Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/B0vcGrU2H1UrEQvxOUGn_vaEMgo.roa
File: B0vcGrU2H1UrEQvxOUGn_vaEMgo.roa (raw, json)
Hash identifier: 77K46Xyl8N1IpWQcw5GnwgpcI9JLNsW3LfTNem2aI0U=
Subject key identifier: 07:4B:DC:1A:B5:36:1F:55:2B:11:0B:F1:39:41:A7:FE:F6:84:32:0A
Certificate issuer: /CN=8d84404e5f8a4b117ae44e73d53c44ecdd578342
Certificate serial: 018CC6B8EF1063A801FEE0EA57A30B5B744E
Authority key identifier: 8D:84:40:4E:5F:8A:4B:11:7A:E4:4E:73:D5:3C:44:EC:DD:57:83:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/B0vcGrU2H1UrEQvxOUGn_vaEMgo.roa
Signing time: Mon 01 Jan 2024 20:30:57 +0000
ROA not before: Mon 01 Jan 2024 20:30:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208722
IP address blocks: 5.45.192.0/18 maxlen: 24
92.255.127.0/24 maxlen: 24
178.154.128.0/19 maxlen: 24
84.252.160.0/19 maxlen: 24
37.9.64.0/18 maxlen: 24
141.8.128.0/18 maxlen: 24
93.158.128.0/18 maxlen: 24
95.108.128.0/17 maxlen: 24
37.140.128.0/18 maxlen: 24
185.32.187.0/24 maxlen: 24
87.250.224.0/19 maxlen: 24
77.88.0.0/18 maxlen: 24
213.180.192.0/19 maxlen: 24
178.154.160.0/19 maxlen: 24
5.255.192.0/18 maxlen: 24
2a02:6b8::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/jYRATl-KSxF65E5z1TxE7N1Xg0I.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/jYRATl-KSxF65E5z1TxE7N1Xg0I.mft
rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:ef:10:63:a8:01:fe:e0:ea:57:a3:0b:5b:74:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d84404e5f8a4b117ae44e73d53c44ecdd578342
Validity
Not Before: Jan 1 20:30:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=074bdc1ab5361f552b110bf13941a7fef684320a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:48:f6:a6:81:bd:bd:65:2f:bf:4e:9b:2d:36:
5e:62:8e:a7:ee:1e:14:81:e2:e6:5b:98:74:ab:b8:
8d:78:08:8a:80:cc:7f:3b:d6:7d:06:93:cd:8b:9a:
00:79:14:b7:58:2e:24:46:2a:5d:04:94:3c:2c:2d:
61:e3:96:1d:bb:10:99:f7:c5:9c:35:fe:5e:02:95:
32:50:07:c9:a1:60:28:4b:5b:0f:ec:60:ce:d1:96:
40:ae:03:14:59:45:d7:d6:b0:b6:20:da:79:15:bc:
57:eb:37:ee:31:87:46:2e:23:52:f3:9a:41:26:af:
5f:f8:c6:5d:af:b2:37:18:8c:b3:22:dc:3c:7f:bf:
d4:87:e2:86:13:11:28:bf:c1:6b:1c:10:b5:5d:e7:
9c:24:a6:ee:90:a4:60:ac:fc:df:4b:86:4b:2a:be:
14:9b:8f:c2:9a:f8:96:01:3b:f8:6a:ec:3c:5c:43:
e6:09:83:e8:e3:9f:28:7d:71:5a:fb:9c:fd:c7:ae:
0c:9d:a9:ae:db:48:1f:87:20:84:e7:84:27:71:41:
d3:c2:16:b3:e3:fe:52:4d:1e:dc:28:bb:66:d5:da:
2c:86:a9:91:8f:02:de:11:3e:1f:af:80:e1:a8:55:
2f:16:b0:eb:08:d9:79:eb:16:a5:d5:89:26:14:49:
20:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:4B:DC:1A:B5:36:1F:55:2B:11:0B:F1:39:41:A7:FE:F6:84:32:0A
X509v3 Authority Key Identifier:
keyid:8D:84:40:4E:5F:8A:4B:11:7A:E4:4E:73:D5:3C:44:EC:DD:57:83:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/B0vcGrU2H1UrEQvxOUGn_vaEMgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/jYRATl-KSxF65E5z1TxE7N1Xg0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.192.0/18
5.255.192.0/18
37.9.64.0/18
37.140.128.0/18
77.88.0.0/18
84.252.160.0/19
87.250.224.0/19
92.255.127.0/24
93.158.128.0/18
95.108.128.0/17
141.8.128.0/18
178.154.128.0/18
185.32.187.0/24
213.180.192.0/19
IPv6:
2a02:6b8::/29
Signature Algorithm: sha256WithRSAEncryption
8d:72:8c:7b:92:11:0e:73:54:5b:8e:6c:4a:90:c4:83:0f:0a:
f4:c1:54:ec:b7:72:9c:1d:4c:83:32:19:62:e5:ef:c1:4f:3d:
76:de:86:a3:24:28:7a:af:ab:85:7d:38:a4:10:6d:38:86:21:
c6:be:d8:59:80:b4:0e:e3:f3:ca:5d:f0:94:da:0b:d8:98:a0:
8e:aa:ac:96:8e:d1:27:c2:ef:11:32:3b:ff:23:7b:2f:a7:ec:
94:c9:f7:30:7b:a5:dd:1f:3d:bb:90:b4:53:26:5a:63:95:bb:
d5:14:da:35:e7:8d:54:99:4c:cd:4f:cf:94:ed:fb:91:f2:75:
bc:06:b1:84:48:cb:ad:5e:dc:1b:ba:4a:cd:9e:b8:67:0d:6e:
7a:40:f1:14:5b:01:f3:3d:6f:02:a1:a9:82:f6:ab:65:f1:23:
9f:d8:a9:29:71:e3:30:d2:f7:15:57:60:5a:be:95:45:c7:a6:
9a:48:c2:b3:32:16:b2:0b:dc:f6:30:87:fb:c3:38:ec:b6:6f:
7c:fe:be:56:8e:04:25:63:4f:ed:c6:fc:5f:e4:6d:5b:33:7a:
2a:23:23:98:2d:ac:3b:1a:83:1f:73:c6:12:6b:d7:f4:93:4a:
9c:77:b3:be:35:e3:57:1e:68:7a:b4:28:c9:f4:7f:e4:8f:72:
3b:75:7e:d6
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAYzGuO8QY6gB/uDqV6MLW3ROMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkODQ0MDRlNWY4YTRiMTE3YWU0NGU3M2Q1M2M0NGVjZGQ1
NzgzNDIwHhcNMjQwMTAxMjAzMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzRiZGMxYWI1MzYxZjU1MmIxMTBiZjEzOTQxYTdmZWY2ODQzMjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUj2poG9vWUvv06bLTZeYo6n7h4U
geLmW5h0q7iNeAiKgMx/O9Z9BpPNi5oAeRS3WC4kRipdBJQ8LC1h45YduxCZ98Wc
Nf5eApUyUAfJoWAoS1sP7GDO0ZZArgMUWUXX1rC2INp5FbxX6zfuMYdGLiNS85pB
Jq9f+MZdr7I3GIyzItw8f7/Uh+KGExEov8FrHBC1XeecJKbukKRgrPzfS4ZLKr4U
m4/CmviWATv4auw8XEPmCYPo458ofXFa+5z9x64Mnamu20gfhyCE54QncUHTwhaz
4/5STR7cKLtm1doshqmRjwLeET4fr4DhqFUvFrDrCNl56xal1YkmFEkglQIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFAdL3Bq1Nh9VKxEL8TlBp/72hDIKMB8GA1UdIwQY
MBaAFI2EQE5fiksReuROc9U8ROzdV4NCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvallSQVRsLUtTeEY2NUU1ejFUeEU3TjFYZzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kNTFmNjQtNWQwNi00ZmMwLWFiNjkt
MmNkOThlZTUzNTY5LzEvQjB2Y0dyVTJIMVVyRVF2eE9VR25fdmFFTWdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9kNTFmNjQtNWQwNi00ZmMwLWFiNjktMmNkOThlZTUzNTY5
LzEvallSQVRsLUtTeEY2NUU1ejFUeEU3TjFYZzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQGBS3AAwQG
Bf/AAwQGJQlAAwQGJYyAAwQGTVgAAwQFVPygAwQFV/rgAwQAXP9/AwQGXZ6AAwQH
X2yAAwQGjQiAAwQGspqAAwQAuSC7AwQF1bTAMA0EAgACMAcDBQMqAga4MA0GCSqG
SIb3DQEBCwUAA4IBAQCNcox7khEOc1RbjmxKkMSDDwr0wVTst3KcHUyDMhli5e/B
Tz123oajJCh6r6uFfTikEG04hiHGvthZgLQO4/PKXfCU2gvYmKCOqqyWjtEnwu8R
Mjv/I3svp+yUyfcwe6XdHz27kLRTJlpjlbvVFNo1541UmUzNT8+U7fuR8nW8BrGE
SMutXtwbukrNnrhnDW56QPEUWwHzPW8CoamC9qtl8SOf2KkpceMw0vcVV2BavpVF
x6aaSMKzMhayC9z2MIf7wzjstm98/r5WjgQlY0/txvxf5G1bM3oqIyOYLaw7GoMf
c8YSa9f0k0qcd7O+NeNXHmh6tCjJ9H/kj3I7dX7W
-----END CERTIFICATE-----
Generated at Wed Jun 26 04:40:47 2024 by rpki-client on console-fra.rpki-client.org