Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/YTDoyE_yq7saaMex7z_gHQvF1NQ.roa
File: YTDoyE_yq7saaMex7z_gHQvF1NQ.roa (raw, json)
Hash identifier: 9jjva+AnXUr3iNerkLLHau0NDfhlkgvVdTNxPNRSTd4=
Subject key identifier: 61:30:E8:C8:4F:F2:AB:BB:1A:68:C7:B1:EF:3F:E0:1D:0B:C5:D4:D4
Certificate issuer: /CN=037862b4608c79f450295ec5c80c7c7ad6dfe2a2
Certificate serial: 01942521CA212648782FA037756562AFCA86
Authority key identifier: 03:78:62:B4:60:8C:79:F4:50:29:5E:C5:C8:0C:7C:7A:D6:DF:E2:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A3hitGCMefRQKV7FyAx8etbf4qI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/YTDoyE_yq7saaMex7z_gHQvF1NQ.roa
Signing time: Thu 02 Jan 2025 03:49:18 +0000
ROA not before: Thu 02 Jan 2025 03:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60609
IP address blocks: 185.37.212.0/24 maxlen: 24
185.37.213.0/24 maxlen: 24
185.37.214.0/24 maxlen: 24
185.37.215.0/24 maxlen: 24
185.77.156.0/24 maxlen: 24
185.77.157.0/24 maxlen: 24
185.77.159.0/24 maxlen: 24
185.86.11.0/24 maxlen: 24
185.158.168.0/23 maxlen: 23
185.158.170.0/23 maxlen: 23
185.158.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/A3hitGCMefRQKV7FyAx8etbf4qI.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/A3hitGCMefRQKV7FyAx8etbf4qI.mft
rsync://rpki.ripe.net/repository/DEFAULT/A3hitGCMefRQKV7FyAx8etbf4qI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 21:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:ca:21:26:48:78:2f:a0:37:75:65:62:af:ca:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=037862b4608c79f450295ec5c80c7c7ad6dfe2a2
Validity
Not Before: Jan 2 03:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6130e8c84ff2abbb1a68c7b1ef3fe01d0bc5d4d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:fa:b4:17:46:30:ce:ef:0e:7e:27:f5:0d:05:
0f:e5:b2:23:89:5b:af:a8:07:72:51:b0:82:67:b1:
2a:82:d0:fa:0b:1b:2e:d5:e8:c7:73:7f:65:49:7e:
62:9e:1b:ab:9d:2d:2d:1e:1b:a2:86:da:b6:3a:b7:
20:17:0e:77:af:bd:d4:a3:a0:e5:4e:38:4d:7c:bd:
72:fe:8c:28:14:65:4b:03:44:d1:a4:55:d4:da:67:
d5:de:bb:1b:03:6f:7e:e7:55:3b:b1:52:cb:16:45:
50:04:6d:75:12:03:db:c1:02:0e:9b:d2:99:fc:03:
1c:79:bb:72:11:03:8d:f6:06:2c:27:dd:ea:79:34:
1e:64:97:ed:f6:ec:61:55:03:96:10:90:6c:f4:1f:
50:be:f2:b6:70:30:1d:e7:5a:fe:9d:10:22:d4:d7:
31:2d:13:34:27:8f:45:cb:f2:52:74:4e:87:88:a0:
13:ef:59:6f:64:86:14:28:d2:e3:0b:42:6f:f3:12:
a6:b0:23:4d:cc:8e:71:f5:31:3f:e3:ec:e1:bc:78:
f3:f1:b8:f5:cf:f8:31:a2:58:a6:d4:03:34:b9:c8:
58:38:6b:c6:2b:6f:b6:e7:41:64:69:22:72:e2:df:
b1:67:04:64:da:aa:24:c8:59:d5:5c:c3:dd:ca:c6:
2c:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:30:E8:C8:4F:F2:AB:BB:1A:68:C7:B1:EF:3F:E0:1D:0B:C5:D4:D4
X509v3 Authority Key Identifier:
keyid:03:78:62:B4:60:8C:79:F4:50:29:5E:C5:C8:0C:7C:7A:D6:DF:E2:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A3hitGCMefRQKV7FyAx8etbf4qI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/YTDoyE_yq7saaMex7z_gHQvF1NQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/A3hitGCMefRQKV7FyAx8etbf4qI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.212.0/22
185.77.156.0/23
185.77.159.0/24
185.86.11.0/24
185.158.168.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:35:a3:ae:8e:4c:09:8e:2f:56:93:84:4a:c8:37:5f:fb:77:
7d:6d:5a:09:fc:52:78:a5:45:b2:94:23:d2:74:d2:e3:97:e3:
10:ef:6a:fa:c8:4c:3b:56:d2:bc:01:0e:fe:84:b4:88:76:eb:
b2:09:26:28:e0:16:e6:79:6d:40:1e:b3:84:40:b3:2a:4f:64:
d1:07:b5:65:cc:b1:f3:75:ac:f3:d6:df:b8:c6:e3:72:bd:1b:
84:b7:e3:ee:dc:ae:6a:fa:6c:88:67:66:f2:bb:ee:a7:0e:bb:
55:a7:83:5c:15:11:6d:40:8a:6b:ae:b7:87:4e:c4:04:8a:a4:
93:f6:14:14:f8:6a:3b:45:ad:23:e8:92:28:31:d2:66:d6:1a:
ca:4c:e7:7e:9c:3d:83:db:22:ad:dd:77:33:f2:41:27:5b:2b:
ed:43:ce:18:63:0a:bd:48:af:da:c9:e7:df:23:06:66:4e:0c:
01:dc:4f:58:18:d8:62:84:01:4d:1c:7b:4a:98:d3:24:fe:0c:
c0:ce:a5:c6:6b:a7:13:0c:2d:e3:ab:7b:6b:0e:39:43:a1:09:
21:e4:a7:c6:d4:87:95:dd:b3:9d:5d:2d:e3:eb:f8:2b:bb:0d:
e4:9f:60:fb:c4:86:9f:89:9d:ba:f3:e0:19:7b:f9:7e:91:23:
74:9f:91:8c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQlIcohJkh4L6A3dWVir8qGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNzg2MmI0NjA4Yzc5ZjQ1MDI5NWVjNWM4MGM3YzdhZDZk
ZmUyYTIwHhcNMjUwMTAyMDM0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTMwZThjODRmZjJhYmJiMWE2OGM3YjFlZjNmZTAxZDBiYzVkNGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPq0F0Ywzu8Ofif1DQUP5bIjiVuv
qAdyUbCCZ7EqgtD6Cxsu1ejHc39lSX5inhurnS0tHhuihtq2OrcgFw53r73Uo6Dl
TjhNfL1y/owoFGVLA0TRpFXU2mfV3rsbA29+51U7sVLLFkVQBG11EgPbwQIOm9KZ
/AMcebtyEQON9gYsJ93qeTQeZJft9uxhVQOWEJBs9B9QvvK2cDAd51r+nRAi1Ncx
LRM0J49Fy/JSdE6HiKAT71lvZIYUKNLjC0Jv8xKmsCNNzI5x9TE/4+zhvHjz8bj1
z/gxolim1AM0uchYOGvGK2+250FkaSJy4t+xZwRk2qokyFnVXMPdysYs7wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGEw6MhP8qu7GmjHse8/4B0LxdTUMB8GA1UdIwQY
MBaAFAN4YrRgjHn0UClexcgMfHrW3+KiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTNoaXRHQ01lZlJRS1Y3RnlBeDhldGJmNHFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8xYWZlNTMtZjFiOC00MzE1LWFiMWMt
ZjQ3NGY3YmQzNTMxLzEvWVREb3lFX3lxN3NhYU1leDd6X2dIUXZGMU5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8xYWZlNTMtZjFiOC00MzE1LWFiMWMtZjQ3NGY3YmQzNTMx
LzEvQTNoaXRHQ01lZlJRS1Y3RnlBeDhldGJmNHFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCuSXUAwQB
uU2cAwQAuU2fAwQAuVYLAwQCuZ6oMA0GCSqGSIb3DQEBCwUAA4IBAQCfNaOujkwJ
ji9Wk4RKyDdf+3d9bVoJ/FJ4pUWylCPSdNLjl+MQ72r6yEw7VtK8AQ7+hLSIduuy
CSYo4BbmeW1AHrOEQLMqT2TRB7VlzLHzdazz1t+4xuNyvRuEt+Pu3K5q+myIZ2by
u+6nDrtVp4NcFRFtQIprrreHTsQEiqST9hQU+Go7Ra0j6JIoMdJm1hrKTOd+nD2D
2yKt3Xcz8kEnWyvtQ84YYwq9SK/ayeffIwZmTgwB3E9YGNhihAFNHHtKmNMk/gzA
zqXGa6cTDC3jq3trDjlDoQkh5KfG1IeV3bOdXS3j6/gruw3kn2D7xIafiZ268+AZ
e/l+kSN0n5GM
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:49:47 2025 by rpki-client