Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/bb2647-0950-46a4-b56d-34eb67b475f6/1/YwW9PmhG8M67os_ETzB_lC8b6dc.roa
File: YwW9PmhG8M67os_ETzB_lC8b6dc.roa (raw, json)
Hash identifier: KXc6a/HjHbtUphkQiVnt5ftECmown2oFzOkxnqPkL0M=
Subject key identifier: 63:05:BD:3E:68:46:F0:CE:BB:A2:CF:C4:4F:30:7F:94:2F:1B:E9:D7
Certificate issuer: /CN=7a6735b7a553a1680c11add3e48c3635b53979ca
Certificate serial: 019426D92F64690C0ADF7847731B5AA66753
Authority key identifier: 7A:67:35:B7:A5:53:A1:68:0C:11:AD:D3:E4:8C:36:35:B5:39:79:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/emc1t6VToWgMEa3T5Iw2NbU5eco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/bb2647-0950-46a4-b56d-34eb67b475f6/1/YwW9PmhG8M67os_ETzB_lC8b6dc.roa
Signing time: Thu 02 Jan 2025 11:49:15 +0000
ROA not before: Thu 02 Jan 2025 11:49:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49604
IP address blocks: 45.151.4.0/23 maxlen: 23
45.151.6.0/23 maxlen: 23
85.222.232.0/22 maxlen: 24
85.234.242.0/23 maxlen: 23
85.234.244.0/23 maxlen: 23
85.234.246.0/23 maxlen: 24
185.31.240.0/22 maxlen: 24
217.146.64.0/20 maxlen: 24
2a02:29e8::/32 maxlen: 32
2a02:29ea:a::/48 maxlen: 48
2a02:29ea:14::/48 maxlen: 48
2a02:29ea:1e::/48 maxlen: 48
2a02:29ea:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/bb2647-0950-46a4-b56d-34eb67b475f6/1/emc1t6VToWgMEa3T5Iw2NbU5eco.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/bb2647-0950-46a4-b56d-34eb67b475f6/1/emc1t6VToWgMEa3T5Iw2NbU5eco.mft
rsync://rpki.ripe.net/repository/DEFAULT/emc1t6VToWgMEa3T5Iw2NbU5eco.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:2f:64:69:0c:0a:df:78:47:73:1b:5a:a6:67:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a6735b7a553a1680c11add3e48c3635b53979ca
Validity
Not Before: Jan 2 11:49:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6305bd3e6846f0cebba2cfc44f307f942f1be9d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:77:8f:2c:76:1c:46:13:14:d7:45:72:f5:06:
f5:12:a9:e4:b6:dd:ad:ab:65:6b:03:3b:64:c3:78:
4b:51:ca:86:02:31:a1:c7:cf:fb:e9:50:b8:92:07:
0a:2b:b8:a9:d8:f2:60:26:7c:ad:a6:74:f6:41:94:
3a:6e:de:40:6d:07:19:3d:4f:86:fd:ba:8d:de:b8:
f5:ea:51:c3:bf:a5:5b:e5:ab:d1:c2:d5:f9:33:df:
a6:a8:54:2d:81:b3:8c:3a:61:00:0e:18:6b:7d:2e:
ab:ca:af:28:bf:48:94:44:9c:e2:62:82:cf:78:c5:
d2:76:fd:3d:de:03:8b:2a:6e:c1:95:43:80:c4:ef:
01:ce:5e:40:65:29:6d:50:f9:14:e7:73:a4:69:a9:
9e:09:e6:c1:20:b0:8f:99:58:96:f2:76:fe:61:e7:
32:05:01:af:48:a5:d6:67:17:04:84:3e:9d:18:9c:
10:20:98:1a:ca:4d:cf:4b:9e:6d:32:56:ff:8e:40:
d8:3b:5c:37:94:c3:8b:1f:e4:45:38:ed:0b:02:d4:
c8:bb:5b:34:32:4b:dc:dd:83:60:f1:c0:0d:b9:1c:
1b:fd:25:7d:12:bc:7e:e6:03:d8:d0:60:7f:80:35:
b1:7a:be:11:da:f2:c6:4c:01:80:96:b2:3b:8b:1b:
2f:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:05:BD:3E:68:46:F0:CE:BB:A2:CF:C4:4F:30:7F:94:2F:1B:E9:D7
X509v3 Authority Key Identifier:
keyid:7A:67:35:B7:A5:53:A1:68:0C:11:AD:D3:E4:8C:36:35:B5:39:79:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/emc1t6VToWgMEa3T5Iw2NbU5eco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/bb2647-0950-46a4-b56d-34eb67b475f6/1/YwW9PmhG8M67os_ETzB_lC8b6dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/bb2647-0950-46a4-b56d-34eb67b475f6/1/emc1t6VToWgMEa3T5Iw2NbU5eco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.4.0/22
85.222.232.0/22
85.234.242.0-85.234.247.255
185.31.240.0/22
217.146.64.0/20
IPv6:
2a02:29e8::/32
2a02:29ea:a::/48
2a02:29ea:14::/48
2a02:29ea:1e::/48
2a02:29ea:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
83:be:cf:fc:fb:fe:f4:f4:4f:91:8d:ab:a8:61:a4:d0:77:00:
e9:89:86:4b:4d:56:dc:31:c3:81:9a:9b:6b:6f:b7:ae:b0:52:
34:07:95:97:a2:4f:d7:cb:df:65:64:ec:bd:37:75:ae:63:e2:
66:34:85:ad:4c:38:82:cc:b4:86:31:fd:a5:83:fd:91:c4:2d:
bd:bc:60:c3:cb:5c:35:7e:e4:6f:a2:ff:a9:b5:9a:42:86:82:
4a:27:f5:1d:a2:72:0a:5f:59:1b:1d:82:c7:3c:1d:e0:5c:4c:
6b:c9:f4:40:b5:c1:8f:e1:1f:79:08:5d:7f:44:de:b4:74:84:
0f:00:93:a6:68:ed:37:fe:3f:e5:6e:6a:0f:b7:ed:03:55:ab:
3a:5e:e1:e7:f7:0f:49:10:43:94:40:28:29:21:e1:75:0c:c7:
a1:30:8c:37:47:1d:a5:a9:48:4c:b5:03:a3:66:0e:a7:2d:df:
f9:58:c5:19:40:90:84:5a:47:0e:16:0e:0a:e0:a4:53:3b:16:
f4:7e:b9:0e:88:65:31:7e:40:f3:ff:a8:26:b0:d9:a7:24:61:
b4:f7:24:3e:d0:5a:9c:a2:13:2e:57:9f:d3:38:92:bc:45:89:
9f:85:57:70:c0:e7:1d:c5:d9:2c:ab:f4:9a:5e:75:95:c8:44:
03:61:16:94
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAZQm2S9kaQwK33hHcxtapmdTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhNjczNWI3YTU1M2ExNjgwYzExYWRkM2U0OGMzNjM1YjUz
OTc5Y2EwHhcNMjUwMTAyMTE0OTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzA1YmQzZTY4NDZmMGNlYmJhMmNmYzQ0ZjMwN2Y5NDJmMWJlOWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonePLHYcRhMU10Vy9Qb1Eqnktt2t
q2VrAztkw3hLUcqGAjGhx8/76VC4kgcKK7ip2PJgJnytpnT2QZQ6bt5AbQcZPU+G
/bqN3rj16lHDv6Vb5avRwtX5M9+mqFQtgbOMOmEADhhrfS6ryq8ov0iURJziYoLP
eMXSdv093gOLKm7BlUOAxO8Bzl5AZSltUPkU53OkaameCebBILCPmViW8nb+Yecy
BQGvSKXWZxcEhD6dGJwQIJgayk3PS55tMlb/jkDYO1w3lMOLH+RFOO0LAtTIu1s0
Mkvc3YNg8cANuRwb/SV9Erx+5gPY0GB/gDWxer4R2vLGTAGAlrI7ixsvAQIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFGMFvT5oRvDOu6LPxE8wf5QvG+nXMB8GA1UdIwQY
MBaAFHpnNbelU6FoDBGt0+SMNjW1OXnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZW1jMXQ2VlRvV2dNRWEzVDVJdzJOYlU1ZWNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9iYjI2NDctMDk1MC00NmE0LWI1NmQt
MzRlYjY3YjQ3NWY2LzEvWXdXOVBtaEc4TTY3b3NfRVR6Ql9sQzhiNmRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9iYjI2NDctMDk1MC00NmE0LWI1NmQtMzRlYjY3YjQ3NWY2
LzEvZW1jMXQ2VlRvV2dNRWEzVDVJdzJOYlU1ZWNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTAsBAIAATAmAwQCLZcEAwQC
Vd7oMAwDBAFV6vIDBANV6vADBAK5H/ADBATZkkAwMQQCAAIwKwMFACoCKegDBwAq
AinqAAoDBwAqAinqABQDBwAqAinqAB4DBwAqAinq//8wDQYJKoZIhvcNAQELBQAD
ggEBAIO+z/z7/vT0T5GNq6hhpNB3AOmJhktNVtwxw4Gam2tvt66wUjQHlZeiT9fL
32Vk7L03da5j4mY0ha1MOILMtIYx/aWD/ZHELb28YMPLXDV+5G+i/6m1mkKGgkon
9R2icgpfWRsdgsc8HeBcTGvJ9EC1wY/hH3kIXX9E3rR0hA8Ak6Zo7Tf+P+Vuag+3
7QNVqzpe4ef3D0kQQ5RAKCkh4XUMx6EwjDdHHaWpSEy1A6NmDqct3/lYxRlAkIRa
Rw4WDgrgpFM7FvR+uQ6IZTF+QPP/qCaw2ackYbT3JD7QWpyiEy5Xn9M4krxFiZ+F
V3DA5x3F2Syr9JpedZXIRANhFpQ=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:51:26 2025 by rpki-client