Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YndBtSknf58N7cXVqfbaGnB328Q.roa
File: YndBtSknf58N7cXVqfbaGnB328Q.roa (raw, json)
Hash identifier: Yrw4VEJGaSxjsISoB/hBVqAZsMKa0d/OMMUHWOX9Gjg=
Subject key identifier: 62:77:41:B5:29:27:7F:9F:0D:ED:C5:D5:A9:F6:DA:1A:70:77:DB:C4
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01942220330EFA5668861230CC141EBC2BF1
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YndBtSknf58N7cXVqfbaGnB328Q.roa
Signing time: Wed 01 Jan 2025 13:48:43 +0000
ROA not before: Wed 01 Jan 2025 13:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206092
IP address blocks: 45.67.96.0/24 maxlen: 24
45.130.80.0/24 maxlen: 24
45.130.81.0/24 maxlen: 24
45.130.83.0/24 maxlen: 24
45.135.186.0/24 maxlen: 24
45.140.135.0/24 maxlen: 24
89.38.70.0/24 maxlen: 24
89.47.15.0/24 maxlen: 24
91.217.249.0/24 maxlen: 24
185.192.16.0/24 maxlen: 24
185.192.71.0/24 maxlen: 24
188.212.135.0/24 maxlen: 24
193.19.109.0/24 maxlen: 24
203.26.81.0/24 maxlen: 24
203.159.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:33:0e:fa:56:68:86:12:30:cc:14:1e:bc:2b:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 13:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=627741b529277f9f0dedc5d5a9f6da1a7077dbc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:ba:c0:c6:26:63:80:e4:c6:59:08:84:27:c3:
da:bb:4e:f3:9c:55:9a:99:a8:67:16:8e:50:35:65:
1d:36:ff:fb:5b:7c:4a:58:d6:69:a6:d2:d2:b5:ae:
1e:70:c6:04:0d:d4:8e:4f:09:9b:de:65:ef:f7:66:
50:61:c2:e8:5e:3a:43:00:ce:76:58:5b:9c:bf:e0:
84:71:b4:19:60:97:c6:6d:2b:7d:c9:60:ec:6a:1a:
68:54:04:09:4f:d8:da:17:ab:34:26:12:da:93:7a:
99:58:d8:15:47:33:f1:3a:f8:54:ae:1a:72:b6:b1:
7f:cf:a2:d5:a9:f1:da:aa:e9:df:29:4b:0c:da:62:
b7:68:8e:88:98:9a:a6:8c:d8:9e:c3:a2:02:d7:83:
0d:dc:71:8b:16:0b:73:0f:dd:a5:a1:0c:08:97:c0:
30:47:f0:ec:27:ea:2c:38:92:30:ba:36:ba:41:30:
d6:9e:e0:ed:2b:cc:1d:86:9b:10:b3:93:b5:fb:46:
a9:b3:27:45:e2:cb:68:fb:2c:9f:ea:de:aa:31:a8:
2f:3a:99:b6:dd:9f:12:01:53:0a:62:fb:5b:17:e6:
5a:2b:dc:b0:f7:dc:6e:26:d2:5c:6a:da:bd:cf:4d:
b3:62:3d:32:2f:f0:d7:b9:e1:9e:10:50:e0:46:8d:
34:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:77:41:B5:29:27:7F:9F:0D:ED:C5:D5:A9:F6:DA:1A:70:77:DB:C4
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YndBtSknf58N7cXVqfbaGnB328Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.96.0/24
45.130.80.0/23
45.130.83.0/24
45.135.186.0/24
45.140.135.0/24
89.38.70.0/24
89.47.15.0/24
91.217.249.0/24
185.192.16.0/24
185.192.71.0/24
188.212.135.0/24
193.19.109.0/24
203.26.81.0/24
203.159.81.0/24
Signature Algorithm: sha256WithRSAEncryption
68:39:83:33:a3:c6:3e:bb:94:6b:a4:cd:8b:18:a3:a3:98:b1:
95:b2:fc:d7:8e:e4:d7:29:a1:b6:14:ae:6b:f5:1a:a5:ac:73:
cc:6e:c8:05:b3:df:10:64:3d:bb:22:a4:ab:bd:9c:39:0b:ff:
d6:6f:44:5b:c9:a2:c9:f7:0c:6f:1f:b1:d4:36:f7:be:91:be:
a6:57:2b:f5:c5:d7:cd:fd:0f:48:d4:b7:b8:31:86:d8:3b:81:
d5:c0:61:1d:24:7b:9b:cf:b5:00:45:82:cb:eb:b9:71:d6:9b:
0b:75:8a:d1:59:51:cc:a4:08:86:7e:da:81:63:64:b5:8b:3e:
b5:9f:38:e5:c4:c0:45:dc:9a:f2:a9:cd:7e:19:a9:9a:ba:6d:
d9:9b:7f:53:a6:89:08:de:35:92:64:b2:d2:c7:46:19:9b:74:
ec:42:0a:b7:ba:90:aa:5b:4b:10:39:27:f3:23:4b:86:73:67:
af:9c:ae:e2:d1:a7:49:58:32:d5:76:57:48:72:4f:52:54:34:
bf:76:e3:d2:59:47:60:78:61:2f:10:ed:eb:57:cb:44:8a:1a:
8d:19:99:0b:2f:4e:fc:fd:07:9f:b6:29:14:6a:d0:76:cb:c2:
e7:85:ef:b8:2a:1c:df:53:1e:1d:43:77:ad:8b:14:70:77:54:
d3:05:00:0d
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZQiIDMO+lZohhIwzBQevCvxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjUwMTAxMTM0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Mjc3NDFiNTI5Mjc3ZjlmMGRlZGM1ZDVhOWY2ZGExYTcwNzdkYmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbrAxiZjgOTGWQiEJ8Pau07znFWa
mahnFo5QNWUdNv/7W3xKWNZpptLSta4ecMYEDdSOTwmb3mXv92ZQYcLoXjpDAM52
WFucv+CEcbQZYJfGbSt9yWDsahpoVAQJT9jaF6s0JhLak3qZWNgVRzPxOvhUrhpy
trF/z6LVqfHaqunfKUsM2mK3aI6ImJqmjNiew6IC14MN3HGLFgtzD92loQwIl8Aw
R/DsJ+osOJIwuja6QTDWnuDtK8wdhpsQs5O1+0apsydF4sto+yyf6t6qMagvOpm2
3Z8SAVMKYvtbF+ZaK9yw99xuJtJcatq9z02zYj0yL/DXueGeEFDgRo00lQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFGJ3QbUpJ3+fDe3F1an22hpwd9vEMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvWW5kQnRTa25mNThON2NYVnFmYmFHbkIzMjhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQALUNgAwQB
LYJQAwQALYJTAwQALYe6AwQALYyHAwQAWSZGAwQAWS8PAwQAW9n5AwQAucAQAwQA
ucBHAwQAvNSHAwQAwRNtAwQAyxpRAwQAy59RMA0GCSqGSIb3DQEBCwUAA4IBAQBo
OYMzo8Y+u5RrpM2LGKOjmLGVsvzXjuTXKaG2FK5r9RqlrHPMbsgFs98QZD27IqSr
vZw5C//Wb0RbyaLJ9wxvH7HUNve+kb6mVyv1xdfN/Q9I1Le4MYbYO4HVwGEdJHub
z7UARYLL67lx1psLdYrRWVHMpAiGftqBY2S1iz61nzjlxMBF3Jryqc1+Gamaum3Z
m39TpokI3jWSZLLSx0YZm3TsQgq3upCqW0sQOSfzI0uGc2evnK7i0adJWDLVdldI
ck9SVDS/duPSWUdgeGEvEO3rV8tEihqNGZkLL078/QeftikUatB2y8Lnhe+4Khzf
Ux4dQ3etixRwd1TTBQAN
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:45:47 2025 by rpki-client