Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/yryGM2VxFH38kcRlLPjmikAai0g.roa
File: yryGM2VxFH38kcRlLPjmikAai0g.roa (raw, json)
Hash identifier: Bx7qbTBXjdgUr7KL+sCbX2DKvOqCgvm8j9XUiDUk8Cs=
Subject key identifier: CA:BC:86:33:65:71:14:7D:FC:91:C4:65:2C:F8:E6:8A:40:1A:8B:48
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 018CC348F6969E362018550BA297EE2EECE9
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/yryGM2VxFH38kcRlLPjmikAai0g.roa
Signing time: Mon 01 Jan 2024 04:29:47 +0000
ROA not before: Mon 01 Jan 2024 04:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42388
IP address blocks: 144.208.214.232/29 maxlen: 29
213.227.160.0/24 maxlen: 24
188.172.248.0/24 maxlen: 24
213.227.191.0/24 maxlen: 24
217.146.18.0/24 maxlen: 24
217.146.26.216/32 maxlen: 32
185.81.206.64/26 maxlen: 26
188.172.219.64/32 maxlen: 32
185.81.206.128/26 maxlen: 26
185.81.208.0/24 maxlen: 24
188.172.235.188/32 maxlen: 32
217.146.22.170/32 maxlen: 32
213.227.168.222/32 maxlen: 32
2a00:11c0:e:ffff:1::1000/128 maxlen: 128
2a00:11c0:d::1a/128 maxlen: 128
2a05:8900:aa1::/48 maxlen: 48
2a00:11c0:aa1::/48 maxlen: 48
2a00:11c0:48:13::/64 maxlen: 64
2a00:11c0:63:350::1000/128 maxlen: 128
2a00:11c0:11c0::/48 maxlen: 128
2a00:11c0:1010::/48 maxlen: 48
2a00:11c0:82:359::1000/128 maxlen: 128
2a00:11c0:5:613::1000/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.mft
rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:f6:96:9e:36:20:18:55:0b:a2:97:ee:2e:ec:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Jan 1 04:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cabc86336571147dfc91c4652cf8e68a401a8b48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:52:c3:3e:ea:f3:92:a9:2d:ae:6d:fe:64:6c:
bb:e7:eb:8c:91:7b:6a:dd:6a:b4:a4:cc:32:d2:3d:
db:1f:ed:73:81:d2:d1:09:41:05:48:77:d4:50:2d:
6d:4c:2b:ef:7d:3e:58:a6:f8:7b:94:77:2f:5d:58:
27:f5:14:64:ba:54:d1:9e:5f:04:80:2f:0b:99:0e:
b0:0a:68:90:26:f0:f1:78:d0:43:e3:ad:75:ed:ba:
73:43:f7:0e:5d:09:7c:21:45:83:5c:87:ab:62:54:
fa:8c:6c:e7:06:84:78:52:32:33:a5:a5:fa:60:3c:
65:24:b1:cb:8f:5f:55:89:2a:3c:0b:57:25:f6:20:
ba:b9:48:06:f7:68:93:c2:c8:9f:5d:3e:a2:8e:94:
3c:01:22:07:29:a5:ed:0d:78:9a:2a:5a:2c:a0:bc:
c9:88:b2:40:1a:b2:b3:bb:33:b7:51:00:51:09:91:
a8:1b:27:c1:64:0b:fa:93:af:0b:27:ef:57:f3:84:
ab:46:4b:03:07:54:10:10:0f:a5:97:00:0f:e5:91:
03:0b:e2:38:40:83:2e:38:ba:3c:49:8b:42:92:ae:
33:9d:84:db:90:a3:db:a3:0a:27:f1:f6:3b:70:e6:
7c:2f:78:eb:ae:66:00:58:f5:2e:e0:52:76:16:64:
fd:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:BC:86:33:65:71:14:7D:FC:91:C4:65:2C:F8:E6:8A:40:1A:8B:48
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/yryGM2VxFH38kcRlLPjmikAai0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.208.214.232/29
185.81.206.64-185.81.206.191
185.81.208.0/24
188.172.219.64/32
188.172.235.188/32
188.172.248.0/24
213.227.160.0/24
213.227.168.222/32
213.227.191.0/24
217.146.18.0/24
217.146.22.170/32
217.146.26.216/32
IPv6:
2a00:11c0:5:613:0:0:0:1000/128
2a00:11c0:d:0:0:0:0:1a/128
2a00:11c0:e:ffff:1:0:0:1000/128
2a00:11c0:48:13::/64
2a00:11c0:63:350:0:0:0:1000/128
2a00:11c0:82:359:0:0:0:1000/128
2a00:11c0:aa1::/48
2a00:11c0:1010::/48
2a00:11c0:11c0::/48
2a05:8900:aa1::/48
Signature Algorithm: sha256WithRSAEncryption
b0:5c:31:a3:8e:f4:33:42:90:d8:cd:b1:09:c1:0c:a1:39:a0:
45:88:c7:f4:2e:87:a5:fb:45:84:a2:15:48:7a:78:c4:a1:a7:
f8:e3:59:d5:97:7f:ba:da:67:9e:b9:8f:16:b7:be:51:47:0a:
35:66:a7:69:6e:1d:31:b3:bd:1c:c9:fd:1c:6b:ce:77:e8:9c:
e8:4e:7e:92:b1:70:fd:a6:bd:7c:fb:19:d9:e1:3e:56:d3:43:
53:3a:fe:06:09:42:41:8f:0b:10:eb:82:7d:e6:4b:99:23:41:
00:fa:21:94:c7:fd:a3:a3:bb:3e:ed:36:58:b8:5d:f0:a4:01:
de:ca:0a:5e:1c:09:05:14:71:43:b2:97:26:f6:41:98:47:55:
84:68:74:5d:5b:53:ca:92:f8:c5:fb:2e:e5:13:9b:c1:57:23:
29:1a:36:4f:66:a6:a5:e1:6b:32:28:51:ca:20:00:9c:a0:2d:
62:5f:08:9f:2d:1f:ea:e0:d4:34:b4:53:43:96:69:68:9d:f3:
54:be:70:b8:77:ca:3e:e7:46:ee:74:99:3d:3a:42:de:2c:0e:
55:47:e4:1e:a9:fe:80:b9:75:d1:42:fd:84:09:40:18:4c:08:
e4:d3:eb:6d:e9:8a:8b:4a:29:1e:bc:1d:3d:ae:00:ae:b2:fb:
1c:35:f5:c9
-----BEGIN CERTIFICATE-----
MIIF6zCCBNOgAwIBAgISAYzDSPaWnjYgGFULopfuLuzpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjQwMTAxMDQyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWJjODYzMzY1NzExNDdkZmM5MWM0NjUyY2Y4ZTY4YTQwMWE4YjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFLDPurzkqktrm3+ZGy75+uMkXtq
3Wq0pMwy0j3bH+1zgdLRCUEFSHfUUC1tTCvvfT5Ypvh7lHcvXVgn9RRkulTRnl8E
gC8LmQ6wCmiQJvDxeNBD46117bpzQ/cOXQl8IUWDXIerYlT6jGznBoR4UjIzpaX6
YDxlJLHLj19ViSo8C1cl9iC6uUgG92iTwsifXT6ijpQ8ASIHKaXtDXiaKlosoLzJ
iLJAGrKzuzO3UQBRCZGoGyfBZAv6k68LJ+9X84SrRksDB1QQEA+llwAP5ZEDC+I4
QIMuOLo8SYtCkq4znYTbkKPbowon8fY7cOZ8L3jrrmYAWPUu4FJ2FmT9OQIDAQAB
o4IC9zCCAvMwHQYDVR0OBBYEFMq8hjNlcRR9/JHEZSz45opAGotIMB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEveXJ5R00yVnhGSDM4a2NSbExQam1pa0FhaTBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCwYIKwYBBQUHAQcBAf8EgfswgfgwXgQCAAEwWAMFA5DQ
1ugwDgMFBrlRzkADBQa5Uc6AAwQAuVHQAwUAvKzbQAMFALys67wDBAC8rPgDBADV
46ADBQDV46jeAwQA1eO/AwQA2ZISAwUA2ZIWqgMFANmSGtgwgZUEAgACMIGOAxEA
KgARwAAFBhMAAAAAAAAQAAMRACoAEcAADQAAAAAAAAAAABoDEQAqABHAAA7//wAB
AAAAABAAAwkAKgARwABIABMDEQAqABHAAGMDUAAAAAAAABAAAxEAKgARwACCA1kA
AAAAAAAQAAMHACoAEcAKoQMHACoAEcAQEAMHACoAEcARwAMHACoFiQAKoTANBgkq
hkiG9w0BAQsFAAOCAQEAsFwxo470M0KQ2M2xCcEMoTmgRYjH9C6HpftFhKIVSHp4
xKGn+ONZ1Zd/utpnnrmPFre+UUcKNWanaW4dMbO9HMn9HGvOd+ic6E5+krFw/aa9
fPsZ2eE+VtNDUzr+BglCQY8LEOuCfeZLmSNBAPohlMf9o6O7Pu02WLhd8KQB3soK
XhwJBRRxQ7KXJvZBmEdVhGh0XVtTypL4xfsu5RObwVcjKRo2T2ampeFrMihRyiAA
nKAtYl8Iny0f6uDUNLRTQ5ZpaJ3zVL5wuHfKPudG7nSZPTpC3iwOVUfkHqn+gLl1
0UL9hAlAGEwI5NPrbemKi0opHrwdPa4ArrL7HDX1yQ==
-----END CERTIFICATE-----
Generated at Sun May 5 23:30:31 2024 by rpki-client on console-ams.rpki-client.org