Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YAGghf2nHWxSmPsnZlbSjLC3TqQ.roa
File: YAGghf2nHWxSmPsnZlbSjLC3TqQ.roa (raw, json)
Hash identifier: zHvoP11AhI2b1+D3SH3mg8YKyeEIZFPhAGCLTCrBb8s=
Subject key identifier: 60:01:A0:85:FD:A7:1D:6C:52:98:FB:27:66:56:D2:8C:B0:B7:4E:A4
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 01924CF6FFDD557ABC46F57FA23A2EA8054D
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YAGghf2nHWxSmPsnZlbSjLC3TqQ.roa
Signing time: Wed 02 Oct 2024 11:21:48 +0000
ROA not before: Wed 02 Oct 2024 11:21:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47690
IP address blocks: 45.43.145.0/24 maxlen: 24
45.43.146.0/24 maxlen: 24
45.43.148.0/24 maxlen: 24
45.43.149.0/24 maxlen: 24
45.43.150.0/24 maxlen: 24
45.43.151.0/24 maxlen: 24
45.43.154.0/24 maxlen: 24
45.43.155.0/24 maxlen: 24
45.43.156.0/24 maxlen: 24
45.43.158.0/24 maxlen: 24
45.43.159.0/24 maxlen: 24
45.43.160.0/24 maxlen: 24
45.43.161.0/24 maxlen: 24
45.43.162.0/24 maxlen: 24
64.137.16.0/24 maxlen: 24
104.222.176.0/24 maxlen: 24
104.222.177.0/24 maxlen: 24
104.222.178.0/24 maxlen: 24
104.222.179.0/24 maxlen: 24
104.222.180.0/24 maxlen: 24
104.222.181.0/24 maxlen: 24
104.222.182.0/24 maxlen: 24
104.222.183.0/24 maxlen: 24
104.222.189.0/24 maxlen: 24
104.233.8.0/24 maxlen: 24
104.233.9.0/24 maxlen: 24
104.233.59.0/24 maxlen: 24
104.238.6.0/24 maxlen: 24
104.238.11.0/24 maxlen: 24
104.238.12.0/24 maxlen: 24
104.238.13.0/24 maxlen: 24
104.239.8.0/24 maxlen: 24
104.239.12.0/24 maxlen: 24
104.239.14.0/24 maxlen: 24
104.239.29.0/24 maxlen: 24
104.239.54.0/24 maxlen: 24
104.239.55.0/24 maxlen: 24
104.239.56.0/24 maxlen: 24
104.239.57.0/24 maxlen: 24
104.239.58.0/24 maxlen: 24
104.239.59.0/24 maxlen: 24
104.239.60.0/24 maxlen: 24
104.239.61.0/24 maxlen: 24
104.239.62.0/24 maxlen: 24
104.239.63.0/24 maxlen: 24
104.239.64.0/24 maxlen: 24
104.239.65.0/24 maxlen: 24
104.249.8.0/24 maxlen: 24
104.249.9.0/24 maxlen: 24
104.249.10.0/24 maxlen: 24
104.249.11.0/24 maxlen: 24
104.249.12.0/24 maxlen: 24
104.249.13.0/24 maxlen: 24
104.249.14.0/24 maxlen: 24
104.249.15.0/24 maxlen: 24
104.249.16.0/24 maxlen: 24
104.249.17.0/24 maxlen: 24
104.249.18.0/24 maxlen: 24
104.249.19.0/24 maxlen: 24
104.249.20.0/24 maxlen: 24
104.249.21.0/24 maxlen: 24
104.249.22.0/24 maxlen: 24
104.249.23.0/24 maxlen: 24
104.249.42.0/24 maxlen: 24
104.249.43.0/24 maxlen: 24
104.249.44.0/24 maxlen: 24
104.249.45.0/24 maxlen: 24
104.249.46.0/24 maxlen: 24
104.249.47.0/24 maxlen: 24
104.249.48.0/24 maxlen: 24
104.249.49.0/24 maxlen: 24
104.249.50.0/24 maxlen: 24
104.249.51.0/24 maxlen: 24
104.249.52.0/24 maxlen: 24
104.249.53.0/24 maxlen: 24
104.249.54.0/24 maxlen: 24
216.173.90.0/24 maxlen: 24
216.173.91.0/24 maxlen: 24
216.173.92.0/24 maxlen: 24
216.173.93.0/24 maxlen: 24
216.173.94.0/24 maxlen: 24
216.173.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4c:f6:ff:dd:55:7a:bc:46:f5:7f:a2:3a:2e:a8:05:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Oct 2 11:21:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6001a085fda71d6c5298fb276656d28cb0b74ea4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:83:c5:b4:61:21:64:19:8e:aa:81:1c:67:0f:
18:52:19:9a:a9:8c:5d:11:5f:40:36:d1:96:6b:75:
7b:89:36:bd:c5:3b:7b:3e:6f:d7:61:f7:b6:8a:c8:
f3:ba:5e:c5:bb:71:3f:01:e2:c4:24:48:5a:f7:5e:
35:05:56:34:bd:59:60:13:ad:eb:4c:0d:3a:49:01:
ec:04:a8:20:bb:47:e4:78:e2:74:7e:16:a4:ca:58:
df:a2:7f:af:65:b0:cb:a5:ac:9e:ac:dd:c0:f2:e5:
66:e8:b5:c2:62:bc:58:d5:a2:70:4b:ef:f6:75:f7:
a6:3b:a4:04:d6:da:62:8b:00:59:a3:a1:09:54:8f:
c4:03:d5:51:ab:b2:ac:4f:8b:fb:31:2a:78:5c:ed:
4b:16:76:c8:8f:33:5d:ee:9c:24:61:b2:1c:ed:4f:
c6:3a:89:8f:97:54:d5:37:70:97:be:6b:0b:e4:74:
02:17:13:79:19:42:50:c9:fd:60:fd:56:88:32:36:
43:32:73:0e:b9:e4:a0:fd:0d:9e:ba:01:35:b9:ed:
47:31:11:0a:1e:56:a3:f5:ae:2d:40:44:4e:7c:b7:
87:e4:b4:cd:54:dd:6d:90:27:55:06:8a:52:cf:9c:
e0:db:f8:97:3e:57:a5:c4:28:2c:07:0f:ca:28:48:
f6:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:01:A0:85:FD:A7:1D:6C:52:98:FB:27:66:56:D2:8C:B0:B7:4E:A4
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YAGghf2nHWxSmPsnZlbSjLC3TqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.145.0-45.43.146.255
45.43.148.0/22
45.43.154.0-45.43.156.255
45.43.158.0-45.43.162.255
64.137.16.0/24
104.222.176.0/21
104.222.189.0/24
104.233.8.0/23
104.233.59.0/24
104.238.6.0/24
104.238.11.0-104.238.13.255
104.239.8.0/24
104.239.12.0/24
104.239.14.0/24
104.239.29.0/24
104.239.54.0-104.239.65.255
104.249.8.0-104.249.23.255
104.249.42.0-104.249.54.255
216.173.90.0-216.173.95.255
Signature Algorithm: sha256WithRSAEncryption
97:78:2e:d4:73:3c:ac:a5:9b:2d:7c:b7:11:cd:e1:28:2b:40:
67:c0:a0:33:ea:02:cf:3c:1f:60:02:cd:26:0e:37:ca:6b:30:
25:c3:8e:42:9b:5c:e2:10:0b:90:fb:20:07:5b:b0:86:64:93:
5f:c9:41:fa:2b:60:f1:37:20:3d:ca:3f:9d:92:da:a0:d1:7a:
21:85:af:e6:85:f8:43:35:27:1d:b2:6f:3f:5a:fe:77:9f:9a:
16:81:1f:7b:e2:d8:18:aa:98:42:2a:2e:59:a0:96:e9:2c:d5:
f2:16:42:ad:8e:22:33:6d:07:86:16:9b:97:b3:46:4e:73:1e:
00:6c:fe:44:8b:38:b1:14:c0:4f:48:f6:23:59:97:b8:9c:ae:
51:c9:9a:3e:95:c2:67:e2:ad:bd:1a:5c:48:eb:69:de:21:33:
8d:fd:cc:4c:fe:73:db:c3:ae:de:8d:ba:1d:94:0b:02:e9:ed:
76:8d:9a:8e:fd:e6:f4:55:c6:81:59:a4:13:62:48:37:e5:3a:
cf:68:b0:b5:a1:dd:db:3e:f0:aa:62:38:ed:7b:e5:68:3a:05:
9f:22:5e:ff:1e:82:ef:0d:55:00:9b:68:ae:aa:00:97:a8:dc:
be:02:7c:1b:25:12:6c:eb:6b:70:80:04:59:bf:31:2e:d3:61:
f3:1d:ef:3c
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAZJM9v/dVXq8RvV/ojouqAVNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjQxMDAyMTEyMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDAxYTA4NWZkYTcxZDZjNTI5OGZiMjc2NjU2ZDI4Y2IwYjc0ZWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIPFtGEhZBmOqoEcZw8YUhmaqYxd
EV9ANtGWa3V7iTa9xTt7Pm/XYfe2isjzul7Fu3E/AeLEJEha9141BVY0vVlgE63r
TA06SQHsBKggu0fkeOJ0fhakyljfon+vZbDLpayerN3A8uVm6LXCYrxY1aJwS+/2
dfemO6QE1tpiiwBZo6EJVI/EA9VRq7KsT4v7MSp4XO1LFnbIjzNd7pwkYbIc7U/G
OomPl1TVN3CXvmsL5HQCFxN5GUJQyf1g/VaIMjZDMnMOueSg/Q2eugE1ue1HMREK
Hlaj9a4tQEROfLeH5LTNVN1tkCdVBopSz5zg2/iXPlelxCgsBw/KKEj2/wIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFGABoIX9px1sUpj7J2ZW0oywt06kMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvWUFHZ2hmMm5IV3hTbVBzblpsYlNqTEMzVHFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHPBggrBgEFBQcBBwEB/wSBvzCBvDCBuQQCAAEwgbIwDAME
AC0rkQMEAC0rkgMEAi0rlDAMAwQBLSuaAwQALSucMAwDBAEtK54DBAAtK6IDBABA
iRADBANo3rADBABo3r0DBAFo6QgDBABo6TsDBABo7gYwDAMEAGjuCwMEAWjuDAME
AGjvCAMEAGjvDAMEAGjvDgMEAGjvHTAMAwQBaO82AwQBaO9AMAwDBANo+QgDBANo
+RAwDAMEAWj5KgMEAGj5NjAMAwQB2K1aAwQF2K1AMA0GCSqGSIb3DQEBCwUAA4IB
AQCXeC7UczyspZstfLcRzeEoK0BnwKAz6gLPPB9gAs0mDjfKazAlw45Cm1ziEAuQ
+yAHW7CGZJNfyUH6K2DxNyA9yj+dktqg0Xohha/mhfhDNScdsm8/Wv53n5oWgR97
4tgYqphCKi5ZoJbpLNXyFkKtjiIzbQeGFpuXs0ZOcx4AbP5EizixFMBPSPYjWZe4
nK5RyZo+lcJn4q29GlxI62neITON/cxM/nPbw67ejbodlAsC6e12jZqO/eb0VcaB
WaQTYkg35TrPaLC1od3bPvCqYjjte+VoOgWfIl7/HoLvDVUAm2iuqgCXqNy+Anwb
JRJs62twgARZvzEu02HzHe88
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:53:15 2024 by rpki-client on console-fra.rpki-client.org