Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/0cb2f9-8ef9-4eeb-962a-d8b4e0d0d6d5/1/YR4Mykm5WAmBOPtUiAJR9aA2ZP4.roa
File: YR4Mykm5WAmBOPtUiAJR9aA2ZP4.roa (raw, json)
Hash identifier: YauZjfnwU9X9l8XsstNAOs4CW/zhQvCYDGwtTLdiwro=
Subject key identifier: 61:1E:0C:CA:49:B9:58:09:81:38:FB:54:88:02:51:F5:A0:36:64:FE
Certificate issuer: /CN=dc3884021d1b02e8c16b555743dfeb9da8e48e31
Certificate serial: 018CC3B74200C6034511D053B7117325D06F
Authority key identifier: DC:38:84:02:1D:1B:02:E8:C1:6B:55:57:43:DF:EB:9D:A8:E4:8E:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3DiEAh0bAujBa1VXQ9_rnajkjjE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/0cb2f9-8ef9-4eeb-962a-d8b4e0d0d6d5/1/YR4Mykm5WAmBOPtUiAJR9aA2ZP4.roa
Signing time: Mon 01 Jan 2024 06:30:16 +0000
ROA not before: Mon 01 Jan 2024 06:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20853
IP address blocks: 185.73.228.0/22 maxlen: 32
185.7.104.0/22 maxlen: 32
79.133.192.0/19 maxlen: 32
77.95.236.0/22 maxlen: 32
77.95.234.0/23 maxlen: 32
185.40.196.0/22 maxlen: 32
91.250.243.0/24 maxlen: 32
31.31.168.0/21 maxlen: 32
80.72.32.0/20 maxlen: 32
185.30.124.0/22 maxlen: 32
2a05:4480::/29 maxlen: 29
2a00:c90::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/0cb2f9-8ef9-4eeb-962a-d8b4e0d0d6d5/1/3DiEAh0bAujBa1VXQ9_rnajkjjE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/0cb2f9-8ef9-4eeb-962a-d8b4e0d0d6d5/1/3DiEAh0bAujBa1VXQ9_rnajkjjE.mft
rsync://rpki.ripe.net/repository/DEFAULT/3DiEAh0bAujBa1VXQ9_rnajkjjE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 12 May 2024 12:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:42:00:c6:03:45:11:d0:53:b7:11:73:25:d0:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc3884021d1b02e8c16b555743dfeb9da8e48e31
Validity
Not Before: Jan 1 06:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=611e0cca49b958098138fb54880251f5a03664fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:5f:16:d9:f3:d3:40:6d:b9:86:aa:a8:db:28:
5c:b4:b4:3d:12:75:b0:b8:21:93:81:9d:59:d4:85:
4c:35:76:ea:f4:e6:cc:3d:95:2c:5d:94:36:ba:66:
88:2b:d5:6c:d5:d2:d4:79:b3:0f:46:88:36:4b:6e:
89:67:d3:8d:3d:94:20:8a:8b:5f:b6:49:04:ec:e8:
09:c5:de:e9:5b:b1:57:30:5e:0b:7a:66:82:8a:98:
b7:88:13:78:b5:03:77:03:b8:e4:a1:ce:ee:5e:5b:
0d:b2:90:1b:22:8f:6b:16:c9:8f:7d:0e:46:a5:41:
98:51:b3:86:bc:53:ad:12:50:8f:ba:92:21:be:a3:
c6:0a:3f:f2:b9:6d:8d:73:54:52:14:e1:f1:1c:5f:
ec:a0:12:92:28:c6:d7:06:61:d4:f2:2e:3d:f3:f5:
f7:78:fb:6d:56:ba:9f:fd:de:0f:03:a4:96:fa:b8:
57:8d:5f:fb:81:b5:b2:17:70:44:bb:99:1c:fe:08:
30:28:c8:eb:1f:dd:c3:3f:a9:52:71:97:c6:0e:38:
7b:22:af:83:aa:f9:f3:be:83:f6:b8:0e:24:cb:f8:
4d:d5:f4:76:2e:60:f5:3c:6b:91:ec:25:d5:6b:14:
e4:8a:d0:c8:a8:31:ba:c3:49:7e:70:dd:82:6b:e5:
4d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:1E:0C:CA:49:B9:58:09:81:38:FB:54:88:02:51:F5:A0:36:64:FE
X509v3 Authority Key Identifier:
keyid:DC:38:84:02:1D:1B:02:E8:C1:6B:55:57:43:DF:EB:9D:A8:E4:8E:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3DiEAh0bAujBa1VXQ9_rnajkjjE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/0cb2f9-8ef9-4eeb-962a-d8b4e0d0d6d5/1/YR4Mykm5WAmBOPtUiAJR9aA2ZP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/0cb2f9-8ef9-4eeb-962a-d8b4e0d0d6d5/1/3DiEAh0bAujBa1VXQ9_rnajkjjE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.31.168.0/21
77.95.234.0-77.95.239.255
79.133.192.0/19
80.72.32.0/20
91.250.243.0/24
185.7.104.0/22
185.30.124.0/22
185.40.196.0/22
185.73.228.0/22
IPv6:
2a00:c90::/32
2a05:4480::/29
Signature Algorithm: sha256WithRSAEncryption
52:0a:30:4b:b9:5d:48:83:82:ae:27:0b:91:4e:bd:92:aa:66:
14:f6:43:04:ae:47:2c:ec:b0:0b:fc:f9:7b:ab:54:c8:f3:16:
e2:00:b0:65:50:95:0a:e0:58:7d:a3:41:7e:36:81:f0:6b:f9:
5d:f7:93:61:09:8b:73:dd:1e:01:b4:7b:b0:10:54:ef:2d:86:
59:2c:ac:f3:24:83:d8:51:10:c2:6a:ee:40:e9:39:f4:68:8b:
b2:87:aa:c3:d5:fe:41:d4:15:f0:44:d0:8a:ba:62:f6:a0:ae:
08:af:0b:9f:8b:ec:dd:28:a7:bd:8d:19:58:ad:9a:29:8c:62:
33:b4:58:10:19:94:44:d1:1b:c7:62:25:28:09:7d:19:e7:29:
36:61:b6:19:f5:87:cd:d0:7f:37:30:4b:62:85:02:db:4f:27:
49:e6:55:e5:09:fa:f9:ab:79:90:ee:ce:d6:f9:c0:cc:9c:24:
de:ab:3d:c0:1a:a6:54:c0:40:e4:15:b7:16:4f:54:9c:df:04:
cf:05:aa:89:b3:f3:9a:88:a5:de:bd:c6:fb:c6:45:84:28:61:
8a:a2:c7:c3:53:05:5a:d6:07:0f:5e:5f:c9:e1:71:d0:8b:f4:
df:52:09:fe:8f:be:ff:c4:ff:9b:b6:38:1d:37:3c:3b:68:de:
41:f0:57:15
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYzDt0IAxgNFEdBTtxFzJdBvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMzg4NDAyMWQxYjAyZThjMTZiNTU1NzQzZGZlYjlkYThl
NDhlMzEwHhcNMjQwMTAxMDYzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTFlMGNjYTQ5Yjk1ODA5ODEzOGZiNTQ4ODAyNTFmNWEwMzY2NGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7F8W2fPTQG25hqqo2yhctLQ9EnWw
uCGTgZ1Z1IVMNXbq9ObMPZUsXZQ2umaIK9Vs1dLUebMPRog2S26JZ9ONPZQgiotf
tkkE7OgJxd7pW7FXMF4LemaCipi3iBN4tQN3A7jkoc7uXlsNspAbIo9rFsmPfQ5G
pUGYUbOGvFOtElCPupIhvqPGCj/yuW2Nc1RSFOHxHF/soBKSKMbXBmHU8i498/X3
ePttVrqf/d4PA6SW+rhXjV/7gbWyF3BEu5kc/ggwKMjrH93DP6lScZfGDjh7Iq+D
qvnzvoP2uA4ky/hN1fR2LmD1PGuR7CXVaxTkitDIqDG6w0l+cN2Ca+VNIwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFGEeDMpJuVgJgTj7VIgCUfWgNmT+MB8GA1UdIwQY
MBaAFNw4hAIdGwLowWtVV0Pf652o5I4xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0RpRUFoMGJBdWpCYTFWWFE5X3JuYWprampFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8wY2IyZjktOGVmOS00ZWViLTk2MmEt
ZDhiNGUwZDBkNmQ1LzEvWVI0TXlrbTVXQW1CT1B0VWlBSlI5YUEyWlA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8wY2IyZjktOGVmOS00ZWViLTk2MmEtZDhiNGUwZDBkNmQ1
LzEvM0RpRUFoMGJBdWpCYTFWWFE5X3JuYWprampFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBEBAIAATA+AwQDHx+oMAwD
BAFNX+oDBARNX+ADBAVPhcADBARQSCADBABb+vMDBAK5B2gDBAK5HnwDBAK5KMQD
BAK5SeQwFAQCAAIwDgMFACoADJADBQMqBUSAMA0GCSqGSIb3DQEBCwUAA4IBAQBS
CjBLuV1Ig4KuJwuRTr2SqmYU9kMErkcs7LAL/Pl7q1TI8xbiALBlUJUK4Fh9o0F+
NoHwa/ld95NhCYtz3R4BtHuwEFTvLYZZLKzzJIPYURDCau5A6Tn0aIuyh6rD1f5B
1BXwRNCKumL2oK4Irwufi+zdKKe9jRlYrZopjGIztFgQGZRE0RvHYiUoCX0Z5yk2
YbYZ9YfN0H83MEtihQLbTydJ5lXlCfr5q3mQ7s7W+cDMnCTeqz3AGqZUwEDkFbcW
T1Sc3wTPBaqJs/OaiKXevcb7xkWEKGGKosfDUwVa1gcPXl/J4XHQi/TfUgn+j77/
xP+btjgdNzw7aN5B8FcV
-----END CERTIFICATE-----
Generated at Sat May 11 20:27:49 2024 by rpki-client on console-ams.rpki-client.org