Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/BYKSsUcLFdUZ28YbIH5kSzKFlmM.roa
File: BYKSsUcLFdUZ28YbIH5kSzKFlmM.roa (raw, json)
Hash identifier: sVBdfgtkq7JdpG1+6biNfkgvr6V5VB6Yf2k9ITZ+9xE=
Subject key identifier: 05:82:92:B1:47:0B:15:D5:19:DB:C6:1B:20:7E:64:4B:32:85:96:63
Certificate issuer: /CN=943e3f4856dac2a005c3a52347114dec453934b8
Certificate serial: 018CC34891CDC398168F46F7206682E6B23D
Authority key identifier: 94:3E:3F:48:56:DA:C2:A0:05:C3:A5:23:47:11:4D:EC:45:39:34:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lD4_SFbawqAFw6UjRxFN7EU5NLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/BYKSsUcLFdUZ28YbIH5kSzKFlmM.roa
Signing time: Mon 01 Jan 2024 04:29:22 +0000
ROA not before: Mon 01 Jan 2024 04:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3303
IP address blocks: 185.105.132.0/22 maxlen: 24
185.105.144.0/22 maxlen: 24
109.164.128.0/17 maxlen: 24
188.60.0.0/14 maxlen: 24
217.11.32.0/20 maxlen: 24
170.205.64.0/18 maxlen: 24
212.90.192.0/19 maxlen: 24
62.202.0.0/15 maxlen: 24
212.41.192.0/19 maxlen: 24
213.3.0.0/16 maxlen: 24
92.104.0.0/14 maxlen: 24
81.62.0.0/15 maxlen: 24
85.0.0.0/13 maxlen: 24
178.192.0.0/13 maxlen: 24
83.173.192.0/18 maxlen: 24
83.76.0.0/14 maxlen: 24
213.200.192.0/18 maxlen: 24
84.253.0.0/18 maxlen: 24
170.17.128.0/17 maxlen: 24
146.4.0.0/16 maxlen: 24
95.152.64.0/18 maxlen: 24
176.127.0.0/16 maxlen: 24
195.186.0.0/16 maxlen: 24
178.174.64.0/19 maxlen: 24
213.180.160.0/19 maxlen: 24
178.174.0.0/18 maxlen: 24
46.14.0.0/16 maxlen: 24
2001:4d98::/33 maxlen: 48
2a02:1200::/27 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/lD4_SFbawqAFw6UjRxFN7EU5NLg.crl
rsync://rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/lD4_SFbawqAFw6UjRxFN7EU5NLg.mft
rsync://rpki.ripe.net/repository/DEFAULT/lD4_SFbawqAFw6UjRxFN7EU5NLg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:91:cd:c3:98:16:8f:46:f7:20:66:82:e6:b2:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=943e3f4856dac2a005c3a52347114dec453934b8
Validity
Not Before: Jan 1 04:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=058292b1470b15d519dbc61b207e644b32859663
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:8e:0e:2c:e4:5f:56:2a:38:20:14:f7:ae:bb:
59:bb:e5:69:f4:ea:b0:9d:87:f5:7f:c2:26:e3:c6:
df:fd:79:06:b7:c6:ba:ab:28:c6:d3:45:55:57:19:
13:8b:bf:3d:48:f6:5d:f0:f8:e3:78:7f:ac:ae:d4:
c5:77:39:22:6c:57:66:14:41:5d:a7:8e:7e:91:16:
f3:0a:34:b8:41:ac:dd:7e:a5:49:bb:fa:98:5c:6e:
ab:7e:60:30:a8:ce:a0:21:06:76:ff:93:5e:3f:ca:
12:e5:d9:44:8a:9a:cb:d3:a1:fd:ba:33:90:2f:f1:
2f:8c:11:35:c6:e0:fd:af:ad:a2:94:21:14:b6:3a:
d3:11:29:92:79:2d:bd:ba:66:d8:ed:e1:81:41:07:
e0:09:0c:02:41:04:bc:4c:fb:3b:90:aa:d6:bd:e1:
7d:cb:88:80:c9:f8:3f:4b:f0:9b:1a:b5:73:05:22:
8b:1f:75:d9:a5:e6:38:e7:b8:32:71:5b:f9:81:21:
b0:8d:99:5a:8f:ef:36:79:ad:8e:f0:3d:d3:dd:b0:
57:da:5e:df:4b:1d:ca:db:d2:84:ed:55:3f:eb:b5:
5a:e5:0f:2b:ac:ec:a8:78:90:1b:08:5e:0a:7f:63:
dc:3e:cc:c2:2f:d5:83:0b:4d:31:2c:6f:63:58:08:
7c:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:82:92:B1:47:0B:15:D5:19:DB:C6:1B:20:7E:64:4B:32:85:96:63
X509v3 Authority Key Identifier:
keyid:94:3E:3F:48:56:DA:C2:A0:05:C3:A5:23:47:11:4D:EC:45:39:34:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lD4_SFbawqAFw6UjRxFN7EU5NLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/BYKSsUcLFdUZ28YbIH5kSzKFlmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/8c1544-7cf2-4871-a1df-0253d04fb8ff/1/lD4_SFbawqAFw6UjRxFN7EU5NLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.14.0.0/16
62.202.0.0/15
81.62.0.0/15
83.76.0.0/14
83.173.192.0/18
84.253.0.0/18
85.0.0.0/13
92.104.0.0/14
95.152.64.0/18
109.164.128.0/17
146.4.0.0/16
170.17.128.0/17
170.205.64.0/18
176.127.0.0/16
178.174.0.0-178.174.95.255
178.192.0.0/13
185.105.132.0/22
185.105.144.0/22
188.60.0.0/14
195.186.0.0/16
212.41.192.0/19
212.90.192.0/19
213.3.0.0/16
213.180.160.0/19
213.200.192.0/18
217.11.32.0/20
IPv6:
2001:4d98::/33
2a02:1200::/27
Signature Algorithm: sha256WithRSAEncryption
64:43:3d:59:e5:02:1d:55:56:39:e0:0f:fc:45:a6:65:a0:c5:
00:d1:e9:83:29:bf:5c:ac:26:15:30:53:0b:1a:3b:d1:48:6c:
23:b7:8e:51:8d:0b:ab:04:ee:c5:5c:5a:73:8e:a1:80:2a:99:
26:4f:34:c5:c0:3e:1f:b1:99:b8:60:74:48:60:06:f9:96:e6:
70:a3:bf:70:09:0f:01:24:ed:c5:6e:46:13:17:f0:1f:5a:72:
b2:34:76:94:f6:ac:d4:6a:a2:d8:32:5f:ff:2b:06:bf:85:50:
48:6b:42:c7:54:f3:17:39:0f:eb:21:8f:ca:cd:54:c2:1f:84:
2f:8c:1b:d2:c3:10:b1:3e:8c:9b:1d:9f:9a:13:98:24:0b:5f:
76:00:5c:31:22:8f:b7:0e:c6:db:f9:d3:9c:80:1d:db:29:fd:
01:b5:8e:d2:f7:1b:57:18:dc:e6:95:86:ad:6f:6f:b5:ab:9d:
96:7b:5b:6c:53:19:f6:fc:d4:eb:71:e6:18:c3:42:04:93:08:
f1:ba:c1:b2:06:f6:54:92:15:8e:f3:05:7f:b7:bf:13:3c:2d:
68:c7:c4:ed:c0:68:11:9c:ca:41:fa:e8:0f:2a:ef:44:23:e1:
a1:b5:a1:45:c2:1c:41:47:1f:1f:f8:c8:19:a5:c6:26:a0:1b:
ed:13:92:59
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAYzDSJHNw5gWj0b3IGaC5rI9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0M2UzZjQ4NTZkYWMyYTAwNWMzYTUyMzQ3MTE0ZGVjNDUz
OTM0YjgwHhcNMjQwMTAxMDQyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTgyOTJiMTQ3MGIxNWQ1MTlkYmM2MWIyMDdlNjQ0YjMyODU5NjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlo4OLORfVio4IBT3rrtZu+Vp9Oqw
nYf1f8Im48bf/XkGt8a6qyjG00VVVxkTi789SPZd8PjjeH+srtTFdzkibFdmFEFd
p45+kRbzCjS4QazdfqVJu/qYXG6rfmAwqM6gIQZ2/5NeP8oS5dlEiprL06H9ujOQ
L/EvjBE1xuD9r62ilCEUtjrTESmSeS29umbY7eGBQQfgCQwCQQS8TPs7kKrWveF9
y4iAyfg/S/CbGrVzBSKLH3XZpeY457gycVv5gSGwjZlaj+82ea2O8D3T3bBX2l7f
Sx3K29KE7VU/67Va5Q8rrOyoeJAbCF4Kf2PcPszCL9WDC00xLG9jWAh8mwIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFAWCkrFHCxXVGdvGGyB+ZEsyhZZjMB8GA1UdIwQY
MBaAFJQ+P0hW2sKgBcOlI0cRTexFOTS4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEQ0X1NGYmF3cUFGdzZValJ4Rk43RVU1TkxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy84YzE1NDQtN2NmMi00ODcxLWExZGYt
MDI1M2QwNGZiOGZmLzEvQllLU3NVY0xGZFVaMjhZYklINWtTektGbG1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy84YzE1NDQtN2NmMi00ODcxLWExZGYtMDI1M2QwNGZiOGZm
LzEvbEQ0X1NGYmF3cUFGdzZValJ4Rk43RVU1TkxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBngQCAAEwgZcDAwAu
DgMDAT7KAwMBUT4DAwJTTAMEBlOtwAMEBlT9AAMDA1UAAwMCXGgDBAZfmEADBAdt
pIADAwCSBAMEB6oRgAMEBqrNQAMDALB/MAsDAwGyrgMEBbKuQAMDA7LAAwQCuWmE
AwQCuWmQAwMCvDwDAwDDugMEBdQpwAMEBdRawAMDANUDAwQF1bSgAwQG1cjAAwQE
2QsgMBUEAgACMA8DBgcgAU2YAAMFBSoCEgAwDQYJKoZIhvcNAQELBQADggEBAGRD
PVnlAh1VVjngD/xFpmWgxQDR6YMpv1ysJhUwUwsaO9FIbCO3jlGNC6sE7sVcWnOO
oYAqmSZPNMXAPh+xmbhgdEhgBvmW5nCjv3AJDwEk7cVuRhMX8B9acrI0dpT2rNRq
otgyX/8rBr+FUEhrQsdU8xc5D+shj8rNVMIfhC+MG9LDELE+jJsdn5oTmCQLX3YA
XDEij7cOxtv505yAHdsp/QG1jtL3G1cY3OaVhq1vb7WrnZZ7W2xTGfb81Otx5hjD
QgSTCPG6wbIG9lSSFY7zBX+3vxM8LWjHxO3AaBGcykH66A8q70Qj4aG1oUXCHEFH
Hx/4yBmlxiagG+0Tklk=
-----END CERTIFICATE-----
Generated at Mon May 20 15:45:44 2024 by rpki-client on console-fra.rpki-client.org