Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/1c0ea6-a6df-4522-8bc9-8c511698fcae/1/nDS2mLN92bcisUae1hvP7E5y_Ys.roa
File: nDS2mLN92bcisUae1hvP7E5y_Ys.roa (raw, json)
Hash identifier: 6z5kNP0dy9Pqb4W1zgfT/WYLBJgiGEpIJTpQMQc/jNo=
Subject key identifier: 9C:34:B6:98:B3:7D:D9:B7:22:B1:46:9E:D6:1B:CF:EC:4E:72:FD:8B
Certificate issuer: /CN=97ecfbb3550bf2c7674cc52e9cbbf3a933f5e778
Certificate serial: 018CC94D74D07B8667449FA6DED3358936D0
Authority key identifier: 97:EC:FB:B3:55:0B:F2:C7:67:4C:C5:2E:9C:BB:F3:A9:33:F5:E7:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l-z7s1UL8sdnTMUunLvzqTP153g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/1c0ea6-a6df-4522-8bc9-8c511698fcae/1/nDS2mLN92bcisUae1hvP7E5y_Ys.roa
Signing time: Tue 02 Jan 2024 08:32:25 +0000
ROA not before: Tue 02 Jan 2024 08:32:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205362
IP address blocks: 188.212.251.0/24 maxlen: 24
188.215.32.0/24 maxlen: 24
185.216.4.0/24 maxlen: 24
80.240.106.0/24 maxlen: 24
185.216.4.0/22 maxlen: 22
185.216.5.0/24 maxlen: 24
185.216.6.0/24 maxlen: 24
185.216.7.0/24 maxlen: 24
128.0.42.0/23 maxlen: 23
128.0.42.0/24 maxlen: 24
128.0.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/1c0ea6-a6df-4522-8bc9-8c511698fcae/1/l-z7s1UL8sdnTMUunLvzqTP153g.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/1c0ea6-a6df-4522-8bc9-8c511698fcae/1/l-z7s1UL8sdnTMUunLvzqTP153g.mft
rsync://rpki.ripe.net/repository/DEFAULT/l-z7s1UL8sdnTMUunLvzqTP153g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:74:d0:7b:86:67:44:9f:a6:de:d3:35:89:36:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97ecfbb3550bf2c7674cc52e9cbbf3a933f5e778
Validity
Not Before: Jan 2 08:32:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c34b698b37dd9b722b1469ed61bcfec4e72fd8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:59:b8:95:26:34:3f:ca:7c:fa:66:84:7c:db:
4a:ad:8f:5c:41:69:e4:2a:6b:5f:2a:4e:69:9f:e8:
fa:a3:d6:fc:17:7c:fb:d7:5d:d5:9b:48:df:75:2a:
0b:35:c9:7f:1a:a5:91:ed:b1:a8:8d:09:02:30:32:
eb:31:8f:9b:d7:86:cd:1b:3e:43:cd:56:55:df:70:
b2:a8:c0:c9:8d:c6:87:35:8c:0c:6e:6c:ad:c9:04:
4a:21:2b:1d:7d:e9:c0:64:92:17:57:6a:fe:25:62:
41:a7:2a:c2:d2:70:aa:83:b4:c9:2c:50:86:82:25:
f4:bc:41:92:a9:d4:52:ea:01:5b:20:32:38:7e:2f:
b9:d1:3e:c1:d1:63:89:84:f8:92:5b:a8:b1:0b:95:
5a:5e:53:d8:4a:ad:1d:20:3b:51:ee:f5:1e:33:39:
54:67:c3:67:e6:45:48:e3:bd:8c:b2:27:ba:0b:f0:
66:7f:54:f0:71:6a:bb:13:7e:a8:ec:ee:60:38:96:
8a:da:13:88:2c:9d:f8:d9:d3:c3:4f:e6:db:3f:67:
42:04:f3:39:5e:bb:61:f6:d1:25:2c:5e:11:5b:7f:
33:4e:34:91:1b:13:6d:34:b2:45:6a:6c:ae:28:32:
08:fd:a8:7c:7e:7a:68:3b:8d:fe:3a:0d:fd:ac:7a:
92:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:34:B6:98:B3:7D:D9:B7:22:B1:46:9E:D6:1B:CF:EC:4E:72:FD:8B
X509v3 Authority Key Identifier:
keyid:97:EC:FB:B3:55:0B:F2:C7:67:4C:C5:2E:9C:BB:F3:A9:33:F5:E7:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l-z7s1UL8sdnTMUunLvzqTP153g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/1c0ea6-a6df-4522-8bc9-8c511698fcae/1/nDS2mLN92bcisUae1hvP7E5y_Ys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/1c0ea6-a6df-4522-8bc9-8c511698fcae/1/l-z7s1UL8sdnTMUunLvzqTP153g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.240.106.0/24
128.0.42.0/23
185.216.4.0/22
188.212.251.0/24
188.215.32.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:94:34:9a:c6:79:5b:b8:82:73:4b:3c:de:87:4f:97:2a:0a:
10:5c:9f:2f:16:c9:aa:93:88:ee:4d:4b:b2:95:cd:01:f6:68:
34:bd:42:93:89:06:16:8f:19:bf:20:a5:2e:d0:4b:1f:90:75:
38:29:34:4e:09:aa:94:77:ac:65:26:ca:4c:98:a7:25:8b:fd:
7c:05:f6:a0:ce:42:a6:82:b0:2b:14:1a:22:80:92:40:a4:55:
7f:2e:45:04:f8:f9:d1:86:10:2d:37:73:60:74:8d:18:ea:b8:
ec:6c:18:22:0a:bd:96:11:e8:b5:51:9b:bd:48:91:1e:58:91:
85:25:55:9f:cb:47:d2:11:46:61:be:64:5d:c2:3f:8c:57:ea:
75:4d:d8:76:52:c0:95:06:93:3f:69:e0:db:76:86:b0:ab:53:
4a:2f:80:d9:1d:aa:9b:cc:84:77:4b:83:cf:97:37:04:68:77:
e5:bf:9a:e3:ec:5a:88:cf:80:f2:6a:81:c0:9a:d8:48:f1:4e:
a5:41:45:a0:f2:b6:4a:6b:98:46:45:fe:e5:69:18:8a:41:8e:
66:21:d8:40:d3:69:4e:74:7c:f9:81:72:a4:1b:74:52:65:7c:
b0:c5:db:20:1b:07:49:8a:25:80:61:63:47:ec:00:c7:f2:1f:
f2:43:b6:bc
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzJTXTQe4ZnRJ+m3tM1iTbQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ZWNmYmIzNTUwYmYyYzc2NzRjYzUyZTljYmJmM2E5MzNm
NWU3NzgwHhcNMjQwMTAyMDgzMjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzM0YjY5OGIzN2RkOWI3MjJiMTQ2OWVkNjFiY2ZlYzRlNzJmZDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1m4lSY0P8p8+maEfNtKrY9cQWnk
KmtfKk5pn+j6o9b8F3z7113Vm0jfdSoLNcl/GqWR7bGojQkCMDLrMY+b14bNGz5D
zVZV33CyqMDJjcaHNYwMbmytyQRKISsdfenAZJIXV2r+JWJBpyrC0nCqg7TJLFCG
giX0vEGSqdRS6gFbIDI4fi+50T7B0WOJhPiSW6ixC5VaXlPYSq0dIDtR7vUeMzlU
Z8Nn5kVI472Msie6C/Bmf1TwcWq7E36o7O5gOJaK2hOILJ342dPDT+bbP2dCBPM5
Xrth9tElLF4RW38zTjSRGxNtNLJFamyuKDII/ah8fnpoO43+Og39rHqSbQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJw0tpizfdm3IrFGntYbz+xOcv2LMB8GA1UdIwQY
MBaAFJfs+7NVC/LHZ0zFLpy786kz9ed4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbC16N3MxVUw4c2RuVE1VdW5MdnpxVFAxNTNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8xYzBlYTYtYTZkZi00NTIyLThiYzkt
OGM1MTE2OThmY2FlLzEvbkRTMm1MTjkyYmNpc1VhZTFodlA3RTV5X1lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8xYzBlYTYtYTZkZi00NTIyLThiYzktOGM1MTE2OThmY2Fl
LzEvbC16N3MxVUw4c2RuVE1VdW5MdnpxVFAxNTNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUPBqAwQB
gAAqAwQCudgEAwQAvNT7AwQAvNcgMA0GCSqGSIb3DQEBCwUAA4IBAQChlDSaxnlb
uIJzSzzeh0+XKgoQXJ8vFsmqk4juTUuylc0B9mg0vUKTiQYWjxm/IKUu0EsfkHU4
KTROCaqUd6xlJspMmKcli/18BfagzkKmgrArFBoigJJApFV/LkUE+PnRhhAtN3Ng
dI0Y6rjsbBgiCr2WEei1UZu9SJEeWJGFJVWfy0fSEUZhvmRdwj+MV+p1Tdh2UsCV
BpM/aeDbdoawq1NKL4DZHaqbzIR3S4PPlzcEaHflv5rj7FqIz4DyaoHAmthI8U6l
QUWg8rZKa5hGRf7laRiKQY5mIdhA02lOdHz5gXKkG3RSZXywxdsgGwdJiiWAYWNH
7ADH8h/yQ7a8
-----END CERTIFICATE-----
Generated at Tue Nov 26 17:39:06 2024 by rpki-client on console-ams.rpki-client.org