Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/y0VqOaWRJOX6r-Ed1Zgk7dcVuOs.roa
File: y0VqOaWRJOX6r-Ed1Zgk7dcVuOs.roa (raw, json)
Hash identifier: bNlLPNZ86Xbq6VwW6+jTSl18KOmRBL6PFYz+Yy2Lw4g=
Subject key identifier: CB:45:6A:39:A5:91:24:E5:FA:AF:E1:1D:D5:98:24:ED:D7:15:B8:EB
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 018CC26D57DCA3A00750CC160C563348F104
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/y0VqOaWRJOX6r-Ed1Zgk7dcVuOs.roa
Signing time: Mon 01 Jan 2024 00:29:54 +0000
ROA not before: Mon 01 Jan 2024 00:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43561
IP address blocks: 95.87.209.0/24 maxlen: 24
37.157.191.0/24 maxlen: 24
95.87.223.0/24 maxlen: 24
95.87.228.0/24 maxlen: 24
84.40.116.0/24 maxlen: 24
95.87.199.0/24 maxlen: 24
37.157.169.0/24 maxlen: 24
95.43.250.0/24 maxlen: 24
84.40.65.0/24 maxlen: 24
84.40.73.0/24 maxlen: 24
84.40.74.0/24 maxlen: 24
84.40.93.0/24 maxlen: 24
95.87.255.0/24 maxlen: 24
185.60.66.0/24 maxlen: 24
185.60.67.0/24 maxlen: 24
2a02:1338::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:57:dc:a3:a0:07:50:cc:16:0c:56:33:48:f1:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 1 00:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb456a39a59124e5faafe11dd59824edd715b8eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:2f:2e:a5:bc:dc:cc:0c:c3:ce:53:4a:93:7b:
60:5d:e0:c2:a7:84:c8:ef:6f:39:22:9a:8d:98:77:
2e:42:2a:1c:6c:95:1d:3d:11:39:27:1d:66:ab:3e:
e6:de:10:5f:97:65:b8:f2:79:2a:75:c2:cf:9a:b0:
2b:86:4a:49:dc:fc:38:cc:7d:8c:01:92:b2:f0:f3:
f9:14:11:1a:be:26:c2:15:0c:d4:a5:20:5e:99:69:
71:4b:f5:1e:ac:2c:bb:8c:7e:4d:bc:de:40:6f:44:
f9:16:f4:18:68:b4:46:6e:55:d0:6d:b7:d9:dc:77:
db:ec:78:d3:b6:94:04:cd:02:9e:41:a2:fb:e2:7e:
ea:20:46:7d:57:96:e6:3f:8c:62:4e:af:68:55:16:
ba:6e:53:06:6b:60:97:de:5f:a2:be:16:cc:a3:30:
eb:01:6f:67:52:69:eb:51:0b:77:48:eb:18:6c:34:
22:2e:e6:68:56:bd:fa:af:7d:3c:d0:97:dd:70:ff:
cf:3c:26:97:a2:1f:17:0e:18:b7:84:63:52:8d:bb:
c4:f2:34:b8:ce:29:3d:fb:46:1c:92:48:80:5b:42:
89:a5:7a:f0:7d:b7:1c:bd:1e:67:98:36:cc:eb:c1:
1c:d1:8d:a5:6a:7a:72:ce:ff:b5:8d:99:3c:04:e0:
60:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:45:6A:39:A5:91:24:E5:FA:AF:E1:1D:D5:98:24:ED:D7:15:B8:EB
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/y0VqOaWRJOX6r-Ed1Zgk7dcVuOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.157.169.0/24
37.157.191.0/24
84.40.65.0/24
84.40.73.0-84.40.74.255
84.40.93.0/24
84.40.116.0/24
95.43.250.0/24
95.87.199.0/24
95.87.209.0/24
95.87.223.0/24
95.87.228.0/24
95.87.255.0/24
185.60.66.0/23
IPv6:
2a02:1338::/32
Signature Algorithm: sha256WithRSAEncryption
5e:d0:2f:96:03:6e:b9:43:c2:94:53:71:12:e5:92:b4:b1:da:
55:71:86:bb:12:9f:ea:6d:60:4f:a6:3b:ca:1b:cd:ae:9e:b1:
3c:44:c9:2f:09:d3:7f:61:83:ea:b7:ef:ad:35:76:61:e6:ab:
4f:5d:ea:16:f1:c2:7c:33:43:16:95:c0:23:06:88:69:07:48:
5a:0a:e6:76:61:c3:94:a0:70:5a:7e:09:c6:56:c2:4e:42:fa:
cd:6e:e2:6f:b6:33:83:52:68:49:e6:01:8d:8a:8a:96:48:24:
5f:b1:d1:18:19:28:98:4e:5d:0d:7c:a6:e0:a9:57:e9:34:de:
6a:47:5d:b8:d6:3b:3b:5f:d4:8a:60:38:69:1c:f0:d7:74:80:
00:31:6e:26:0a:82:f2:80:43:19:c1:3f:fa:5a:ce:3b:78:b4:
da:2a:27:76:6c:74:6d:00:a7:ab:45:ff:c4:2c:e5:b0:4a:07:
2c:99:25:13:16:27:a1:1e:a2:1e:f8:a8:9c:90:76:0d:d5:36:
e5:23:fd:89:20:70:6c:1a:a8:5f:8f:1d:a1:70:e4:0f:5a:82:
8d:83:19:4b:10:47:01:40:73:cd:d7:ed:1d:a0:06:64:6b:7d:
92:99:6d:e4:8a:e4:43:b7:84:82:60:32:75:68:59:85:63:1b:
9a:f0:0a:6a
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAYzCbVfco6AHUMwWDFYzSPEEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjQwMTAxMDAyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjQ1NmEzOWE1OTEyNGU1ZmFhZmUxMWRkNTk4MjRlZGQ3MTViOGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAji8upbzczAzDzlNKk3tgXeDCp4TI
7285IpqNmHcuQiocbJUdPRE5Jx1mqz7m3hBfl2W48nkqdcLPmrArhkpJ3Pw4zH2M
AZKy8PP5FBEavibCFQzUpSBemWlxS/UerCy7jH5NvN5Ab0T5FvQYaLRGblXQbbfZ
3Hfb7HjTtpQEzQKeQaL74n7qIEZ9V5bmP4xiTq9oVRa6blMGa2CX3l+ivhbMozDr
AW9nUmnrUQt3SOsYbDQiLuZoVr36r3080JfdcP/PPCaXoh8XDhi3hGNSjbvE8jS4
zik9+0YckkiAW0KJpXrwfbccvR5nmDbM68Ec0Y2lanpyzv+1jZk8BOBgYQIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFMtFajmlkSTl+q/hHdWYJO3XFbjrMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEveTBWcU9hV1JKT1g2ci1FZDFaZ2s3ZGNWdU9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBcBAIAATBWAwQAJZ2pAwQA
JZ2/AwQAVChBMAwDBABUKEkDBABUKEoDBABUKF0DBABUKHQDBABfK/oDBABfV8cD
BABfV9EDBABfV98DBABfV+QDBABfV/8DBAG5PEIwDQQCAAIwBwMFACoCEzgwDQYJ
KoZIhvcNAQELBQADggEBAF7QL5YDbrlDwpRTcRLlkrSx2lVxhrsSn+ptYE+mO8ob
za6esTxEyS8J039hg+q37601dmHmq09d6hbxwnwzQxaVwCMGiGkHSFoK5nZhw5Sg
cFp+CcZWwk5C+s1u4m+2M4NSaEnmAY2KipZIJF+x0RgZKJhOXQ18puCpV+k03mpH
XbjWOztf1IpgOGkc8Nd0gAAxbiYKgvKAQxnBP/pazjt4tNoqJ3ZsdG0Ap6tF/8Qs
5bBKByyZJRMWJ6Eeoh74qJyQdg3VNuUj/YkgcGwaqF+PHaFw5A9ago2DGUsQRwFA
c83X7R2gBmRrfZKZbeSK5EO3hIJgMnVoWYVjG5rwCmo=
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:52:05 2024 by rpki-client on console-fra.rpki-client.org