Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/d25015-7d24-4ad5-a2c1-ac4e28c2c5b6/1/Iy4pKkYUq7CUx8uMLshV6KNfwr0.roa
File: Iy4pKkYUq7CUx8uMLshV6KNfwr0.roa (raw, json)
Hash identifier: yV2ndOttGF298OmWdhHC3U6SXZZCh2tvjVSSwNpZT2Q=
Subject key identifier: 23:2E:29:2A:46:14:AB:B0:94:C7:CB:8C:2E:C8:55:E8:A3:5F:C2:BD
Certificate issuer: /CN=ca8160efe39f1a3077fdd2faf22a64804b541382
Certificate serial: 018CC86F00CA3F3FCD158D3C3D0E2E05A2A1
Authority key identifier: CA:81:60:EF:E3:9F:1A:30:77:FD:D2:FA:F2:2A:64:80:4B:54:13:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yoFg7-OfGjB3_dL68ipkgEtUE4I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/d25015-7d24-4ad5-a2c1-ac4e28c2c5b6/1/Iy4pKkYUq7CUx8uMLshV6KNfwr0.roa
Signing time: Tue 02 Jan 2024 04:29:26 +0000
ROA not before: Tue 02 Jan 2024 04:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56503
IP address blocks: 185.103.244.0/22 maxlen: 22
185.103.248.0/22 maxlen: 22
185.108.164.0/22 maxlen: 22
185.107.28.0/24 maxlen: 24
185.107.29.0/24 maxlen: 24
185.107.30.0/23 maxlen: 23
185.26.232.0/23 maxlen: 23
185.26.234.0/23 maxlen: 23
91.106.82.0/24 maxlen: 24
91.106.81.0/24 maxlen: 24
91.106.84.0/24 maxlen: 24
91.106.83.0/24 maxlen: 24
91.106.85.0/24 maxlen: 24
91.106.79.0/24 maxlen: 24
91.106.80.0/24 maxlen: 24
91.106.86.0/24 maxlen: 24
91.106.87.0/24 maxlen: 24
91.106.89.0/24 maxlen: 24
91.106.88.0/24 maxlen: 24
91.106.91.0/24 maxlen: 24
91.106.90.0/24 maxlen: 24
91.106.95.0/24 maxlen: 24
91.106.92.0/24 maxlen: 24
91.106.94.0/24 maxlen: 24
91.106.93.0/24 maxlen: 24
91.106.64.0/24 maxlen: 24
91.106.68.0/24 maxlen: 24
91.106.67.0/24 maxlen: 24
91.106.70.0/24 maxlen: 24
91.106.69.0/24 maxlen: 24
91.106.71.0/24 maxlen: 24
91.106.65.0/24 maxlen: 24
91.106.66.0/24 maxlen: 24
91.106.72.0/24 maxlen: 24
91.106.73.0/24 maxlen: 24
91.106.75.0/24 maxlen: 24
91.106.74.0/24 maxlen: 24
91.106.77.0/24 maxlen: 24
91.106.76.0/24 maxlen: 24
91.106.78.0/24 maxlen: 24
185.106.136.0/22 maxlen: 22
185.106.144.0/22 maxlen: 22
185.104.232.0/22 maxlen: 22
185.104.240.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/d25015-7d24-4ad5-a2c1-ac4e28c2c5b6/1/yoFg7-OfGjB3_dL68ipkgEtUE4I.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/d25015-7d24-4ad5-a2c1-ac4e28c2c5b6/1/yoFg7-OfGjB3_dL68ipkgEtUE4I.mft
rsync://rpki.ripe.net/repository/DEFAULT/yoFg7-OfGjB3_dL68ipkgEtUE4I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 07:03:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:00:ca:3f:3f:cd:15:8d:3c:3d:0e:2e:05:a2:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca8160efe39f1a3077fdd2faf22a64804b541382
Validity
Not Before: Jan 2 04:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=232e292a4614abb094c7cb8c2ec855e8a35fc2bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:09:cd:ff:0b:67:e1:ac:da:59:e9:4c:55:d1:
6a:74:2f:3b:42:7d:eb:16:2b:da:65:cb:b3:ec:e8:
72:fd:b6:54:d3:0e:f9:33:d3:87:78:c9:db:e0:09:
49:9d:b6:b3:4a:c4:1b:d2:7b:e8:9f:59:00:d6:be:
51:fc:f7:39:72:14:90:cd:02:a6:6c:78:62:18:a2:
ec:d3:ca:b8:30:2c:dd:af:7b:34:78:81:d5:27:b4:
4a:a9:06:b7:20:0c:f5:52:99:02:65:0e:b9:22:34:
ae:bb:54:ec:6a:00:b8:9e:01:41:fc:6d:93:02:9a:
ab:51:bb:c1:38:7b:5b:ac:85:f6:86:8e:cf:36:69:
32:5c:e4:66:f9:7a:7b:9a:07:82:28:8d:a3:35:2c:
01:50:88:e4:86:22:c3:53:d6:35:62:5d:f6:23:36:
37:b6:b2:5f:a3:2b:27:ef:82:ed:95:14:80:6e:76:
25:18:e7:5f:8d:9a:b9:86:86:fd:be:c5:59:18:38:
99:33:ae:4b:44:70:aa:9e:57:17:17:b1:2a:98:fa:
7e:9a:3d:4e:f3:76:08:c2:01:95:2c:07:cb:7f:79:
b5:63:24:19:9a:b3:37:d3:3e:62:3c:d5:f3:52:98:
51:d0:6b:0c:cf:f0:7d:46:c2:a3:e3:45:53:67:39:
1c:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:2E:29:2A:46:14:AB:B0:94:C7:CB:8C:2E:C8:55:E8:A3:5F:C2:BD
X509v3 Authority Key Identifier:
keyid:CA:81:60:EF:E3:9F:1A:30:77:FD:D2:FA:F2:2A:64:80:4B:54:13:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yoFg7-OfGjB3_dL68ipkgEtUE4I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/d25015-7d24-4ad5-a2c1-ac4e28c2c5b6/1/Iy4pKkYUq7CUx8uMLshV6KNfwr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/d25015-7d24-4ad5-a2c1-ac4e28c2c5b6/1/yoFg7-OfGjB3_dL68ipkgEtUE4I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.106.64.0/19
185.26.232.0/22
185.103.244.0-185.103.251.255
185.104.232.0/22
185.104.240.0/22
185.106.136.0/22
185.106.144.0/22
185.107.28.0/22
185.108.164.0/22
Signature Algorithm: sha256WithRSAEncryption
bd:6b:7e:61:08:2a:59:cb:b1:d9:77:7a:d1:e6:20:d2:42:fd:
78:3d:ba:15:87:04:86:69:3b:a0:6e:b3:ac:51:6d:79:7e:e0:
4e:5a:e8:49:6a:29:ac:a4:45:aa:44:e1:56:19:76:f3:8d:26:
69:84:fe:cb:2f:df:53:d1:f6:d1:05:cf:7d:3d:38:a5:5c:8c:
f0:40:e6:c5:93:0f:eb:0d:1a:f7:90:8b:e2:b7:32:3c:0d:b9:
50:fd:ad:d5:58:08:8b:86:10:d2:6f:79:ac:a0:17:7c:a5:63:
d1:f2:0e:ca:37:67:a8:01:52:9a:03:ca:be:09:8a:12:5f:79:
d4:5c:2a:5a:68:84:2b:20:53:c5:aa:5f:96:8b:85:36:e3:dc:
5a:49:d2:23:77:bf:c4:59:d9:46:eb:e0:76:5b:6f:12:d2:3c:
08:c8:c0:6d:e7:3a:53:db:2e:b6:d9:01:3d:fc:24:b1:9a:d6:
07:30:03:ec:21:40:ff:51:da:f5:6c:4c:05:e9:64:45:06:d5:
48:49:1a:1b:39:08:ff:46:99:0c:e3:12:90:67:31:d9:e5:93:
60:6d:36:20:eb:79:1a:49:39:47:d1:53:b3:6b:16:7e:b5:b6:
24:03:fb:75:4e:82:31:67:06:96:a4:3d:72:7f:a4:8c:d0:1b:
4e:cf:38:50
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYzIbwDKPz/NFY08PQ4uBaKhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhODE2MGVmZTM5ZjFhMzA3N2ZkZDJmYWYyMmE2NDgwNGI1
NDEzODIwHhcNMjQwMTAyMDQyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzJlMjkyYTQ2MTRhYmIwOTRjN2NiOGMyZWM4NTVlOGEzNWZjMmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAnN/wtn4azaWelMVdFqdC87Qn3r
FivaZcuz7Ohy/bZU0w75M9OHeMnb4AlJnbazSsQb0nvon1kA1r5R/Pc5chSQzQKm
bHhiGKLs08q4MCzdr3s0eIHVJ7RKqQa3IAz1UpkCZQ65IjSuu1TsagC4ngFB/G2T
ApqrUbvBOHtbrIX2ho7PNmkyXORm+Xp7mgeCKI2jNSwBUIjkhiLDU9Y1Yl32IzY3
trJfoysn74LtlRSAbnYlGOdfjZq5hob9vsVZGDiZM65LRHCqnlcXF7EqmPp+mj1O
83YIwgGVLAfLf3m1YyQZmrM30z5iPNXzUphR0GsMz/B9RsKj40VTZzkcQQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFCMuKSpGFKuwlMfLjC7IVeijX8K9MB8GA1UdIwQY
MBaAFMqBYO/jnxowd/3S+vIqZIBLVBOCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveW9GZzctT2ZHakIzX2RMNjhpcGtnRXRVRTRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9kMjUwMTUtN2QyNC00YWQ1LWEyYzEt
YWM0ZTI4YzJjNWI2LzEvSXk0cEtrWVVxN0NVeDh1TUxzaFY2S05md3IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9kMjUwMTUtN2QyNC00YWQ1LWEyYzEtYWM0ZTI4YzJjNWI2
LzEveW9GZzctT2ZHakIzX2RMNjhpcGtnRXRVRTRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQFW2pAAwQC
uRroMAwDBAK5Z/QDBAK5Z/gDBAK5aOgDBAK5aPADBAK5aogDBAK5apADBAK5axwD
BAK5bKQwDQYJKoZIhvcNAQELBQADggEBAL1rfmEIKlnLsdl3etHmINJC/Xg9uhWH
BIZpO6Bus6xRbXl+4E5a6ElqKaykRapE4VYZdvONJmmE/ssv31PR9tEFz309OKVc
jPBA5sWTD+sNGveQi+K3MjwNuVD9rdVYCIuGENJveaygF3ylY9HyDso3Z6gBUpoD
yr4JihJfedRcKlpohCsgU8WqX5aLhTbj3FpJ0iN3v8RZ2Ubr4HZbbxLSPAjIwG3n
OlPbLrbZAT38JLGa1gcwA+whQP9R2vVsTAXpZEUG1UhJGhs5CP9GmQzjEpBnMdnl
k2BtNiDreRpJOUfRU7NrFn61tiQD+3VOgjFnBpakPXJ/pIzQG07POFA=
-----END CERTIFICATE-----
Generated at Fri Jun 7 17:06:09 2024 by rpki-client on console-ams.rpki-client.org