Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/846d6e-04ec-4219-8223-8623335c0ee0/1/yvrdoB5EdTAa3M9stLFgjbN6_4k.roa
File: yvrdoB5EdTAa3M9stLFgjbN6_4k.roa (raw, json)
Hash identifier: DkBHsbEtI2TLCwz+BSCmTK2dHAVRsysSKOyB30qfTvY=
Subject key identifier: CA:FA:DD:A0:1E:44:75:30:1A:DC:CF:6C:B4:B1:60:8D:B3:7A:FF:89
Certificate issuer: /CN=33b4b5b7b21caebf3d20809f6c570599f1d60468
Certificate serial: 018CC348AFD231725472936B77E88C1DE192
Authority key identifier: 33:B4:B5:B7:B2:1C:AE:BF:3D:20:80:9F:6C:57:05:99:F1:D6:04:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M7S1t7Icrr89IICfbFcFmfHWBGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/846d6e-04ec-4219-8223-8623335c0ee0/1/yvrdoB5EdTAa3M9stLFgjbN6_4k.roa
Signing time: Mon 01 Jan 2024 04:29:29 +0000
ROA not before: Mon 01 Jan 2024 04:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201877
IP address blocks: 212.84.32.0/21 maxlen: 22
185.33.56.0/24 maxlen: 24
185.33.58.0/24 maxlen: 24
185.33.56.0/22 maxlen: 22
185.33.57.0/24 maxlen: 24
185.33.59.0/24 maxlen: 24
109.106.28.0/22 maxlen: 22
185.14.8.0/22 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/846d6e-04ec-4219-8223-8623335c0ee0/1/M7S1t7Icrr89IICfbFcFmfHWBGg.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/846d6e-04ec-4219-8223-8623335c0ee0/1/M7S1t7Icrr89IICfbFcFmfHWBGg.mft
rsync://rpki.ripe.net/repository/DEFAULT/M7S1t7Icrr89IICfbFcFmfHWBGg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:af:d2:31:72:54:72:93:6b:77:e8:8c:1d:e1:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33b4b5b7b21caebf3d20809f6c570599f1d60468
Validity
Not Before: Jan 1 04:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cafadda01e4475301adccf6cb4b1608db37aff89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:cd:c7:7e:71:07:c3:68:f4:31:41:60:79:48:
76:4e:49:d2:f3:d6:6e:fc:6a:c0:2b:a0:b8:2d:92:
ed:aa:f5:2b:72:76:5b:c2:56:de:2b:c6:23:1e:15:
4a:d0:88:52:50:40:da:14:94:16:03:70:54:88:fb:
03:da:97:0d:cc:a3:31:d0:38:80:1c:3e:72:5e:11:
4c:31:76:cd:76:66:1f:bb:ed:65:ad:70:a1:72:ee:
91:01:c1:71:ad:ee:9e:03:5c:7c:2d:ed:2b:cc:23:
07:ed:c5:6d:bd:c9:7c:26:99:1a:19:33:3a:67:d2:
c7:78:77:44:69:e0:d8:cc:9b:c9:03:ae:fd:da:e5:
5f:29:19:97:0d:22:80:9a:ca:59:7a:5d:99:2e:ed:
93:f6:09:80:26:51:31:9f:40:85:28:c1:70:35:d7:
77:41:6f:09:60:47:6a:b4:98:2a:96:39:37:17:86:
17:4b:ff:c0:f8:64:bb:1f:9c:bd:f3:d4:c0:f4:d3:
dd:9e:5e:3d:2b:6d:f6:49:f4:19:e1:4d:45:9e:2f:
8a:0f:bf:36:02:17:b9:c1:48:ad:13:1f:e3:3f:ab:
f6:cb:e0:f0:7f:0a:aa:b5:68:c7:a0:cf:c7:d9:c7:
d2:4e:a5:e6:49:27:14:75:b1:fa:a4:f5:0b:47:c7:
13:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:FA:DD:A0:1E:44:75:30:1A:DC:CF:6C:B4:B1:60:8D:B3:7A:FF:89
X509v3 Authority Key Identifier:
keyid:33:B4:B5:B7:B2:1C:AE:BF:3D:20:80:9F:6C:57:05:99:F1:D6:04:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M7S1t7Icrr89IICfbFcFmfHWBGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/846d6e-04ec-4219-8223-8623335c0ee0/1/yvrdoB5EdTAa3M9stLFgjbN6_4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/846d6e-04ec-4219-8223-8623335c0ee0/1/M7S1t7Icrr89IICfbFcFmfHWBGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.106.28.0/22
185.14.8.0/22
185.33.56.0/22
212.84.32.0/21
Signature Algorithm: sha256WithRSAEncryption
0a:52:d0:b2:68:e9:d4:c0:31:85:2c:ff:4f:a0:0e:12:1b:56:
7e:92:4d:25:42:c8:6b:52:d0:19:f6:04:2b:a0:1f:49:95:50:
66:31:f8:a9:a7:d9:4d:7a:42:e9:89:e3:14:07:f6:0e:82:10:
5e:42:5b:00:1e:1b:2f:4b:67:0c:60:3d:54:33:6c:6d:d2:49:
b8:84:bc:58:73:4d:19:93:db:95:75:75:17:28:26:c5:cb:bc:
b9:b2:45:7a:8b:ad:1a:ba:ab:73:9c:d8:5a:a5:dd:b6:ec:93:
ef:df:c4:5e:ba:17:33:b8:d1:70:e2:c5:7a:14:3e:d6:78:cf:
41:9e:e7:b5:f3:38:a6:d8:fd:e7:a0:d5:69:68:9c:86:6b:38:
73:ce:34:aa:89:18:b3:04:ac:d4:c7:c0:48:f2:d8:0c:2d:8f:
6d:0d:c1:3a:c7:10:74:89:98:b1:f7:b6:61:8b:57:ae:88:90:
47:04:63:c7:8d:fc:53:e0:25:c7:79:94:60:2c:c4:00:f1:a7:
5b:58:0e:8f:ff:a1:66:a5:63:11:9a:e6:c3:e5:53:65:88:a2:
ec:fe:0e:3b:d1:77:1a:c1:54:dc:40:f3:36:da:11:da:33:54:
58:8b:5a:b3:76:8a:e7:55:f3:67:36:e4:30:b7:5a:89:3a:55:
f9:82:a4:de
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzDSK/SMXJUcpNrd+iMHeGSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzYjRiNWI3YjIxY2FlYmYzZDIwODA5ZjZjNTcwNTk5ZjFk
NjA0NjgwHhcNMjQwMTAxMDQyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWZhZGRhMDFlNDQ3NTMwMWFkY2NmNmNiNGIxNjA4ZGIzN2FmZjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAss3HfnEHw2j0MUFgeUh2TknS89Zu
/GrAK6C4LZLtqvUrcnZbwlbeK8YjHhVK0IhSUEDaFJQWA3BUiPsD2pcNzKMx0DiA
HD5yXhFMMXbNdmYfu+1lrXChcu6RAcFxre6eA1x8Le0rzCMH7cVtvcl8JpkaGTM6
Z9LHeHdEaeDYzJvJA6792uVfKRmXDSKAmspZel2ZLu2T9gmAJlExn0CFKMFwNdd3
QW8JYEdqtJgqljk3F4YXS//A+GS7H5y989TA9NPdnl49K232SfQZ4U1Fni+KD782
Ahe5wUitEx/jP6v2y+DwfwqqtWjHoM/H2cfSTqXmSScUdbH6pPULR8cTlwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMr63aAeRHUwGtzPbLSxYI2zev+JMB8GA1UdIwQY
MBaAFDO0tbeyHK6/PSCAn2xXBZnx1gRoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTdTMXQ3SWNycjg5SUlDZmJGY0ZtZkhXQkdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi84NDZkNmUtMDRlYy00MjE5LTgyMjMt
ODYyMzMzNWMwZWUwLzEveXZyZG9CNUVkVEFhM005c3RMRmdqYk42XzRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi84NDZkNmUtMDRlYy00MjE5LTgyMjMtODYyMzMzNWMwZWUw
LzEvTTdTMXQ3SWNycjg5SUlDZmJGY0ZtZkhXQkdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCbWocAwQC
uQ4IAwQCuSE4AwQD1FQgMA0GCSqGSIb3DQEBCwUAA4IBAQAKUtCyaOnUwDGFLP9P
oA4SG1Z+kk0lQshrUtAZ9gQroB9JlVBmMfipp9lNekLpieMUB/YOghBeQlsAHhsv
S2cMYD1UM2xt0km4hLxYc00Zk9uVdXUXKCbFy7y5skV6i60auqtznNhapd227JPv
38ReuhczuNFw4sV6FD7WeM9Bnue18zim2P3noNVpaJyGazhzzjSqiRizBKzUx8BI
8tgMLY9tDcE6xxB0iZix97Zhi1euiJBHBGPHjfxT4CXHeZRgLMQA8adbWA6P/6Fm
pWMRmubD5VNliKLs/g470XcawVTcQPM22hHaM1RYi1qzdornVfNnNuQwt1qJOlX5
gqTe
-----END CERTIFICATE-----
Generated at Sat Nov 23 14:52:52 2024 by rpki-client on console-ams.rpki-client.org