Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/yOIJfnfQdFpLX5h90srBKksV-w0.roa
File: yOIJfnfQdFpLX5h90srBKksV-w0.roa (raw, json)
Hash identifier: aI41zLiaG5Jhq2185ePoxz0yYe+cW4VCyvkqvnrM/eA=
Subject key identifier: C8:E2:09:7E:77:D0:74:5A:4B:5F:98:7D:D2:CA:C1:2A:4B:15:FB:0D
Certificate issuer: /CN=72c26abc9e06c1afef9b5fd2da40412e7aee6b47
Certificate serial: 018CC9BB0AD48A26174F2E5FEE4831A5129A
Authority key identifier: 72:C2:6A:BC:9E:06:C1:AF:EF:9B:5F:D2:DA:40:41:2E:7A:EE:6B:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/csJqvJ4Gwa_vm1_S2kBBLnrua0c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/yOIJfnfQdFpLX5h90srBKksV-w0.roa
Signing time: Tue 02 Jan 2024 10:32:07 +0000
ROA not before: Tue 02 Jan 2024 10:32:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25291
IP address blocks: 185.46.136.0/22 maxlen: 24
37.44.0.0/21 maxlen: 24
151.252.40.0/21 maxlen: 24
45.153.82.0/23 maxlen: 24
185.56.128.0/21 maxlen: 24
176.74.56.0/21 maxlen: 24
185.54.232.0/22 maxlen: 24
109.68.224.0/21 maxlen: 24
37.49.152.0/21 maxlen: 24
185.56.104.0/23 maxlen: 24
37.123.104.0/21 maxlen: 24
195.192.128.0/18 maxlen: 24
77.247.80.0/21 maxlen: 24
2a00:13c8::/32 maxlen: 48
2a00:7fc0::/32 maxlen: 48
2a00:7fc0::/33 maxlen: 48
2a04:d480::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/csJqvJ4Gwa_vm1_S2kBBLnrua0c.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/csJqvJ4Gwa_vm1_S2kBBLnrua0c.mft
rsync://rpki.ripe.net/repository/DEFAULT/csJqvJ4Gwa_vm1_S2kBBLnrua0c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:0a:d4:8a:26:17:4f:2e:5f:ee:48:31:a5:12:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72c26abc9e06c1afef9b5fd2da40412e7aee6b47
Validity
Not Before: Jan 2 10:32:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8e2097e77d0745a4b5f987dd2cac12a4b15fb0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:56:7a:14:91:19:46:5b:a8:c3:81:7d:ed:d7:
3c:9f:8f:38:6b:bf:63:4d:c2:eb:56:c9:c5:6d:19:
48:94:04:2b:38:09:1d:11:a8:0d:5d:89:20:9c:96:
eb:f7:1e:83:76:75:c6:d6:e7:04:30:e6:47:3f:5d:
fd:34:25:1a:2d:6c:bf:17:43:1e:cd:2a:5c:89:fa:
10:3d:0f:70:0a:72:c8:17:1d:2b:3d:5d:a1:46:af:
93:23:b1:e8:ac:c1:77:55:ab:5f:ac:2b:91:a2:74:
15:f9:37:16:08:60:0f:63:bb:cf:f8:91:bc:b6:3d:
6f:a4:b2:82:d6:33:0f:55:f3:c2:bb:22:2b:e0:e8:
1c:18:21:80:09:ba:17:2c:79:37:f8:a6:25:e9:4c:
6b:46:ab:59:60:57:3e:3f:d8:a8:b1:05:bd:21:7a:
96:10:55:75:96:e3:96:bd:7a:dd:b9:49:2d:91:29:
ae:4c:f5:dc:f5:d1:be:2d:7f:7a:d8:94:8b:94:ec:
22:96:e4:4a:ec:21:37:93:38:af:01:35:87:9b:ef:
2e:c6:e7:c1:76:db:52:e3:05:5f:22:1b:3b:85:55:
73:78:c1:44:d1:fb:f9:e1:ed:e2:b9:75:f0:4f:57:
32:86:88:05:9b:b0:fb:74:4a:a3:ea:4e:ac:6a:1e:
65:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:E2:09:7E:77:D0:74:5A:4B:5F:98:7D:D2:CA:C1:2A:4B:15:FB:0D
X509v3 Authority Key Identifier:
keyid:72:C2:6A:BC:9E:06:C1:AF:EF:9B:5F:D2:DA:40:41:2E:7A:EE:6B:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/csJqvJ4Gwa_vm1_S2kBBLnrua0c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/yOIJfnfQdFpLX5h90srBKksV-w0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/csJqvJ4Gwa_vm1_S2kBBLnrua0c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.0.0/21
37.49.152.0/21
37.123.104.0/21
45.153.82.0/23
77.247.80.0/21
109.68.224.0/21
151.252.40.0/21
176.74.56.0/21
185.46.136.0/22
185.54.232.0/22
185.56.104.0/23
185.56.128.0/21
195.192.128.0/18
IPv6:
2a00:13c8::/32
2a00:7fc0::/32
2a04:d480::/29
Signature Algorithm: sha256WithRSAEncryption
0e:e8:b7:fa:42:8d:ae:00:ae:1c:30:bb:dd:d9:3b:91:39:48:
06:f3:28:ec:9d:6f:ab:05:89:f6:d1:8f:94:b2:5a:4a:d4:89:
3c:7b:87:62:9d:49:53:11:8d:1e:cb:34:3b:c6:69:76:05:92:
ba:f2:15:63:18:71:17:fa:4a:a3:4d:f6:4b:7a:b7:63:1a:48:
23:cd:20:c0:da:37:5d:83:07:44:16:57:51:7f:7b:b2:43:e0:
0e:db:78:3b:6e:1c:a7:26:7a:0c:bd:bf:1a:11:c9:a6:86:16:
22:25:ee:a4:d4:f7:99:48:12:76:7d:55:1a:39:b3:70:0e:f3:
f8:71:ab:cd:cc:aa:f5:aa:5e:7d:40:ce:5d:5c:9f:29:dd:bd:
e0:bd:d5:e0:93:0d:a9:61:33:b6:2e:e9:93:8e:17:60:6d:c4:
63:7a:c4:28:6c:9f:b6:8d:6e:04:86:c7:b4:b4:f6:3a:28:bc:
6a:3d:17:69:25:de:3b:f6:9a:82:99:53:59:40:4f:21:89:c3:
a8:c2:b8:4d:f1:3c:32:f6:d4:42:45:ff:72:d3:3e:3e:c3:7d:
e1:18:40:ba:da:66:cc:a8:e6:93:f6:70:5c:4d:da:2e:c9:9a:
1e:83:ae:02:97:19:63:ff:2a:ad:b3:0c:67:5f:d3:05:74:12:
5a:d9:df:18
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAYzJuwrUiiYXTy5f7kgxpRKaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYzI2YWJjOWUwNmMxYWZlZjliNWZkMmRhNDA0MTJlN2Fl
ZTZiNDcwHhcNMjQwMTAyMTAzMjA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGUyMDk3ZTc3ZDA3NDVhNGI1Zjk4N2RkMmNhYzEyYTRiMTVmYjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5VZ6FJEZRluow4F97dc8n484a79j
TcLrVsnFbRlIlAQrOAkdEagNXYkgnJbr9x6DdnXG1ucEMOZHP139NCUaLWy/F0Me
zSpcifoQPQ9wCnLIFx0rPV2hRq+TI7HorMF3VatfrCuRonQV+TcWCGAPY7vP+JG8
tj1vpLKC1jMPVfPCuyIr4OgcGCGACboXLHk3+KYl6UxrRqtZYFc+P9iosQW9IXqW
EFV1luOWvXrduUktkSmuTPXc9dG+LX962JSLlOwiluRK7CE3kzivATWHm+8uxufB
dttS4wVfIhs7hVVzeMFE0fv54e3iuXXwT1cyhogFm7D7dEqj6k6sah5lEwIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFMjiCX530HRaS1+YfdLKwSpLFfsNMB8GA1UdIwQY
MBaAFHLCaryeBsGv75tf0tpAQS567mtHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3NKcXZKNEd3YV92bTFfUzJrQkJMbnJ1YTBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny82YzA1MzAtMTA3NC00YjM1LWJlMGMt
Y2Q3ZDYxOTEzMjg4LzEveU9JSmZuZlFkRnBMWDVoOTBzckJLa3NWLXcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny82YzA1MzAtMTA3NC00YjM1LWJlMGMtY2Q3ZDYxOTEzMjg4
LzEvY3NKcXZKNEd3YV92bTFfUzJrQkJMbnJ1YTBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwVAQCAAEwTgMEAyUsAAME
AyUxmAMEAyV7aAMEAS2ZUgMEA033UAMEA21E4AMEA5f8KAMEA7BKOAMEArkuiAME
Ark26AMEAbk4aAMEA7k4gAMEBsPAgDAbBAIAAjAVAwUAKgATyAMFACoAf8ADBQMq
BNSAMA0GCSqGSIb3DQEBCwUAA4IBAQAO6Lf6Qo2uAK4cMLvd2TuROUgG8yjsnW+r
BYn20Y+UslpK1Ik8e4dinUlTEY0eyzQ7xml2BZK68hVjGHEX+kqjTfZLerdjGkgj
zSDA2jddgwdEFldRf3uyQ+AO23g7bhynJnoMvb8aEcmmhhYiJe6k1PeZSBJ2fVUa
ObNwDvP4cavNzKr1ql59QM5dXJ8p3b3gvdXgkw2pYTO2LumTjhdgbcRjesQobJ+2
jW4Ehse0tPY6KLxqPRdpJd479pqCmVNZQE8hicOowrhN8Twy9tRCRf9y0z4+w33h
GEC62mbMqOaT9nBcTdouyZoeg64Clxlj/yqtswxnX9MFdBJa2d8Y
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:09:44 2024 by rpki-client on console-ams.rpki-client.org