Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/YbdTZXXJ_bhou-ns1MRKdw7L4Hs.roa
File: YbdTZXXJ_bhou-ns1MRKdw7L4Hs.roa (raw, json)
Hash identifier: Yu99aBSHIFLARWNtpLmDu4XobT/yupAF1F7TMAyI2tE=
Subject key identifier: 61:B7:53:65:75:C9:FD:B8:68:BB:E9:EC:D4:C4:4A:77:0E:CB:E0:7B
Certificate issuer: /CN=929352a8d2dd70c91ffcec8e323fe69f1e9a4139
Certificate serial: 01942368FB261482CF50B590BD4FA4702DE5
Authority key identifier: 92:93:52:A8:D2:DD:70:C9:1F:FC:EC:8E:32:3F:E6:9F:1E:9A:41:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpNSqNLdcMkf_OyOMj_mnx6aQTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/YbdTZXXJ_bhou-ns1MRKdw7L4Hs.roa
Signing time: Wed 01 Jan 2025 19:47:50 +0000
ROA not before: Wed 01 Jan 2025 19:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29208
IP address blocks: 46.227.8.0/21 maxlen: 21
62.4.96.0/21 maxlen: 21
62.4.104.0/22 maxlen: 22
62.44.0.0/19 maxlen: 19
62.177.64.0/18 maxlen: 18
82.100.0.0/18 maxlen: 18
82.113.32.0/19 maxlen: 19
82.119.240.0/20 maxlen: 20
82.119.250.0/24 maxlen: 24
83.148.0.0/18 maxlen: 18
85.93.96.0/19 maxlen: 19
88.146.0.0/17 maxlen: 17
88.208.64.0/18 maxlen: 18
89.235.0.0/18 maxlen: 18
95.80.192.0/18 maxlen: 18
109.235.176.0/22 maxlen: 22
151.237.224.0/21 maxlen: 21
185.24.236.0/22 maxlen: 22
194.213.224.0/19 maxlen: 19
195.122.192.0/19 maxlen: 19
195.128.192.0/19 maxlen: 19
195.250.128.0/19 maxlen: 19
195.250.154.0/24 maxlen: 24
212.20.96.0/19 maxlen: 19
212.24.128.0/19 maxlen: 19
212.27.192.0/19 maxlen: 19
212.80.64.0/19 maxlen: 19
213.151.64.0/19 maxlen: 19
213.175.32.0/19 maxlen: 19
213.191.96.0/19 maxlen: 19
2001:1508::/32 maxlen: 48
2001:4de8::/32 maxlen: 48
2a00:c40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/kpNSqNLdcMkf_OyOMj_mnx6aQTk.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/kpNSqNLdcMkf_OyOMj_mnx6aQTk.mft
rsync://rpki.ripe.net/repository/DEFAULT/kpNSqNLdcMkf_OyOMj_mnx6aQTk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 08:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:fb:26:14:82:cf:50:b5:90:bd:4f:a4:70:2d:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=929352a8d2dd70c91ffcec8e323fe69f1e9a4139
Validity
Not Before: Jan 1 19:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=61b7536575c9fdb868bbe9ecd4c44a770ecbe07b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:0a:4a:62:3e:53:2c:95:29:e8:87:bc:95:a6:
43:a0:97:d2:55:84:54:70:03:34:70:ff:3a:47:43:
57:c5:6f:29:d1:6f:3a:ee:fc:84:4a:13:f1:b5:66:
e9:4c:4c:26:b6:39:ff:45:af:a2:a0:79:99:c4:81:
fa:b6:a2:36:87:5d:3b:be:9e:1c:26:5b:31:d6:1f:
c1:e4:60:dc:91:57:51:c1:38:df:11:57:be:ad:26:
78:ee:57:31:43:2f:6e:58:96:72:1b:38:df:56:7c:
c4:7b:6c:df:db:25:a6:dd:cc:6e:8c:25:10:84:6c:
25:f6:88:48:4e:68:6e:74:e6:49:44:84:a9:91:9e:
ff:78:dc:16:b8:ff:d6:0d:86:f9:9c:30:ba:fb:be:
5c:0e:c9:ab:0c:22:34:57:9b:c6:cc:75:75:17:4a:
72:29:92:cd:e9:95:7f:c6:a0:09:e6:49:3b:08:3a:
1c:41:80:d1:2c:fa:1d:8a:b7:ef:52:2a:06:0e:b5:
7e:e2:8d:e3:2b:98:71:d4:9c:a2:50:63:cf:8a:f5:
29:a5:b9:87:b4:14:f0:c6:a0:fe:29:76:ed:2d:85:
ae:72:80:43:49:16:83:04:c6:0a:a0:02:ad:f7:e6:
3e:36:b3:9c:36:c4:1e:08:29:a3:c5:ec:cb:81:28:
f7:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:B7:53:65:75:C9:FD:B8:68:BB:E9:EC:D4:C4:4A:77:0E:CB:E0:7B
X509v3 Authority Key Identifier:
keyid:92:93:52:A8:D2:DD:70:C9:1F:FC:EC:8E:32:3F:E6:9F:1E:9A:41:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpNSqNLdcMkf_OyOMj_mnx6aQTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/YbdTZXXJ_bhou-ns1MRKdw7L4Hs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/kpNSqNLdcMkf_OyOMj_mnx6aQTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.8.0/21
62.4.96.0-62.4.107.255
62.44.0.0/19
62.177.64.0/18
82.100.0.0/18
82.113.32.0/19
82.119.240.0/20
83.148.0.0/18
85.93.96.0/19
88.146.0.0/17
88.208.64.0/18
89.235.0.0/18
95.80.192.0/18
109.235.176.0/22
151.237.224.0/21
185.24.236.0/22
194.213.224.0/19
195.122.192.0/19
195.128.192.0/19
195.250.128.0/19
212.20.96.0/19
212.24.128.0/19
212.27.192.0/19
212.80.64.0/19
213.151.64.0/19
213.175.32.0/19
213.191.96.0/19
IPv6:
2001:1508::/32
2001:4de8::/32
2a00:c40::/32
Signature Algorithm: sha256WithRSAEncryption
22:d9:c9:1d:49:bd:e4:0f:f7:39:b5:77:14:63:c3:57:f8:7a:
e2:12:4e:87:83:2e:ca:96:15:6e:a6:87:29:2d:04:17:82:72:
70:92:a2:3c:72:49:c9:7e:93:ce:0d:bd:fb:75:7b:71:0d:1c:
01:fd:32:56:2b:1a:87:1c:ce:00:9b:7e:8f:99:f0:ed:b8:89:
a5:12:c1:ab:7b:e8:f4:2d:01:41:bb:1e:67:7e:4b:18:3c:2b:
32:3d:ac:7a:14:cc:6a:73:b3:17:f0:49:23:cd:25:fa:48:0b:
6d:a7:74:9a:f2:b6:7f:32:60:dc:36:00:a5:88:7a:c1:8e:71:
2f:d5:4e:91:2e:c9:e3:e0:7d:5c:3c:51:cb:0f:51:57:5e:9a:
cd:6d:b2:f0:ce:ee:54:d5:24:8d:a2:52:c2:44:c2:5c:5f:3c:
60:31:b8:e0:8c:37:7f:0d:c2:83:ef:b9:13:c1:b5:4e:7b:58:
4d:de:99:c5:5d:92:51:b0:f8:2e:d3:80:49:fa:20:a7:21:3d:
53:4c:e9:68:2a:f5:a8:8c:6f:79:e1:4e:9d:2c:e7:92:16:c9:
de:ab:6e:5c:2c:07:f8:db:3b:22:3a:10:8d:fc:c2:76:0f:ad:
b4:86:41:1d:dc:57:31:9e:66:01:f4:4d:df:06:60:1c:76:45:
91:bd:fe:cf
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgISAZQjaPsmFILPULWQvU+kcC3lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTM1MmE4ZDJkZDcwYzkxZmZjZWM4ZTMyM2ZlNjlmMWU5
YTQxMzkwHhcNMjUwMTAxMTk0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWI3NTM2NTc1YzlmZGI4NjhiYmU5ZWNkNGM0NGE3NzBlY2JlMDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQpKYj5TLJUp6Ie8laZDoJfSVYRU
cAM0cP86R0NXxW8p0W867vyEShPxtWbpTEwmtjn/Ra+ioHmZxIH6tqI2h107vp4c
Jlsx1h/B5GDckVdRwTjfEVe+rSZ47lcxQy9uWJZyGzjfVnzEe2zf2yWm3cxujCUQ
hGwl9ohITmhudOZJRISpkZ7/eNwWuP/WDYb5nDC6+75cDsmrDCI0V5vGzHV1F0py
KZLN6ZV/xqAJ5kk7CDocQYDRLPodirfvUioGDrV+4o3jK5hx1JyiUGPPivUppbmH
tBTwxqD+KXbtLYWucoBDSRaDBMYKoAKt9+Y+NrOcNsQeCCmjxezLgSj3XQIDAQAB
o4ICzzCCAsswHQYDVR0OBBYEFGG3U2V1yf24aLvp7NTESncOy+B7MB8GA1UdIwQY
MBaAFJKTUqjS3XDJH/zsjjI/5p8emkE5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BOU3FOTGRjTWtmX095T01qX21ueDZhUVRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi83YjZlZGMtYWQyMy00ZDczLWFiNTYt
MGExYTM1ODk3ZjEwLzEvWWJkVFpYWEpfYmhvdS1uczFNUktkdzdMNEhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi83YjZlZGMtYWQyMy00ZDczLWFiNTYtMGExYTM1ODk3ZjEw
LzEva3BOU3FOTGRjTWtmX095T01qX21ueDZhUVRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHkBggrBgEFBQcBBwEB/wSB1DCB0TCBsQQCAAEwgaoDBAMu
4wgwDAMEBT4EYAMEAj4EaAMEBT4sAAMEBj6xQAMEBlJkAAMEBVJxIAMEBFJ38AME
BlOUAAMEBVVdYAMEB1iSAAMEBljQQAMEBlnrAAMEBl9QwAMEAm3rsAMEA5ft4AME
ArkY7AMEBcLV4AMEBcN6wAMEBcOAwAMEBcP6gAMEBdQUYAMEBdQYgAMEBdQbwAME
BdRQQAMEBdWXQAMEBdWvIAMEBdW/YDAbBAIAAjAVAwUAIAEVCAMFACABTegDBQAq
AAxAMA0GCSqGSIb3DQEBCwUAA4IBAQAi2ckdSb3kD/c5tXcUY8NX+HriEk6Hgy7K
lhVupocpLQQXgnJwkqI8cknJfpPODb37dXtxDRwB/TJWKxqHHM4Am36PmfDtuIml
EsGre+j0LQFBux5nfksYPCsyPax6FMxqc7MX8EkjzSX6SAttp3Sa8rZ/MmDcNgCl
iHrBjnEv1U6RLsnj4H1cPFHLD1FXXprNbbLwzu5U1SSNolLCRMJcXzxgMbjgjDd/
DcKD77kTwbVOe1hN3pnFXZJRsPgu04BJ+iCnIT1TTOloKvWojG954U6dLOeSFsne
q25cLAf42zsiOhCN/MJ2D620hkEd3FcxnmYB9E3fBmAcdkWRvf7P
-----END CERTIFICATE-----
Generated at Thu Apr 10 13:32:44 2025 by rpki-client