Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/YzlhqxTXlZJt_ccJL_8xYEo3RpQ.roa
File: YzlhqxTXlZJt_ccJL_8xYEo3RpQ.roa (raw, json)
Hash identifier: VMynD3IVNA2HmWLE0yQohNn0wYN+CXXLpPiN6FXb1zA=
Subject key identifier: 63:39:61:AB:14:D7:95:92:6D:FD:C7:09:2F:FF:31:60:4A:37:46:94
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 018CC56EEEB17A4638D6638C60995A482BF7
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/YzlhqxTXlZJt_ccJL_8xYEo3RpQ.roa
Signing time: Mon 01 Jan 2024 14:30:30 +0000
ROA not before: Mon 01 Jan 2024 14:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203380
IP address blocks: 82.118.245.0/24 maxlen: 24
79.124.7.0/24 maxlen: 24
77.76.13.0/24 maxlen: 24
91.148.141.0/24 maxlen: 24
78.128.99.0/24 maxlen: 24
94.72.141.0/24 maxlen: 24
94.72.143.0/24 maxlen: 24
94.72.140.0/23 maxlen: 24
82.118.227.0/24 maxlen: 24
82.118.230.0/24 maxlen: 24
82.118.234.0/24 maxlen: 24
82.118.235.0/24 maxlen: 24
130.185.251.0/24 maxlen: 24
79.124.77.0/24 maxlen: 24
78.128.127.0/24 maxlen: 24
2a01:8740:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 10:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:ee:b1:7a:46:38:d6:63:8c:60:99:5a:48:2b:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Jan 1 14:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=633961ab14d795926dfdc7092fff31604a374694
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:70:3f:72:5a:0d:68:7d:99:d2:cb:34:57:a6:
15:9d:06:fc:85:63:5e:40:81:52:b3:54:e6:71:27:
87:d6:1d:6e:4b:b3:ba:3c:42:a9:0f:63:3b:eb:ec:
f0:f5:a7:70:d3:ba:f8:eb:92:1a:ea:16:70:45:07:
9b:65:23:80:4d:39:e6:82:96:72:42:b3:52:3c:19:
f9:62:42:2a:eb:c0:f4:d6:7a:3c:50:31:02:73:a4:
b2:ee:25:e5:c2:ce:18:52:34:c9:ab:48:55:27:2a:
39:99:87:57:be:b7:de:fb:e1:71:e4:37:37:dc:19:
4d:ac:ca:d4:ac:06:a8:bb:2b:ba:3f:dd:5c:1e:69:
bb:97:6e:f8:e1:c1:42:76:62:a9:92:35:00:c5:e7:
0a:61:6b:22:ec:cf:d5:9b:93:4f:14:3e:dd:14:16:
f8:92:1b:8e:7a:7b:36:89:06:eb:75:6d:8c:1b:43:
83:20:01:62:d6:e4:9a:48:1b:0d:30:3a:a5:67:80:
c4:9b:3f:7d:da:80:15:a2:fa:f2:fe:3a:f3:20:55:
ea:94:fd:18:2f:97:9d:56:49:f0:03:e9:d6:4f:92:
60:35:6a:40:0d:ca:d6:66:5c:5b:50:26:60:2d:48:
19:9f:9b:e3:72:a2:24:d8:e1:db:b0:80:01:92:e6:
5c:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:39:61:AB:14:D7:95:92:6D:FD:C7:09:2F:FF:31:60:4A:37:46:94
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/YzlhqxTXlZJt_ccJL_8xYEo3RpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.76.13.0/24
78.128.99.0/24
78.128.127.0/24
79.124.7.0/24
79.124.77.0/24
82.118.227.0/24
82.118.230.0/24
82.118.234.0/23
82.118.245.0/24
91.148.141.0/24
94.72.140.0/23
94.72.143.0/24
130.185.251.0/24
IPv6:
2a01:8740:1::/48
Signature Algorithm: sha256WithRSAEncryption
26:97:b7:19:c1:41:33:30:c0:e6:52:a8:d4:0d:ed:dc:df:e4:
a2:5d:ad:20:d1:2e:de:e4:56:c0:3f:86:80:ef:39:f7:2f:1d:
cd:28:09:80:f1:84:bf:c3:04:db:b8:58:ce:6d:82:f5:11:60:
65:01:9b:67:ff:4c:18:21:61:59:49:9d:4b:39:03:a7:8d:2e:
ca:38:84:5b:ea:a4:0b:78:96:9e:31:44:9c:f9:c5:9e:b1:a1:
3f:3a:1d:a2:2f:59:bb:3c:7f:1f:60:69:0f:59:4e:30:00:96:
ed:f5:0e:8c:47:c8:39:34:6c:1b:c6:8d:fe:96:9f:69:de:94:
12:16:37:40:15:6a:7a:e2:10:d1:9e:4a:8a:6f:d5:44:40:f5:
95:3f:67:e8:76:48:25:a8:79:53:ec:8c:0f:9e:f2:24:37:63:
2c:5f:2c:d4:79:51:24:34:d5:56:43:6b:3c:2c:e1:3c:18:a0:
14:6c:bb:c2:b2:b8:a4:0c:9d:62:ca:e2:9e:18:6e:1c:06:25:
5b:9c:f7:a3:00:80:da:86:e7:e3:e3:3a:3a:74:dc:2a:f1:3d:
de:cc:9d:5a:78:b6:bc:87:0c:47:f1:3d:75:78:07:69:f8:c7:
47:eb:78:c2:11:a6:a7:56:66:1b:dd:a6:41:7c:cd:1b:b0:b0:
ae:69:f4:4a
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAYzFbu6xekY41mOMYJlaSCv3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjQwMTAxMTQzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzM5NjFhYjE0ZDc5NTkyNmRmZGM3MDkyZmZmMzE2MDRhMzc0Njk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0XA/cloNaH2Z0ss0V6YVnQb8hWNe
QIFSs1TmcSeH1h1uS7O6PEKpD2M76+zw9adw07r465Ia6hZwRQebZSOATTnmgpZy
QrNSPBn5YkIq68D01no8UDECc6Sy7iXlws4YUjTJq0hVJyo5mYdXvrfe++Fx5Dc3
3BlNrMrUrAaouyu6P91cHmm7l2744cFCdmKpkjUAxecKYWsi7M/Vm5NPFD7dFBb4
khuOens2iQbrdW2MG0ODIAFi1uSaSBsNMDqlZ4DEmz992oAVovry/jrzIFXqlP0Y
L5edVknwA+nWT5JgNWpADcrWZlxbUCZgLUgZn5vjcqIk2OHbsIABkuZcMwIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFGM5YasU15WSbf3HCS//MWBKN0aUMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvWXpsaHF4VFhsWkp0X2NjSkxfOHhZRW8zUnBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBUBAIAATBOAwQATUwNAwQA
ToBjAwQAToB/AwQAT3wHAwQAT3xNAwQAUnbjAwQAUnbmAwQBUnbqAwQAUnb1AwQA
W5SNAwQBXkiMAwQAXkiPAwQAgrn7MA8EAgACMAkDBwAqAYdAAAEwDQYJKoZIhvcN
AQELBQADggEBACaXtxnBQTMwwOZSqNQN7dzf5KJdrSDRLt7kVsA/hoDvOfcvHc0o
CYDxhL/DBNu4WM5tgvURYGUBm2f/TBghYVlJnUs5A6eNLso4hFvqpAt4lp4xRJz5
xZ6xoT86HaIvWbs8fx9gaQ9ZTjAAlu31DoxHyDk0bBvGjf6Wn2nelBIWN0AVanri
ENGeSopv1URA9ZU/Z+h2SCWoeVPsjA+e8iQ3YyxfLNR5USQ01VZDazws4TwYoBRs
u8KyuKQMnWLK4p4YbhwGJVuc96MAgNqG5+PjOjp03CrxPd7MnVp4tryHDEfxPXV4
B2n4x0freMIRpqdWZhvdpkF8zRuwsK5p9Eo=
-----END CERTIFICATE-----
Generated at Fri Jun 7 17:45:39 2024 by rpki-client on console-ams.rpki-client.org