Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/ynyBR_MzOGR4r0N-CldS4t-JvJk.roa
File: ynyBR_MzOGR4r0N-CldS4t-JvJk.roa (raw, json)
Hash identifier: NQtgB6Bwrhn5sx03ajp28/menwkNNSgl+RQpCM5sXSY=
Subject key identifier: CA:7C:81:47:F3:33:38:64:78:AF:43:7E:0A:57:52:E2:DF:89:BC:99
Certificate issuer: /CN=ff8208b129c53e87c3f0d0ed1bca85730140f390
Certificate serial: 019235727E41251DB4D08D4AA14CA2F8BB86
Authority key identifier: FF:82:08:B1:29:C5:3E:87:C3:F0:D0:ED:1B:CA:85:73:01:40:F3:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IIsSnFPofD8NDtG8qFcwFA85A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/ynyBR_MzOGR4r0N-CldS4t-JvJk.roa
Signing time: Fri 27 Sep 2024 21:45:48 +0000
ROA not before: Fri 27 Sep 2024 21:45:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211309
IP address blocks: 46.227.152.0/21 maxlen: 21
81.88.64.0/21 maxlen: 21
81.95.80.0/20 maxlen: 20
82.148.168.0/21 maxlen: 21
82.148.176.0/20 maxlen: 20
89.207.136.0/21 maxlen: 21
109.169.112.0/21 maxlen: 21
178.174.112.0/20 maxlen: 20
185.176.244.0/23 maxlen: 23
185.176.244.0/24 maxlen: 24
185.176.245.0/24 maxlen: 24
185.178.4.0/22 maxlen: 22
185.190.36.0/24 maxlen: 24
193.168.156.0/22 maxlen: 22
2a0a:2780::/31 maxlen: 31
2a0a:2780::/32 maxlen: 32
2a0a:2781::/32 maxlen: 32
2a10:d640::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/_4IIsSnFPofD8NDtG8qFcwFA85A.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/_4IIsSnFPofD8NDtG8qFcwFA85A.mft
rsync://rpki.ripe.net/repository/DEFAULT/_4IIsSnFPofD8NDtG8qFcwFA85A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 23:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:35:72:7e:41:25:1d:b4:d0:8d:4a:a1:4c:a2:f8:bb:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff8208b129c53e87c3f0d0ed1bca85730140f390
Validity
Not Before: Sep 27 21:45:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca7c8147f333386478af437e0a5752e2df89bc99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:3c:c4:90:00:d1:28:51:27:92:aa:ea:ad:fb:
3e:c0:5d:ad:98:6c:a0:60:d4:67:e9:09:38:a3:60:
bd:4a:17:50:7a:4e:2d:2c:65:34:3f:d6:cd:98:31:
c7:0d:9c:79:cb:bd:54:1a:e1:49:e1:33:be:04:25:
89:d7:6b:0f:6f:3e:0d:3a:17:16:40:33:b7:d0:d4:
99:bd:46:f4:14:15:cf:44:84:83:c8:e9:74:f8:25:
b5:33:28:ae:b1:7c:4f:da:7e:c9:b2:5d:7a:44:5b:
68:a1:90:d9:02:5b:bb:e6:23:76:e8:4a:1c:3e:43:
63:92:d2:04:87:5b:06:c7:2f:8f:ca:76:87:35:98:
02:77:48:23:30:95:1e:10:99:bb:83:9f:d3:36:54:
1c:a7:da:7a:bf:88:be:dc:0e:8e:24:a8:0b:0c:9a:
ed:74:9c:54:a0:b9:c8:17:a4:95:42:eb:20:ba:6b:
ff:ac:70:c6:bd:4d:bf:32:a6:f0:7c:6b:85:47:9b:
63:da:37:3c:20:7d:28:54:63:cc:87:9e:2f:07:3c:
8f:cb:fd:23:0e:b7:7a:9c:fa:c6:57:2b:86:a4:87:
c6:2f:f9:92:3a:72:f5:b7:e2:02:b4:fc:e0:91:06:
ae:74:d8:8c:ce:5b:9f:85:f4:91:94:2f:bb:02:5d:
c0:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:7C:81:47:F3:33:38:64:78:AF:43:7E:0A:57:52:E2:DF:89:BC:99
X509v3 Authority Key Identifier:
keyid:FF:82:08:B1:29:C5:3E:87:C3:F0:D0:ED:1B:CA:85:73:01:40:F3:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IIsSnFPofD8NDtG8qFcwFA85A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/ynyBR_MzOGR4r0N-CldS4t-JvJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/_4IIsSnFPofD8NDtG8qFcwFA85A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.152.0/21
81.88.64.0/21
81.95.80.0/20
82.148.168.0-82.148.191.255
89.207.136.0/21
109.169.112.0/21
178.174.112.0/20
185.176.244.0/23
185.178.4.0/22
185.190.36.0/24
193.168.156.0/22
IPv6:
2a0a:2780::/31
2a10:d640::/29
Signature Algorithm: sha256WithRSAEncryption
21:ba:94:f2:aa:77:46:bb:4b:07:df:73:2d:f3:fe:7d:92:13:
bd:c9:ff:9f:10:1d:7d:48:1a:74:15:c2:c0:69:5c:d0:24:9f:
37:9a:5b:97:e0:05:88:3a:05:28:ed:df:8c:8d:5c:90:26:73:
76:5a:62:e0:83:8c:b9:6f:72:76:db:c1:4d:17:e9:02:a6:29:
69:76:d4:3b:62:42:82:f8:f1:3b:85:f0:11:25:20:8c:40:49:
d5:49:cf:d4:d3:8c:28:18:cc:80:fe:a3:5a:b0:22:10:01:8c:
a1:b1:6d:db:d3:92:ae:d7:4f:f6:bf:f4:22:83:be:78:05:05:
71:21:f2:cd:f2:86:93:f2:0a:a2:70:1a:45:cd:6a:04:c6:2e:
2e:33:83:bb:f9:d5:0a:c8:59:69:56:7b:04:bf:3a:04:cf:c5:
60:65:60:eb:d5:46:b5:d5:30:94:61:e1:42:e6:d0:a2:77:6c:
d9:8f:e2:f5:10:96:3c:a3:8b:be:29:4b:d7:c4:95:5d:2b:69:
6e:a5:ff:5d:31:9b:f5:bf:88:2b:1b:78:2c:e2:77:de:d6:3d:
6d:ba:0f:e9:86:04:02:0e:5e:27:41:86:c1:44:3a:cb:d3:55:
c3:73:65:07:cd:b8:18:82:a6:16:83:24:80:39:a5:6d:0d:5c:
93:e1:52:1e
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZI1cn5BJR200I1KoUyi+LuGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIwOGIxMjljNTNlODdjM2YwZDBlZDFiY2E4NTczMDE0
MGYzOTAwHhcNMjQwOTI3MjE0NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTdjODE0N2YzMzMzODY0NzhhZjQzN2UwYTU3NTJlMmRmODliYzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1jzEkADRKFEnkqrqrfs+wF2tmGyg
YNRn6Qk4o2C9ShdQek4tLGU0P9bNmDHHDZx5y71UGuFJ4TO+BCWJ12sPbz4NOhcW
QDO30NSZvUb0FBXPRISDyOl0+CW1MyiusXxP2n7Jsl16RFtooZDZAlu75iN26Eoc
PkNjktIEh1sGxy+PynaHNZgCd0gjMJUeEJm7g5/TNlQcp9p6v4i+3A6OJKgLDJrt
dJxUoLnIF6SVQusgumv/rHDGvU2/MqbwfGuFR5tj2jc8IH0oVGPMh54vBzyPy/0j
Drd6nPrGVyuGpIfGL/mSOnL1t+ICtPzgkQaudNiMzlufhfSRlC+7Al3A3QIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFMp8gUfzMzhkeK9DfgpXUuLfibyZMB8GA1UdIwQY
MBaAFP+CCLEpxT6Hw/DQ7RvKhXMBQPOQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJSXNTbkZQb2ZEOE5EdEc4cUZjd0ZBODVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS85NjgwYzctNTdkNy00OWM2LThiNjMt
NDAxNTNjNWQwYTQ3LzEveW55QlJfTXpPR1I0cjBOLUNsZFM0dC1KdkprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS85NjgwYzctNTdkNy00OWM2LThiNjMtNDAxNTNjNWQwYTQ3
LzEvXzRJSXNTbkZQb2ZEOE5EdEc4cUZjd0ZBODVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBQBAIAATBKAwQDLuOYAwQD
UVhAAwQEUV9QMAwDBANSlKgDBAZSlIADBANZz4gDBANtqXADBASyrnADBAG5sPQD
BAK5sgQDBAC5viQDBALBqJwwFAQCAAIwDgMFASoKJ4ADBQMqENZAMA0GCSqGSIb3
DQEBCwUAA4IBAQAhupTyqndGu0sH33Mt8/59khO9yf+fEB19SBp0FcLAaVzQJJ83
mluX4AWIOgUo7d+MjVyQJnN2WmLgg4y5b3J228FNF+kCpilpdtQ7YkKC+PE7hfAR
JSCMQEnVSc/U04woGMyA/qNasCIQAYyhsW3b05Ku10/2v/Qig754BQVxIfLN8oaT
8gqicBpFzWoExi4uM4O7+dUKyFlpVnsEvzoEz8VgZWDr1Ua11TCUYeFC5tCid2zZ
j+L1EJY8o4u+KUvXxJVdK2lupf9dMZv1v4grG3gs4nfe1j1tug/phgQCDl4nQYbB
RDrL01XDc2UHzbgYgqYWgySAOaVtDVyT4VIe
-----END CERTIFICATE-----
Generated at Sun Sep 29 02:23:24 2024 by rpki-client on console-fra.rpki-client.org