Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YoFhlhtgRdK_FuBFq3Lr9I51VfM.roa
File: YoFhlhtgRdK_FuBFq3Lr9I51VfM.roa (raw, json)
Hash identifier: 8XIhuH854X1fLJUEizEUo4H+ryAhCe6clgZW3TG9Blk=
Subject key identifier: 62:81:61:96:1B:60:45:D2:BF:16:E0:45:AB:72:EB:F4:8E:75:55:F3
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0194222026D08896FB7AB6737533E30EC9BB
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YoFhlhtgRdK_FuBFq3Lr9I51VfM.roa
Signing time: Wed 01 Jan 2025 13:48:39 +0000
ROA not before: Wed 01 Jan 2025 13:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64289
IP address blocks: 37.46.150.0/24 maxlen: 24
45.80.156.0/24 maxlen: 24
45.90.184.0/24 maxlen: 24
45.90.185.0/24 maxlen: 24
45.90.186.0/23 maxlen: 24
91.190.106.0/24 maxlen: 24
185.241.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:26:d0:88:96:fb:7a:b6:73:75:33:e3:0e:c9:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 13:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=628161961b6045d2bf16e045ab72ebf48e7555f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e8:36:bb:07:1c:72:1d:b4:97:da:5d:29:ab:
0f:10:5d:46:cf:f1:b9:09:9f:69:14:bd:e8:2c:7f:
93:52:c6:99:a8:20:31:27:09:e4:e3:51:77:6c:71:
9b:ac:27:a0:7b:95:cc:30:9b:dd:e4:d7:63:d5:b9:
1d:cc:e2:15:0b:88:22:07:ce:67:be:78:9c:e5:95:
7b:88:a6:03:40:07:6f:fe:f7:9d:92:02:da:2d:77:
10:3c:a7:13:62:34:33:af:3b:4c:ca:3a:c3:74:71:
7c:56:f9:5e:00:e5:d6:73:f2:d5:74:15:3c:aa:fe:
6b:f9:e4:ad:56:a1:0d:d8:41:ff:26:6a:f8:04:f6:
19:e0:7d:d6:11:d3:aa:24:37:c4:a9:9c:76:65:4a:
ce:04:ca:30:45:8d:30:f4:2d:36:38:25:f9:47:9f:
64:44:09:35:c5:fe:eb:2e:3e:eb:43:ff:37:04:07:
6c:e8:f0:c6:8a:53:17:5c:0d:34:18:ec:c9:73:9d:
bf:31:c0:de:85:83:91:ce:65:4c:3a:a9:69:88:31:
5f:76:6f:64:ae:d5:d1:9a:1a:3b:c1:cc:44:bf:1a:
a0:ae:8c:86:86:11:03:a6:94:d4:6f:b1:2c:6a:6d:
f4:41:75:3b:b6:f4:a1:13:8d:a8:cb:83:16:46:f3:
4e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:81:61:96:1B:60:45:D2:BF:16:E0:45:AB:72:EB:F4:8E:75:55:F3
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/YoFhlhtgRdK_FuBFq3Lr9I51VfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.150.0/24
45.80.156.0/24
45.90.184.0/22
91.190.106.0/24
185.241.211.0/24
Signature Algorithm: sha256WithRSAEncryption
83:32:2f:ff:98:4d:fc:c3:52:2e:61:bb:65:f0:ef:75:e5:50:
23:5f:7a:72:b1:c0:1c:76:5a:1e:b6:b7:db:91:b0:84:11:75:
43:fe:9a:94:5c:9a:af:64:2b:c7:19:40:fd:38:d7:0f:06:10:
ad:b9:95:34:ee:ac:45:db:1c:5c:74:21:b3:57:4a:a2:91:df:
b3:0e:e9:82:78:0e:a8:e8:fd:7a:c9:37:61:8c:99:d0:f7:cb:
80:9d:eb:ac:fd:11:da:58:1c:53:1f:e3:0f:f1:5d:9e:a7:b4:
2e:42:89:a6:8b:1b:6b:30:55:1b:96:95:6d:c6:94:17:19:b9:
a4:20:df:45:54:fc:a2:be:44:d6:74:bb:30:ec:3f:ae:d2:a3:
8b:2a:4a:32:20:c4:17:d5:9d:84:dd:b8:2b:a4:f0:19:c7:d0:
69:3b:e6:de:9a:6d:44:56:b0:1f:29:3a:e8:f9:0c:3d:58:05:
d2:d2:ad:21:94:22:e0:26:6f:79:ca:f5:08:bf:82:c3:12:25:
61:40:64:41:58:8f:fe:4d:ba:b5:74:eb:41:71:ac:16:28:e2:
93:04:24:87:7b:06:dc:12:17:3a:32:0b:7a:01:1d:af:96:8b:
6f:ec:df:8c:64:12:4f:6c:84:63:56:21:1b:06:4b:0b:01:dc:
8d:99:66:9d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQiICbQiJb7erZzdTPjDsm7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjUwMTAxMTM0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjgxNjE5NjFiNjA0NWQyYmYxNmUwNDVhYjcyZWJmNDhlNzU1NWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+g2uwccch20l9pdKasPEF1Gz/G5
CZ9pFL3oLH+TUsaZqCAxJwnk41F3bHGbrCege5XMMJvd5Ndj1bkdzOIVC4giB85n
vnic5ZV7iKYDQAdv/vedkgLaLXcQPKcTYjQzrztMyjrDdHF8VvleAOXWc/LVdBU8
qv5r+eStVqEN2EH/Jmr4BPYZ4H3WEdOqJDfEqZx2ZUrOBMowRY0w9C02OCX5R59k
RAk1xf7rLj7rQ/83BAds6PDGilMXXA00GOzJc52/McDehYORzmVMOqlpiDFfdm9k
rtXRmho7wcxEvxqgroyGhhEDppTUb7Esam30QXU7tvShE42oy4MWRvNOtwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGKBYZYbYEXSvxbgRaty6/SOdVXzMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvWW9GaGxodGdSZEtfRnVCRnEzTHI5STUxVmZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAJS6WAwQA
LVCcAwQCLVq4AwQAW75qAwQAufHTMA0GCSqGSIb3DQEBCwUAA4IBAQCDMi//mE38
w1IuYbtl8O915VAjX3pyscAcdloetrfbkbCEEXVD/pqUXJqvZCvHGUD9ONcPBhCt
uZU07qxF2xxcdCGzV0qikd+zDumCeA6o6P16yTdhjJnQ98uAneus/RHaWBxTH+MP
8V2ep7QuQommixtrMFUblpVtxpQXGbmkIN9FVPyivkTWdLsw7D+u0qOLKkoyIMQX
1Z2E3bgrpPAZx9BpO+bemm1EVrAfKTro+Qw9WAXS0q0hlCLgJm95yvUIv4LDEiVh
QGRBWI/+Tbq1dOtBcawWKOKTBCSHewbcEhc6Mgt6AR2vlotv7N+MZBJPbIRjViEb
BksLAdyNmWad
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:47:35 2025 by rpki-client