Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/fY_Cmsg-vAGh-9yH8KZriq6IY3Q.roa
File: fY_Cmsg-vAGh-9yH8KZriq6IY3Q.roa (raw, json)
Hash identifier: J96sSaruwdZtgJfaOIhpZeNIVPE01sftOHU6PczgG6Q=
Subject key identifier: 7D:8F:C2:9A:C8:3E:BC:01:A1:FB:DC:87:F0:A6:6B:8A:AE:88:63:74
Certificate issuer: /CN=8d84404e5f8a4b117ae44e73d53c44ecdd578342
Certificate serial: 018CC6B8EDA801FED74600433AEB9F05F1C4
Authority key identifier: 8D:84:40:4E:5F:8A:4B:11:7A:E4:4E:73:D5:3C:44:EC:DD:57:83:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/fY_Cmsg-vAGh-9yH8KZriq6IY3Q.roa
Signing time: Mon 01 Jan 2024 20:30:57 +0000
ROA not before: Mon 01 Jan 2024 20:30:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13238
IP address blocks: 5.45.192.0/18 maxlen: 24
92.255.127.0/24 maxlen: 24
178.154.128.0/19 maxlen: 24
84.252.160.0/19 maxlen: 24
37.9.64.0/18 maxlen: 24
90.156.176.0/20 maxlen: 24
141.8.128.0/18 maxlen: 24
93.158.128.0/18 maxlen: 24
37.140.128.0/18 maxlen: 24
95.108.128.0/17 maxlen: 24
185.32.187.0/24 maxlen: 24
87.250.224.0/19 maxlen: 24
77.88.0.0/18 maxlen: 24
178.154.160.0/19 maxlen: 24
213.180.192.0/19 maxlen: 24
5.255.192.0/18 maxlen: 24
2a02:6b8::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/jYRATl-KSxF65E5z1TxE7N1Xg0I.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/jYRATl-KSxF65E5z1TxE7N1Xg0I.mft
rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:02:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:ed:a8:01:fe:d7:46:00:43:3a:eb:9f:05:f1:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d84404e5f8a4b117ae44e73d53c44ecdd578342
Validity
Not Before: Jan 1 20:30:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d8fc29ac83ebc01a1fbdc87f0a66b8aae886374
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ac:b8:c5:5b:69:e7:d3:c4:bd:48:93:1a:1c:
55:af:e4:35:5f:b7:f7:3e:fb:f8:8d:0d:0e:67:d1:
0f:50:b1:6a:e8:0c:7b:44:ec:d4:34:19:6e:a0:59:
32:9d:e7:3c:cd:06:18:05:10:f1:23:04:ae:44:09:
bf:fa:97:33:d6:18:ce:07:6c:5f:7e:7b:cf:b9:50:
be:72:5d:29:3f:a9:3a:12:2c:79:24:75:b3:74:25:
83:dc:0c:5b:17:39:a6:dd:cb:a9:0f:ea:15:ad:f4:
6a:d6:10:51:81:c3:99:b5:65:76:2e:4b:96:82:b3:
12:04:62:6c:68:3d:81:12:80:bd:0b:d4:15:e0:b6:
f4:83:bc:d3:81:35:16:5f:35:01:2d:8c:e2:40:78:
7e:5e:80:ed:c1:d3:3a:4e:b7:ff:69:8f:0a:80:d6:
02:4c:b7:86:e5:de:77:ce:c5:cc:52:53:f4:13:7f:
25:54:11:58:9f:d9:0e:2b:8f:97:ad:99:1f:ae:5b:
97:0a:da:9c:58:2f:96:c6:4f:50:d2:cd:b7:6f:c8:
b7:e1:6c:21:8a:d0:eb:5b:9f:42:75:ec:2e:40:32:
59:d5:a2:56:d6:96:2c:d5:89:1b:1b:e7:0d:c7:c5:
e0:8c:eb:14:ec:87:59:dc:8b:3b:69:a8:1a:8a:f0:
4e:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:8F:C2:9A:C8:3E:BC:01:A1:FB:DC:87:F0:A6:6B:8A:AE:88:63:74
X509v3 Authority Key Identifier:
keyid:8D:84:40:4E:5F:8A:4B:11:7A:E4:4E:73:D5:3C:44:EC:DD:57:83:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/fY_Cmsg-vAGh-9yH8KZriq6IY3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/jYRATl-KSxF65E5z1TxE7N1Xg0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.192.0/18
5.255.192.0/18
37.9.64.0/18
37.140.128.0/18
77.88.0.0/18
84.252.160.0/19
87.250.224.0/19
90.156.176.0/20
92.255.127.0/24
93.158.128.0/18
95.108.128.0/17
141.8.128.0/18
178.154.128.0/18
185.32.187.0/24
213.180.192.0/19
IPv6:
2a02:6b8::/29
Signature Algorithm: sha256WithRSAEncryption
51:ff:da:e7:05:41:04:82:84:88:ef:f0:66:7a:c9:57:aa:40:
76:ab:3e:bd:be:77:c4:6d:f2:0b:06:90:a6:ed:1e:da:98:1b:
0f:73:68:d1:f1:19:7f:ac:b0:4e:58:bc:8c:c2:94:82:a7:62:
6d:af:98:0c:da:47:25:db:e4:ad:03:0a:04:af:dc:f4:02:e2:
e5:8d:54:cd:5f:1a:d9:86:5b:57:b8:96:53:0e:17:a7:f7:94:
01:58:29:b5:7b:4b:ff:96:a9:70:29:5c:cf:f8:1f:3a:ff:13:
c7:6e:a0:a5:5b:48:76:cb:08:22:64:19:05:26:6d:5e:34:d8:
8a:c0:27:13:55:74:58:0a:7c:8e:a8:56:46:9f:7e:8d:d6:fd:
65:db:0e:50:6d:c3:c4:84:3a:ce:ea:1c:49:18:19:f6:b4:74:
8b:58:e2:01:2b:b2:67:31:72:67:37:7d:28:80:60:5c:26:5b:
a9:8c:51:3d:25:10:c5:f6:07:b5:fa:88:91:97:c1:21:0a:02:
25:16:b3:5e:ce:04:bf:ee:9e:54:b9:b1:e3:50:47:8b:6d:09:
c3:fd:57:1a:31:79:90:fb:02:a3:ed:54:75:f6:33:3a:8f:0b:
b8:e7:9a:6c:63:61:60:43:e5:32:b6:bc:03:e0:cf:f8:24:9d:
d0:ed:20:45
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAYzGuO2oAf7XRgBDOuufBfHEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkODQ0MDRlNWY4YTRiMTE3YWU0NGU3M2Q1M2M0NGVjZGQ1
NzgzNDIwHhcNMjQwMTAxMjAzMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDhmYzI5YWM4M2ViYzAxYTFmYmRjODdmMGE2NmI4YWFlODg2Mzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ay4xVtp59PEvUiTGhxVr+Q1X7f3
Pvv4jQ0OZ9EPULFq6Ax7ROzUNBluoFkynec8zQYYBRDxIwSuRAm/+pcz1hjOB2xf
fnvPuVC+cl0pP6k6Eix5JHWzdCWD3AxbFzmm3cupD+oVrfRq1hBRgcOZtWV2LkuW
grMSBGJsaD2BEoC9C9QV4Lb0g7zTgTUWXzUBLYziQHh+XoDtwdM6Trf/aY8KgNYC
TLeG5d53zsXMUlP0E38lVBFYn9kOK4+XrZkfrluXCtqcWC+Wxk9Q0s23b8i34Wwh
itDrW59CdewuQDJZ1aJW1pYs1YkbG+cNx8XgjOsU7IdZ3Is7aagaivBOGQIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFH2PwprIPrwBofvch/Cma4quiGN0MB8GA1UdIwQY
MBaAFI2EQE5fiksReuROc9U8ROzdV4NCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvallSQVRsLUtTeEY2NUU1ejFUeEU3TjFYZzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kNTFmNjQtNWQwNi00ZmMwLWFiNjkt
MmNkOThlZTUzNTY5LzEvZllfQ21zZy12QUdoLTl5SDhLWnJpcTZJWTNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9kNTFmNjQtNWQwNi00ZmMwLWFiNjktMmNkOThlZTUzNTY5
LzEvallSQVRsLUtTeEY2NUU1ejFUeEU3TjFYZzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEBgUtwAME
BgX/wAMEBiUJQAMEBiWMgAMEBk1YAAMEBVT8oAMEBVf64AMEBFqcsAMEAFz/fwME
Bl2egAMEB19sgAMEBo0IgAMEBrKagAMEALkguwMEBdW0wDANBAIAAjAHAwUDKgIG
uDANBgkqhkiG9w0BAQsFAAOCAQEAUf/a5wVBBIKEiO/wZnrJV6pAdqs+vb53xG3y
CwaQpu0e2pgbD3No0fEZf6ywTli8jMKUgqdiba+YDNpHJdvkrQMKBK/c9ALi5Y1U
zV8a2YZbV7iWUw4Xp/eUAVgptXtL/5apcClcz/gfOv8Tx26gpVtIdssIImQZBSZt
XjTYisAnE1V0WAp8jqhWRp9+jdb9ZdsOUG3DxIQ6zuocSRgZ9rR0i1jiASuyZzFy
Zzd9KIBgXCZbqYxRPSUQxfYHtfqIkZfBIQoCJRazXs4Ev+6eVLmx41BHi20Jw/1X
GjF5kPsCo+1UdfYzOo8LuOeabGNhYEPlMra8A+DP+CSd0O0gRQ==
-----END CERTIFICATE-----
Generated at Sat Jun 1 21:04:57 2024 by rpki-client on console-fra.rpki-client.org