Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/yarR2uScHV73oe0TXy1hUnxTlVc.roa
File: yarR2uScHV73oe0TXy1hUnxTlVc.roa (raw, json)
Hash identifier: c7hRApIT53c6x3dFu2cqPS7OEdZ3Y00ueDkIEvDgyMw=
Subject key identifier: C9:AA:D1:DA:E4:9C:1D:5E:F7:A1:ED:13:5F:2D:61:52:7C:53:95:57
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 018D6984EFA0E23BD66FD0EBDAAD677560D4
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/yarR2uScHV73oe0TXy1hUnxTlVc.roa
Signing time: Fri 02 Feb 2024 11:12:16 +0000
ROA not before: Fri 02 Feb 2024 11:12:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198193
IP address blocks: 5.61.208.0/23 maxlen: 23
5.181.96.0/23 maxlen: 23
5.187.35.0/24 maxlen: 24
5.187.36.0/23 maxlen: 23
31.214.155.0/24 maxlen: 24
37.252.98.0/24 maxlen: 24
37.252.100.0/24 maxlen: 24
37.252.101.0/24 maxlen: 24
46.251.250.0/24 maxlen: 24
46.253.139.0/24 maxlen: 24
84.247.19.0/24 maxlen: 24
85.204.168.0/23 maxlen: 23
85.204.170.0/23 maxlen: 23
89.32.64.0/24 maxlen: 24
89.32.65.0/24 maxlen: 24
89.32.66.0/24 maxlen: 24
89.32.67.0/24 maxlen: 24
89.44.35.0/24 maxlen: 24
89.44.36.0/22 maxlen: 22
95.156.203.0/24 maxlen: 24
158.255.239.0/24 maxlen: 24
162.33.200.0/22 maxlen: 22
162.33.204.0/22 maxlen: 22
162.33.204.0/24 maxlen: 24
162.33.205.0/24 maxlen: 24
162.33.206.0/24 maxlen: 24
162.33.207.0/24 maxlen: 24
185.66.172.0/24 maxlen: 24
185.66.174.0/24 maxlen: 24
185.75.22.0/23 maxlen: 23
185.86.208.0/23 maxlen: 23
185.88.200.0/23 maxlen: 23
185.88.202.0/23 maxlen: 23
185.193.241.0/24 maxlen: 24
185.206.121.0/24 maxlen: 24
185.212.114.0/24 maxlen: 24
185.225.8.0/24 maxlen: 24
217.61.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.mft
rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:69:84:ef:a0:e2:3b:d6:6f:d0:eb:da:ad:67:75:60:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Feb 2 11:12:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9aad1dae49c1d5ef7a1ed135f2d61527c539557
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:e1:90:d3:1a:60:69:fb:17:40:4d:f6:c3:aa:
c8:44:54:b8:5b:59:87:0e:a4:2f:4e:dd:56:e5:a2:
98:c4:fd:cf:ae:68:f2:2e:11:1a:8b:53:93:4e:f0:
e3:24:5f:b8:6b:7a:cb:e1:6f:77:2a:b2:86:d9:d4:
ee:e0:79:ae:ff:ce:a8:28:03:aa:55:40:28:9b:d4:
7f:37:62:22:c7:e8:b5:fd:2f:f7:7c:7f:44:55:46:
f0:81:78:bc:b0:75:ea:cb:5c:43:29:88:46:b5:f2:
2e:26:23:20:da:01:48:37:be:bb:44:d3:a7:a0:f2:
7b:89:3e:95:54:03:33:a0:e6:f3:19:2e:28:57:22:
ae:1f:25:22:ab:a3:73:1b:8b:27:bf:4e:48:a7:76:
67:da:06:37:45:99:8f:67:8f:62:9f:d8:2e:f4:5f:
0c:8c:e4:af:67:ab:13:36:4a:b5:c1:de:c4:83:d6:
0d:2e:74:3b:87:b5:af:4b:37:5c:67:6e:e6:9c:50:
f9:e4:02:4e:8d:a9:11:b9:3c:bd:60:ba:fe:f5:8a:
78:a3:60:fb:68:ae:f1:57:76:6a:96:8a:5d:46:2d:
82:e0:a8:83:fe:0e:27:70:26:ed:b9:fc:51:e7:72:
55:8d:8c:3b:e0:5b:06:81:be:67:6e:22:5e:c3:4d:
01:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:AA:D1:DA:E4:9C:1D:5E:F7:A1:ED:13:5F:2D:61:52:7C:53:95:57
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/yarR2uScHV73oe0TXy1hUnxTlVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.208.0/23
5.181.96.0/23
5.187.35.0-5.187.37.255
31.214.155.0/24
37.252.98.0/24
37.252.100.0/23
46.251.250.0/24
46.253.139.0/24
84.247.19.0/24
85.204.168.0/22
89.32.64.0/22
89.44.35.0-89.44.39.255
95.156.203.0/24
158.255.239.0/24
162.33.200.0/21
185.66.172.0/24
185.66.174.0/24
185.75.22.0/23
185.86.208.0/23
185.88.200.0/22
185.193.241.0/24
185.206.121.0/24
185.212.114.0/24
185.225.8.0/24
217.61.240.0/24
Signature Algorithm: sha256WithRSAEncryption
28:e6:3e:5f:3d:e3:7c:44:e3:78:54:c0:fd:28:0b:d9:9b:43:
dd:23:35:2a:7a:e8:10:8f:07:8f:a4:f8:67:3a:0a:e2:55:ff:
75:77:7f:0e:21:69:87:47:c4:54:a9:bd:8a:cf:3b:4f:20:92:
f0:51:1a:3a:b1:36:aa:1b:0e:c5:6e:03:f5:8d:cb:29:67:26:
47:4d:f7:0d:36:8b:fb:ec:12:bf:d5:a4:6f:e0:35:d1:7d:87:
9d:e3:b1:25:31:17:a4:40:97:db:43:43:a6:7a:c8:5b:a4:0a:
67:03:ce:a4:b2:8a:ad:ef:c5:6c:bb:1a:2d:92:08:10:80:61:
a4:5b:6a:14:12:c8:5a:77:25:fd:7f:21:8c:41:cb:ae:bf:2a:
69:fd:a0:c1:ef:05:c8:90:65:b3:e5:9b:a5:3c:47:c1:5d:a4:
44:cc:d5:58:1e:25:69:63:30:7a:9a:28:c0:bf:be:2c:14:97:
7c:8e:97:22:5c:32:98:f8:6b:65:4a:1e:3c:10:ea:e0:ef:1c:
87:33:fd:bc:51:17:90:b6:f6:ad:35:a5:ee:d2:78:8d:44:5c:
1e:ae:4b:62:5e:23:ff:a6:66:94:96:fa:36:9d:bb:8a:e7:c4:
5d:e2:b0:f0:72:99:f5:25:5e:f1:37:d4:ae:79:5f:e8:8b:6d:
b7:e1:02:09
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAY1phO+g4jvWb9Dr2q1ndWDUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjQwMjAyMTExMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWFhZDFkYWU0OWMxZDVlZjdhMWVkMTM1ZjJkNjE1MjdjNTM5NTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1eGQ0xpgafsXQE32w6rIRFS4W1mH
DqQvTt1W5aKYxP3PrmjyLhEai1OTTvDjJF+4a3rL4W93KrKG2dTu4Hmu/86oKAOq
VUAom9R/N2Iix+i1/S/3fH9EVUbwgXi8sHXqy1xDKYhGtfIuJiMg2gFIN767RNOn
oPJ7iT6VVAMzoObzGS4oVyKuHyUiq6NzG4snv05Ip3Zn2gY3RZmPZ49in9gu9F8M
jOSvZ6sTNkq1wd7Eg9YNLnQ7h7WvSzdcZ27mnFD55AJOjakRuTy9YLr+9Yp4o2D7
aK7xV3ZqlopdRi2C4KiD/g4ncCbtufxR53JVjYw74FsGgb5nbiJew00BfQIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFMmq0drknB1e96HtE18tYVJ8U5VXMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEveWFyUjJ1U2NIVjczb2UwVFh5MWhVbnhUbFZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHDBggrBgEFBQcBBwEB/wSBszCBsDCBrQQCAAEwgaYDBAEF
PdADBAEFtWAwDAMEAAW7IwMEAQW7JAMEAB/WmwMEACX8YgMEASX8ZAMEAC77+gME
AC79iwMEAFT3EwMEAlXMqAMEAlkgQDAMAwQAWSwjAwQDWSwgAwQAX5zLAwQAnv/v
AwQDoiHIAwQAuUKsAwQAuUKuAwQBuUsWAwQBuVbQAwQCuVjIAwQAucHxAwQAuc55
AwQAudRyAwQAueEIAwQA2T3wMA0GCSqGSIb3DQEBCwUAA4IBAQAo5j5fPeN8RON4
VMD9KAvZm0PdIzUqeugQjwePpPhnOgriVf91d38OIWmHR8RUqb2KzztPIJLwURo6
sTaqGw7FbgP1jcspZyZHTfcNNov77BK/1aRv4DXRfYed47ElMRekQJfbQ0Omeshb
pApnA86ksoqt78VsuxotkggQgGGkW2oUEshadyX9fyGMQcuuvypp/aDB7wXIkGWz
5ZulPEfBXaREzNVYHiVpYzB6mijAv74sFJd8jpciXDKY+GtlSh48EOrg7xyHM/28
UReQtvatNaXu0niNRFwerktiXiP/pmaUlvo2nbuK58Rd4rDwcpn1JV7xN9SueV/o
i2234QIJ
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:56:55 2024 by rpki-client on console-ams.rpki-client.org