Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/d4b5f9-af44-41d0-b5f1-a25e07cea2c0/1/U_pYTadNkHGFHJv4wDvWWgYuGhA.roa
File: U_pYTadNkHGFHJv4wDvWWgYuGhA.roa (raw, json)
Hash identifier: ty+nUaez0XawLxKckkW/iq71vC2YFdTVnLHgmgZXbqI=
Subject key identifier: 53:FA:58:4D:A7:4D:90:71:85:1C:9B:F8:C0:3B:D6:5A:06:2E:1A:10
Certificate issuer: /CN=046f364658b64e2bf150d20fc838c364207975e2
Certificate serial: 018CC793F7C0EDAE31A2A2C53E822C347DFF
Authority key identifier: 04:6F:36:46:58:B6:4E:2B:F1:50:D2:0F:C8:38:C3:64:20:79:75:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BG82Rli2TivxUNIPyDjDZCB5deI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/d4b5f9-af44-41d0-b5f1-a25e07cea2c0/1/U_pYTadNkHGFHJv4wDvWWgYuGhA.roa
Signing time: Tue 02 Jan 2024 00:30:12 +0000
ROA not before: Tue 02 Jan 2024 00:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31252
IP address blocks: 87.248.160.0/19 maxlen: 32
89.28.0.0/17 maxlen: 32
89.28.21.0/24 maxlen: 32
195.93.218.0/23 maxlen: 32
188.138.128.0/17 maxlen: 32
185.70.188.0/22 maxlen: 32
185.175.80.0/22 maxlen: 32
95.65.0.0/17 maxlen: 32
185.17.224.0/22 maxlen: 32
188.244.16.0/20 maxlen: 32
91.216.97.0/24 maxlen: 24
178.168.0.0/17 maxlen: 32
178.18.32.0/20 maxlen: 32
37.233.0.0/18 maxlen: 32
2a0b:dd00::/29 maxlen: 128
2a00:9900::/29 maxlen: 128
2a01:320::/29 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/d4b5f9-af44-41d0-b5f1-a25e07cea2c0/1/BG82Rli2TivxUNIPyDjDZCB5deI.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/d4b5f9-af44-41d0-b5f1-a25e07cea2c0/1/BG82Rli2TivxUNIPyDjDZCB5deI.mft
rsync://rpki.ripe.net/repository/DEFAULT/BG82Rli2TivxUNIPyDjDZCB5deI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:f7:c0:ed:ae:31:a2:a2:c5:3e:82:2c:34:7d:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=046f364658b64e2bf150d20fc838c364207975e2
Validity
Not Before: Jan 2 00:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53fa584da74d9071851c9bf8c03bd65a062e1a10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:11:3c:60:26:ff:b9:79:bb:e4:43:c1:f8:ba:
9f:cf:18:5f:3b:6e:c4:f1:da:e2:05:9d:73:3f:c4:
b5:69:0b:7b:20:81:de:95:43:5a:8d:82:aa:eb:81:
14:51:d2:ee:a0:b2:0c:92:22:8a:00:4f:23:a7:63:
11:68:42:7d:89:cf:9c:34:a4:c3:c9:c1:79:77:b9:
e2:27:e1:c5:b5:fd:aa:9f:7f:e6:8c:90:83:b6:3e:
86:79:0e:a5:84:0b:23:5e:57:41:37:49:4b:06:87:
5c:6e:6b:98:50:d5:f9:87:c3:09:79:db:ad:80:3c:
0c:8b:81:ed:e7:ac:3c:a2:8c:72:90:8b:32:65:20:
6c:ea:e3:57:c5:81:e2:63:ba:e1:d4:19:c0:8f:2a:
5d:1c:bd:09:7a:3c:e4:b5:e7:32:f7:35:7d:4c:66:
1d:92:d0:fc:97:0f:ed:ca:90:0a:16:be:20:f3:9d:
00:b3:bc:71:aa:16:f0:1f:83:4e:8f:37:3d:60:3c:
c4:f5:4f:f2:53:ea:e2:11:f7:86:ad:c9:11:5b:66:
19:aa:32:f4:7a:0e:02:a9:a3:a6:30:6b:75:fd:a4:
2f:ba:fe:fc:0f:58:00:77:93:73:6c:00:95:0c:89:
a1:f1:11:39:a5:b3:21:34:11:cd:25:b0:ad:cf:cd:
d2:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:FA:58:4D:A7:4D:90:71:85:1C:9B:F8:C0:3B:D6:5A:06:2E:1A:10
X509v3 Authority Key Identifier:
keyid:04:6F:36:46:58:B6:4E:2B:F1:50:D2:0F:C8:38:C3:64:20:79:75:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BG82Rli2TivxUNIPyDjDZCB5deI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4b5f9-af44-41d0-b5f1-a25e07cea2c0/1/U_pYTadNkHGFHJv4wDvWWgYuGhA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4b5f9-af44-41d0-b5f1-a25e07cea2c0/1/BG82Rli2TivxUNIPyDjDZCB5deI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.233.0.0/18
87.248.160.0/19
89.28.0.0/17
91.216.97.0/24
95.65.0.0/17
178.18.32.0/20
178.168.0.0/17
185.17.224.0/22
185.70.188.0/22
185.175.80.0/22
188.138.128.0/17
188.244.16.0/20
195.93.218.0/23
IPv6:
2a00:9900::/29
2a01:320::/29
2a0b:dd00::/29
Signature Algorithm: sha256WithRSAEncryption
52:41:dc:5f:8e:8e:ea:22:8d:30:f5:dc:a9:e8:d3:c4:96:c5:
c8:30:44:33:35:f0:cd:6d:14:60:da:39:0f:48:02:63:0f:f8:
f7:ab:bd:0f:cf:24:ce:07:eb:e8:ed:2f:aa:fb:b4:e8:b2:ba:
c7:35:78:77:30:26:01:2f:c0:3b:81:19:bf:a4:fd:2e:84:63:
d0:07:4b:36:39:c5:21:c5:ba:47:7c:a5:58:f8:ff:81:a2:f2:
d7:7a:8f:ab:b1:ce:b0:ae:d3:b3:bd:2a:d1:7d:e9:24:9d:a2:
ad:f2:fc:21:08:d4:43:bc:a2:02:4c:c1:58:2f:03:0b:fa:34:
13:83:90:e1:94:60:7f:fa:d7:ca:c5:38:10:be:e9:ad:85:fc:
49:6c:40:b2:b7:fb:39:64:5d:9b:c8:d1:34:59:6e:b7:7c:2d:
ad:11:02:c8:4d:c1:88:b1:f4:fa:33:96:e2:a0:56:32:1b:c2:
c3:cb:d4:93:95:55:19:60:92:77:56:ac:b8:af:56:2f:19:ab:
88:89:f1:8c:5c:8e:97:47:10:73:dd:77:f3:77:74:f8:7f:81:
d3:50:c2:01:8a:5d:df:ef:b9:78:8d:42:fc:58:d0:c0:5b:5e:
ce:f8:98:d6:47:fa:dd:43:e0:09:35:17:fa:5b:3e:b8:09:19:
d1:a7:75:a3
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAYzHk/fA7a4xoqLFPoIsNH3/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NmYzNjQ2NThiNjRlMmJmMTUwZDIwZmM4MzhjMzY0MjA3
OTc1ZTIwHhcNMjQwMTAyMDAzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2ZhNTg0ZGE3NGQ5MDcxODUxYzliZjhjMDNiZDY1YTA2MmUxYTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxE8YCb/uXm75EPB+LqfzxhfO27E
8driBZ1zP8S1aQt7IIHelUNajYKq64EUUdLuoLIMkiKKAE8jp2MRaEJ9ic+cNKTD
ycF5d7niJ+HFtf2qn3/mjJCDtj6GeQ6lhAsjXldBN0lLBodcbmuYUNX5h8MJedut
gDwMi4Ht56w8ooxykIsyZSBs6uNXxYHiY7rh1BnAjypdHL0Jejzktecy9zV9TGYd
ktD8lw/typAKFr4g850As7xxqhbwH4NOjzc9YDzE9U/yU+riEfeGrckRW2YZqjL0
eg4CqaOmMGt1/aQvuv78D1gAd5NzbACVDImh8RE5pbMhNBHNJbCtz83SowIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFFP6WE2nTZBxhRyb+MA71loGLhoQMB8GA1UdIwQY
MBaAFARvNkZYtk4r8VDSD8g4w2QgeXXiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkc4MlJsaTJUaXZ4VU5JUHlEakRaQ0I1ZGVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9kNGI1ZjktYWY0NC00MWQwLWI1ZjEt
YTI1ZTA3Y2VhMmMwLzEvVV9wWVRhZE5rSEdGSEp2NHdEdldXZ1l1R2hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9kNGI1ZjktYWY0NC00MWQwLWI1ZjEtYTI1ZTA3Y2VhMmMw
LzEvQkc4MlJsaTJUaXZ4VU5JUHlEakRaQ0I1ZGVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwVAQCAAEwTgMEBiXpAAME
BVf4oAMEB1kcAAMEAFvYYQMEB19BAAMEBLISIAMEB7KoAAMEArkR4AMEArlGvAME
ArmvUAMEB7yKgAMEBLz0EAMEAcNd2jAbBAIAAjAVAwUDKgCZAAMFAyoBAyADBQMq
C90AMA0GCSqGSIb3DQEBCwUAA4IBAQBSQdxfjo7qIo0w9dyp6NPElsXIMEQzNfDN
bRRg2jkPSAJjD/j3q70PzyTOB+vo7S+q+7TosrrHNXh3MCYBL8A7gRm/pP0uhGPQ
B0s2OcUhxbpHfKVY+P+BovLXeo+rsc6wrtOzvSrRfekknaKt8vwhCNRDvKICTMFY
LwML+jQTg5DhlGB/+tfKxTgQvumthfxJbECyt/s5ZF2byNE0WW63fC2tEQLITcGI
sfT6M5bioFYyG8LDy9STlVUZYJJ3Vqy4r1YvGauIifGMXI6XRxBz3Xfzd3T4f4HT
UMIBil3f77l4jUL8WNDAW17O+JjWR/rdQ+AJNRf6Wz64CRnRp3Wj
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:14:38 2024 by rpki-client on console-fra.rpki-client.org