Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/yMTBnwx80dKVOEpy2rdiluj9SJk.roa
File: yMTBnwx80dKVOEpy2rdiluj9SJk.roa (raw, json)
Hash identifier: XQ5TZYnUviYp0i3yJ0jooPhRUhNYbnJ5YaSwHmKCy0w=
Subject key identifier: C8:C4:C1:9F:0C:7C:D1:D2:95:38:4A:72:DA:B7:62:96:E8:FD:48:99
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 0191FB1F28E9CB4A7F363FCB062A92D236EF
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/yMTBnwx80dKVOEpy2rdiluj9SJk.roa
Signing time: Mon 16 Sep 2024 13:56:48 +0000
ROA not before: Mon 16 Sep 2024 13:56:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48147
IP address blocks: 46.38.143.0/24 maxlen: 24
212.16.86.0/24 maxlen: 24
212.80.18.0/23 maxlen: 23
212.80.18.0/24 maxlen: 24
212.80.19.0/24 maxlen: 24
212.80.20.0/22 maxlen: 22
212.80.20.0/24 maxlen: 24
212.80.21.0/24 maxlen: 24
212.80.22.0/24 maxlen: 24
212.80.23.0/24 maxlen: 24
212.80.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.mft
rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 00:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:fb:1f:28:e9:cb:4a:7f:36:3f:cb:06:2a:92:d2:36:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Sep 16 13:56:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8c4c19f0c7cd1d295384a72dab76296e8fd4899
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d9:1a:5d:3b:6b:a0:08:10:96:ff:be:30:61:
c1:23:04:4f:b0:93:5b:08:92:4f:43:1d:7f:ec:70:
2c:52:7e:4c:c2:f8:54:62:ed:78:f5:40:8b:c8:4e:
ea:44:e2:13:20:99:ef:59:e3:94:5d:72:ce:57:e3:
2c:8c:26:e2:ba:33:3b:cb:fc:b2:cf:a5:25:67:9d:
00:7d:ed:64:28:c0:7e:87:5c:3b:6e:f0:6a:09:ae:
6e:39:74:45:78:0d:31:00:70:1c:42:c3:7e:85:83:
9b:b7:7c:f4:17:29:80:3b:63:34:c2:2c:88:a9:a0:
eb:e3:d3:87:7f:37:2c:9b:27:62:4d:f9:05:a2:8b:
5b:22:a2:42:e5:9e:3d:16:68:5d:82:ac:1c:bb:e2:
1b:26:c9:15:0a:67:d3:fd:d0:ba:47:58:3d:b4:ab:
0a:b1:48:ba:1b:34:d3:13:ff:ba:c1:65:7e:3f:71:
ad:09:9c:f3:fa:ba:37:f2:55:48:fe:70:27:0d:dd:
f3:42:b4:b2:30:f9:3a:da:cb:5c:4d:d5:eb:e4:c0:
b5:b8:b9:a4:92:2b:18:aa:8a:ec:64:7c:50:e2:40:
8d:82:9d:85:19:fb:01:63:85:9d:11:50:46:4a:f2:
9d:06:5b:c8:9d:95:42:90:83:ba:2f:d7:14:ab:9c:
c1:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:C4:C1:9F:0C:7C:D1:D2:95:38:4A:72:DA:B7:62:96:E8:FD:48:99
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/yMTBnwx80dKVOEpy2rdiluj9SJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.143.0/24
212.16.86.0/24
212.80.18.0-212.80.24.255
Signature Algorithm: sha256WithRSAEncryption
19:22:2d:3d:77:82:6f:d6:50:27:30:2a:19:a2:bc:0b:eb:43:
b4:be:c6:ef:43:7b:3c:94:0e:08:13:f0:9c:1d:4a:ec:f1:f2:
54:31:39:50:3c:08:3d:7b:3e:bb:b1:c7:93:27:d3:b8:eb:6b:
76:03:d5:be:89:8d:8a:76:24:2c:40:9b:cf:3f:46:50:33:0d:
70:09:91:1d:ba:5f:c1:22:c6:fe:5d:58:86:34:df:df:39:21:
ca:f8:04:e7:ff:cb:c4:a1:dc:d4:95:7f:67:47:17:92:5f:51:
f1:9d:19:03:d5:e9:af:be:c6:75:8d:60:56:ed:c6:7d:2f:62:
ea:fb:43:f1:0e:77:c3:8d:da:27:33:bc:73:80:ec:b7:db:a8:
cb:d5:66:bb:88:1c:8c:56:32:86:0f:c6:e0:a8:1c:9d:45:c4:
58:57:4d:1f:d0:57:65:56:97:14:33:49:93:82:0a:72:36:f0:
e1:4a:40:c8:3d:eb:99:b2:c9:8f:36:ee:45:97:39:26:65:bc:
bc:fd:15:e0:2a:3a:44:ff:81:43:5d:35:c8:30:69:fc:d5:2e:
39:a9:6e:ed:81:4a:46:93:24:20:dd:9f:57:39:7a:3f:50:54:
14:b2:3a:0f:8a:3b:59:90:11:4b:94:4e:df:61:56:72:ab:fa:
a6:9e:26:14
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZH7Hyjpy0p/Nj/LBiqS0jbvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjQwOTE2MTM1NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGM0YzE5ZjBjN2NkMWQyOTUzODRhNzJkYWI3NjI5NmU4ZmQ0ODk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0dkaXTtroAgQlv++MGHBIwRPsJNb
CJJPQx1/7HAsUn5MwvhUYu149UCLyE7qROITIJnvWeOUXXLOV+MsjCbiujM7y/yy
z6UlZ50Afe1kKMB+h1w7bvBqCa5uOXRFeA0xAHAcQsN+hYObt3z0FymAO2M0wiyI
qaDr49OHfzcsmydiTfkFootbIqJC5Z49Fmhdgqwcu+IbJskVCmfT/dC6R1g9tKsK
sUi6GzTTE/+6wWV+P3GtCZzz+ro38lVI/nAnDd3zQrSyMPk62stcTdXr5MC1uLmk
kisYqorsZHxQ4kCNgp2FGfsBY4WdEVBGSvKdBlvInZVCkIO6L9cUq5zBmQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMjEwZ8MfNHSlThKctq3Ypbo/UiZMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEveU1UQm53eDgwZEtWT0VweTJyZGlsdWo5U0prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQALiaPAwQA
1BBWMAwDBAHUUBIDBADUUBgwDQYJKoZIhvcNAQELBQADggEBABkiLT13gm/WUCcw
KhmivAvrQ7S+xu9DezyUDggT8JwdSuzx8lQxOVA8CD17Pruxx5Mn07jra3YD1b6J
jYp2JCxAm88/RlAzDXAJkR26X8Eixv5dWIY03985Icr4BOf/y8Sh3NSVf2dHF5Jf
UfGdGQPV6a++xnWNYFbtxn0vYur7Q/EOd8ON2iczvHOA7LfbqMvVZruIHIxWMoYP
xuCoHJ1FxFhXTR/QV2VWlxQzSZOCCnI28OFKQMg965myyY827kWXOSZlvLz9FeAq
OkT/gUNdNcgwafzVLjmpbu2BSkaTJCDdn1c5ej9QVBSyOg+KO1mQEUuUTt9hVnKr
+qaeJhQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:41:34 2024 by rpki-client on console-fra.rpki-client.org