D:EE:C4:69:D0:C6:35:84:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rxIc1uEdoJX4Vted7sRp0MY1hJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/YrvzDqkd1B5xtAgrJG6_vPA5hTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/rxIc1uEdoJX4Vted7sRp0MY1hJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.128.0/19
114.129.128.0/19
185.52.148.0/22
185.62.136.0/22
185.132.4.0/22
185.133.20.0/22
185.141.188.0/22
185.143.44.0/22
185.146.20.0/22
185.146.28.0/22
185.148.44.0/22
185.148.128.0/22
185.149.112.0/22
185.151.48.0/22
185.160.65.0-185.160.67.255
185.166.145.0-185.166.147.255
185.168.108.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:0d:97:af:7c:dd:1f:2d:9f:05:82:67:ff:f4:e8:b6:31:c4:
ec:9c:b7:aa:cb:72:09:10:b3:2a:e1:92:ca:6d:4a:8d:50:b3:
e2:35:70:cb:1f:52:b8:99:89:0f:c4:2e:84:68:dd:63:44:b8:
ea:09:72:3d:9e:f8:09:d1:f5:d0:44:74:31:07:1e:9b:c2:2a:
d9:76:ac:01:bd:05:f6:46:04:57:ae:df:11:b1:c0:e5:88:7e:
fc:26:0f:5b:f1:17:08:7f:e9:34:9e:4c:62:7a:8b:32:cf:71:
fe:17:28:c2:70:e4:e2:7c:cc:19:08:aa:0d:df:17:c2:e1:f2:
74:0c:f1:48:0b:3a:9e:8c:14:fe:d7:02:e8:75:81:40:6a:22:
86:e8:90:b2:e1:f6:9f:8f:49:c5:6a:1e:da:bc:ba:62:2d:c5:
c6:e2:40:f0:b5:9f:da:a2:f1:3b:56:a9:06:1b:e0:3c:e6:6b:
68:7b:1b:a0:12:3e:cd:4f:d9:c8:f2:dc:1c:cf:8d:28:47:64:
af:5a:51:63:b3:3e:c8:ea:2c:b4:f3:7d:1f:c9:04:92:58:85:
37:a5:12:eb:ce:d2:65:1c:9d:c0:15:b6:72:c5:f3:c8:bc:01:
05:59:10:19:97:3a:a5:68:1e:f8:cf:ef:ff:d4:ca:fc:00:87:
2e:f7:fc:19
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAY6fSoZpml8KwcARtHIekTQoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMTIxY2Q2ZTExZGEwOTVmODU2ZDc5ZGVlYzQ2OWQwYzYz
NTg0OTQwHhcNMjQwNDAyMTQ1MDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmJiZjMwZWE5MWRkNDFlNzFiNDA4MmIyNDZlYmZiY2YwMzk4NTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWCFH6AMogHe0xG87qWvY5LbWR6I
V0VXGmUwADW3pDWcNb4X7gxyghMjaivsjX/EahiBRG1PUEjp3ck4q+FKHmXVH80M
fwFFvm56LmAOt/Mtee175qfIoQs8y3GWHNjC1OJ6UtqoZBOCeKv9GsZ4BQAn5zmg
jRpM8VlgPjnV1NHhpZJZ5yBi2BE6t7x43OvJlnE/32lO1OKA8tWslTrc6cYbA2K2
83YpcvvccMBsStEyDp6oo6Bh8HnZgc4H1i8IpF26VgXDw2RqLRKG/2/dVNtip9W0
cGAr5Hyvxjhw/UyvE3TsssW5kDu6ykuLQIVOVjLd+9UoqiCr42WqNquLuQIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFGK78w6pHdQecbQIKyRuv7zwOYU2MB8GA1UdIwQY
MBaAFK8SHNbhHaCV+FbXne7EadDGNYSUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnhJYzF1RWRvSlg0VnRlZDdzUnAwTVkxaEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9mZDYwNjktNDE3OS00NWJlLWI4MmEt
YWYzZjc5NGFlNjA3LzEvWXJ2ekRxa2QxQjV4dEFnckpHNl92UEE1aFRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9mZDYwNjktNDE3OS00NWJlLWI4MmEtYWYzZjc5NGFlNjA3
LzEvcnhJYzF1RWRvSlg0VnRlZDdzUnAwTVkxaEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYDBAVVu4AD
BAVygYADBAK5NJQDBAK5PogDBAK5hAQDBAK5hRQDBAK5jbwDBAK5jywDBAK5khQD
BAK5khwDBAK5lCwDBAK5lIADBAK5lXADBAK5lzAwDAMEALmgQQMEArmgQDAMAwQA
uaaRAwQCuaaQAwQCuahsMA0GCSqGSIb3DQEBCwUAA4IBAQCPDZevfN0fLZ8Fgmf/
9Oi2McTsnLeqy3IJELMq4ZLKbUqNULPiNXDLH1K4mYkPxC6EaN1jRLjqCXI9nvgJ
0fXQRHQxBx6bwirZdqwBvQX2RgRXrt8RscDliH78Jg9b8RcIf+k0nkxieosyz3H+
FyjCcOTifMwZCKoN3xfC4fJ0DPFICzqejBT+1wLodYFAaiKG6JCy4fafj0nFah7a
vLpiLcXG4kDwtZ/aovE7VqkGG+A85mtoexugEj7NT9nI8twcz40oR2SvWlFjsz7I
6iy0830fyQSSWIU3pRLrztJlHJ3AFbZyxfPIvAEFWRAZlzqlaB74z+//1Mr8AIcu
9/wZ
-----END CERTIFICATE-----
Generated at Sat Jun 8 00:56:02 2024 by rpki-client on console-fra.rpki-client.org