Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Y5kti7w0JGJgvwLDDPNZjLx7rdk.roa
File: Y5kti7w0JGJgvwLDDPNZjLx7rdk.roa (raw, json)
Hash identifier: mw6pSJynU5yVUgVkBeQtD9nlC0qPmB/c1YC4kSx9I1o=
Subject key identifier: 63:99:2D:8B:BC:34:24:62:60:BF:02:C3:0C:F3:59:8C:BC:7B:AD:D9
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0194222024D1AEF3E05A726A5DC2DADBF46C
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Y5kti7w0JGJgvwLDDPNZjLx7rdk.roa
Signing time: Wed 01 Jan 2025 13:48:39 +0000
ROA not before: Wed 01 Jan 2025 13:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47583
IP address blocks: 85.31.60.0/24 maxlen: 24
85.31.61.0/24 maxlen: 24
85.31.62.0/24 maxlen: 24
85.31.63.0/24 maxlen: 24
185.124.108.0/24 maxlen: 24
185.124.109.0/24 maxlen: 24
185.124.110.0/24 maxlen: 24
185.124.111.0/24 maxlen: 24
185.124.136.0/24 maxlen: 24
185.124.137.0/24 maxlen: 24
185.124.138.0/24 maxlen: 24
185.124.139.0/24 maxlen: 24
185.162.52.0/24 maxlen: 24
185.162.53.0/24 maxlen: 24
185.162.54.0/24 maxlen: 24
185.162.55.0/24 maxlen: 24
185.166.36.0/24 maxlen: 24
185.166.37.0/24 maxlen: 24
185.166.38.0/24 maxlen: 24
185.166.39.0/24 maxlen: 24
185.199.52.0/24 maxlen: 24
185.199.53.0/24 maxlen: 24
185.210.234.0/24 maxlen: 24
185.230.64.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:24:d1:ae:f3:e0:5a:72:6a:5d:c2:da:db:f4:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 1 13:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=63992d8bbc34246260bf02c30cf3598cbc7badd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:d6:73:67:8d:ef:d6:5a:89:4b:eb:a6:f4:a5:
41:d4:74:6e:6d:75:51:c7:90:33:df:0d:b2:e8:0e:
0f:78:93:cc:1b:97:47:8e:cc:d9:d3:4e:33:6d:65:
bd:0d:5b:24:9f:db:ec:2b:98:fe:57:7b:91:70:f7:
d8:8d:cc:59:bb:f2:ad:1d:2d:69:14:7f:99:8d:db:
bd:f9:5b:9a:2a:45:ad:f2:35:e3:75:86:5e:17:bc:
d5:45:b0:04:fa:86:9f:1a:89:6d:49:e4:ec:26:e1:
7a:08:ac:f1:ae:9b:43:15:a5:65:80:a2:6c:8a:43:
89:07:59:4b:81:4a:dc:e5:5e:b0:94:e4:44:27:49:
7b:84:a3:c4:20:76:27:7f:17:c3:f2:8e:95:67:33:
f8:1b:3a:fc:01:ff:78:0b:3f:82:51:5d:9c:39:61:
87:64:10:f1:08:2e:96:8e:95:8f:b2:05:4f:2c:d4:
b6:32:c1:3b:4c:46:be:eb:cf:14:5b:bb:2d:81:17:
cc:8f:5a:ec:63:3b:0a:d5:0d:8f:79:a6:2f:50:d1:
b7:90:61:89:b3:fa:7e:65:15:33:f0:72:9a:a8:25:
b1:a3:db:d3:9a:40:dc:96:c7:a7:53:15:ed:1f:6e:
40:80:ab:71:ce:4c:c7:b7:5f:d7:d4:45:fe:70:d5:
25:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:99:2D:8B:BC:34:24:62:60:BF:02:C3:0C:F3:59:8C:BC:7B:AD:D9
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Y5kti7w0JGJgvwLDDPNZjLx7rdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.31.60.0/22
185.124.108.0/22
185.124.136.0/22
185.162.52.0/22
185.166.36.0/22
185.199.52.0/23
185.210.234.0/24
185.230.64.0/24
Signature Algorithm: sha256WithRSAEncryption
09:17:91:16:b9:85:88:8c:f0:7b:7f:c1:f2:9e:83:de:12:ce:
9b:50:b2:cd:3d:73:43:7b:8a:ae:8e:e3:b2:c9:ff:ce:5a:10:
f8:9e:f4:7d:bc:82:51:c0:95:0f:d2:f4:43:67:b2:c6:1c:b2:
0d:0d:e9:4f:85:5b:bd:7c:2b:32:50:b3:20:76:15:1c:c7:60:
e4:b0:77:82:95:3c:e1:a9:75:d5:6e:54:bf:fd:6a:e8:e8:f5:
59:b3:41:09:d0:d1:66:61:d9:93:09:bc:d3:31:09:d5:22:0a:
78:f6:58:6a:b9:ca:9a:af:c2:80:5f:94:e4:a4:d9:10:5e:af:
69:3b:31:db:cc:1c:f7:73:9a:ff:8f:87:fd:d8:3e:ad:ac:fb:
f3:43:6d:33:56:f0:54:5b:92:43:ca:e1:99:42:c8:a9:56:ab:
5f:84:bd:dc:72:02:00:50:46:14:5b:e5:48:42:a9:66:49:61:
d3:46:49:db:3b:9e:c8:b1:57:0a:d9:f2:41:dd:27:5b:33:b9:
f9:39:41:18:63:69:12:fb:79:33:20:5a:72:f4:97:de:90:13:
c9:58:63:d4:cb:3f:16:62:da:08:7e:18:f0:2f:66:e3:2e:39:
42:82:a6:e5:28:c9:c4:75:fb:08:b1:fd:71:8a:87:1b:dd:d7:
c1:1e:47:d3
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZQiICTRrvPgWnJqXcLa2/RsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTAxMTM0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Mzk5MmQ4YmJjMzQyNDYyNjBiZjAyYzMwY2YzNTk4Y2JjN2JhZGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8dZzZ43v1lqJS+um9KVB1HRubXVR
x5Az3w2y6A4PeJPMG5dHjszZ004zbWW9DVskn9vsK5j+V3uRcPfYjcxZu/KtHS1p
FH+Zjdu9+VuaKkWt8jXjdYZeF7zVRbAE+oafGoltSeTsJuF6CKzxrptDFaVlgKJs
ikOJB1lLgUrc5V6wlOREJ0l7hKPEIHYnfxfD8o6VZzP4Gzr8Af94Cz+CUV2cOWGH
ZBDxCC6WjpWPsgVPLNS2MsE7TEa+688UW7stgRfMj1rsYzsK1Q2PeaYvUNG3kGGJ
s/p+ZRUz8HKaqCWxo9vTmkDclsenUxXtH25AgKtxzkzHt1/X1EX+cNUlSwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFGOZLYu8NCRiYL8CwwzzWYy8e63ZMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvWTVrdGk3dzBKR0pndndMRERQTlpqTHg3cmRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCVR88AwQC
uXxsAwQCuXyIAwQCuaI0AwQCuaYkAwQBucc0AwQAudLqAwQAueZAMA0GCSqGSIb3
DQEBCwUAA4IBAQAJF5EWuYWIjPB7f8HynoPeEs6bULLNPXNDe4qujuOyyf/OWhD4
nvR9vIJRwJUP0vRDZ7LGHLINDelPhVu9fCsyULMgdhUcx2DksHeClTzhqXXVblS/
/Wro6PVZs0EJ0NFmYdmTCbzTMQnVIgp49lhqucqar8KAX5TkpNkQXq9pOzHbzBz3
c5r/j4f92D6trPvzQ20zVvBUW5JDyuGZQsipVqtfhL3ccgIAUEYUW+VIQqlmSWHT
RknbO57IsVcK2fJB3SdbM7n5OUEYY2kS+3kzIFpy9JfekBPJWGPUyz8WYtoIfhjw
L2bjLjlCgqblKMnEdfsIsf1xiocb3dfBHkfT
-----END CERTIFICATE-----
Generated at Sun Apr 6 03:22:24 2025 by rpki-client