Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/CYCCnMcbL5dX7fyfJnQbSdpVKmE.roa
File: CYCCnMcbL5dX7fyfJnQbSdpVKmE.roa (raw, json)
Hash identifier: UYaMrDVOCycLQUuTrn6mXriG9cRqwsedb+V+2k41CKU=
Subject key identifier: 09:80:82:9C:C7:1B:2F:97:57:ED:FC:9F:26:74:1B:49:DA:55:2A:61
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018CC8DE83BEA7EB9970BBFB3045B61D00D1
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/CYCCnMcbL5dX7fyfJnQbSdpVKmE.roa
Signing time: Tue 02 Jan 2024 06:31:15 +0000
ROA not before: Tue 02 Jan 2024 06:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47913
IP address blocks: 45.92.124.0/22 maxlen: 24
194.33.36.0/22 maxlen: 24
185.166.160.0/22 maxlen: 24
141.98.132.0/22 maxlen: 24
92.119.40.0/22 maxlen: 24
185.149.20.0/22 maxlen: 24
45.83.116.0/22 maxlen: 24
45.89.100.0/22 maxlen: 24
31.12.92.0/22 maxlen: 24
45.88.148.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:83:be:a7:eb:99:70:bb:fb:30:45:b6:1d:00:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 2 06:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0980829cc71b2f9757edfc9f26741b49da552a61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ff:d9:f0:e2:30:d6:4c:e4:4a:e8:9c:bb:7e:
04:92:d8:e0:a3:24:04:e0:af:76:18:18:64:29:33:
df:ac:ba:64:95:19:87:b8:99:a7:d0:0c:7e:ac:e9:
c8:b4:a1:e7:4a:16:85:4b:f9:01:9a:ad:a5:d1:14:
8c:19:02:f3:fc:7c:87:9d:22:0b:b4:34:ec:b1:47:
2c:02:26:6b:68:9e:81:f8:3a:db:db:62:65:56:07:
3d:33:20:b6:c9:05:32:7d:ff:81:e0:3b:37:03:30:
8d:1f:be:d5:43:8f:ff:ba:ea:40:67:2e:9b:29:06:
cc:7d:a1:37:7c:31:2f:b0:f6:15:c8:ae:0f:81:4a:
cc:87:ff:57:b2:1d:3c:de:34:a2:a8:79:8c:cb:c7:
04:8a:35:4f:69:cb:b1:88:50:0a:69:d7:ab:e7:67:
6d:bf:9d:30:f9:5e:91:24:b5:5b:3c:8a:a8:6d:4b:
7e:ff:6a:02:54:55:65:d2:8d:b5:59:b5:3a:98:fa:
13:22:cf:83:d1:20:aa:28:3a:25:7b:81:fb:97:f1:
0f:f8:59:a2:9d:f7:ac:87:12:1e:2b:4c:9c:cc:70:
99:4c:6d:ca:b2:f8:5c:2e:9f:47:f8:59:f2:4c:2d:
e3:5f:1b:83:5f:9b:35:8d:0c:d9:59:3a:b4:c4:c3:
37:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:80:82:9C:C7:1B:2F:97:57:ED:FC:9F:26:74:1B:49:DA:55:2A:61
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/CYCCnMcbL5dX7fyfJnQbSdpVKmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.12.92.0/22
45.83.116.0/22
45.88.148.0/22
45.89.100.0/22
45.92.124.0/22
92.119.40.0/22
141.98.132.0/22
185.149.20.0/22
185.166.160.0/22
194.33.36.0/22
Signature Algorithm: sha256WithRSAEncryption
16:f8:d1:35:cc:7e:a1:c0:80:ce:91:a6:79:ed:2d:d7:61:e5:
22:f5:09:83:bb:5d:c7:0f:ca:cc:da:2d:7e:c7:94:ab:14:b1:
f1:ec:21:e7:a5:87:ec:f3:96:cc:dc:36:50:61:e8:74:82:b5:
5e:91:8d:7b:1a:67:10:85:06:e4:03:1f:38:36:42:b6:b3:10:
ed:dc:28:b4:3e:50:af:ef:55:d6:89:b4:e9:1f:e2:9c:84:2a:
b6:2d:92:df:a4:5d:a7:8f:85:f7:c3:34:46:a6:3e:b1:a4:3e:
84:12:51:29:ac:8a:65:52:e4:8c:1a:a6:c6:0b:89:a1:1b:19:
62:54:71:f8:b1:9e:38:0e:d7:43:08:c7:51:5a:e3:fc:f9:9a:
02:a6:b1:e0:03:17:45:b8:7d:2d:14:b7:2c:3e:18:da:55:1b:
e2:e3:97:89:86:4c:ae:12:be:da:9c:74:f6:e7:8c:c9:a4:f9:
64:46:0d:57:f1:64:db:d5:05:a1:d4:de:f5:4c:1d:d2:46:72:
7b:b8:09:28:71:0c:8b:a1:3d:b3:06:ed:7d:ec:8a:b8:81:2c:
d6:51:85:f7:1d:37:05:aa:98:51:29:b2:3e:10:04:47:7e:a2:
7a:f5:d0:24:4d:c6:d0:3b:b9:88:4c:49:d0:83:a5:e7:4f:3a:
0d:ff:db:eb
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYzI3oO+p+uZcLv7MEW2HQDRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQwMTAyMDYzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTgwODI5Y2M3MWIyZjk3NTdlZGZjOWYyNjc0MWI0OWRhNTUyYTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhP/Z8OIw1kzkSuicu34EktjgoyQE
4K92GBhkKTPfrLpklRmHuJmn0Ax+rOnItKHnShaFS/kBmq2l0RSMGQLz/HyHnSIL
tDTssUcsAiZraJ6B+Drb22JlVgc9MyC2yQUyff+B4Ds3AzCNH77VQ4//uupAZy6b
KQbMfaE3fDEvsPYVyK4PgUrMh/9Xsh083jSiqHmMy8cEijVPacuxiFAKader52dt
v50w+V6RJLVbPIqobUt+/2oCVFVl0o21WbU6mPoTIs+D0SCqKDole4H7l/EP+Fmi
nfeshxIeK0yczHCZTG3KsvhcLp9H+FnyTC3jXxuDX5s1jQzZWTq0xMM3GQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFAmAgpzHGy+XV+38nyZ0G0naVSphMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvQ1lDQ25NY2JMNWRYN2Z5ZkpuUWJTZHBWS21FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCHwxcAwQC
LVN0AwQCLViUAwQCLVlkAwQCLVx8AwQCXHcoAwQCjWKEAwQCuZUUAwQCuaagAwQC
wiEkMA0GCSqGSIb3DQEBCwUAA4IBAQAW+NE1zH6hwIDOkaZ57S3XYeUi9QmDu13H
D8rM2i1+x5SrFLHx7CHnpYfs85bM3DZQYeh0grVekY17GmcQhQbkAx84NkK2sxDt
3Ci0PlCv71XWibTpH+KchCq2LZLfpF2nj4X3wzRGpj6xpD6EElEprIplUuSMGqbG
C4mhGxliVHH4sZ44DtdDCMdRWuP8+ZoCprHgAxdFuH0tFLcsPhjaVRvi45eJhkyu
Er7anHT254zJpPlkRg1X8WTb1QWh1N71TB3SRnJ7uAkocQyLoT2zBu197Iq4gSzW
UYX3HTcFqphRKbI+EARHfqJ69dAkTcbQO7mITEnQg6XnTzoN/9vr
-----END CERTIFICATE-----
Generated at Wed May 8 22:59:56 2024 by rpki-client on console-ams.rpki-client.org