Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/096eaf-634b-4c49-b68e-c2c61518589f/1/YtKL71UbLK_i2p8zQ0Zk6vZVJOA.roa
File: YtKL71UbLK_i2p8zQ0Zk6vZVJOA.roa (raw, json)
Hash identifier: /4aYyOO4iPzjqz1RuK3bQQJV1g9Q44l5soGUhIfqnv0=
Subject key identifier: 62:D2:8B:EF:55:1B:2C:AF:E2:DA:9F:33:43:46:64:EA:F6:55:24:E0
Certificate issuer: /CN=6e8b028d18274d21a7316aea3ccce9158b54f481
Certificate serial: 018CC9BCB8E5C984709B6673FCAA35B9E127
Authority key identifier: 6E:8B:02:8D:18:27:4D:21:A7:31:6A:EA:3C:CC:E9:15:8B:54:F4:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bosCjRgnTSGnMWrqPMzpFYtU9IE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/096eaf-634b-4c49-b68e-c2c61518589f/1/YtKL71UbLK_i2p8zQ0Zk6vZVJOA.roa
Signing time: Tue 02 Jan 2024 10:33:57 +0000
ROA not before: Tue 02 Jan 2024 10:33:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198913
IP address blocks: 46.243.123.0/24 maxlen: 24
46.243.124.0/24 maxlen: 24
46.243.120.0/21 maxlen: 21
46.243.125.0/24 maxlen: 24
46.243.121.0/24 maxlen: 24
46.243.122.0/24 maxlen: 24
46.243.126.0/24 maxlen: 24
46.243.127.0/24 maxlen: 24
31.220.147.0/24 maxlen: 24
185.132.24.0/22 maxlen: 22
185.132.24.0/24 maxlen: 24
185.132.26.0/24 maxlen: 24
185.132.27.0/24 maxlen: 24
185.132.25.0/24 maxlen: 24
185.173.228.0/24 maxlen: 24
185.173.228.0/22 maxlen: 22
185.173.229.0/24 maxlen: 24
185.173.230.0/24 maxlen: 24
185.173.231.0/24 maxlen: 24
217.19.13.0/24 maxlen: 24
2a03:d400:228::/48 maxlen: 48
2a03:d400:123::/48 maxlen: 48
2a03:d400:26::/48 maxlen: 48
2a03:d400:126::/48 maxlen: 48
2a03:d400:121::/48 maxlen: 48
2a03:d400:25::/48 maxlen: 48
2a03:d400:125::/48 maxlen: 48
2a03:d400::/32 maxlen: 32
2a03:d400:120::/48 maxlen: 48
2a03:d400:122::/48 maxlen: 48
2a03:d400:13::/48 maxlen: 48
2a0b:6f00::/29 maxlen: 29
2a03:d400:231::/48 maxlen: 48
2a03:d400:27::/48 maxlen: 48
2a03:d400:127::/48 maxlen: 48
2a03:d400:230::/48 maxlen: 48
2a03:d400:229::/48 maxlen: 48
2a03:d400:24::/48 maxlen: 48
2a03:d400:124::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/096eaf-634b-4c49-b68e-c2c61518589f/1/bosCjRgnTSGnMWrqPMzpFYtU9IE.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/096eaf-634b-4c49-b68e-c2c61518589f/1/bosCjRgnTSGnMWrqPMzpFYtU9IE.mft
rsync://rpki.ripe.net/repository/DEFAULT/bosCjRgnTSGnMWrqPMzpFYtU9IE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 29 Jun 2024 22:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:b8:e5:c9:84:70:9b:66:73:fc:aa:35:b9:e1:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e8b028d18274d21a7316aea3ccce9158b54f481
Validity
Not Before: Jan 2 10:33:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62d28bef551b2cafe2da9f33434664eaf65524e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:be:fa:5a:a4:ec:3b:2b:1b:fb:39:36:00:32:
dd:80:10:3c:6d:05:57:16:d7:5f:ee:77:00:a4:bd:
8d:20:66:0f:94:56:c3:6f:68:3b:b2:5a:5b:6b:b6:
01:8d:6d:98:a2:98:36:7c:99:4f:cb:f4:df:5f:4a:
d5:2b:1e:78:5b:c1:cc:e1:94:1e:61:13:1f:b2:0e:
72:45:27:10:b9:4a:2b:40:e4:6d:bc:98:ad:b1:80:
7d:d2:fb:09:9c:b4:6f:c0:dd:92:d7:a9:e0:1a:13:
c2:f2:c3:2a:bf:ba:df:05:cb:28:25:f5:0f:a0:5b:
89:09:b7:5b:02:f4:4c:bb:70:f6:29:d5:5f:8a:79:
b3:a9:c3:b1:e6:c7:ac:a4:72:58:3a:0a:27:03:01:
79:15:20:af:27:d9:f8:f9:69:0d:c6:1a:38:d4:f2:
fa:7b:4e:c7:6b:7b:1b:f7:6b:ba:6a:18:81:d4:89:
78:a5:5d:f0:16:5e:b8:cb:4e:46:2e:45:31:aa:3e:
be:19:74:93:15:19:a6:d9:62:68:1c:33:c3:42:06:
4b:7a:fd:90:35:bf:f4:d3:a4:cf:8c:9a:2e:11:f0:
8e:fd:21:dc:d5:da:9a:c5:45:f3:7c:db:06:79:ec:
9b:a0:4f:5c:23:ee:09:3f:e0:e4:14:ee:74:5a:66:
78:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:D2:8B:EF:55:1B:2C:AF:E2:DA:9F:33:43:46:64:EA:F6:55:24:E0
X509v3 Authority Key Identifier:
keyid:6E:8B:02:8D:18:27:4D:21:A7:31:6A:EA:3C:CC:E9:15:8B:54:F4:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bosCjRgnTSGnMWrqPMzpFYtU9IE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/096eaf-634b-4c49-b68e-c2c61518589f/1/YtKL71UbLK_i2p8zQ0Zk6vZVJOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/096eaf-634b-4c49-b68e-c2c61518589f/1/bosCjRgnTSGnMWrqPMzpFYtU9IE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.147.0/24
46.243.120.0/21
185.132.24.0/22
185.173.228.0/22
217.19.13.0/24
IPv6:
2a03:d400::/32
2a0b:6f00::/29
Signature Algorithm: sha256WithRSAEncryption
25:dd:aa:15:fe:08:79:a3:6b:2e:cd:0e:b0:7e:47:74:88:ef:
26:ca:99:67:9e:00:5c:83:ff:2f:76:26:d7:ad:17:65:0c:08:
30:3c:8e:20:c4:f6:ae:c0:10:f7:e7:12:b8:33:96:ea:e4:4d:
c2:47:64:a1:16:12:7d:b1:5a:9b:61:80:81:be:77:c4:cd:74:
26:0d:ce:05:96:c1:2f:b6:3f:f2:9f:32:5e:3e:a1:30:87:07:
47:d8:c8:d0:95:52:d9:2f:ff:3b:89:c0:8a:bc:df:49:23:cf:
4d:e4:f6:a3:8e:79:39:ed:8b:69:04:10:8c:af:2e:da:16:98:
45:43:d4:25:6d:c5:6d:c5:73:93:ef:e5:3b:4a:d5:59:81:97:
c3:62:6f:b3:77:d4:87:de:ec:e3:2c:b1:a5:12:4b:2c:67:fa:
e2:91:79:90:5a:39:f2:5c:2d:ca:e8:a9:f8:44:37:0f:70:49:
59:c5:a6:72:41:a7:d3:a9:c0:5f:b2:1d:29:be:c5:16:d6:86:
8a:5a:2f:ab:cd:fe:d1:e2:91:c7:72:10:12:84:ca:de:3d:c6:
b9:67:03:7b:25:b5:18:b8:b8:7d:0b:ca:3d:63:ea:91:b3:3c:
e6:c1:30:1b:4c:8e:e4:c6:81:64:7e:fb:ec:21:bc:26:61:95:
6b:d0:74:67
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYzJvLjlyYRwm2Zz/Ko1ueEnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlOGIwMjhkMTgyNzRkMjFhNzMxNmFlYTNjY2NlOTE1OGI1
NGY0ODEwHhcNMjQwMTAyMTAzMzU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmQyOGJlZjU1MWIyY2FmZTJkYTlmMzM0MzQ2NjRlYWY2NTUyNGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4b76WqTsOysb+zk2ADLdgBA8bQVX
Ftdf7ncApL2NIGYPlFbDb2g7slpba7YBjW2Yopg2fJlPy/TfX0rVKx54W8HM4ZQe
YRMfsg5yRScQuUorQORtvJitsYB90vsJnLRvwN2S16ngGhPC8sMqv7rfBcsoJfUP
oFuJCbdbAvRMu3D2KdVfinmzqcOx5sespHJYOgonAwF5FSCvJ9n4+WkNxho41PL6
e07Ha3sb92u6ahiB1Il4pV3wFl64y05GLkUxqj6+GXSTFRmm2WJoHDPDQgZLev2Q
Nb/006TPjJouEfCO/SHc1dqaxUXzfNsGeeyboE9cI+4JP+DkFO50WmZ4sQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFGLSi+9VGyyv4tqfM0NGZOr2VSTgMB8GA1UdIwQY
MBaAFG6LAo0YJ00hpzFq6jzM6RWLVPSBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9zQ2pSZ25UU0duTVdycVBNenBGWXRVOUlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi8wOTZlYWYtNjM0Yi00YzQ5LWI2OGUt
YzJjNjE1MTg1ODlmLzEvWXRLTDcxVWJMS19pMnA4elEwWms2dlpWSk9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi8wOTZlYWYtNjM0Yi00YzQ5LWI2OGUtYzJjNjE1MTg1ODlm
LzEvYm9zQ2pSZ25UU0duTVdycVBNenBGWXRVOUlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQAH9yTAwQD
LvN4AwQCuYQYAwQCua3kAwQA2RMNMBQEAgACMA4DBQAqA9QAAwUDKgtvADANBgkq
hkiG9w0BAQsFAAOCAQEAJd2qFf4IeaNrLs0OsH5HdIjvJsqZZ54AXIP/L3Ym160X
ZQwIMDyOIMT2rsAQ9+cSuDOW6uRNwkdkoRYSfbFam2GAgb53xM10Jg3OBZbBL7Y/
8p8yXj6hMIcHR9jI0JVS2S//O4nAirzfSSPPTeT2o455Oe2LaQQQjK8u2haYRUPU
JW3FbcVzk+/lO0rVWYGXw2Jvs3fUh97s4yyxpRJLLGf64pF5kFo58lwtyuip+EQ3
D3BJWcWmckGn06nAX7IdKb7FFtaGilovq83+0eKRx3IQEoTK3j3GuWcDeyW1GLi4
fQvKPWPqkbM85sEwG0yO5MaBZH777CG8JmGVa9B0Zw==
-----END CERTIFICATE-----
Generated at Sat Jun 29 05:27:27 2024 by rpki-client on console-fra.rpki-client.org