Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/Yt_vF0ltQhIvUubmyQ5cQ4N_Kyc.roa
File: Yt_vF0ltQhIvUubmyQ5cQ4N_Kyc.roa (raw, json)
Hash identifier: 5XiHXW4/QsESTxZ8Q9bHrgSYh4uRdbvmhHvtAAeafaM=
Subject key identifier: 62:DF:EF:17:49:6D:42:12:2F:52:E6:E6:C9:0E:5C:43:83:7F:2B:27
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019427B3906EFC67FB7655CD427194AEA18C
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/Yt_vF0ltQhIvUubmyQ5cQ4N_Kyc.roa
Signing time: Thu 02 Jan 2025 15:47:46 +0000
ROA not before: Thu 02 Jan 2025 15:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 45.85.124.0/24 maxlen: 24
45.85.125.0/24 maxlen: 24
45.85.126.0/24 maxlen: 24
45.85.127.0/24 maxlen: 24
45.91.20.0/24 maxlen: 24
45.130.136.0/24 maxlen: 24
45.132.193.0/24 maxlen: 24
45.149.104.0/24 maxlen: 24
193.176.210.0/24 maxlen: 24
2a07:e340::/32 maxlen: 32
2a07:e341::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:90:6e:fc:67:fb:76:55:cd:42:71:94:ae:a1:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 15:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=62dfef17496d42122f52e6e6c90e5c43837f2b27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ca:3e:11:39:82:be:a1:73:fb:92:48:c6:5d:
79:dc:87:20:42:5a:83:f4:68:be:0d:40:d6:7a:ae:
04:1f:9a:a9:97:85:96:6b:26:ed:0c:c5:d2:f5:f5:
dd:0b:22:42:52:b9:f4:01:ee:84:f4:1a:8a:d4:bf:
5d:ba:95:80:8e:57:35:16:ef:8d:00:97:4a:cc:04:
29:f8:3d:bd:33:38:d5:08:6e:98:d0:cd:6f:b0:66:
b9:81:c8:86:3b:58:28:1f:f3:14:8c:ec:eb:05:2b:
56:50:e3:6d:8c:53:e9:de:0d:af:2c:ce:1e:e7:26:
0e:2d:a2:d2:ec:4e:07:ef:1d:ab:d5:fe:21:ce:ec:
87:83:4a:11:fc:83:57:e0:9f:57:c8:cc:93:2e:00:
1e:46:22:3e:39:03:2c:e9:b5:aa:10:7f:8a:cc:e4:
af:ad:b4:80:8d:8c:b8:b4:aa:94:da:d3:ab:99:ac:
c1:59:09:d7:03:1a:0d:e8:76:d4:e7:7b:2e:6b:8c:
15:7c:f4:c4:69:c0:6d:33:c4:b7:b5:4d:ba:fd:de:
5c:51:4a:0b:cf:84:a8:25:87:8a:98:86:d9:11:87:
77:7f:c6:3f:09:b0:86:16:d5:cd:e4:36:c5:e2:dd:
24:09:9f:47:e5:cc:71:9c:ff:b7:24:40:a9:34:44:
d1:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:DF:EF:17:49:6D:42:12:2F:52:E6:E6:C9:0E:5C:43:83:7F:2B:27
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/Yt_vF0ltQhIvUubmyQ5cQ4N_Kyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.124.0/22
45.91.20.0/24
45.130.136.0/24
45.132.193.0/24
45.149.104.0/24
193.176.210.0/24
IPv6:
2a07:e340::/31
Signature Algorithm: sha256WithRSAEncryption
80:37:b8:fa:52:f3:d7:9b:93:ba:63:34:25:a6:13:31:a2:4f:
8c:e1:16:f9:60:af:c2:34:94:40:35:3c:41:13:06:45:a6:eb:
73:e2:2a:83:20:d4:b4:70:02:03:b9:87:a2:02:f2:0f:87:85:
06:8b:d1:00:b9:b5:d3:29:27:a7:3d:16:91:fb:6d:d3:dd:f0:
a6:82:94:33:42:8e:ca:c5:dc:94:d7:c1:87:62:ec:3d:a2:cb:
29:72:6a:43:e1:e2:99:59:64:2f:af:c1:45:0f:f8:c3:50:19:
58:d7:93:59:60:33:de:7d:1a:f7:db:75:14:b9:0e:18:e3:af:
fe:51:ab:ae:bf:7d:4e:80:3a:9a:4b:0c:cd:04:b1:be:3e:b4:
58:56:ae:6b:07:e1:69:f4:65:ef:43:01:c5:44:37:72:b1:51:
9b:a9:5b:d3:2d:41:fb:6b:25:52:de:20:f4:a3:5f:63:7a:e5:
30:5a:40:89:16:ae:8e:28:6e:11:ae:cb:fb:99:1a:35:40:76:
46:1c:0c:51:4e:7d:6a:a4:4d:0d:41:3e:c0:8c:b8:5e:b7:55:
0a:cc:21:fa:d6:ef:f2:c8:fa:89:d9:db:22:63:60:2a:9f:80:
d0:35:f5:03:7e:0f:2d:96:33:1a:38:43:af:9e:a9:39:3c:71:
42:03:ac:61
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQns5Bu/Gf7dlXNQnGUrqGMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwMTAyMTU0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmRmZWYxNzQ5NmQ0MjEyMmY1MmU2ZTZjOTBlNWM0MzgzN2YyYjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsco+ETmCvqFz+5JIxl153IcgQlqD
9Gi+DUDWeq4EH5qpl4WWaybtDMXS9fXdCyJCUrn0Ae6E9BqK1L9dupWAjlc1Fu+N
AJdKzAQp+D29MzjVCG6Y0M1vsGa5gciGO1goH/MUjOzrBStWUONtjFPp3g2vLM4e
5yYOLaLS7E4H7x2r1f4hzuyHg0oR/INX4J9XyMyTLgAeRiI+OQMs6bWqEH+KzOSv
rbSAjYy4tKqU2tOrmazBWQnXAxoN6HbU53sua4wVfPTEacBtM8S3tU26/d5cUUoL
z4SoJYeKmIbZEYd3f8Y/CbCGFtXN5DbF4t0kCZ9H5cxxnP+3JECpNETRFwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFGLf7xdJbUISL1Lm5skOXEODfysnMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvWXRfdkYwbHRRaEl2VXVibXlRNWNRNE5fS3ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLVV8AwQA
LVsUAwQALYKIAwQALYTBAwQALZVoAwQAwbDSMA0EAgACMAcDBQEqB+NAMA0GCSqG
SIb3DQEBCwUAA4IBAQCAN7j6UvPXm5O6YzQlphMxok+M4Rb5YK/CNJRANTxBEwZF
putz4iqDINS0cAIDuYeiAvIPh4UGi9EAubXTKSenPRaR+23T3fCmgpQzQo7KxdyU
18GHYuw9osspcmpD4eKZWWQvr8FFD/jDUBlY15NZYDPefRr323UUuQ4Y46/+Uauu
v31OgDqaSwzNBLG+PrRYVq5rB+Fp9GXvQwHFRDdysVGbqVvTLUH7ayVS3iD0o19j
euUwWkCJFq6OKG4Rrsv7mRo1QHZGHAxRTn1qpE0NQT7AjLhet1UKzCH61u/yyPqJ
2dsiY2Aqn4DQNfUDfg8tljMaOEOvnqk5PHFCA6xh
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:54:26 2025 by rpki-client