Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/630cbe-ce01-464d-82eb-d851e40d57bf/1/YJART7Jbgq1NeV9fb8NGYeu9bhU.roa
File: YJART7Jbgq1NeV9fb8NGYeu9bhU.roa (raw, json)
Hash identifier: 1xbeNFGaj3vZlxU1utNpfnjbVTyEhAN7MvbB03wi840=
Subject key identifier: 60:90:11:4F:B2:5B:82:AD:4D:79:5F:5F:6F:C3:46:61:EB:BD:6E:15
Certificate issuer: /CN=caece41cbc2c30626ef2a28d1839f2d6c4757f3f
Certificate serial: 01907D4C6AB2ECE814068803CF26C32CBDF6
Authority key identifier: CA:EC:E4:1C:BC:2C:30:62:6E:F2:A2:8D:18:39:F2:D6:C4:75:7F:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yuzkHLwsMGJu8qKNGDny1sR1fz8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/630cbe-ce01-464d-82eb-d851e40d57bf/1/YJART7Jbgq1NeV9fb8NGYeu9bhU.roa
Signing time: Thu 04 Jul 2024 10:31:18 +0000
ROA not before: Thu 04 Jul 2024 10:31:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15625
IP address blocks: 145.221.0.0/16 maxlen: 16
145.221.0.0/17 maxlen: 17
145.221.36.0/24 maxlen: 24
145.221.37.0/24 maxlen: 24
145.221.38.0/24 maxlen: 24
145.221.39.0/24 maxlen: 24
145.221.40.0/24 maxlen: 24
145.221.41.0/24 maxlen: 24
145.221.42.0/24 maxlen: 24
145.221.43.0/24 maxlen: 24
145.221.92.0/24 maxlen: 24
145.221.99.0/24 maxlen: 24
145.221.128.0/17 maxlen: 17
145.221.176.0/24 maxlen: 24
145.221.177.0/24 maxlen: 24
145.221.178.0/24 maxlen: 24
145.221.179.0/24 maxlen: 24
145.221.180.0/24 maxlen: 24
145.221.181.0/24 maxlen: 24
145.221.182.0/24 maxlen: 24
145.221.183.0/24 maxlen: 24
145.221.184.0/24 maxlen: 24
145.221.185.0/24 maxlen: 24
145.221.186.0/24 maxlen: 24
145.221.188.0/24 maxlen: 24
145.221.189.0/24 maxlen: 24
145.221.190.0/24 maxlen: 24
145.221.193.0/24 maxlen: 24
145.221.208.0/24 maxlen: 24
145.221.209.0/24 maxlen: 24
145.221.210.0/24 maxlen: 24
145.221.211.0/24 maxlen: 24
145.221.212.0/24 maxlen: 24
145.221.213.0/24 maxlen: 24
145.221.214.0/24 maxlen: 24
145.221.215.0/24 maxlen: 24
145.221.216.0/24 maxlen: 24
145.221.217.0/24 maxlen: 24
145.221.219.0/24 maxlen: 24
145.221.220.0/24 maxlen: 24
145.221.221.0/24 maxlen: 24
145.221.222.0/24 maxlen: 24
145.221.252.0/24 maxlen: 24
145.221.253.0/24 maxlen: 24
145.221.254.0/24 maxlen: 24
145.221.255.0/24 maxlen: 24
156.114.128.0/18 maxlen: 18
156.114.128.0/19 maxlen: 19
156.114.128.0/24 maxlen: 24
156.114.129.0/24 maxlen: 24
156.114.130.0/24 maxlen: 24
156.114.131.0/24 maxlen: 24
156.114.132.0/24 maxlen: 24
156.114.133.0/24 maxlen: 24
156.114.153.0/24 maxlen: 24
156.114.154.0/24 maxlen: 24
156.114.155.0/24 maxlen: 24
156.114.160.0/19 maxlen: 19
156.114.160.0/24 maxlen: 24
156.114.161.0/24 maxlen: 24
156.114.162.0/24 maxlen: 24
156.114.163.0/24 maxlen: 24
156.114.164.0/24 maxlen: 24
156.114.165.0/24 maxlen: 24
156.114.185.0/24 maxlen: 24
156.114.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/630cbe-ce01-464d-82eb-d851e40d57bf/1/yuzkHLwsMGJu8qKNGDny1sR1fz8.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/630cbe-ce01-464d-82eb-d851e40d57bf/1/yuzkHLwsMGJu8qKNGDny1sR1fz8.mft
rsync://rpki.ripe.net/repository/DEFAULT/yuzkHLwsMGJu8qKNGDny1sR1fz8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7d:4c:6a:b2:ec:e8:14:06:88:03:cf:26:c3:2c:bd:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=caece41cbc2c30626ef2a28d1839f2d6c4757f3f
Validity
Not Before: Jul 4 10:31:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6090114fb25b82ad4d795f5f6fc34661ebbd6e15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a9:a8:ff:b2:33:ac:6d:49:41:f0:f4:52:16:
0c:fd:22:dc:31:d6:cf:3c:d0:b0:7a:19:97:6c:68:
4a:84:7b:c4:13:b1:04:03:47:34:46:ca:7d:92:b4:
1c:b2:cc:71:8e:62:ce:b3:f4:f3:f9:c7:c6:02:61:
97:b2:75:9d:a2:c9:28:e5:f9:fe:77:fd:d3:f4:da:
bd:25:da:de:47:96:f0:82:2b:07:ab:38:6c:d4:b5:
36:3f:b7:41:19:1d:f5:cc:ca:1c:99:c1:c5:80:38:
ac:b9:aa:f8:f3:da:44:59:85:92:c7:d5:8a:8b:6a:
43:1a:cd:79:11:e0:b3:4c:e1:07:12:76:67:0a:92:
ee:4f:b8:d0:df:54:d1:58:04:09:a6:8a:1f:05:3f:
91:de:4b:0b:87:4a:cb:5f:c4:27:a5:3b:b0:cb:a2:
94:63:69:5f:0e:bf:4c:05:0e:fd:39:56:25:f1:f9:
91:bc:c4:7e:5e:fe:08:fe:89:62:34:50:13:30:df:
c0:e3:49:cc:84:50:9c:02:a4:1d:9e:75:e8:ef:60:
67:b6:6f:5a:f1:cc:fb:3e:2b:8e:0f:d9:8b:98:d9:
46:ec:a5:dd:99:69:c8:88:e9:5a:36:a0:31:cf:75:
00:46:5f:3a:32:73:b7:43:7e:41:da:d3:29:2c:15:
54:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:90:11:4F:B2:5B:82:AD:4D:79:5F:5F:6F:C3:46:61:EB:BD:6E:15
X509v3 Authority Key Identifier:
keyid:CA:EC:E4:1C:BC:2C:30:62:6E:F2:A2:8D:18:39:F2:D6:C4:75:7F:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yuzkHLwsMGJu8qKNGDny1sR1fz8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/630cbe-ce01-464d-82eb-d851e40d57bf/1/YJART7Jbgq1NeV9fb8NGYeu9bhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/630cbe-ce01-464d-82eb-d851e40d57bf/1/yuzkHLwsMGJu8qKNGDny1sR1fz8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.221.0.0/16
156.114.128.0/18
Signature Algorithm: sha256WithRSAEncryption
2e:fd:ec:ef:1f:01:28:4d:46:90:1d:0a:4e:c4:71:02:5f:77:
3f:3c:32:28:16:a8:78:37:69:58:85:7c:3f:be:55:2f:ea:83:
5c:f5:7b:06:e5:e6:ec:fd:05:33:f2:44:28:5e:24:b6:0d:de:
43:f3:b4:ef:b5:3a:dd:31:90:40:5f:c0:c9:07:84:0f:52:f2:
41:11:a2:54:3c:82:4f:7a:63:4f:c9:03:86:d8:1c:50:0f:f8:
c7:fb:7f:06:6c:22:23:cf:2b:51:fd:59:5c:51:47:17:20:d9:
63:b6:7b:8b:90:b3:71:ab:2c:bf:06:1d:e4:35:86:66:e4:5b:
fe:93:98:c3:1e:8c:bf:f7:f1:33:a1:a1:4d:85:7a:55:53:e2:
4e:b8:7c:21:2d:57:09:d5:86:ef:57:b5:5e:e6:a0:59:1d:48:
22:9c:64:09:6c:37:96:c7:67:eb:ec:35:2f:f6:c8:8c:f7:33:
47:c6:fe:6b:10:fa:13:96:b0:67:9c:c3:81:f3:e8:b1:b7:87:
23:cb:b2:0e:37:cc:57:7c:21:be:6b:eb:47:bf:f2:bc:da:17:
f8:0d:aa:a1:3b:4f:c6:80:57:a0:f3:65:d4:31:35:3c:45:be:
25:e4:05:f0:ff:43:69:74:e6:ed:f7:94:e8:1a:1b:4f:75:66:
b6:88:17:b2
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAZB9TGqy7OgUBogDzybDLL32MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZWNlNDFjYmMyYzMwNjI2ZWYyYTI4ZDE4MzlmMmQ2YzQ3
NTdmM2YwHhcNMjQwNzA0MTAzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDkwMTE0ZmIyNWI4MmFkNGQ3OTVmNWY2ZmMzNDY2MWViYmQ2ZTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKmo/7IzrG1JQfD0UhYM/SLcMdbP
PNCwehmXbGhKhHvEE7EEA0c0Rsp9krQcssxxjmLOs/Tz+cfGAmGXsnWdosko5fn+
d/3T9Nq9JdreR5bwgisHqzhs1LU2P7dBGR31zMocmcHFgDisuar489pEWYWSx9WK
i2pDGs15EeCzTOEHEnZnCpLuT7jQ31TRWAQJpoofBT+R3ksLh0rLX8QnpTuwy6KU
Y2lfDr9MBQ79OVYl8fmRvMR+Xv4I/oliNFATMN/A40nMhFCcAqQdnnXo72Bntm9a
8cz7PiuOD9mLmNlG7KXdmWnIiOlaNqAxz3UARl86MnO3Q35B2tMpLBVUFwIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFGCQEU+yW4KtTXlfX2/DRmHrvW4VMB8GA1UdIwQY
MBaAFMrs5By8LDBibvKijRg58tbEdX8/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXV6a0hMd3NNR0p1OHFLTkdEbnkxc1IxZno4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC82MzBjYmUtY2UwMS00NjRkLTgyZWIt
ZDg1MWU0MGQ1N2JmLzEvWUpBUlQ3SmJncTFOZVY5ZmI4TkdZZXU5YmhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC82MzBjYmUtY2UwMS00NjRkLTgyZWItZDg1MWU0MGQ1N2Jm
LzEveXV6a0hMd3NNR0p1OHFLTkdEbnkxc1IxZno4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMAkd0DBAac
coAwDQYJKoZIhvcNAQELBQADggEBAC797O8fAShNRpAdCk7EcQJfdz88MigWqHg3
aViFfD++VS/qg1z1ewbl5uz9BTPyRCheJLYN3kPztO+1Ot0xkEBfwMkHhA9S8kER
olQ8gk96Y0/JA4bYHFAP+Mf7fwZsIiPPK1H9WVxRRxcg2WO2e4uQs3GrLL8GHeQ1
hmbkW/6TmMMejL/38TOhoU2FelVT4k64fCEtVwnVhu9XtV7moFkdSCKcZAlsN5bH
Z+vsNS/2yIz3M0fG/msQ+hOWsGecw4Hz6LG3hyPLsg43zFd8Ib5r60e/8rzaF/gN
qqE7T8aAV6DzZdQxNTxFviXkBfD/Q2l05u33lOgaG091ZraIF7I=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:51:57 2024 by rpki-client on console-fra.rpki-client.org