Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/47BZy1mlSfipLj5TEcsGO6MTwxc.roa
File: 47BZy1mlSfipLj5TEcsGO6MTwxc.roa (raw, json)
Hash identifier: iEG9RiAYhl6gI1RT7v2qNQ4TH0lYXTNdctVQrpL7mao=
Subject key identifier: E3:B0:59:CB:59:A5:49:F8:A9:2E:3E:53:11:CB:06:3B:A3:13:C3:17
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018AA7F1672100E05D17A88D7E52B970E8DC
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/47BZy1mlSfipLj5TEcsGO6MTwxc.roa
Signing time: Mon 18 Sep 2023 10:58:50 +0000
ROA not before: Mon 18 Sep 2023 10:58:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 85.208.105.0/24 maxlen: 24
45.66.152.0/24 maxlen: 24
45.66.154.0/24 maxlen: 24
45.66.155.0/24 maxlen: 24
5.180.32.0/22 maxlen: 24
5.180.51.0/24 maxlen: 24
5.180.48.0/24 maxlen: 24
5.180.50.0/24 maxlen: 24
85.208.107.0/24 maxlen: 24
85.208.113.0/24 maxlen: 24
85.208.115.0/24 maxlen: 24
45.8.185.0/24 maxlen: 24
45.8.192.0/22 maxlen: 24
45.8.188.0/22 maxlen: 24
45.8.199.0/24 maxlen: 24
45.8.198.0/24 maxlen: 24
45.8.197.0/24 maxlen: 24
45.8.203.0/24 maxlen: 24
193.168.208.0/22 maxlen: 24
5.180.80.0/24 maxlen: 24
5.180.235.0/24 maxlen: 24
5.180.234.0/24 maxlen: 24
85.209.160.0/24 maxlen: 24
5.253.44.0/24 maxlen: 24
5.253.39.0/24 maxlen: 24
45.8.252.0/24 maxlen: 24
45.8.253.0/24 maxlen: 24
5.253.47.0/24 maxlen: 24
5.253.45.0/24 maxlen: 24
45.9.4.0/24 maxlen: 24
45.8.255.0/24 maxlen: 24
45.9.1.0/24 maxlen: 24
45.9.0.0/24 maxlen: 24
45.9.6.0/24 maxlen: 24
45.9.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 19 Sep 2023 08:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a7:f1:67:21:00:e0:5d:17:a8:8d:7e:52:b9:70:e8:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Sep 18 10:58:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e3b059cb59a549f8a92e3e5311cb063ba313c317
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:e5:5a:18:0c:ab:56:36:4e:1d:a0:cc:0b:ff:
3a:51:5c:9a:a8:48:42:cc:9d:8a:e3:68:90:4d:38:
a7:d6:bc:4f:cc:89:60:36:ff:45:eb:bf:96:c9:41:
10:3e:a7:71:2a:8f:88:bf:0f:d9:41:5e:0e:a4:6a:
85:ff:32:0f:54:e9:90:5a:75:49:a2:a7:f8:14:3d:
fe:9c:68:2c:4a:48:37:e8:0b:f5:c7:db:c6:35:b9:
43:ec:63:8d:41:e8:9d:fb:b5:f7:14:8d:a5:1c:2f:
86:99:a1:66:b4:47:e2:74:99:a7:ec:cf:97:8a:c5:
f2:ee:a6:c8:45:4d:1d:61:43:93:c7:cf:44:ba:7d:
1e:a4:43:ac:69:7b:17:09:a6:e7:f8:5c:c1:2f:1a:
f1:06:f3:3e:7b:a4:99:7f:73:13:d6:06:7b:d3:19:
5d:b0:82:97:37:09:d4:4e:d8:b3:4d:f6:c4:ce:f8:
a8:aa:cf:46:56:8d:45:ff:64:6f:95:92:39:dd:f9:
7c:ad:35:ef:24:b5:52:57:3e:02:73:e8:e0:bf:60:
83:ca:f0:f0:1c:88:d0:2a:e8:4a:42:ba:7c:b9:65:
10:bc:fe:17:d5:70:21:0f:f2:26:2b:92:d0:7c:e4:
4c:b8:fe:30:81:2c:39:9d:9f:30:35:b3:76:c9:eb:
62:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:B0:59:CB:59:A5:49:F8:A9:2E:3E:53:11:CB:06:3B:A3:13:C3:17
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/47BZy1mlSfipLj5TEcsGO6MTwxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.32.0/22
5.180.48.0/24
5.180.50.0/23
5.180.80.0/24
5.180.234.0/23
5.253.39.0/24
5.253.44.0/23
5.253.47.0/24
45.8.185.0/24
45.8.188.0-45.8.195.255
45.8.197.0-45.8.199.255
45.8.203.0/24
45.8.252.0/23
45.8.255.0-45.9.1.255
45.9.4.0/24
45.9.6.0/23
45.66.152.0/24
45.66.154.0/23
85.208.105.0/24
85.208.107.0/24
85.208.113.0/24
85.208.115.0/24
85.209.160.0/24
193.168.208.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:57:84:71:b4:97:a4:fd:9c:76:fa:4b:91:2a:be:36:ea:59:
82:7e:81:48:92:ca:67:85:b1:ac:31:4e:f1:87:a0:1a:d2:cd:
7a:64:1e:b3:3d:17:db:b4:3d:f2:41:27:33:2c:9c:07:d7:d7:
95:78:97:bc:22:aa:48:39:47:f9:27:bf:ec:51:e2:84:93:92:
28:c2:72:e9:00:68:14:3b:2c:34:a3:80:30:82:f9:b6:c6:c1:
f6:be:70:9c:4c:d9:6c:d2:b6:6c:35:aa:1a:62:a9:3e:7e:67:
b6:99:69:a2:24:aa:24:08:c2:64:ae:2b:47:09:4e:32:81:c3:
10:d4:95:60:70:fa:98:fc:3a:94:3a:e1:a9:84:87:75:ed:eb:
80:f1:d7:78:86:2a:f4:d4:f5:74:58:2e:9f:21:20:b1:fc:4b:
81:32:78:35:c2:d1:4d:9d:f7:a6:b1:90:9b:12:09:80:70:b3:
b1:b1:49:fe:f3:97:ac:7b:2d:5d:25:8f:6c:61:f1:b1:17:6f:
c3:6f:67:f5:e9:bb:46:de:03:a6:e9:ed:0c:a3:02:48:8e:b0:
31:0b:02:2e:e3:ac:56:74:a9:b1:a3:b9:ca:1c:0b:9d:69:b6:
d8:d3:d9:02:d9:a9:88:7d:a0:40:33:2e:44:0f:0a:8d:af:18:
cf:a6:ec:2c
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAYqn8WchAOBdF6iNflK5cOjcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwOTE4MTA1ODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2IwNTljYjU5YTU0OWY4YTkyZTNlNTMxMWNiMDYzYmEzMTNjMzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkeVaGAyrVjZOHaDMC/86UVyaqEhC
zJ2K42iQTTin1rxPzIlgNv9F67+WyUEQPqdxKo+Ivw/ZQV4OpGqF/zIPVOmQWnVJ
oqf4FD3+nGgsSkg36Av1x9vGNblD7GONQeid+7X3FI2lHC+GmaFmtEfidJmn7M+X
isXy7qbIRU0dYUOTx89Eun0epEOsaXsXCabn+FzBLxrxBvM+e6SZf3MT1gZ70xld
sIKXNwnUTtizTfbEzvioqs9GVo1F/2RvlZI53fl8rTXvJLVSVz4Cc+jgv2CDyvDw
HIjQKuhKQrp8uWUQvP4X1XAhD/ImK5LQfORMuP4wgSw5nZ8wNbN2yetiSwIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFOOwWctZpUn4qS4+UxHLBjujE8MXMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvNDdCWnkxbWxTZmlwTGo1VEVjc0dPNk1Ud3hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBrwQCAAEwgagDBAIF
tCADBAAFtDADBAEFtDIDBAAFtFADBAEFtOoDBAAF/ScDBAEF/SwDBAAF/S8DBAAt
CLkwDAMEAi0IvAMEAi0IwDAMAwQALQjFAwQDLQjAAwQALQjLAwQBLQj8MAwDBAAt
CP8DBAEtCQADBAAtCQQDBAEtCQYDBAAtQpgDBAEtQpoDBABV0GkDBABV0GsDBABV
0HEDBABV0HMDBABV0aADBALBqNAwDQYJKoZIhvcNAQELBQADggEBAD1XhHG0l6T9
nHb6S5EqvjbqWYJ+gUiSymeFsawxTvGHoBrSzXpkHrM9F9u0PfJBJzMsnAfX15V4
l7wiqkg5R/knv+xR4oSTkijCcukAaBQ7LDSjgDCC+bbGwfa+cJxM2WzStmw1qhpi
qT5+Z7aZaaIkqiQIwmSuK0cJTjKBwxDUlWBw+pj8OpQ64amEh3Xt64Dx13iGKvTU
9XRYLp8hILH8S4EyeDXC0U2d96axkJsSCYBws7GxSf7zl6x7LV0lj2xh8bEXb8Nv
Z/Xpu0beA6bp7QyjAkiOsDELAi7jrFZ0qbGjucocC51pttjT2QLZqYh9oEAzLkQP
Co2vGM+m7Cw=
-----END CERTIFICATE-----
Generated at Mon Sep 18 11:34:13 2023 by rpki-client on console-ams.rpki-client.org