Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/vwEKyMCc22Mw1IPFv4JIN5gxiHg.roa
File: vwEKyMCc22Mw1IPFv4JIN5gxiHg.roa (raw, json)
Hash identifier: R0mDCfAwWj2upPgHWCcM3oJpfHiRikUVQIwGxlYkzrE=
Subject key identifier: BF:01:0A:C8:C0:9C:DB:63:30:D4:83:C5:BF:82:48:37:98:31:88:78
Certificate issuer: /CN=8d84404e5f8a4b117ae44e73d53c44ecdd578342
Certificate serial: 018CC6B8EEC4E7C45939004841A010B615AB
Authority key identifier: 8D:84:40:4E:5F:8A:4B:11:7A:E4:4E:73:D5:3C:44:EC:DD:57:83:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/vwEKyMCc22Mw1IPFv4JIN5gxiHg.roa
Signing time: Mon 01 Jan 2024 20:30:57 +0000
ROA not before: Mon 01 Jan 2024 20:30:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208398
IP address blocks: 5.45.192.0/18 maxlen: 24
92.255.127.0/24 maxlen: 24
178.154.128.0/19 maxlen: 24
37.9.64.0/18 maxlen: 24
84.252.160.0/19 maxlen: 24
90.156.176.0/20 maxlen: 24
141.8.128.0/18 maxlen: 24
93.158.128.0/18 maxlen: 24
37.140.128.0/18 maxlen: 24
95.108.128.0/17 maxlen: 24
185.32.187.0/24 maxlen: 24
87.250.224.0/19 maxlen: 24
77.88.0.0/18 maxlen: 24
178.154.160.0/19 maxlen: 24
213.180.192.0/19 maxlen: 24
5.255.192.0/18 maxlen: 24
2a02:6b8::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/jYRATl-KSxF65E5z1TxE7N1Xg0I.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/jYRATl-KSxF65E5z1TxE7N1Xg0I.mft
rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:02:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:ee:c4:e7:c4:59:39:00:48:41:a0:10:b6:15:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d84404e5f8a4b117ae44e73d53c44ecdd578342
Validity
Not Before: Jan 1 20:30:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf010ac8c09cdb6330d483c5bf82483798318878
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:20:e9:53:e4:6f:0f:c2:f5:b1:29:09:65:dd:
11:23:59:47:a6:bd:d2:db:07:3a:e9:74:0b:8a:da:
64:d0:62:43:b9:60:71:49:28:fe:a8:17:8a:20:e8:
04:85:a1:ee:ce:17:2e:3e:ed:d3:df:8f:bb:02:d4:
35:7c:f1:68:e4:99:38:77:3e:65:94:84:a5:b4:c4:
b0:80:1b:b4:25:4b:ff:6c:8c:79:3c:2b:e5:77:44:
8b:d8:e1:c6:25:ca:0f:01:07:36:ef:ff:51:be:2e:
76:c6:98:63:6f:1d:94:f8:e0:f0:ba:16:69:88:b1:
88:6b:90:ac:d2:16:4d:df:8e:9f:fa:0c:71:30:fa:
17:85:a0:ba:3b:d7:55:96:19:ef:49:d0:1b:4a:94:
21:68:a4:ef:6c:08:08:bd:ac:f7:40:c6:bb:9b:e7:
08:5e:28:4a:7c:2a:e7:92:ec:62:c0:67:d5:a1:23:
39:b2:ac:a1:d4:f9:f7:6d:23:3b:82:01:27:4c:c2:
e6:eb:80:1b:8a:2a:fd:09:5a:47:b6:b1:7b:cc:ea:
8b:a1:23:fb:05:30:45:b1:ff:c6:be:f5:4c:bf:2f:
5c:44:dc:3e:74:67:96:56:47:9b:8d:a8:bc:91:10:
61:bc:2b:ff:3c:b3:c0:a0:a2:97:a8:b3:de:96:f8:
e0:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:01:0A:C8:C0:9C:DB:63:30:D4:83:C5:BF:82:48:37:98:31:88:78
X509v3 Authority Key Identifier:
keyid:8D:84:40:4E:5F:8A:4B:11:7A:E4:4E:73:D5:3C:44:EC:DD:57:83:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/vwEKyMCc22Mw1IPFv4JIN5gxiHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/jYRATl-KSxF65E5z1TxE7N1Xg0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.192.0/18
5.255.192.0/18
37.9.64.0/18
37.140.128.0/18
77.88.0.0/18
84.252.160.0/19
87.250.224.0/19
90.156.176.0/20
92.255.127.0/24
93.158.128.0/18
95.108.128.0/17
141.8.128.0/18
178.154.128.0/18
185.32.187.0/24
213.180.192.0/19
IPv6:
2a02:6b8::/29
Signature Algorithm: sha256WithRSAEncryption
10:12:1f:75:f7:8f:bd:88:e1:80:09:57:02:16:9d:ae:b3:6c:
b9:91:56:9b:5c:6a:f6:e1:d4:9d:b3:c6:48:b5:8b:0c:85:9c:
d9:73:58:b7:ea:8a:e1:d3:c7:70:f4:f0:40:ee:10:e5:9c:9c:
5a:39:f0:98:79:29:85:c1:3f:6e:0a:0c:ce:69:2b:c5:0f:eb:
2d:1b:de:04:d6:1a:03:b8:1b:3c:f3:74:27:84:c5:08:09:06:
ca:db:7f:9e:9d:c6:96:51:fe:49:5b:78:a4:aa:bb:ee:79:8a:
5f:87:0f:7b:83:74:8c:5d:36:91:2f:87:cf:e4:70:16:b5:39:
35:31:af:33:72:83:80:87:b5:6a:f6:88:4a:f1:f4:f6:f5:f5:
e2:cf:b0:59:2f:e4:18:73:2a:5a:7e:14:fa:7d:50:e7:8d:96:
e9:7c:aa:a7:37:f9:4b:58:b4:d2:c4:7f:11:f5:f3:a5:d5:cf:
96:cc:bb:2f:18:e1:6b:f2:f1:9c:1d:e6:58:2e:c3:ef:7a:9c:
7f:e6:e8:0d:f2:67:fa:c8:64:14:d9:05:a5:c1:89:88:2b:0f:
54:41:62:9c:5b:d5:a2:b8:f7:1c:aa:08:11:d0:9d:80:36:dc:
03:4e:f3:fb:fa:ba:d5:c6:fb:da:cf:bf:cb:12:99:11:25:db:
b6:8e:5f:7d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAYzGuO7E58RZOQBIQaAQthWrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkODQ0MDRlNWY4YTRiMTE3YWU0NGU3M2Q1M2M0NGVjZGQ1
NzgzNDIwHhcNMjQwMTAxMjAzMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjAxMGFjOGMwOWNkYjYzMzBkNDgzYzViZjgyNDgzNzk4MzE4ODc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0iDpU+RvD8L1sSkJZd0RI1lHpr3S
2wc66XQLitpk0GJDuWBxSSj+qBeKIOgEhaHuzhcuPu3T34+7AtQ1fPFo5Jk4dz5l
lISltMSwgBu0JUv/bIx5PCvld0SL2OHGJcoPAQc27/9Rvi52xphjbx2U+ODwuhZp
iLGIa5Cs0hZN346f+gxxMPoXhaC6O9dVlhnvSdAbSpQhaKTvbAgIvaz3QMa7m+cI
XihKfCrnkuxiwGfVoSM5sqyh1Pn3bSM7ggEnTMLm64Abiir9CVpHtrF7zOqLoSP7
BTBFsf/GvvVMvy9cRNw+dGeWVkebjai8kRBhvCv/PLPAoKKXqLPelvjgvwIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFL8BCsjAnNtjMNSDxb+CSDeYMYh4MB8GA1UdIwQY
MBaAFI2EQE5fiksReuROc9U8ROzdV4NCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvallSQVRsLUtTeEY2NUU1ejFUeEU3TjFYZzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kNTFmNjQtNWQwNi00ZmMwLWFiNjkt
MmNkOThlZTUzNTY5LzEvdndFS3lNQ2MyMk13MUlQRnY0SklONWd4aUhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9kNTFmNjQtNWQwNi00ZmMwLWFiNjktMmNkOThlZTUzNTY5
LzEvallSQVRsLUtTeEY2NUU1ejFUeEU3TjFYZzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEBgUtwAME
BgX/wAMEBiUJQAMEBiWMgAMEBk1YAAMEBVT8oAMEBVf64AMEBFqcsAMEAFz/fwME
Bl2egAMEB19sgAMEBo0IgAMEBrKagAMEALkguwMEBdW0wDANBAIAAjAHAwUDKgIG
uDANBgkqhkiG9w0BAQsFAAOCAQEAEBIfdfePvYjhgAlXAhadrrNsuZFWm1xq9uHU
nbPGSLWLDIWc2XNYt+qK4dPHcPTwQO4Q5ZycWjnwmHkphcE/bgoMzmkrxQ/rLRve
BNYaA7gbPPN0J4TFCAkGytt/np3GllH+SVt4pKq77nmKX4cPe4N0jF02kS+Hz+Rw
FrU5NTGvM3KDgIe1avaISvH09vX14s+wWS/kGHMqWn4U+n1Q542W6Xyqpzf5S1i0
0sR/EfXzpdXPlsy7Lxjha/LxnB3mWC7D73qcf+boDfJn+shkFNkFpcGJiCsPVEFi
nFvVorj3HKoIEdCdgDbcA07z+/q61cb72s+/yxKZESXbto5ffQ==
-----END CERTIFICATE-----
Generated at Sat Jun 1 21:27:49 2024 by rpki-client on console-ams.rpki-client.org