Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/a44335-414f-4479-a7fe-aa4a81a2eb23/1/0yLYA2Rd7lj541lpVJwhWcZUUXY.roa
File: 0yLYA2Rd7lj541lpVJwhWcZUUXY.roa (raw, json)
Hash identifier: bc8pwWuEkQEfxSzWDonXFq/Ie82K4oEmG28MWXnUA1w=
Subject key identifier: D3:22:D8:03:64:5D:EE:58:F9:E3:59:69:54:9C:21:59:C6:54:51:76
Certificate issuer: /CN=f3cab68fbb0c979476594bdfc56c192042b8dedf
Certificate serial: 0191454F36AF7AEFDA92267ADEBDE5B82FC1
Authority key identifier: F3:CA:B6:8F:BB:0C:97:94:76:59:4B:DF:C5:6C:19:20:42:B8:DE:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/88q2j7sMl5R2WUvfxWwZIEK43t8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/a44335-414f-4479-a7fe-aa4a81a2eb23/1/0yLYA2Rd7lj541lpVJwhWcZUUXY.roa
Signing time: Mon 12 Aug 2024 06:38:24 +0000
ROA not before: Mon 12 Aug 2024 06:38:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42277
IP address blocks: 5.249.192.0/19 maxlen: 19
37.188.0.0/18 maxlen: 18
46.62.0.0/17 maxlen: 17
77.241.16.0/21 maxlen: 21
77.241.20.0/22 maxlen: 22
94.247.248.0/22 maxlen: 24
94.247.248.0/24 maxlen: 24
94.247.252.0/22 maxlen: 22
176.241.192.0/19 maxlen: 19
178.249.240.0/21 maxlen: 21
2a02:51c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/a44335-414f-4479-a7fe-aa4a81a2eb23/1/88q2j7sMl5R2WUvfxWwZIEK43t8.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/a44335-414f-4479-a7fe-aa4a81a2eb23/1/88q2j7sMl5R2WUvfxWwZIEK43t8.mft
rsync://rpki.ripe.net/repository/DEFAULT/88q2j7sMl5R2WUvfxWwZIEK43t8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:45:4f:36:af:7a:ef:da:92:26:7a:de:bd:e5:b8:2f:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3cab68fbb0c979476594bdfc56c192042b8dedf
Validity
Not Before: Aug 12 06:38:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d322d803645dee58f9e35969549c2159c6545176
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:d3:4d:c2:e8:1a:aa:63:01:69:9f:19:79:3c:
0f:c1:dd:6c:c0:3b:bc:34:3e:31:74:28:84:30:c4:
c3:cf:39:27:54:e7:a4:28:d9:1e:09:6a:75:75:fd:
f9:15:2a:23:1e:1f:2b:07:2e:4f:1e:b5:eb:ff:b7:
60:1c:2f:d1:4a:fc:61:e6:e2:ce:65:40:0d:8b:52:
b8:27:e0:37:f3:df:ed:3f:20:0e:05:ab:61:7d:29:
11:48:8a:51:9b:ec:44:c6:01:61:9a:c0:8b:3d:34:
60:b9:a2:30:a1:60:42:ce:fb:1f:6c:25:b5:32:e3:
a9:02:64:11:d3:ae:51:73:e6:36:4f:c0:da:3a:b6:
aa:80:d3:2c:9c:85:e2:b5:c3:02:99:e5:b1:61:d3:
d3:f2:8f:65:eb:b5:52:db:94:98:3a:26:6d:9d:8e:
bc:1f:11:0e:7a:23:5f:51:f3:d1:db:99:43:d9:8a:
6e:4e:9f:f1:83:b5:9d:a3:a7:80:38:d6:e4:c7:a7:
c5:cb:0d:64:f9:b7:cc:23:40:f8:ec:22:6c:da:63:
05:d9:90:71:bf:75:79:42:98:c6:ff:76:0c:d8:8b:
81:bc:37:06:0a:64:aa:03:ae:c8:ec:62:24:10:32:
f6:bb:a5:31:7e:c3:44:40:b0:12:b6:78:03:53:3f:
66:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:22:D8:03:64:5D:EE:58:F9:E3:59:69:54:9C:21:59:C6:54:51:76
X509v3 Authority Key Identifier:
keyid:F3:CA:B6:8F:BB:0C:97:94:76:59:4B:DF:C5:6C:19:20:42:B8:DE:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/88q2j7sMl5R2WUvfxWwZIEK43t8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/a44335-414f-4479-a7fe-aa4a81a2eb23/1/0yLYA2Rd7lj541lpVJwhWcZUUXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/a44335-414f-4479-a7fe-aa4a81a2eb23/1/88q2j7sMl5R2WUvfxWwZIEK43t8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.192.0/19
37.188.0.0/18
46.62.0.0/17
77.241.16.0/21
94.247.248.0/21
176.241.192.0/19
178.249.240.0/21
IPv6:
2a02:51c0::/32
Signature Algorithm: sha256WithRSAEncryption
90:a6:5f:05:76:34:2a:9a:e8:2e:7d:a1:09:79:20:f3:6b:9e:
32:b4:cc:10:ca:e2:7d:76:c8:85:9d:28:a3:34:8e:64:1e:20:
4f:0b:4b:21:0a:0a:99:53:1c:84:d3:1f:38:20:58:0d:97:d5:
0b:98:bf:45:22:80:3e:1f:3d:8b:31:87:04:08:71:5a:81:49:
8a:c4:73:40:ca:ea:49:04:7c:96:a6:3d:b4:ae:4f:b5:bd:47:
e0:5c:10:a9:f7:10:1f:52:56:ce:ed:ef:b3:2c:f4:2f:f5:cb:
8f:87:f3:17:15:b2:c8:27:df:2a:f5:75:7c:62:ef:d2:a0:0e:
55:99:4a:8e:8b:a4:47:06:d8:aa:6a:35:91:57:25:a7:55:57:
ef:04:22:10:ba:ff:4a:4a:bc:89:17:c5:be:f1:fa:f5:f9:2a:
bb:da:3a:b5:75:22:2c:b8:a7:50:0f:46:30:9d:46:94:c8:3b:
40:e3:8d:29:b5:92:5f:94:61:81:c5:01:4f:c2:7d:89:8a:fa:
d5:64:8a:33:82:06:86:c8:c2:10:9f:22:51:fc:b6:84:04:9f:
66:d8:0c:b6:ca:2f:ce:28:ff:ce:da:e4:10:2e:f5:60:e2:a3:
87:91:bb:5d:ce:c9:85:51:62:e7:fa:b3:a3:d3:94:ba:3f:67:
74:46:a4:2b
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZFFTzaveu/akiZ63r3luC/BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzY2FiNjhmYmIwYzk3OTQ3NjU5NGJkZmM1NmMxOTIwNDJi
OGRlZGYwHhcNMjQwODEyMDYzODI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzIyZDgwMzY0NWRlZTU4ZjllMzU5Njk1NDljMjE1OWM2NTQ1MTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8NNNwugaqmMBaZ8ZeTwPwd1swDu8
ND4xdCiEMMTDzzknVOekKNkeCWp1df35FSojHh8rBy5PHrXr/7dgHC/RSvxh5uLO
ZUANi1K4J+A389/tPyAOBathfSkRSIpRm+xExgFhmsCLPTRguaIwoWBCzvsfbCW1
MuOpAmQR065Rc+Y2T8DaOraqgNMsnIXitcMCmeWxYdPT8o9l67VS25SYOiZtnY68
HxEOeiNfUfPR25lD2YpuTp/xg7Wdo6eAONbkx6fFyw1k+bfMI0D47CJs2mMF2ZBx
v3V5QpjG/3YM2IuBvDcGCmSqA67I7GIkEDL2u6UxfsNEQLAStngDUz9mZwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFNMi2ANkXe5Y+eNZaVScIVnGVFF2MB8GA1UdIwQY
MBaAFPPKto+7DJeUdllL38VsGSBCuN7fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODhxMmo3c01sNVIyV1V2ZnhXd1pJRUs0M3Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9hNDQzMzUtNDE0Zi00NDc5LWE3ZmUt
YWE0YTgxYTJlYjIzLzEvMHlMWUEyUmQ3bGo1NDFscFZKd2hXY1pVVVhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9hNDQzMzUtNDE0Zi00NDc5LWE3ZmUtYWE0YTgxYTJlYjIz
LzEvODhxMmo3c01sNVIyV1V2ZnhXd1pJRUs0M3Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQFBfnAAwQG
JbwAAwQHLj4AAwQDTfEQAwQDXvf4AwQFsPHAAwQDsvnwMA0EAgACMAcDBQAqAlHA
MA0GCSqGSIb3DQEBCwUAA4IBAQCQpl8FdjQqmugufaEJeSDza54ytMwQyuJ9dsiF
nSijNI5kHiBPC0shCgqZUxyE0x84IFgNl9ULmL9FIoA+Hz2LMYcECHFagUmKxHNA
yupJBHyWpj20rk+1vUfgXBCp9xAfUlbO7e+zLPQv9cuPh/MXFbLIJ98q9XV8Yu/S
oA5VmUqOi6RHBtiqajWRVyWnVVfvBCIQuv9KSryJF8W+8fr1+Sq72jq1dSIsuKdQ
D0YwnUaUyDtA440ptZJflGGBxQFPwn2JivrVZIozggaGyMIQnyJR/LaEBJ9m2Ay2
yi/OKP/O2uQQLvVg4qOHkbtdzsmFUWLn+rOj05S6P2d0RqQr
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:03:52 2024 by rpki-client on console-fra.rpki-client.org