Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/1cb9fc-6b33-42d5-9423-79ecd8a9b6d6/1/yDMRgaFZw8BQMbfQCKS5y-u4Bik.roa
File: yDMRgaFZw8BQMbfQCKS5y-u4Bik.roa (raw, json)
Hash identifier: kEDxuR0IdebGzPoaE3wV9To68276cA8myzI9/tmPd/U=
Subject key identifier: C8:33:11:81:A1:59:C3:C0:50:31:B7:D0:08:A4:B9:CB:EB:B8:06:29
Certificate issuer: /CN=7135e3894634482b08317775c79657e9b8312d4d
Certificate serial: 018EECB4A7385E9D1F467E9FB6543C9F66BF
Authority key identifier: 71:35:E3:89:46:34:48:2B:08:31:77:75:C7:96:57:E9:B8:31:2D:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cTXjiUY0SCsIMXd1x5ZX6bgxLU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/1cb9fc-6b33-42d5-9423-79ecd8a9b6d6/1/yDMRgaFZw8BQMbfQCKS5y-u4Bik.roa
Signing time: Wed 17 Apr 2024 15:37:26 +0000
ROA not before: Wed 17 Apr 2024 15:37:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41354
IP address blocks: 137.22.160.0/19 maxlen: 19
149.106.160.0/19 maxlen: 19
185.20.128.0/22 maxlen: 22
185.127.192.0/23 maxlen: 23
185.127.194.0/23 maxlen: 23
185.179.120.0/22 maxlen: 22
185.207.68.0/22 maxlen: 22
212.82.64.0/19 maxlen: 19
2a04:1700::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/1cb9fc-6b33-42d5-9423-79ecd8a9b6d6/1/cTXjiUY0SCsIMXd1x5ZX6bgxLU0.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/1cb9fc-6b33-42d5-9423-79ecd8a9b6d6/1/cTXjiUY0SCsIMXd1x5ZX6bgxLU0.mft
rsync://rpki.ripe.net/repository/DEFAULT/cTXjiUY0SCsIMXd1x5ZX6bgxLU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 06:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ec:b4:a7:38:5e:9d:1f:46:7e:9f:b6:54:3c:9f:66:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7135e3894634482b08317775c79657e9b8312d4d
Validity
Not Before: Apr 17 15:37:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8331181a159c3c05031b7d008a4b9cbebb80629
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a7:28:64:55:18:31:0f:b5:ad:10:00:39:77:
42:92:85:72:73:7d:87:18:f2:33:ce:1a:b5:3e:89:
87:2a:6b:44:bd:42:85:ee:81:2c:7d:2d:14:c9:02:
6d:41:5d:4c:38:d4:47:87:09:a2:21:88:da:1d:fe:
57:cf:52:04:ff:6e:6c:cd:9d:1e:92:bc:dd:81:04:
45:aa:e1:76:bc:f6:da:74:f9:f1:b7:9e:00:73:a4:
36:f7:8a:c5:e3:8a:a8:66:f9:b1:98:f9:ef:48:ee:
33:e0:76:f6:2f:e8:3a:c1:fa:18:e1:a1:a9:16:50:
32:d2:1c:ea:15:0f:2d:8b:09:be:2c:be:a4:69:cb:
d7:31:a9:ba:5b:d9:01:16:f4:1c:63:c3:7c:cd:ba:
8a:1f:44:be:cb:c6:ef:be:b4:62:c2:e9:1e:f7:1e:
67:df:1f:76:a3:b9:86:52:77:ec:63:ae:8b:53:da:
f1:ae:56:65:bb:5b:d4:a1:c8:cf:bf:02:37:66:9f:
31:86:cd:c0:f3:97:f3:da:f5:b4:44:13:20:3d:8e:
61:db:c9:89:1d:74:c2:70:da:22:3d:be:e6:97:ac:
59:7a:63:4c:aa:39:42:88:d3:88:90:de:30:7d:22:
a2:e8:7e:d3:bd:30:4f:4c:a5:b9:22:ca:eb:51:88:
87:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:33:11:81:A1:59:C3:C0:50:31:B7:D0:08:A4:B9:CB:EB:B8:06:29
X509v3 Authority Key Identifier:
keyid:71:35:E3:89:46:34:48:2B:08:31:77:75:C7:96:57:E9:B8:31:2D:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cTXjiUY0SCsIMXd1x5ZX6bgxLU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1cb9fc-6b33-42d5-9423-79ecd8a9b6d6/1/yDMRgaFZw8BQMbfQCKS5y-u4Bik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1cb9fc-6b33-42d5-9423-79ecd8a9b6d6/1/cTXjiUY0SCsIMXd1x5ZX6bgxLU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
137.22.160.0/19
149.106.160.0/19
185.20.128.0/22
185.127.192.0/22
185.179.120.0/22
185.207.68.0/22
212.82.64.0/19
IPv6:
2a04:1700::/29
Signature Algorithm: sha256WithRSAEncryption
59:f1:ed:43:ee:d8:77:68:a8:c9:ef:f4:5e:e7:1e:a9:c2:88:
ce:e5:43:e7:b3:0e:9e:78:a6:64:6e:5f:19:f9:97:8b:e8:54:
e9:ea:5d:0c:eb:7d:98:86:4c:a6:8e:54:53:21:e5:a5:91:0e:
ae:0d:72:50:7c:ad:99:c6:7e:9f:91:0b:4e:33:e2:9f:b8:d3:
bb:57:3a:ae:e5:ee:91:00:29:e7:6e:2f:16:13:0a:73:2a:8a:
98:81:47:4c:6d:c9:cb:cd:86:95:bf:11:bc:a9:a8:4c:6b:5d:
96:07:bc:c7:71:37:9b:fb:7e:ff:a7:ee:28:31:1d:fd:26:57:
b4:14:43:96:d1:12:40:8d:a5:ca:e2:55:e8:b7:08:b6:96:1e:
78:ef:38:49:f8:9c:79:c9:16:12:a2:7b:71:ce:68:13:7c:d4:
4e:74:7c:ab:cf:a7:ac:2f:0b:ff:ac:63:32:19:40:2a:57:bc:
17:59:b3:cc:bc:79:3b:f9:63:ed:ce:55:8e:be:fa:dc:ba:4f:
f4:cb:51:f1:cc:c6:a9:77:50:a1:c0:d1:78:bf:22:bb:60:8a:
e7:12:d2:eb:2c:01:5e:b9:70:e6:fc:e9:73:51:90:67:84:32:
87:0b:cb:b0:76:40:64:f4:21:f6:71:76:ae:23:22:cc:35:3a:
96:01:d0:48
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAY7stKc4Xp0fRn6ftlQ8n2a/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMzVlMzg5NDYzNDQ4MmIwODMxNzc3NWM3OTY1N2U5Yjgz
MTJkNGQwHhcNMjQwNDE3MTUzNzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODMzMTE4MWExNTljM2MwNTAzMWI3ZDAwOGE0YjljYmViYjgwNjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6coZFUYMQ+1rRAAOXdCkoVyc32H
GPIzzhq1PomHKmtEvUKF7oEsfS0UyQJtQV1MONRHhwmiIYjaHf5Xz1IE/25szZ0e
krzdgQRFquF2vPbadPnxt54Ac6Q294rF44qoZvmxmPnvSO4z4Hb2L+g6wfoY4aGp
FlAy0hzqFQ8tiwm+LL6kacvXMam6W9kBFvQcY8N8zbqKH0S+y8bvvrRiwuke9x5n
3x92o7mGUnfsY66LU9rxrlZlu1vUocjPvwI3Zp8xhs3A85fz2vW0RBMgPY5h28mJ
HXTCcNoiPb7ml6xZemNMqjlCiNOIkN4wfSKi6H7TvTBPTKW5IsrrUYiH2QIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFMgzEYGhWcPAUDG30AikucvruAYpMB8GA1UdIwQY
MBaAFHE144lGNEgrCDF3dceWV+m4MS1NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1RYamlVWTBTQ3NJTVhkMXg1Wlg2Ymd4TFUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8xY2I5ZmMtNmIzMy00MmQ1LTk0MjMt
NzllY2Q4YTliNmQ2LzEveURNUmdhRlp3OEJRTWJmUUNLUzV5LXU0QmlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8xY2I5ZmMtNmIzMy00MmQ1LTk0MjMtNzllY2Q4YTliNmQ2
LzEvY1RYamlVWTBTQ3NJTVhkMXg1Wlg2Ymd4TFUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQFiRagAwQF
lWqgAwQCuRSAAwQCuX/AAwQCubN4AwQCuc9EAwQF1FJAMA0EAgACMAcDBQMqBBcA
MA0GCSqGSIb3DQEBCwUAA4IBAQBZ8e1D7th3aKjJ7/Re5x6pwojO5UPnsw6eeKZk
bl8Z+ZeL6FTp6l0M632YhkymjlRTIeWlkQ6uDXJQfK2Zxn6fkQtOM+KfuNO7Vzqu
5e6RACnnbi8WEwpzKoqYgUdMbcnLzYaVvxG8qahMa12WB7zHcTeb+37/p+4oMR39
Jle0FEOW0RJAjaXK4lXotwi2lh547zhJ+Jx5yRYSontxzmgTfNROdHyrz6esLwv/
rGMyGUAqV7wXWbPMvHk7+WPtzlWOvvrcuk/0y1HxzMapd1ChwNF4vyK7YIrnEtLr
LAFeuXDm/OlzUZBnhDKHC8uwdkBk9CH2cXauIyLMNTqWAdBI
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:57:14 2024 by rpki-client on console-fra.rpki-client.org