Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/nWvu5cQUh9if01fPowtxLFawoiw.roa
File: nWvu5cQUh9if01fPowtxLFawoiw.roa (raw, json)
Hash identifier: rSTrFRtFLAZRAPCJpumdn2OaXKdHioVJ6JcEvp1jXWI=
Subject key identifier: 9D:6B:EE:E5:C4:14:87:D8:9F:D3:57:CF:A3:0B:71:2C:56:B0:A2:2C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019294C8AD8DFF9B5B8CFFB36D0289E226AC
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/nWvu5cQUh9if01fPowtxLFawoiw.roa
Signing time: Wed 16 Oct 2024 10:03:52 +0000
ROA not before: Wed 16 Oct 2024 10:03:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 45.149.240.0/24 maxlen: 24
87.120.68.0/24 maxlen: 24
87.121.46.0/24 maxlen: 24
93.123.116.0/24 maxlen: 24
94.156.14.0/24 maxlen: 24
94.156.253.0/24 maxlen: 24
95.214.25.0/24 maxlen: 24
95.214.26.0/24 maxlen: 24
185.218.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:94:c8:ad:8d:ff:9b:5b:8c:ff:b3:6d:02:89:e2:26:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 16 10:03:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d6beee5c41487d89fd357cfa30b712c56b0a22c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:b8:67:c9:a9:f6:6d:aa:41:c5:cf:bc:32:fa:
96:6f:2b:b6:ea:41:a8:87:07:43:f8:ff:8a:7a:93:
84:2a:d8:c3:2c:e2:bf:7b:32:82:13:6a:4f:24:01:
c2:d5:30:d1:ac:da:fa:cc:df:60:32:22:b2:ed:be:
f6:8b:b3:cb:25:b0:3f:1e:05:fb:ab:80:21:17:c9:
6b:04:c4:a6:b8:bf:64:1e:ad:3b:ba:6f:4f:72:a1:
97:a9:aa:09:44:ed:9d:8f:cd:23:43:c3:f1:58:78:
4f:4e:95:6b:c6:b1:e2:e8:15:98:88:2d:c2:5c:d7:
9f:08:0c:35:4a:5a:08:4a:36:a7:1d:b2:4a:0c:32:
bf:0d:1c:55:0d:db:c7:db:e7:6d:80:3d:1c:e6:2d:
d0:43:4f:ff:4a:5b:dc:7c:e7:f3:c3:13:e4:49:2d:
f6:e2:db:61:01:c4:bd:dc:fd:16:6e:de:ec:2d:27:
82:87:01:21:f1:d1:a6:ba:7e:3e:82:20:b0:02:fc:
74:83:75:54:73:9c:a8:8f:76:63:1f:6d:3e:5c:e4:
45:14:90:e4:6c:63:34:b6:1c:fc:77:47:c6:04:d0:
8b:81:79:94:f7:4c:20:4f:af:58:42:b4:42:b1:19:
ce:df:0e:a4:99:a1:47:ca:1f:43:16:51:c9:cd:62:
42:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:6B:EE:E5:C4:14:87:D8:9F:D3:57:CF:A3:0B:71:2C:56:B0:A2:2C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/nWvu5cQUh9if01fPowtxLFawoiw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.240.0/24
87.120.68.0/24
87.121.46.0/24
93.123.116.0/24
94.156.14.0/24
94.156.253.0/24
95.214.25.0-95.214.26.255
185.218.136.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:49:27:45:f4:23:21:a2:e8:fe:78:44:69:67:c2:ed:b3:5d:
6f:75:79:d7:e3:b2:36:98:a0:2b:94:dd:66:fb:58:f9:38:58:
a9:3e:49:b7:7b:3c:51:bc:5e:e4:f3:c3:ef:85:ad:32:c3:d3:
ae:ed:c8:9d:4c:ec:27:fd:d1:d9:7d:2d:b6:41:64:5c:ce:62:
f4:73:c3:90:10:d2:13:63:ad:ed:bb:0c:8f:43:b1:29:0d:43:
7d:4a:d5:31:ab:59:1f:88:5d:c4:39:1d:01:6d:c5:11:73:bf:
05:2b:08:4d:d9:92:1a:f5:25:4e:e9:63:cc:7b:b3:ee:41:7a:
9e:c7:60:4c:64:ff:19:18:4e:86:f1:18:d0:a3:83:ea:4a:21:
cd:f2:7b:dc:aa:93:38:6b:e1:e3:51:5b:2a:a3:e1:a0:f9:1a:
e2:87:32:32:e0:d4:44:6e:99:e6:fa:a2:a4:25:f6:1b:07:96:
31:12:58:36:f2:d6:27:61:13:79:07:5a:6f:20:83:79:66:7f:
fd:7f:fd:a0:2a:9d:55:a9:ae:ee:ca:80:4b:df:59:2e:fb:ce:
00:4c:c2:ec:47:6f:0c:76:88:80:dd:f9:d2:13:43:dd:96:b8:
e8:3a:aa:c2:41:c5:10:5c:a9:f1:66:5c:dc:07:91:1d:3b:05:
8b:33:f3:b9
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZKUyK2N/5tbjP+zbQKJ4iasMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMDE2MTAwMzUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDZiZWVlNWM0MTQ4N2Q4OWZkMzU3Y2ZhMzBiNzEyYzU2YjBhMjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1bhnyan2bapBxc+8MvqWbyu26kGo
hwdD+P+KepOEKtjDLOK/ezKCE2pPJAHC1TDRrNr6zN9gMiKy7b72i7PLJbA/HgX7
q4AhF8lrBMSmuL9kHq07um9PcqGXqaoJRO2dj80jQ8PxWHhPTpVrxrHi6BWYiC3C
XNefCAw1SloISjanHbJKDDK/DRxVDdvH2+dtgD0c5i3QQ0//SlvcfOfzwxPkSS32
4tthAcS93P0Wbt7sLSeChwEh8dGmun4+giCwAvx0g3VUc5yoj3ZjH20+XORFFJDk
bGM0thz8d0fGBNCLgXmU90wgT69YQrRCsRnO3w6kmaFHyh9DFlHJzWJCjQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFJ1r7uXEFIfYn9NXz6MLcSxWsKIsMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbld2dTVjUVVoOWlmMDFmUG93dHhMRmF3b2l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQALZXwAwQA
V3hEAwQAV3kuAwQAXXt0AwQAXpwOAwQAXpz9MAwDBABf1hkDBABf1hoDBAC52ogw
DQYJKoZIhvcNAQELBQADggEBAKRJJ0X0IyGi6P54RGlnwu2zXW91edfjsjaYoCuU
3Wb7WPk4WKk+Sbd7PFG8XuTzw++FrTLD067tyJ1M7Cf90dl9LbZBZFzOYvRzw5AQ
0hNjre27DI9DsSkNQ31K1TGrWR+IXcQ5HQFtxRFzvwUrCE3Zkhr1JU7pY8x7s+5B
ep7HYExk/xkYTobxGNCjg+pKIc3ye9yqkzhr4eNRWyqj4aD5GuKHMjLg1ERumeb6
oqQl9hsHljESWDby1idhE3kHWm8gg3lmf/1//aAqnVWpru7KgEvfWS77zgBMwuxH
bwx2iIDd+dITQ92WuOg6qsJBxRBcqfFmXNwHkR07BYsz87k=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:03:39 2024 by rpki-client on console-ams.rpki-client.org