Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/9cf95f-73d3-4e4f-a979-d8bd2f56bc8c/1/AyldtAoWafPHTkmACDxst6jxsP8.roa
File: AyldtAoWafPHTkmACDxst6jxsP8.roa (raw, json)
Hash identifier: 5JuPcS4QOkaO/Jt7b79o9DhsMUfsXTNZilUz8aQXzEc=
Subject key identifier: 03:29:5D:B4:0A:16:69:F3:C7:4E:49:80:08:3C:6C:B7:A8:F1:B0:FF
Certificate issuer: /CN=d031655023bd141731d56fb8453ff0514f728865
Certificate serial: 019427B4731DFBB5E4D6CCC14C6452240670
Authority key identifier: D0:31:65:50:23:BD:14:17:31:D5:6F:B8:45:3F:F0:51:4F:72:88:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0DFlUCO9FBcx1W-4RT_wUU9yiGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/9cf95f-73d3-4e4f-a979-d8bd2f56bc8c/1/AyldtAoWafPHTkmACDxst6jxsP8.roa
Signing time: Thu 02 Jan 2025 15:48:44 +0000
ROA not before: Thu 02 Jan 2025 15:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59862
IP address blocks: 85.204.172.0/22 maxlen: 22
85.204.172.0/24 maxlen: 24
85.204.173.0/24 maxlen: 24
85.204.174.0/24 maxlen: 24
85.204.175.0/24 maxlen: 24
93.119.20.0/23 maxlen: 23
93.119.20.0/24 maxlen: 24
93.119.21.0/24 maxlen: 24
93.119.22.0/24 maxlen: 24
153.92.176.0/22 maxlen: 22
153.92.176.0/24 maxlen: 24
153.92.177.0/24 maxlen: 24
153.92.178.0/24 maxlen: 24
153.92.179.0/24 maxlen: 24
176.223.88.0/21 maxlen: 21
176.223.88.0/22 maxlen: 22
176.223.92.0/22 maxlen: 22
185.63.88.0/22 maxlen: 22
185.63.88.0/24 maxlen: 24
185.63.89.0/24 maxlen: 24
185.63.90.0/24 maxlen: 24
185.63.91.0/24 maxlen: 24
188.215.20.0/22 maxlen: 22
188.215.20.0/24 maxlen: 24
188.215.21.0/24 maxlen: 24
188.215.22.0/24 maxlen: 24
188.215.23.0/24 maxlen: 24
2a03:a60::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/9cf95f-73d3-4e4f-a979-d8bd2f56bc8c/1/0DFlUCO9FBcx1W-4RT_wUU9yiGU.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/9cf95f-73d3-4e4f-a979-d8bd2f56bc8c/1/0DFlUCO9FBcx1W-4RT_wUU9yiGU.mft
rsync://rpki.ripe.net/repository/DEFAULT/0DFlUCO9FBcx1W-4RT_wUU9yiGU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b4:73:1d:fb:b5:e4:d6:cc:c1:4c:64:52:24:06:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d031655023bd141731d56fb8453ff0514f728865
Validity
Not Before: Jan 2 15:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=03295db40a1669f3c74e4980083c6cb7a8f1b0ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f1:e5:f1:88:ac:9f:6d:d0:3b:e6:79:57:73:
70:d9:65:c4:b4:f9:b4:d1:69:97:f9:c1:06:ba:d8:
ed:e4:3f:06:22:f4:f1:fb:4c:f5:fb:a4:e5:ca:d4:
19:d1:9b:84:5a:4c:c6:74:af:47:8f:d2:a4:21:f3:
14:28:fc:8c:4e:7e:b6:17:82:5a:75:15:aa:d7:e5:
5b:80:ff:d8:f8:5a:3a:e9:40:ea:f9:9a:28:ef:a8:
8b:88:5a:1e:ca:2d:e7:d8:82:87:96:b9:1d:c1:29:
db:31:76:d6:bf:ff:8d:bc:cc:08:5a:94:5b:7c:ea:
49:b3:24:18:c8:ae:a4:8e:27:26:1c:52:6b:aa:6c:
66:94:0a:94:ff:ad:f2:27:2e:c1:af:e3:46:cb:06:
d2:f4:d7:1d:53:67:17:8a:c2:d4:34:4e:62:63:89:
d5:4f:dd:d2:4d:8a:da:1d:0c:8d:1d:54:1b:08:7f:
a2:90:06:c2:c8:1c:8f:27:30:91:81:25:fb:0b:82:
b5:17:85:9c:af:69:3a:de:14:86:f9:f1:e7:a8:d7:
31:28:c2:d5:bc:c5:ef:f5:5b:55:ad:6e:bd:06:18:
e6:8f:f8:6c:d5:23:01:ca:67:57:d4:5e:94:10:0b:
de:56:b4:f9:c8:a4:88:11:c7:3b:26:8c:40:d0:9a:
21:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:29:5D:B4:0A:16:69:F3:C7:4E:49:80:08:3C:6C:B7:A8:F1:B0:FF
X509v3 Authority Key Identifier:
keyid:D0:31:65:50:23:BD:14:17:31:D5:6F:B8:45:3F:F0:51:4F:72:88:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0DFlUCO9FBcx1W-4RT_wUU9yiGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/9cf95f-73d3-4e4f-a979-d8bd2f56bc8c/1/AyldtAoWafPHTkmACDxst6jxsP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/9cf95f-73d3-4e4f-a979-d8bd2f56bc8c/1/0DFlUCO9FBcx1W-4RT_wUU9yiGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.172.0/22
93.119.20.0-93.119.22.255
153.92.176.0/22
176.223.88.0/21
185.63.88.0/22
188.215.20.0/22
IPv6:
2a03:a60::/32
Signature Algorithm: sha256WithRSAEncryption
2f:3c:63:d2:08:77:c6:1a:28:2c:66:7f:88:6e:2f:c8:89:bd:
14:87:39:30:30:2c:7c:41:ed:13:f6:e4:30:f5:a8:d1:da:cb:
be:dc:6f:5d:4b:bb:fc:aa:99:4d:09:23:03:6b:b8:27:2e:d5:
35:51:89:80:82:4a:eb:82:72:66:29:ad:5f:0b:f5:3e:ee:cd:
6f:76:15:1b:05:56:ad:11:8e:79:2a:ae:d4:b5:cd:61:8e:ad:
b5:fa:23:d8:0e:8e:28:37:1d:26:f8:31:26:ff:6a:09:fb:af:
83:79:40:79:dd:ee:c2:8e:38:f1:d3:07:55:8c:e5:0e:e6:7b:
e7:6e:20:7f:26:57:04:13:51:46:a5:b2:d8:d6:a9:87:7a:b6:
d2:d1:f4:9f:e7:db:97:5e:25:d4:e0:73:bd:80:94:6a:fd:c9:
1b:e7:88:1c:8b:b6:25:6b:27:4f:0b:d9:f7:ec:44:95:59:49:
15:af:74:3d:bc:19:fa:07:a1:d6:d3:8f:5c:4f:09:04:b5:91:
95:24:d5:06:39:c7:5d:4d:d3:84:7a:49:a0:0c:c4:d7:6a:0a:
60:57:d8:10:dc:1f:26:58:30:f3:6d:7b:0d:47:5c:be:b7:7e:
d4:d9:42:67:d9:2b:f4:0c:59:a5:31:fc:c8:58:4e:a1:d2:53:
6a:f9:95:1c
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZQntHMd+7Xk1szBTGRSJAZwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMzE2NTUwMjNiZDE0MTczMWQ1NmZiODQ1M2ZmMDUxNGY3
Mjg4NjUwHhcNMjUwMTAyMTU0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzI5NWRiNDBhMTY2OWYzYzc0ZTQ5ODAwODNjNmNiN2E4ZjFiMGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPHl8Yisn23QO+Z5V3Nw2WXEtPm0
0WmX+cEGutjt5D8GIvTx+0z1+6TlytQZ0ZuEWkzGdK9Hj9KkIfMUKPyMTn62F4Ja
dRWq1+VbgP/Y+Fo66UDq+Zoo76iLiFoeyi3n2IKHlrkdwSnbMXbWv/+NvMwIWpRb
fOpJsyQYyK6kjicmHFJrqmxmlAqU/63yJy7Br+NGywbS9NcdU2cXisLUNE5iY4nV
T93STYraHQyNHVQbCH+ikAbCyByPJzCRgSX7C4K1F4Wcr2k63hSG+fHnqNcxKMLV
vMXv9VtVrW69Bhjmj/hs1SMBymdX1F6UEAveVrT5yKSIEcc7JoxA0JohMQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFAMpXbQKFmnzx05JgAg8bLeo8bD/MB8GA1UdIwQY
MBaAFNAxZVAjvRQXMdVvuEU/8FFPcohlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMERGbFVDTzlGQmN4MVctNFJUX3dVVTl5aUdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS85Y2Y5NWYtNzNkMy00ZTRmLWE5Nzkt
ZDhiZDJmNTZiYzhjLzEvQXlsZHRBb1dhZlBIVGttQUNEeHN0Nmp4c1A4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS85Y2Y5NWYtNzNkMy00ZTRmLWE5NzktZDhiZDJmNTZiYzhj
LzEvMERGbFVDTzlGQmN4MVctNFJUX3dVVTl5aUdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQCVcysMAwD
BAJddxQDBABddxYDBAKZXLADBAOw31gDBAK5P1gDBAK81xQwDQQCAAIwBwMFACoD
CmAwDQYJKoZIhvcNAQELBQADggEBAC88Y9IId8YaKCxmf4huL8iJvRSHOTAwLHxB
7RP25DD1qNHay77cb11Lu/yqmU0JIwNruCcu1TVRiYCCSuuCcmYprV8L9T7uzW92
FRsFVq0RjnkqrtS1zWGOrbX6I9gOjig3HSb4MSb/agn7r4N5QHnd7sKOOPHTB1WM
5Q7me+duIH8mVwQTUUalstjWqYd6ttLR9J/n25deJdTgc72AlGr9yRvniByLtiVr
J08L2ffsRJVZSRWvdD28GfoHodbTj1xPCQS1kZUk1QY5x11N04R6SaAMxNdqCmBX
2BDcHyZYMPNtew1HXL63ftTZQmfZK/QMWaUx/MhYTqHSU2r5lRw=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:49:22 2025 by rpki-client