Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/9cbb06-b4da-4c94-b418-4b081cc2b39a/1/Y5O-iH2qCSBMHHZ3oIydR3IfwRY.roa
File: Y5O-iH2qCSBMHHZ3oIydR3IfwRY.roa (raw, json)
Hash identifier: bCAaRk74inDYImJBN7EyI6QyT8xTKdl269c6x0Gba3w=
Subject key identifier: 63:93:BE:88:7D:AA:09:20:4C:1C:76:77:A0:8C:9D:47:72:1F:C1:16
Certificate issuer: /CN=43e0a364131841056d48b2d788ea00ca4b91db56
Certificate serial: 018CC56EDA3EAA61C7DDA05C468507242176
Authority key identifier: 43:E0:A3:64:13:18:41:05:6D:48:B2:D7:88:EA:00:CA:4B:91:DB:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q-CjZBMYQQVtSLLXiOoAykuR21Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/9cbb06-b4da-4c94-b418-4b081cc2b39a/1/Y5O-iH2qCSBMHHZ3oIydR3IfwRY.roa
Signing time: Mon 01 Jan 2024 14:30:25 +0000
ROA not before: Mon 01 Jan 2024 14:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48254
IP address blocks: 194.38.52.0/24 maxlen: 24
185.151.30.0/24 maxlen: 24
185.151.29.0/24 maxlen: 24
185.151.28.0/24 maxlen: 24
185.151.31.0/24 maxlen: 24
185.146.166.0/24 maxlen: 24
185.146.165.0/24 maxlen: 24
185.146.164.0/24 maxlen: 24
45.8.226.0/24 maxlen: 24
45.8.225.0/24 maxlen: 24
45.8.224.0/24 maxlen: 24
45.8.227.0/24 maxlen: 24
2a07:7800:9::/48 maxlen: 48
2a07:7800:4::/48 maxlen: 48
2a07:7800:8::/48 maxlen: 48
2a07:7800:3::/48 maxlen: 48
2a07:7800:1::/48 maxlen: 48
2a07:7800::/29 maxlen: 48
2a07:7800:7::/48 maxlen: 48
2a07:7800:2::/48 maxlen: 48
2a07:7800:5::/48 maxlen: 48
2a07:7800:10::/48 maxlen: 48
2a07:7800::/48 maxlen: 48
2a07:7800:6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/9cbb06-b4da-4c94-b418-4b081cc2b39a/1/Q-CjZBMYQQVtSLLXiOoAykuR21Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/9cbb06-b4da-4c94-b418-4b081cc2b39a/1/Q-CjZBMYQQVtSLLXiOoAykuR21Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q-CjZBMYQQVtSLLXiOoAykuR21Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:da:3e:aa:61:c7:dd:a0:5c:46:85:07:24:21:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43e0a364131841056d48b2d788ea00ca4b91db56
Validity
Not Before: Jan 1 14:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6393be887daa09204c1c7677a08c9d47721fc116
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:91:49:48:db:5d:1d:29:dc:55:47:48:34:15:
35:17:d8:13:f0:97:98:79:6d:69:af:39:a5:2d:0a:
26:29:bd:ae:77:9d:01:4e:09:9a:f8:74:9d:86:6c:
45:ff:76:0e:5a:31:d3:a1:fb:e4:ba:00:d8:2c:20:
f1:89:13:c8:48:f6:14:42:cb:56:e9:fe:58:39:5f:
2c:62:1e:27:89:2a:0f:28:ab:e3:2f:01:f7:06:a4:
c7:24:a6:5d:46:eb:76:be:03:76:08:f3:16:1b:f8:
01:95:9e:c4:23:29:e6:e3:9f:0f:c2:32:1f:ab:78:
98:b3:e6:33:5f:ad:1e:66:10:bc:c9:e7:03:23:65:
36:cb:9b:e1:75:61:a1:c1:f1:31:de:bc:dc:8b:51:
ca:40:e5:f5:e2:f0:49:b1:1b:85:ee:87:28:72:8c:
9a:96:0f:ba:95:3f:d7:f1:29:bd:43:d2:97:54:e8:
ad:c6:43:c4:af:18:42:f0:65:ce:5e:e9:0c:57:67:
8a:a8:a8:75:3d:84:a6:8b:3e:a9:56:7f:f1:91:7c:
23:5f:d5:41:e3:b0:35:f7:82:a6:a5:94:a9:c6:69:
30:98:67:48:4e:ed:d1:a1:2a:d1:1e:e4:de:ba:5e:
3e:b1:9a:1c:11:9f:83:43:7e:e0:90:af:f3:1c:3a:
9e:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:93:BE:88:7D:AA:09:20:4C:1C:76:77:A0:8C:9D:47:72:1F:C1:16
X509v3 Authority Key Identifier:
keyid:43:E0:A3:64:13:18:41:05:6D:48:B2:D7:88:EA:00:CA:4B:91:DB:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q-CjZBMYQQVtSLLXiOoAykuR21Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/9cbb06-b4da-4c94-b418-4b081cc2b39a/1/Y5O-iH2qCSBMHHZ3oIydR3IfwRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/9cbb06-b4da-4c94-b418-4b081cc2b39a/1/Q-CjZBMYQQVtSLLXiOoAykuR21Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.224.0/22
185.146.164.0-185.146.166.255
185.151.28.0/22
194.38.52.0/24
IPv6:
2a07:7800::/29
Signature Algorithm: sha256WithRSAEncryption
49:34:70:82:2f:dc:d5:43:36:f8:0c:7c:9d:62:61:33:26:23:
ca:18:07:78:f3:e4:10:0b:96:7d:be:fa:1c:f5:7a:6f:22:2c:
80:45:4a:49:16:e2:8c:57:e5:dc:f0:b9:67:43:49:d1:98:a5:
8d:c6:f3:a0:c6:74:4d:3a:7f:a4:fb:56:0a:b2:37:c1:5c:bb:
09:b5:4b:55:03:b6:8e:15:33:b2:4b:6c:77:05:12:8e:67:24:
bb:44:20:81:f9:41:e2:03:18:68:51:35:81:f1:42:0d:3c:f8:
15:90:15:2c:73:85:ba:34:5c:2c:f9:ea:6c:66:da:da:01:1d:
c6:60:2e:ec:de:9e:b3:3b:88:16:20:60:eb:68:e5:89:87:fd:
9f:ce:cf:f2:f3:75:c4:e3:c1:ee:49:eb:4e:73:a7:23:44:f4:
6a:cd:c6:57:85:27:94:ef:4a:3a:12:ad:ad:36:bd:08:4e:af:
b4:b0:03:ea:7e:31:c1:54:94:5b:a0:aa:cb:7f:cb:79:20:a9:
ba:3c:2b:d2:ba:0f:d6:60:79:02:fe:4e:25:f7:b2:f6:c8:09:
88:bb:94:5c:22:bc:96:73:b7:68:40:39:db:73:2e:aa:8c:8e:
84:e2:83:ed:2b:38:05:08:06:c1:3a:59:8b:ae:96:1b:7b:b6:
ff:e7:ae:db
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYzFbto+qmHH3aBcRoUHJCF2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZTBhMzY0MTMxODQxMDU2ZDQ4YjJkNzg4ZWEwMGNhNGI5
MWRiNTYwHhcNMjQwMTAxMTQzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzkzYmU4ODdkYWEwOTIwNGMxYzc2NzdhMDhjOWQ0NzcyMWZjMTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZFJSNtdHSncVUdINBU1F9gT8JeY
eW1przmlLQomKb2ud50BTgma+HSdhmxF/3YOWjHTofvkugDYLCDxiRPISPYUQstW
6f5YOV8sYh4niSoPKKvjLwH3BqTHJKZdRut2vgN2CPMWG/gBlZ7EIynm458PwjIf
q3iYs+YzX60eZhC8yecDI2U2y5vhdWGhwfEx3rzci1HKQOX14vBJsRuF7ococoya
lg+6lT/X8Sm9Q9KXVOitxkPErxhC8GXOXukMV2eKqKh1PYSmiz6pVn/xkXwjX9VB
47A194KmpZSpxmkwmGdITu3RoSrRHuTeul4+sZocEZ+DQ37gkK/zHDqeQwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFGOTvoh9qgkgTBx2d6CMnUdyH8EWMB8GA1UdIwQY
MBaAFEPgo2QTGEEFbUiy14jqAMpLkdtWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUS1DalpCTVlRUVZ0U0xMWGlPb0F5a3VSMjFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi85Y2JiMDYtYjRkYS00Yzk0LWI0MTgt
NGIwODFjYzJiMzlhLzEvWTVPLWlIMnFDU0JNSEhaM29JeWRSM0lmd1JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi85Y2JiMDYtYjRkYS00Yzk0LWI0MTgtNGIwODFjYzJiMzlh
LzEvUS1DalpCTVlRUVZ0U0xMWGlPb0F5a3VSMjFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQCLQjgMAwD
BAK5kqQDBAC5kqYDBAK5lxwDBADCJjQwDQQCAAIwBwMFAyoHeAAwDQYJKoZIhvcN
AQELBQADggEBAEk0cIIv3NVDNvgMfJ1iYTMmI8oYB3jz5BALln2++hz1em8iLIBF
SkkW4oxX5dzwuWdDSdGYpY3G86DGdE06f6T7VgqyN8Fcuwm1S1UDto4VM7JLbHcF
Eo5nJLtEIIH5QeIDGGhRNYHxQg08+BWQFSxzhbo0XCz56mxm2toBHcZgLuzenrM7
iBYgYOto5YmH/Z/Oz/LzdcTjwe5J605zpyNE9GrNxleFJ5TvSjoSra02vQhOr7Sw
A+p+McFUlFugqst/y3kgqbo8K9K6D9ZgeQL+TiX3svbICYi7lFwivJZzt2hAOdtz
LqqMjoTig+0rOAUIBsE6WYuulht7tv/nrts=
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:56:18 2024 by rpki-client on console-fra.rpki-client.org