Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/YV2wYhBb2LB94XS1BEIo77xhzKE.roa
File: YV2wYhBb2LB94XS1BEIo77xhzKE.roa (raw, json)
Hash identifier: o1EJFi0tmXxvdV98nnsnJVk65LmGfiNEPvdYi6fnN/o=
Subject key identifier: 61:5D:B0:62:10:5B:D8:B0:7D:E1:74:B5:04:42:28:EF:BC:61:CC:A1
Certificate issuer: /CN=22f344a63dcb70e89057deb8e2761dc45165881a
Certificate serial: 0192B315660EB9830BDC16AFD33E2CC75E80
Authority key identifier: 22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/YV2wYhBb2LB94XS1BEIo77xhzKE.roa
Signing time: Tue 22 Oct 2024 07:16:16 +0000
ROA not before: Tue 22 Oct 2024 07:16:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209372
IP address blocks: 85.28.32.0/23 maxlen: 23
85.28.34.0/24 maxlen: 24
85.28.35.0/24 maxlen: 24
85.28.36.0/22 maxlen: 22
85.28.40.0/23 maxlen: 23
85.28.42.0/24 maxlen: 24
85.28.43.0/24 maxlen: 24
85.28.44.0/23 maxlen: 23
85.28.48.0/22 maxlen: 22
85.28.52.0/23 maxlen: 23
85.28.54.0/23 maxlen: 23
85.28.56.0/24 maxlen: 24
85.28.57.0/24 maxlen: 24
85.28.58.0/24 maxlen: 24
85.28.59.0/24 maxlen: 24
85.28.60.0/22 maxlen: 22
85.28.60.0/24 maxlen: 24
85.28.62.0/24 maxlen: 24
109.238.200.0/24 maxlen: 24
109.238.203.0/24 maxlen: 24
109.238.205.0/24 maxlen: 24
194.31.156.0/22 maxlen: 22
194.31.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.mft
rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b3:15:66:0e:b9:83:0b:dc:16:af:d3:3e:2c:c7:5e:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f344a63dcb70e89057deb8e2761dc45165881a
Validity
Not Before: Oct 22 07:16:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=615db062105bd8b07de174b5044228efbc61cca1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:02:cd:c8:8d:74:e7:43:5a:23:e4:fa:c8:fa:
96:cd:70:36:de:96:cb:75:52:13:ac:de:32:d4:b8:
88:65:b2:ff:ea:a7:b0:72:9d:2d:22:4f:08:e6:e2:
53:7f:57:b6:66:81:8a:62:f8:49:12:06:ee:c5:ed:
2a:b4:5e:7c:42:51:55:79:d8:9c:ac:1e:6d:e7:59:
0a:1f:88:2c:76:e7:72:b7:32:60:a4:5a:f3:53:f8:
1b:b5:8d:b2:b1:35:46:33:0c:45:79:ab:4d:bc:12:
2b:80:e3:b9:39:bc:4c:f0:0d:c5:2e:c1:eb:db:31:
66:e6:68:6b:d9:2f:2c:f1:e1:71:d1:d4:b9:3e:81:
87:6a:5d:7f:31:90:dc:80:5d:1d:4a:73:cf:9b:6a:
35:e3:eb:ec:6c:ca:6a:f4:14:2d:4e:13:2f:94:c9:
68:4c:f2:00:fd:39:84:46:49:b8:b1:a8:5c:fd:b9:
5d:32:45:f8:14:d7:af:34:34:4f:ff:70:d4:c7:5e:
6a:36:4f:f9:f7:a2:74:8b:3c:c9:94:0a:fe:17:e9:
16:a0:bd:20:fe:8a:62:12:f2:7c:51:ba:35:0f:8d:
eb:03:42:62:31:97:e7:19:6c:4a:f9:90:08:a2:14:
26:43:ba:01:90:40:7a:15:c3:33:12:5a:8c:8a:13:
9a:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:5D:B0:62:10:5B:D8:B0:7D:E1:74:B5:04:42:28:EF:BC:61:CC:A1
X509v3 Authority Key Identifier:
keyid:22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/YV2wYhBb2LB94XS1BEIo77xhzKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.28.32.0-85.28.45.255
85.28.48.0/20
109.238.200.0/24
109.238.203.0/24
109.238.205.0/24
194.31.156.0/22
Signature Algorithm: sha256WithRSAEncryption
75:a5:89:c0:e1:96:4c:6d:71:87:54:16:62:ca:83:bc:5c:81:
1e:27:bd:05:66:29:63:fa:37:4a:62:8a:42:53:85:69:43:89:
bc:31:36:76:82:c8:79:20:46:34:1d:00:ea:f3:76:ec:17:03:
5d:3d:6e:af:b5:94:3e:8f:5a:da:24:74:cd:85:d6:aa:38:31:
de:f4:dc:6b:e2:21:fd:cc:6c:a7:f7:5a:1a:99:a7:aa:97:f5:
b2:df:5e:3c:dc:32:3c:58:f0:6b:db:ec:9d:32:7a:be:6e:a0:
9f:eb:3f:cf:e4:0f:22:26:db:51:09:70:78:ad:a7:68:d7:04:
8e:f7:17:3e:66:b8:c5:7e:1c:3d:ca:57:db:cc:88:66:f1:f8:
f7:fb:04:9b:e4:0d:66:c9:82:57:4f:7b:d4:28:10:44:30:8e:
18:84:65:e0:c2:5b:39:4c:96:01:f9:46:68:26:db:ef:c8:b7:
f1:49:c1:dc:d0:8f:9e:6b:b8:f1:3b:08:01:90:de:9c:04:ae:
0b:1a:50:30:85:fa:9e:13:e0:5c:d3:cd:88:0f:4c:d4:1d:c7:
9e:4e:ab:37:4e:bf:18:94:6f:24:48:30:58:52:3e:f9:43:67:
b8:63:9a:e0:09:cd:aa:75:ab:ae:e0:b7:49:78:1b:44:d7:3b:
e2:9c:96:34
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZKzFWYOuYML3Bav0z4sx16AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjM0NGE2M2RjYjcwZTg5MDU3ZGViOGUyNzYxZGM0NTE2
NTg4MWEwHhcNMjQxMDIyMDcxNjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTVkYjA2MjEwNWJkOGIwN2RlMTc0YjUwNDQyMjhlZmJjNjFjY2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQLNyI1050NaI+T6yPqWzXA23pbL
dVITrN4y1LiIZbL/6qewcp0tIk8I5uJTf1e2ZoGKYvhJEgbuxe0qtF58QlFVedic
rB5t51kKH4gsdudytzJgpFrzU/gbtY2ysTVGMwxFeatNvBIrgOO5ObxM8A3FLsHr
2zFm5mhr2S8s8eFx0dS5PoGHal1/MZDcgF0dSnPPm2o14+vsbMpq9BQtThMvlMlo
TPIA/TmERkm4sahc/bldMkX4FNevNDRP/3DUx15qNk/596J0izzJlAr+F+kWoL0g
/opiEvJ8Ubo1D43rA0JiMZfnGWxK+ZAIohQmQ7oBkEB6FcMzElqMihOa0wIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFGFdsGIQW9iwfeF0tQRCKO+8YcyhMB8GA1UdIwQY
MBaAFCLzRKY9y3DokFfeuOJ2HcRRZYgaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5Yzct
ZmViYjY0YjVlMTY0LzEvWVYyd1loQmIyTEI5NFhTMUJFSW83N3hoektFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5YzctZmViYjY0YjVlMTY0
LzEvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBAVVHCAD
BAFVHCwDBARVHDADBABt7sgDBABt7ssDBABt7s0DBALCH5wwDQYJKoZIhvcNAQEL
BQADggEBAHWlicDhlkxtcYdUFmLKg7xcgR4nvQVmKWP6N0piikJThWlDibwxNnaC
yHkgRjQdAOrzduwXA109bq+1lD6PWtokdM2F1qo4Md703GviIf3MbKf3WhqZp6qX
9bLfXjzcMjxY8Gvb7J0yer5uoJ/rP8/kDyIm21EJcHitp2jXBI73Fz5muMV+HD3K
V9vMiGbx+Pf7BJvkDWbJgldPe9QoEEQwjhiEZeDCWzlMlgH5Rmgm2+/It/FJwdzQ
j55ruPE7CAGQ3pwErgsaUDCF+p4T4FzTzYgPTNQdx55OqzdOvxiUbyRIMFhSPvlD
Z7hjmuAJzap1q67gt0l4G0TXO+KcljQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:01:14 2024 by rpki-client on console-fra.rpki-client.org