Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/e7bd01-432f-4bf9-80c5-897d00977ff2/1/v9ra-9Anf8mgcMIk0r0bj-swL7Y.roa
File: v9ra-9Anf8mgcMIk0r0bj-swL7Y.roa (raw, json)
Hash identifier: D02pl90TMfhGbkzkrsnHDj6zfD52MlxbNJg49pculxw=
Subject key identifier: BF:DA:DA:FB:D0:27:7F:C9:A0:70:C2:24:D2:BD:1B:8F:EB:30:2F:B6
Certificate issuer: /CN=49596cecc21dd02677a727ef37f0689546ea5097
Certificate serial: 018E5161C2DE5E2F187CC8F91967B8334C8B
Authority key identifier: 49:59:6C:EC:C2:1D:D0:26:77:A7:27:EF:37:F0:68:95:46:EA:50:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SVls7MId0CZ3pyfvN_BolUbqUJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/e7bd01-432f-4bf9-80c5-897d00977ff2/1/v9ra-9Anf8mgcMIk0r0bj-swL7Y.roa
Signing time: Mon 18 Mar 2024 11:45:45 +0000
ROA not before: Mon 18 Mar 2024 11:45:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5390
IP address blocks: 83.118.224.0/22 maxlen: 24
83.119.0.0/19 maxlen: 24
83.119.0.0/21 maxlen: 24
83.119.8.0/21 maxlen: 24
83.119.14.0/24 maxlen: 24
83.119.16.0/20 maxlen: 24
85.148.0.0/15 maxlen: 16
2a02:2500::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/e7bd01-432f-4bf9-80c5-897d00977ff2/1/SVls7MId0CZ3pyfvN_BolUbqUJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/e7bd01-432f-4bf9-80c5-897d00977ff2/1/SVls7MId0CZ3pyfvN_BolUbqUJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/SVls7MId0CZ3pyfvN_BolUbqUJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:51:61:c2:de:5e:2f:18:7c:c8:f9:19:67:b8:33:4c:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49596cecc21dd02677a727ef37f0689546ea5097
Validity
Not Before: Mar 18 11:45:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bfdadafbd0277fc9a070c224d2bd1b8feb302fb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:92:c6:bf:c6:51:44:55:c6:fa:25:79:6e:35:
ad:02:c4:2d:73:ba:57:ef:32:c5:fd:94:4a:49:bf:
bb:a6:2e:50:8e:b9:cd:94:e1:23:a5:9e:5e:9b:3f:
c0:e3:0f:2b:92:6d:63:f9:82:92:bc:51:4b:d9:c4:
48:39:da:65:00:70:56:d4:c2:d9:ed:93:ca:87:a3:
eb:13:f6:8e:c9:0c:e1:04:98:e8:4a:4f:07:62:a3:
f7:aa:08:cb:a0:16:91:37:12:67:0b:fd:bc:db:b9:
e9:69:6a:da:f2:c3:e1:fe:7e:d0:9d:08:d1:4d:4f:
ee:c8:6a:c9:9a:e9:ff:75:6b:c7:66:1a:09:54:f7:
f9:70:d1:3f:8c:20:40:ec:63:47:4b:fe:d9:6e:ce:
3a:00:4f:f8:eb:11:b3:ac:15:c3:1b:3b:61:6d:cb:
0e:2f:4b:2e:6f:0d:a7:25:ff:76:f4:42:59:fa:60:
d7:9b:f5:79:6e:4a:82:87:41:c1:1b:6d:1f:6a:61:
45:fd:0e:eb:1f:58:fc:e5:ae:ff:ae:41:57:88:c7:
20:8c:bb:14:d9:bd:36:fe:25:2b:4c:d6:4c:67:60:
77:82:83:fb:36:cb:e2:44:c9:39:54:d7:79:6a:95:
fa:15:d0:28:b8:5d:77:ae:79:34:5f:34:dd:84:cd:
dd:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:DA:DA:FB:D0:27:7F:C9:A0:70:C2:24:D2:BD:1B:8F:EB:30:2F:B6
X509v3 Authority Key Identifier:
keyid:49:59:6C:EC:C2:1D:D0:26:77:A7:27:EF:37:F0:68:95:46:EA:50:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SVls7MId0CZ3pyfvN_BolUbqUJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e7bd01-432f-4bf9-80c5-897d00977ff2/1/v9ra-9Anf8mgcMIk0r0bj-swL7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e7bd01-432f-4bf9-80c5-897d00977ff2/1/SVls7MId0CZ3pyfvN_BolUbqUJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.224.0/22
83.119.0.0/19
85.148.0.0/15
IPv6:
2a02:2500::/32
Signature Algorithm: sha256WithRSAEncryption
58:0b:24:06:71:18:91:37:6a:6f:99:af:78:9f:e4:65:3a:21:
55:0f:dc:ee:05:f3:1f:76:cb:a1:8a:cd:5a:37:b9:7d:02:70:
39:6b:5b:c5:d7:ad:ca:77:5e:a3:7c:27:0b:d5:32:3a:42:b7:
e8:1f:64:96:a0:d4:79:85:5e:f9:bd:e3:29:09:23:68:4d:7d:
c8:7a:c7:68:1c:42:92:99:24:f6:d8:fa:a4:77:49:4a:48:1d:
47:ae:1c:03:d3:d0:64:ca:c1:f7:8a:44:8f:4f:31:f4:0f:f1:
19:51:04:f9:53:38:b5:97:16:b8:5c:2e:f8:0b:d5:73:d4:70:
a3:8d:3d:e5:df:2e:58:c8:2d:d9:42:40:20:f9:1b:ef:c3:10:
d2:40:23:9d:9e:e1:83:54:77:19:1e:3b:e7:8d:10:70:8d:f3:
e1:4b:6e:6d:a6:a5:bb:86:bc:59:50:80:9c:6a:fc:fe:d4:ab:
c4:a1:ce:74:a3:f6:ee:23:a1:0e:7f:89:8f:75:da:d3:d5:ca:
fe:2c:b0:03:9c:89:f2:24:69:cc:e8:f4:9c:22:22:15:d8:69:
85:19:f7:a3:74:1d:be:52:4b:b9:f9:1b:cd:73:86:32:d6:d6:
ad:b2:3f:32:a4:7e:3d:62:75:c5:9b:5a:ef:34:af:19:5d:9f:
04:a4:67:a6
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY5RYcLeXi8YfMj5GWe4M0yLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NTk2Y2VjYzIxZGQwMjY3N2E3MjdlZjM3ZjA2ODk1NDZl
YTUwOTcwHhcNMjQwMzE4MTE0NTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmRhZGFmYmQwMjc3ZmM5YTA3MGMyMjRkMmJkMWI4ZmViMzAyZmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5LGv8ZRRFXG+iV5bjWtAsQtc7pX
7zLF/ZRKSb+7pi5QjrnNlOEjpZ5emz/A4w8rkm1j+YKSvFFL2cRIOdplAHBW1MLZ
7ZPKh6PrE/aOyQzhBJjoSk8HYqP3qgjLoBaRNxJnC/2827npaWra8sPh/n7QnQjR
TU/uyGrJmun/dWvHZhoJVPf5cNE/jCBA7GNHS/7Zbs46AE/46xGzrBXDGzthbcsO
L0subw2nJf929EJZ+mDXm/V5bkqCh0HBG20famFF/Q7rH1j85a7/rkFXiMcgjLsU
2b02/iUrTNZMZ2B3goP7NsviRMk5VNd5apX6FdAouF13rnk0XzTdhM3diQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFL/a2vvQJ3/JoHDCJNK9G4/rMC+2MB8GA1UdIwQY
MBaAFElZbOzCHdAmd6cn7zfwaJVG6lCXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1ZsczdNSWQwQ1ozcHlmdk5fQm9sVWJxVUpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9lN2JkMDEtNDMyZi00YmY5LTgwYzUt
ODk3ZDAwOTc3ZmYyLzEvdjlyYS05QW5mOG1nY01JazByMGJqLXN3TDdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9lN2JkMDEtNDMyZi00YmY5LTgwYzUtODk3ZDAwOTc3ZmYy
LzEvU1ZsczdNSWQwQ1ozcHlmdk5fQm9sVWJxVUpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQCU3bgAwQF
U3cAAwMBVZQwDQQCAAIwBwMFACoCJQAwDQYJKoZIhvcNAQELBQADggEBAFgLJAZx
GJE3am+Zr3if5GU6IVUP3O4F8x92y6GKzVo3uX0CcDlrW8XXrcp3XqN8JwvVMjpC
t+gfZJag1HmFXvm94ykJI2hNfch6x2gcQpKZJPbY+qR3SUpIHUeuHAPT0GTKwfeK
RI9PMfQP8RlRBPlTOLWXFrhcLvgL1XPUcKONPeXfLljILdlCQCD5G+/DENJAI52e
4YNUdxkeO+eNEHCN8+FLbm2mpbuGvFlQgJxq/P7Uq8ShznSj9u4joQ5/iY912tPV
yv4ssAOcifIkaczo9JwiIhXYaYUZ96N0Hb5SS7n5G81zhjLW1q2yPzKkfj1idcWb
Wu80rxldnwSkZ6Y=
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:39:40 2024 by rpki-client on console-fra.rpki-client.org