Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/YEZmNjD9LobtoLrkp7N_tHQ0otI.roa
File: YEZmNjD9LobtoLrkp7N_tHQ0otI.roa (raw, json)
Hash identifier: l5Mpsefuzo3jfsj+ITASA7cMnq7m7HAdWmpnKY0T210=
Subject key identifier: 60:46:66:36:30:FD:2E:86:ED:A0:BA:E4:A7:B3:7F:B4:74:34:A2:D2
Certificate issuer: /CN=a4f8436003d37602026b65531755ca8fcd31bed2
Certificate serial: 018CC86F4A6D30BDCB23485F2A9F0EA5D076
Authority key identifier: A4:F8:43:60:03:D3:76:02:02:6B:65:53:17:55:CA:8F:CD:31:BE:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pPhDYAPTdgICa2VTF1XKj80xvtI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/YEZmNjD9LobtoLrkp7N_tHQ0otI.roa
Signing time: Tue 02 Jan 2024 04:29:45 +0000
ROA not before: Tue 02 Jan 2024 04:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42525
IP address blocks: 217.63.96.0/19 maxlen: 19
94.101.208.0/20 maxlen: 20
37.205.120.0/21 maxlen: 21
81.27.208.0/20 maxlen: 20
185.17.192.0/22 maxlen: 22
194.182.0.0/18 maxlen: 18
212.98.64.0/18 maxlen: 18
77.243.32.0/20 maxlen: 20
2a01:7e8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/pPhDYAPTdgICa2VTF1XKj80xvtI.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/pPhDYAPTdgICa2VTF1XKj80xvtI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pPhDYAPTdgICa2VTF1XKj80xvtI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:4a:6d:30:bd:cb:23:48:5f:2a:9f:0e:a5:d0:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4f8436003d37602026b65531755ca8fcd31bed2
Validity
Not Before: Jan 2 04:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6046663630fd2e86eda0bae4a7b37fb47434a2d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:33:c1:03:f1:a8:69:46:5e:2f:23:9a:51:ce:
b8:31:74:29:61:e6:ee:39:ae:7d:a9:80:6e:4e:03:
a9:27:83:31:17:d7:75:e8:62:f8:48:7a:83:ae:03:
a7:e7:97:ca:d7:c9:de:f5:d1:51:a9:c4:5d:73:c8:
45:22:ae:2b:26:87:8d:ae:cd:1f:5c:a0:da:a3:af:
53:5f:60:eb:51:c8:7a:d5:ae:a9:27:9c:d7:c5:4f:
81:f3:dd:25:be:d0:83:cb:73:7b:ef:af:34:0d:9d:
61:e6:70:fa:7d:3a:67:e9:bc:4c:9f:64:1d:cf:c0:
49:a5:f9:23:c6:f8:01:de:d7:12:8e:e8:13:a5:66:
0b:88:94:f0:ba:34:0b:6f:64:c5:49:f8:f6:4a:9e:
cd:d1:6c:5b:c0:5f:b8:cc:4b:e4:a7:fc:77:2c:8e:
48:11:3e:14:b2:fd:03:23:ce:d5:37:f4:df:1f:ef:
90:10:02:60:23:1c:f7:5b:cb:82:79:b3:3a:1c:8e:
f6:73:f5:9a:28:64:21:55:16:b5:2a:17:1e:80:24:
2c:12:e2:84:aa:dc:d8:7c:a8:20:f1:1a:59:a0:2c:
b3:4e:57:e6:11:cf:c1:e0:29:11:ec:d5:b7:9c:43:
a0:31:bb:43:0c:be:d5:6c:be:50:9a:02:a4:3d:5c:
97:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:46:66:36:30:FD:2E:86:ED:A0:BA:E4:A7:B3:7F:B4:74:34:A2:D2
X509v3 Authority Key Identifier:
keyid:A4:F8:43:60:03:D3:76:02:02:6B:65:53:17:55:CA:8F:CD:31:BE:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pPhDYAPTdgICa2VTF1XKj80xvtI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/YEZmNjD9LobtoLrkp7N_tHQ0otI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/pPhDYAPTdgICa2VTF1XKj80xvtI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.205.120.0/21
77.243.32.0/20
81.27.208.0/20
94.101.208.0/20
185.17.192.0/22
194.182.0.0/18
212.98.64.0/18
217.63.96.0/19
IPv6:
2a01:7e8::/32
Signature Algorithm: sha256WithRSAEncryption
69:08:82:94:e9:fb:5c:b1:9b:4d:d3:a6:19:24:2f:4c:70:d4:
a9:69:8f:c9:df:40:a1:1c:78:eb:ea:e2:01:62:e2:0e:01:a2:
58:b8:8d:b7:d4:07:14:d2:2a:a5:7a:07:eb:ef:01:ee:a6:6e:
e7:50:87:8b:2e:a7:68:5e:e5:d5:22:21:4f:cd:28:0f:d3:09:
2d:4a:84:19:0a:88:3d:44:8b:22:81:85:da:8b:55:9e:81:1b:
38:7b:89:5b:fc:8d:ee:eb:43:e5:46:e0:fc:c6:e8:f2:34:7d:
ff:7b:b2:2e:04:1c:ad:ad:fa:60:5d:c4:42:44:1c:78:4a:52:
79:5e:b0:35:a0:eb:90:4b:91:f0:d8:34:b2:1c:1a:66:3b:59:
78:cb:65:f2:1a:3c:ca:80:e6:cd:f5:92:15:5d:60:02:59:16:
f4:5e:b5:15:b8:76:ed:77:29:6c:86:87:e7:be:ba:aa:46:8a:
dd:5e:98:c4:a3:dd:41:31:76:f0:32:e1:a8:ef:b9:be:2d:35:
55:fa:e3:c1:f0:ab:1f:98:96:a1:22:73:82:34:7b:33:61:50:
8d:b6:8d:04:f0:90:b0:b1:4b:87:c1:48:31:1c:80:c0:c3:cc:
1c:30:d7:f3:f7:8e:aa:30:c6:c8:f2:1a:e3:4d:c1:5d:89:20:
a0:c0:b9:ee
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzIb0ptML3LI0hfKp8OpdB2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0Zjg0MzYwMDNkMzc2MDIwMjZiNjU1MzE3NTVjYThmY2Qz
MWJlZDIwHhcNMjQwMTAyMDQyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDQ2NjYzNjMwZmQyZTg2ZWRhMGJhZTRhN2IzN2ZiNDc0MzRhMmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTPBA/GoaUZeLyOaUc64MXQpYebu
Oa59qYBuTgOpJ4MxF9d16GL4SHqDrgOn55fK18ne9dFRqcRdc8hFIq4rJoeNrs0f
XKDao69TX2DrUch61a6pJ5zXxU+B890lvtCDy3N77680DZ1h5nD6fTpn6bxMn2Qd
z8BJpfkjxvgB3tcSjugTpWYLiJTwujQLb2TFSfj2Sp7N0WxbwF+4zEvkp/x3LI5I
ET4Usv0DI87VN/TfH++QEAJgIxz3W8uCebM6HI72c/WaKGQhVRa1KhcegCQsEuKE
qtzYfKgg8RpZoCyzTlfmEc/B4CkR7NW3nEOgMbtDDL7VbL5QmgKkPVyXgQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFGBGZjYw/S6G7aC65Kezf7R0NKLSMB8GA1UdIwQY
MBaAFKT4Q2AD03YCAmtlUxdVyo/NMb7SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFBoRFlBUFRkZ0lDYTJWVEYxWEtqODB4dnRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS81MTU2MDgtNTAxMi00YTQwLWIzMjQt
MjdiZjgzY2RlZDZiLzEvWUVabU5qRDlMb2J0b0xya3A3Tl90SFEwb3RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS81MTU2MDgtNTAxMi00YTQwLWIzMjQtMjdiZjgzY2RlZDZi
LzEvcFBoRFlBUFRkZ0lDYTJWVEYxWEtqODB4dnRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDJc14AwQE
TfMgAwQEURvQAwQEXmXQAwQCuRHAAwQGwrYAAwQG1GJAAwQF2T9gMA0EAgACMAcD
BQAqAQfoMA0GCSqGSIb3DQEBCwUAA4IBAQBpCIKU6ftcsZtN06YZJC9McNSpaY/J
30ChHHjr6uIBYuIOAaJYuI231AcU0iqlegfr7wHupm7nUIeLLqdoXuXVIiFPzSgP
0wktSoQZCog9RIsigYXai1WegRs4e4lb/I3u60PlRuD8xujyNH3/e7IuBBytrfpg
XcRCRBx4SlJ5XrA1oOuQS5Hw2DSyHBpmO1l4y2XyGjzKgObN9ZIVXWACWRb0XrUV
uHbtdylshofnvrqqRordXpjEo91BMXbwMuGo77m+LTVV+uPB8KsfmJahInOCNHsz
YVCNto0E8JCwsUuHwUgxHIDAw8wcMNfz946qMMbI8hrjTcFdiSCgwLnu
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:17:50 2024 by rpki-client on console-ams.rpki-client.org