Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/7bd729-98e5-43ff-afe6-187b1f77c1a5/1/Yzk3oJiAquPfdpjMQ2ym82rACE0.roa
File: Yzk3oJiAquPfdpjMQ2ym82rACE0.roa (raw, json)
Hash identifier: JDTWaUA/vPeaJxd4zgOXhYw03dKOnaTyxoWgJWAZtn0=
Subject key identifier: 63:39:37:A0:98:80:AA:E3:DF:76:98:CC:43:6C:A6:F3:6A:C0:08:4D
Certificate issuer: /CN=4c93029c5b2639cd29b9f9dd5294cc94ef52d6af
Certificate serial: 018CC500BA2BA7365FC961ED124A9354912B
Authority key identifier: 4C:93:02:9C:5B:26:39:CD:29:B9:F9:DD:52:94:CC:94:EF:52:D6:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TJMCnFsmOc0pufndUpTMlO9S1q8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/7bd729-98e5-43ff-afe6-187b1f77c1a5/1/Yzk3oJiAquPfdpjMQ2ym82rACE0.roa
Signing time: Mon 01 Jan 2024 12:30:08 +0000
ROA not before: Mon 01 Jan 2024 12:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48707
IP address blocks: 185.238.137.0/24 maxlen: 24
195.2.208.0/24 maxlen: 24
195.2.209.0/24 maxlen: 24
185.253.212.0/24 maxlen: 24
185.253.213.0/24 maxlen: 24
185.253.214.0/24 maxlen: 24
185.253.215.0/24 maxlen: 24
91.230.202.0/24 maxlen: 24
91.230.203.0/24 maxlen: 24
91.230.204.0/24 maxlen: 24
91.230.205.0/24 maxlen: 24
91.230.200.0/24 maxlen: 24
91.230.201.0/24 maxlen: 24
185.237.30.0/24 maxlen: 24
185.237.31.0/24 maxlen: 24
185.237.28.0/24 maxlen: 24
185.237.29.0/24 maxlen: 24
2a0c:b40::/32 maxlen: 48
2a0c:b41::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/7bd729-98e5-43ff-afe6-187b1f77c1a5/1/TJMCnFsmOc0pufndUpTMlO9S1q8.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/7bd729-98e5-43ff-afe6-187b1f77c1a5/1/TJMCnFsmOc0pufndUpTMlO9S1q8.mft
rsync://rpki.ripe.net/repository/DEFAULT/TJMCnFsmOc0pufndUpTMlO9S1q8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:ba:2b:a7:36:5f:c9:61:ed:12:4a:93:54:91:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c93029c5b2639cd29b9f9dd5294cc94ef52d6af
Validity
Not Before: Jan 1 12:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=633937a09880aae3df7698cc436ca6f36ac0084d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:54:e6:0d:29:c2:dc:b0:89:f0:6c:74:18:21:
66:0c:28:9e:18:92:0a:1b:34:f1:35:b2:b6:9c:1d:
2b:e3:b9:8f:1b:15:a0:e6:73:04:ff:c5:07:27:97:
b7:ed:ec:8b:a4:9c:c2:12:13:d7:8b:ec:47:9f:af:
2e:72:92:f6:a2:2b:eb:10:57:da:db:a5:5a:d9:d2:
94:15:1d:39:a7:ca:55:26:55:20:28:3c:71:8b:4b:
b6:40:d2:04:05:f5:91:b0:ae:db:d3:e8:cc:4b:a6:
47:cb:aa:94:d9:2e:f2:da:b3:2f:d0:f0:96:58:3e:
05:f8:a1:9f:3c:67:37:b4:47:8c:af:60:1c:16:22:
8d:fa:18:e2:34:20:36:10:59:4c:5a:eb:09:c6:80:
e8:41:99:87:0f:a3:59:59:52:60:e2:a5:90:c3:55:
07:b9:79:1b:55:cc:62:f8:82:5b:66:40:9e:aa:22:
44:fb:fd:5c:4c:f0:b1:1d:a7:0a:3d:d3:06:dd:b6:
34:1b:04:2b:cc:15:9e:bf:47:dc:fc:20:bb:26:3d:
2c:b6:bd:1e:42:a9:32:d9:31:11:1f:37:1d:ef:ed:
9b:54:b6:2c:4c:3e:51:92:19:36:ba:3b:43:79:03:
f0:7c:b6:b4:60:3f:ab:b3:19:21:49:f9:41:19:1f:
5c:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:39:37:A0:98:80:AA:E3:DF:76:98:CC:43:6C:A6:F3:6A:C0:08:4D
X509v3 Authority Key Identifier:
keyid:4C:93:02:9C:5B:26:39:CD:29:B9:F9:DD:52:94:CC:94:EF:52:D6:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TJMCnFsmOc0pufndUpTMlO9S1q8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/7bd729-98e5-43ff-afe6-187b1f77c1a5/1/Yzk3oJiAquPfdpjMQ2ym82rACE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/7bd729-98e5-43ff-afe6-187b1f77c1a5/1/TJMCnFsmOc0pufndUpTMlO9S1q8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.200.0-91.230.205.255
185.237.28.0/22
185.238.137.0/24
185.253.212.0/22
195.2.208.0/23
IPv6:
2a0c:b40::/31
Signature Algorithm: sha256WithRSAEncryption
62:08:42:bd:41:c5:4d:c9:73:a8:4c:89:4f:5e:9a:a3:f8:b7:
a0:06:a0:b5:02:23:b2:db:27:e5:80:21:c9:6a:35:69:d6:01:
78:d5:79:94:56:b2:8a:9e:5b:dc:75:33:17:ca:e6:6e:fc:00:
ed:fd:a3:34:4d:3b:24:c2:0e:9c:a6:d4:e3:20:8a:f6:cc:d1:
ef:e3:7a:dc:bd:b6:ee:3c:aa:40:57:d6:b8:80:fb:9a:80:15:
c3:e3:6f:fc:fe:97:f3:4d:5d:27:82:a8:48:1c:09:69:89:ab:
21:23:19:af:45:ed:68:6e:a8:c4:a1:58:8c:c5:77:f9:e1:8a:
df:c8:b9:70:5f:e9:88:32:6c:f7:50:16:13:14:58:08:10:aa:
ab:d5:31:06:7a:bd:ab:d3:de:47:6d:40:78:1c:52:96:7b:c3:
bd:ce:f2:b3:f8:7c:01:e8:ce:66:91:f1:80:63:8e:ac:fe:e1:
e4:be:db:f3:57:39:7e:60:c4:0d:a9:23:30:69:f7:6d:1a:8b:
49:36:56:35:c6:62:70:98:7a:61:19:0e:47:4f:e5:46:e1:96:
73:f5:4a:b1:b7:dd:f0:7c:77:bd:71:8d:df:a8:3f:57:2a:bc:
0a:81:e6:5f:8d:d1:06:c0:e4:77:9e:66:78:d5:b1:28:40:11:
6e:69:ec:94
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYzFALorpzZfyWHtEkqTVJErMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjOTMwMjljNWIyNjM5Y2QyOWI5ZjlkZDUyOTRjYzk0ZWY1
MmQ2YWYwHhcNMjQwMTAxMTIzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzM5MzdhMDk4ODBhYWUzZGY3Njk4Y2M0MzZjYTZmMzZhYzAwODRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlTmDSnC3LCJ8Gx0GCFmDCieGJIK
GzTxNbK2nB0r47mPGxWg5nME/8UHJ5e37eyLpJzCEhPXi+xHn68ucpL2oivrEFfa
26Va2dKUFR05p8pVJlUgKDxxi0u2QNIEBfWRsK7b0+jMS6ZHy6qU2S7y2rMv0PCW
WD4F+KGfPGc3tEeMr2AcFiKN+hjiNCA2EFlMWusJxoDoQZmHD6NZWVJg4qWQw1UH
uXkbVcxi+IJbZkCeqiJE+/1cTPCxHacKPdMG3bY0GwQrzBWev0fc/CC7Jj0str0e
Qqky2TERHzcd7+2bVLYsTD5Rkhk2ujtDeQPwfLa0YD+rsxkhSflBGR9cGQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFGM5N6CYgKrj33aYzENspvNqwAhNMB8GA1UdIwQY
MBaAFEyTApxbJjnNKbn53VKUzJTvUtavMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEpNQ25Gc21PYzBwdWZuZFVwVE1sTzlTMXE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC83YmQ3MjktOThlNS00M2ZmLWFmZTYt
MTg3YjFmNzdjMWE1LzEvWXprM29KaUFxdVBmZHBqTVEyeW04MnJBQ0UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC83YmQ3MjktOThlNS00M2ZmLWFmZTYtMTg3YjFmNzdjMWE1
LzEvVEpNQ25Gc21PYzBwdWZuZFVwVE1sTzlTMXE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmMAwDBANb5sgD
BAFb5swDBAK57RwDBAC57okDBAK5/dQDBAHDAtAwDQQCAAIwBwMFASoMC0AwDQYJ
KoZIhvcNAQELBQADggEBAGIIQr1BxU3Jc6hMiU9emqP4t6AGoLUCI7LbJ+WAIclq
NWnWAXjVeZRWsoqeW9x1MxfK5m78AO39ozRNOyTCDpym1OMgivbM0e/jety9tu48
qkBX1riA+5qAFcPjb/z+l/NNXSeCqEgcCWmJqyEjGa9F7WhuqMShWIzFd/nhit/I
uXBf6YgybPdQFhMUWAgQqqvVMQZ6vavT3kdtQHgcUpZ7w73O8rP4fAHozmaR8YBj
jqz+4eS+2/NXOX5gxA2pIzBp920ai0k2VjXGYnCYemEZDkdP5UbhlnP1SrG33fB8
d71xjd+oP1cqvAqB5l+N0QbA5HeeZnjVsShAEW5p7JQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:23:39 2024 by rpki-client on console-ams.rpki-client.org