Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/db5989-19f6-468d-9fc3-f8a3780c348e/1/Yo5pp72qDNuHvjACPZ4XUZ42rcI.roa
File: Yo5pp72qDNuHvjACPZ4XUZ42rcI.roa (raw, json)
Hash identifier: +NZPWKrzCjwc9xUbcnkUrhDbqHaCk16twO1G47NHIOM=
Subject key identifier: 62:8E:69:A7:BD:AA:0C:DB:87:BE:30:02:3D:9E:17:51:9E:36:AD:C2
Certificate issuer: /CN=b4506bce3f7e1ae3a7e2cb9ad205c4cdfb02ddb5
Certificate serial: 018CC2DB28B302073E9CBF7C3455CF81C5E2
Authority key identifier: B4:50:6B:CE:3F:7E:1A:E3:A7:E2:CB:9A:D2:05:C4:CD:FB:02:DD:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tFBrzj9-GuOn4sua0gXEzfsC3bU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/db5989-19f6-468d-9fc3-f8a3780c348e/1/Yo5pp72qDNuHvjACPZ4XUZ42rcI.roa
Signing time: Mon 01 Jan 2024 02:29:51 +0000
ROA not before: Mon 01 Jan 2024 02:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39287
IP address blocks: 45.142.140.0/22 maxlen: 22
95.215.16.0/22 maxlen: 22
45.158.116.0/22 maxlen: 22
185.193.125.0/24 maxlen: 24
185.193.124.0/22 maxlen: 22
185.193.126.0/23 maxlen: 23
80.78.16.0/20 maxlen: 20
195.14.20.0/24 maxlen: 24
2a0f:5e80::/29 maxlen: 29
2a02:6f8::/32 maxlen: 32
2001:67c:2358::/48 maxlen: 48
2a0a:3840::/29 maxlen: 29
2a0e:d9c0::/29 maxlen: 29
2001:67c:2354::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/db5989-19f6-468d-9fc3-f8a3780c348e/1/tFBrzj9-GuOn4sua0gXEzfsC3bU.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/db5989-19f6-468d-9fc3-f8a3780c348e/1/tFBrzj9-GuOn4sua0gXEzfsC3bU.mft
rsync://rpki.ripe.net/repository/DEFAULT/tFBrzj9-GuOn4sua0gXEzfsC3bU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:28:b3:02:07:3e:9c:bf:7c:34:55:cf:81:c5:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4506bce3f7e1ae3a7e2cb9ad205c4cdfb02ddb5
Validity
Not Before: Jan 1 02:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=628e69a7bdaa0cdb87be30023d9e17519e36adc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:88:cd:26:9f:af:5a:22:d4:43:e1:2b:a0:be:
6b:9c:e3:eb:b6:ea:8b:88:68:21:81:70:50:5b:60:
9b:24:ac:90:94:1c:41:9b:8e:dd:b7:79:f3:0c:4c:
40:25:12:72:65:3a:65:d1:25:76:cf:fc:f1:1a:38:
dd:82:7e:17:f0:e0:96:b1:7c:98:1b:f0:8e:03:93:
ba:5e:8a:1e:07:64:bd:37:f6:86:e4:69:64:19:c3:
88:ae:57:a1:58:f4:d3:90:8f:30:15:6c:1d:f9:70:
51:62:96:3b:99:14:4d:23:98:43:a0:d0:a7:e7:d7:
4b:2b:f0:ac:48:39:f5:5d:b9:7d:61:62:a3:d8:22:
0d:ef:92:c5:26:da:20:83:58:dd:7c:c1:86:d6:e3:
44:13:dd:0f:a5:5d:76:42:a5:0e:21:3e:52:95:99:
8c:68:c3:61:f9:dc:ee:ee:33:0b:a6:f2:59:45:13:
6c:94:9b:35:4e:fe:87:fd:69:7f:99:a0:42:3e:8f:
fa:7d:48:88:4a:4c:41:3b:ec:ea:53:ce:a5:95:0f:
89:c8:d2:8f:d8:34:c2:d9:d9:e3:a3:7a:50:a0:53:
7b:71:80:0f:a7:48:27:45:9c:c5:34:de:90:67:04:
81:7a:3f:e8:d5:7f:7a:56:7f:77:8d:b3:30:60:ae:
15:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:8E:69:A7:BD:AA:0C:DB:87:BE:30:02:3D:9E:17:51:9E:36:AD:C2
X509v3 Authority Key Identifier:
keyid:B4:50:6B:CE:3F:7E:1A:E3:A7:E2:CB:9A:D2:05:C4:CD:FB:02:DD:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tFBrzj9-GuOn4sua0gXEzfsC3bU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/db5989-19f6-468d-9fc3-f8a3780c348e/1/Yo5pp72qDNuHvjACPZ4XUZ42rcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/db5989-19f6-468d-9fc3-f8a3780c348e/1/tFBrzj9-GuOn4sua0gXEzfsC3bU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.140.0/22
45.158.116.0/22
80.78.16.0/20
95.215.16.0/22
185.193.124.0/22
195.14.20.0/24
IPv6:
2001:67c:2354::/48
2001:67c:2358::/48
2a02:6f8::/32
2a0a:3840::/29
2a0e:d9c0::/29
2a0f:5e80::/29
Signature Algorithm: sha256WithRSAEncryption
39:a6:a9:4e:af:c3:b9:6c:86:4d:a1:53:88:48:57:65:e1:27:
14:ed:42:10:7e:6e:c3:09:e2:95:a7:a6:d3:ca:db:f7:94:c3:
14:31:1c:9f:29:7c:ea:e3:9f:53:bb:fe:78:bf:35:59:99:79:
a3:75:72:c6:a0:bf:b8:a9:00:08:12:57:f0:f3:e6:94:07:72:
64:7a:87:5e:57:87:ee:67:3a:bf:4e:aa:d0:41:c5:5d:2d:4d:
2b:df:02:23:3a:9f:87:73:3a:dd:b6:ac:fa:54:d3:5f:90:3a:
cc:6d:98:3a:43:30:c9:4b:d3:4f:9f:02:1d:b5:1f:05:d5:ae:
4d:55:e0:24:f6:dc:a7:3b:25:8a:de:ca:ac:25:0e:71:4d:5a:
02:18:01:02:db:5a:c4:c8:fa:de:ec:7c:02:3b:55:b1:90:6c:
c0:fb:28:94:c6:11:5f:f0:57:a5:99:99:20:ab:eb:7f:f7:13:
bd:ad:34:98:6e:e7:62:9d:ad:b7:72:8c:95:df:e9:cc:79:21:
23:b0:73:a4:d2:18:a4:ce:c3:54:b0:3a:0d:4f:6d:1c:38:08:
ab:41:28:00:6a:87:92:31:a7:bc:6f:82:88:c0:f9:23:93:48:
de:2e:97:b5:2d:d4:01:4a:89:52:55:d2:b0:ca:3c:3d:2a:7a:
f0:8e:c6:3f
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYzC2yizAgc+nL98NFXPgcXiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NTA2YmNlM2Y3ZTFhZTNhN2UyY2I5YWQyMDVjNGNkZmIw
MmRkYjUwHhcNMjQwMTAxMDIyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjhlNjlhN2JkYWEwY2RiODdiZTMwMDIzZDllMTc1MTllMzZhZGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIjNJp+vWiLUQ+EroL5rnOPrtuqL
iGghgXBQW2CbJKyQlBxBm47dt3nzDExAJRJyZTpl0SV2z/zxGjjdgn4X8OCWsXyY
G/COA5O6XooeB2S9N/aG5GlkGcOIrlehWPTTkI8wFWwd+XBRYpY7mRRNI5hDoNCn
59dLK/CsSDn1Xbl9YWKj2CIN75LFJtogg1jdfMGG1uNEE90PpV12QqUOIT5SlZmM
aMNh+dzu7jMLpvJZRRNslJs1Tv6H/Wl/maBCPo/6fUiISkxBO+zqU86llQ+JyNKP
2DTC2dnjo3pQoFN7cYAPp0gnRZzFNN6QZwSBej/o1X96Vn93jbMwYK4V0QIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFGKOaae9qgzbh74wAj2eF1GeNq3CMB8GA1UdIwQY
MBaAFLRQa84/fhrjp+LLmtIFxM37At21MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEZCcnpqOS1HdU9uNHN1YTBnWEV6ZnNDM2JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9kYjU5ODktMTlmNi00NjhkLTlmYzMt
ZjhhMzc4MGMzNDhlLzEvWW81cHA3MnFETnVIdmpBQ1BaNFhVWjQycmNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9kYjU5ODktMTlmNi00NjhkLTlmYzMtZjhhMzc4MGMzNDhl
LzEvdEZCcnpqOS1HdU9uNHN1YTBnWEV6ZnNDM2JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjAqBAIAATAkAwQCLY6MAwQC
LZ50AwQEUE4QAwQCX9cQAwQCucF8AwQAww4UMDQEAgACMC4DBwAgAQZ8I1QDBwAg
AQZ8I1gDBQAqAgb4AwUDKgo4QAMFAyoO2cADBQMqD16AMA0GCSqGSIb3DQEBCwUA
A4IBAQA5pqlOr8O5bIZNoVOISFdl4ScU7UIQfm7DCeKVp6bTytv3lMMUMRyfKXzq
459Tu/54vzVZmXmjdXLGoL+4qQAIElfw8+aUB3JkeodeV4fuZzq/TqrQQcVdLU0r
3wIjOp+Hczrdtqz6VNNfkDrMbZg6QzDJS9NPnwIdtR8F1a5NVeAk9tynOyWK3sqs
JQ5xTVoCGAEC21rEyPre7HwCO1WxkGzA+yiUxhFf8FelmZkgq+t/9xO9rTSYbudi
na23coyV3+nMeSEjsHOk0hikzsNUsDoNT20cOAirQSgAaoeSMae8b4KIwPkjk0je
Lpe1LdQBSolSVdKwyjw9KnrwjsY/
-----END CERTIFICATE-----
Generated at Fri Jun 7 19:51:11 2024 by rpki-client on console-ams.rpki-client.org