Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/eSpUsm9g6VInva2jplmiyInzpMk.roa
File: eSpUsm9g6VInva2jplmiyInzpMk.roa (raw, json)
Hash identifier: bkEJri9EJ2pATJ2Ayp1wssi2nl2zljl6Qfa+sopAvbo=
Subject key identifier: 79:2A:54:B2:6F:60:E9:52:27:BD:AD:A3:A6:59:A2:C8:89:F3:A4:C9
Certificate issuer: /CN=9e459aa4602bffa2d2650ba66818458c89fc4582
Certificate serial: 018CC2DB27ACD5C5AC458767DF9C892A9653
Authority key identifier: 9E:45:9A:A4:60:2B:FF:A2:D2:65:0B:A6:68:18:45:8C:89:FC:45:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/eSpUsm9g6VInva2jplmiyInzpMk.roa
Signing time: Mon 01 Jan 2024 02:29:51 +0000
ROA not before: Mon 01 Jan 2024 02:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12310
IP address blocks: 195.95.228.0/23 maxlen: 23
89.42.16.0/21 maxlen: 21
89.149.0.0/18 maxlen: 18
188.240.216.0/22 maxlen: 22
83.166.192.0/19 maxlen: 19
188.240.8.0/22 maxlen: 22
80.86.96.0/20 maxlen: 20
80.86.96.0/19 maxlen: 19
194.102.203.0/24 maxlen: 24
84.247.64.0/18 maxlen: 18
2a02:2a00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/nkWapGAr_6LSZQumaBhFjIn8RYI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/nkWapGAr_6LSZQumaBhFjIn8RYI.mft
rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 06:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:27:ac:d5:c5:ac:45:87:67:df:9c:89:2a:96:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e459aa4602bffa2d2650ba66818458c89fc4582
Validity
Not Before: Jan 1 02:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=792a54b26f60e95227bdada3a659a2c889f3a4c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:50:77:89:f9:f7:e0:58:b1:8e:0e:77:d5:a9:
dd:d4:e9:95:ca:b9:3d:07:ca:69:10:84:74:2f:8c:
6c:40:c8:3d:87:d4:15:10:f0:01:e4:82:64:a8:12:
65:a3:da:0e:1b:32:cf:c5:a3:a3:b6:10:34:d8:ee:
eb:36:24:dc:20:81:02:1c:02:e2:95:f2:04:73:6d:
2f:e5:47:a0:ea:fa:b6:d7:07:78:1a:f2:59:8f:aa:
44:25:55:9d:2f:c1:a8:2b:4e:66:6f:99:cb:2d:e8:
b1:1f:ce:e2:0c:de:6c:b5:f8:65:f3:73:b1:a9:ec:
34:fe:30:91:1d:f2:fd:8e:f5:28:fe:6a:d4:67:12:
72:57:23:76:7c:60:6d:cd:21:bd:8c:00:8d:84:dd:
14:bf:b2:47:2b:bb:a6:66:03:b7:4c:89:6c:12:7e:
16:b6:78:ab:0f:9a:bb:66:b7:1c:ba:9b:0a:7d:0f:
bd:46:2b:08:77:7c:d4:7e:ef:0c:12:94:4f:1e:38:
ad:51:39:7a:ef:68:ad:88:52:ba:a1:26:12:a6:b2:
ac:5d:66:84:4e:37:c5:52:ee:c3:e2:0c:ea:aa:68:
2c:93:a1:eb:e6:6d:3c:02:5a:5d:9b:6c:5e:98:db:
82:d7:7f:94:bd:e8:6b:37:d6:96:85:09:04:f4:25:
7e:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:2A:54:B2:6F:60:E9:52:27:BD:AD:A3:A6:59:A2:C8:89:F3:A4:C9
X509v3 Authority Key Identifier:
keyid:9E:45:9A:A4:60:2B:FF:A2:D2:65:0B:A6:68:18:45:8C:89:FC:45:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/eSpUsm9g6VInva2jplmiyInzpMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/nkWapGAr_6LSZQumaBhFjIn8RYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.86.96.0/19
83.166.192.0/19
84.247.64.0/18
89.42.16.0/21
89.149.0.0/18
188.240.8.0/22
188.240.216.0/22
194.102.203.0/24
195.95.228.0/23
IPv6:
2a02:2a00::/32
Signature Algorithm: sha256WithRSAEncryption
0d:af:c7:cb:69:55:09:5e:68:90:74:bb:6d:79:92:eb:50:52:
e5:c0:01:50:83:cb:a6:e2:4f:53:52:3a:29:b0:26:c7:2e:e8:
48:71:1c:2f:9a:7a:37:b3:f9:57:c3:e3:e9:e3:07:72:b9:c8:
94:cf:a4:8e:74:a9:10:a9:1d:0b:49:c1:ed:6d:52:23:1a:42:
f7:11:5a:9c:7b:7f:10:97:7b:48:39:fb:5c:e5:7a:07:78:9d:
11:7b:1c:fd:c5:62:45:47:2e:fb:79:a3:23:1a:e0:c7:e3:3e:
83:b0:52:0b:5a:a9:87:e3:40:9c:9d:e7:55:66:0e:34:ab:4d:
fa:f5:33:47:70:b1:2b:c9:8f:ab:92:9c:03:db:91:4d:4f:19:
e6:c6:72:f2:eb:1c:4d:9e:54:ab:9f:35:0f:16:3c:bc:b7:3b:
6b:d6:58:28:f8:4a:f0:6a:01:c1:70:d2:cf:5d:f6:d6:51:67:
85:9d:37:b7:08:ea:12:28:b2:21:e5:6a:87:7b:b0:64:35:fa:
1b:e9:91:37:4b:7d:97:37:51:e6:92:7b:ff:47:44:1f:ae:57:
4e:b2:30:a2:ed:b7:c4:87:32:db:8f:cd:1a:6e:63:a0:82:7f:
f5:75:8d:f2:72:65:ca:b2:0c:30:8a:12:2b:35:74:42:14:1a:
84:18:15:73
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYzC2yes1cWsRYdn35yJKpZTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNDU5YWE0NjAyYmZmYTJkMjY1MGJhNjY4MTg0NThjODlm
YzQ1ODIwHhcNMjQwMTAxMDIyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTJhNTRiMjZmNjBlOTUyMjdiZGFkYTNhNjU5YTJjODg5ZjNhNGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVB3ifn34Fixjg531and1OmVyrk9
B8ppEIR0L4xsQMg9h9QVEPAB5IJkqBJlo9oOGzLPxaOjthA02O7rNiTcIIECHALi
lfIEc20v5Ueg6vq21wd4GvJZj6pEJVWdL8GoK05mb5nLLeixH87iDN5stfhl83Ox
qew0/jCRHfL9jvUo/mrUZxJyVyN2fGBtzSG9jACNhN0Uv7JHK7umZgO3TIlsEn4W
tnirD5q7ZrccupsKfQ+9RisId3zUfu8MEpRPHjitUTl672itiFK6oSYSprKsXWaE
TjfFUu7D4gzqqmgsk6Hr5m08Alpdm2xemNuC13+UvehrN9aWhQkE9CV+SwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFHkqVLJvYOlSJ72to6ZZosiJ86TJMB8GA1UdIwQY
MBaAFJ5FmqRgK/+i0mULpmgYRYyJ/EWCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmtXYXBHQXJfNkxTWlF1bWFCaEZqSW44UllJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi85Y2MzMzMtNjhkNS00NjkyLTljNWIt
MjhhODQxZGEwYmZkLzEvZVNwVXNtOWc2VkludmEyanBsbWl5SW56cE1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi85Y2MzMzMtNjhkNS00NjkyLTljNWItMjhhODQxZGEwYmZk
LzEvbmtXYXBHQXJfNkxTWlF1bWFCaEZqSW44UllJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQFUFZgAwQF
U6bAAwQGVPdAAwQDWSoQAwQGWZUAAwQCvPAIAwQCvPDYAwQAwmbLAwQBw1/kMA0E
AgACMAcDBQAqAioAMA0GCSqGSIb3DQEBCwUAA4IBAQANr8fLaVUJXmiQdLtteZLr
UFLlwAFQg8um4k9TUjopsCbHLuhIcRwvmno3s/lXw+Pp4wdyuciUz6SOdKkQqR0L
ScHtbVIjGkL3EVqce38Ql3tIOftc5XoHeJ0Rexz9xWJFRy77eaMjGuDH4z6DsFIL
WqmH40CcnedVZg40q0369TNHcLEryY+rkpwD25FNTxnmxnLy6xxNnlSrnzUPFjy8
tztr1lgo+ErwagHBcNLPXfbWUWeFnTe3COoSKLIh5WqHe7BkNfob6ZE3S32XN1Hm
knv/R0QfrldOsjCi7bfEhzLbj80abmOggn/1dY3ycmXKsgwwihIrNXRCFBqEGBVz
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:08:18 2024 by rpki-client on console-ams.rpki-client.org