Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/Y_naCEEHCfma3i8pNfmDWkQcbmU.roa
File: Y_naCEEHCfma3i8pNfmDWkQcbmU.roa (raw, json)
Hash identifier: gqZFQBMTm7vi6cwzZXQQX5Rv5FwZdIgkFy8LrrXY6pQ=
Subject key identifier: 63:F9:DA:08:41:07:09:F9:9A:DE:2F:29:35:F9:83:5A:44:1C:6E:65
Certificate issuer: /CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Certificate serial: 019026D7CA07B3EDDC750DC50FCF8723DFA6
Authority key identifier: C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/Y_naCEEHCfma3i8pNfmDWkQcbmU.roa
Signing time: Mon 17 Jun 2024 15:36:34 +0000
ROA not before: Mon 17 Jun 2024 15:36:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39405
IP address blocks: 45.153.92.0/22 maxlen: 24
93.93.40.0/21 maxlen: 24
141.0.200.0/21 maxlen: 24
185.116.128.0/22 maxlen: 24
185.117.16.0/22 maxlen: 24
185.224.32.0/24 maxlen: 24
185.224.33.0/24 maxlen: 24
185.224.34.0/24 maxlen: 24
185.244.72.0/22 maxlen: 24
185.246.24.0/24 maxlen: 24
185.246.25.0/24 maxlen: 24
185.247.86.0/23 maxlen: 24
185.249.184.0/22 maxlen: 24
185.253.92.0/22 maxlen: 24
193.84.73.0/24 maxlen: 24
2a01:6600::/32 maxlen: 32
2a0c:4400::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 29 Jun 2024 17:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:26:d7:ca:07:b3:ed:dc:75:0d:c5:0f:cf:87:23:df:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Validity
Not Before: Jun 17 15:36:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63f9da08410709f99ade2f2935f9835a441c6e65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:51:b4:cf:da:db:5e:d1:50:53:37:7d:66:d4:
da:44:40:aa:f4:b3:a4:44:90:66:c3:3d:0c:8d:9e:
40:fb:f7:51:11:eb:51:69:31:9d:53:0e:bf:a2:38:
1d:92:3a:85:b4:82:7d:42:17:67:c3:93:fc:2d:f5:
21:ac:6b:74:a9:f3:6f:3d:0c:ee:84:81:b9:6e:ff:
06:73:94:a7:6f:2d:89:1d:5a:84:2c:6e:89:09:d7:
26:6a:02:9e:fb:fc:88:df:7b:ad:a8:d9:d4:92:e7:
69:6f:66:1d:36:b0:9e:ea:11:24:a2:bf:f0:f4:0a:
1f:97:db:90:61:f6:e8:73:67:28:fc:0a:12:74:7b:
78:7e:b2:8f:54:96:60:48:b9:57:b5:21:d9:4f:1e:
ba:e2:0f:5a:eb:61:14:a5:0d:17:cc:78:63:1b:1b:
15:47:6e:8d:ac:86:7e:19:75:76:67:d1:dd:c2:67:
72:8b:ca:f5:0a:b9:5b:f3:14:23:1a:84:b4:45:3d:
9a:22:b4:8f:17:0b:46:ed:17:ed:70:55:00:c5:40:
fa:90:5a:83:db:ae:74:32:e1:01:47:a3:19:3c:dd:
1b:40:77:dd:1b:6f:08:5f:e9:91:26:98:6c:20:28:
2a:9e:f0:b3:64:65:6f:9d:6f:a9:3c:0f:65:3a:69:
84:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:F9:DA:08:41:07:09:F9:9A:DE:2F:29:35:F9:83:5A:44:1C:6E:65
X509v3 Authority Key Identifier:
keyid:C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/Y_naCEEHCfma3i8pNfmDWkQcbmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.92.0/22
93.93.40.0/21
141.0.200.0/21
185.116.128.0/22
185.117.16.0/22
185.224.32.0-185.224.34.255
185.244.72.0/22
185.246.24.0/23
185.247.86.0/23
185.249.184.0/22
185.253.92.0/22
193.84.73.0/24
IPv6:
2a01:6600::/32
2a0c:4400::/32
Signature Algorithm: sha256WithRSAEncryption
6e:f8:9f:02:fb:91:f5:77:07:c7:b5:bb:bd:2d:bb:3d:0f:9a:
59:b4:b5:3d:34:20:5c:5f:86:d3:d6:06:8c:0e:f0:5c:2e:cc:
7c:03:9f:46:7f:ca:f3:3d:c7:fb:cb:aa:c2:a2:52:d7:cf:c1:
a6:c9:6a:5b:98:a0:9a:dd:86:80:b6:a5:fc:11:a3:59:3d:df:
24:70:12:f6:b9:6f:87:1d:49:89:d0:f0:22:0b:0e:a8:b7:b7:
42:6d:94:1e:cc:8a:05:e7:c6:1e:1c:b5:30:ba:ec:66:8b:18:
11:c8:ba:59:09:6c:a0:cd:08:cc:d1:ec:91:aa:dd:25:60:bf:
b8:d2:4e:fe:4d:44:43:0a:ac:4d:68:52:c5:db:9c:97:4b:a0:
c1:3b:93:9e:5a:ce:6d:5f:10:24:33:35:ca:da:a7:d2:f0:4d:
a7:c4:21:f8:2a:4a:f6:16:e6:79:b3:2f:cc:15:82:6f:db:2d:
11:a4:80:ef:00:aa:32:28:55:41:fe:40:51:85:38:b9:45:ab:
a5:7a:af:bf:6e:18:f4:ae:64:35:03:20:25:be:c4:e6:56:aa:
30:ad:28:ea:91:f5:d1:86:8a:d6:b2:96:c4:2c:e8:96:63:e1:
a0:58:4a:80:26:fd:c0:9b:e7:2e:7e:6b:2c:30:37:2b:5b:af:
15:a5:be:92
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZAm18oHs+3cdQ3FD8+HI9+mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4YWNmNTlhYmQ0YWJiZmJmODMwYTA2MDIyNWE5NmEyMTc5
YTI2OTQwHhcNMjQwNjE3MTUzNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2Y5ZGEwODQxMDcwOWY5OWFkZTJmMjkzNWY5ODM1YTQ0MWM2ZTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5FG0z9rbXtFQUzd9ZtTaRECq9LOk
RJBmwz0MjZ5A+/dREetRaTGdUw6/ojgdkjqFtIJ9Qhdnw5P8LfUhrGt0qfNvPQzu
hIG5bv8Gc5Snby2JHVqELG6JCdcmagKe+/yI33utqNnUkudpb2YdNrCe6hEkor/w
9Aofl9uQYfboc2co/AoSdHt4frKPVJZgSLlXtSHZTx664g9a62EUpQ0XzHhjGxsV
R26NrIZ+GXV2Z9Hdwmdyi8r1Crlb8xQjGoS0RT2aIrSPFwtG7RftcFUAxUD6kFqD
2650MuEBR6MZPN0bQHfdG28IX+mRJphsICgqnvCzZGVvnW+pPA9lOmmEKQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFGP52ghBBwn5mt4vKTX5g1pEHG5lMB8GA1UdIwQY
MBaAFMis9Zq9Srv7+DCgYCJalqIXmiaUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQt
ODM4ZWJmNDEyYTYxLzEvWV9uYUNFRUhDZm1hM2k4cE5mbURXa1FjYm1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQtODM4ZWJmNDEyYTYx
LzEveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBWBAIAATBQAwQCLZlcAwQD
XV0oAwQDjQDIAwQCuXSAAwQCuXUQMAwDBAW54CADBAC54CIDBAK59EgDBAG59hgD
BAG591YDBAK5+bgDBAK5/VwDBADBVEkwFAQCAAIwDgMFACoBZgADBQAqDEQAMA0G
CSqGSIb3DQEBCwUAA4IBAQBu+J8C+5H1dwfHtbu9Lbs9D5pZtLU9NCBcX4bT1gaM
DvBcLsx8A59Gf8rzPcf7y6rColLXz8GmyWpbmKCa3YaAtqX8EaNZPd8kcBL2uW+H
HUmJ0PAiCw6ot7dCbZQezIoF58YeHLUwuuxmixgRyLpZCWygzQjM0eyRqt0lYL+4
0k7+TURDCqxNaFLF25yXS6DBO5OeWs5tXxAkMzXK2qfS8E2nxCH4Kkr2FuZ5sy/M
FYJv2y0RpIDvAKoyKFVB/kBRhTi5Rauleq+/bhj0rmQ1AyAlvsTmVqowrSjqkfXR
horWspbELOiWY+GgWEqAJv3Am+cufmssMDcrW68Vpb6S
-----END CERTIFICATE-----
Generated at Sat Jun 29 01:35:30 2024 by rpki-client on console-fra.rpki-client.org