Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/18b6da-b02e-40b1-97ae-d7399292019a/1/dR4MCaXI2KKqJUWzbrZYMQa5Ms0.roa
File: dR4MCaXI2KKqJUWzbrZYMQa5Ms0.roa (raw, json)
Hash identifier: Pcx3ZN52FepzgrUQ7JMyrBv5NWxr8C19KygOb3ud6MU=
Subject key identifier: 75:1E:0C:09:A5:C8:D8:A2:AA:25:45:B3:6E:B6:58:31:06:B9:32:CD
Certificate issuer: /CN=9ededf47822aee27da28d34dab1fe7a3c60a6aaa
Certificate serial: 01932B58A57EB52086E80E3FFB50F4F7C6D2
Authority key identifier: 9E:DE:DF:47:82:2A:EE:27:DA:28:D3:4D:AB:1F:E7:A3:C6:0A:6A:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nt7fR4Iq7ifaKNNNqx_no8YKaqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/18b6da-b02e-40b1-97ae-d7399292019a/1/dR4MCaXI2KKqJUWzbrZYMQa5Ms0.roa
Signing time: Thu 14 Nov 2024 15:44:09 +0000
ROA not before: Thu 14 Nov 2024 15:44:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208277
IP address blocks: 176.221.32.0/21 maxlen: 32
176.221.39.0/24 maxlen: 24
185.99.232.0/22 maxlen: 32
2a03:9c80:8000::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/18b6da-b02e-40b1-97ae-d7399292019a/1/nt7fR4Iq7ifaKNNNqx_no8YKaqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/18b6da-b02e-40b1-97ae-d7399292019a/1/nt7fR4Iq7ifaKNNNqx_no8YKaqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/nt7fR4Iq7ifaKNNNqx_no8YKaqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2b:58:a5:7e:b5:20:86:e8:0e:3f:fb:50:f4:f7:c6:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ededf47822aee27da28d34dab1fe7a3c60a6aaa
Validity
Not Before: Nov 14 15:44:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=751e0c09a5c8d8a2aa2545b36eb6583106b932cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:2f:c2:c5:9e:6e:8d:9d:a0:4c:57:0f:8d:9d:
35:e7:74:f8:e1:ef:14:b1:3c:27:74:c5:38:7f:46:
d1:24:83:17:2e:20:e7:1a:73:ef:0e:8a:6f:e9:da:
31:10:3a:e2:13:98:e1:92:95:52:26:b3:f3:be:e0:
9a:27:bd:98:cf:ae:dd:2c:c5:30:15:0c:8e:94:57:
53:1a:6b:e6:97:52:c4:c8:48:d2:70:6c:38:4a:de:
2d:11:e7:cd:76:60:0e:55:90:f2:2a:a5:1a:f3:12:
bb:bb:fb:01:63:9d:32:81:4f:c2:e1:6e:46:3a:d9:
84:fa:5b:f3:9d:61:30:52:cc:43:30:f2:29:53:14:
f6:9c:65:7b:0d:41:6e:c7:f1:74:dc:5f:6b:7c:88:
99:ec:c8:36:44:f8:84:e9:bd:d6:1e:e9:01:61:50:
2c:f7:58:41:9c:2b:e3:da:8d:b6:a7:71:b5:37:e9:
da:80:78:79:40:84:c8:33:d0:5c:5b:49:4f:7a:20:
05:73:e8:3f:9f:76:8b:b8:ef:86:cd:37:62:9c:de:
a6:59:44:d7:31:43:4a:e9:d3:25:f7:95:e5:24:a7:
c1:99:8a:20:be:e9:90:44:aa:9f:1a:ef:87:d6:d7:
07:d5:6a:79:d2:f3:60:4f:0e:df:2a:8d:ac:1c:ab:
63:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:1E:0C:09:A5:C8:D8:A2:AA:25:45:B3:6E:B6:58:31:06:B9:32:CD
X509v3 Authority Key Identifier:
keyid:9E:DE:DF:47:82:2A:EE:27:DA:28:D3:4D:AB:1F:E7:A3:C6:0A:6A:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nt7fR4Iq7ifaKNNNqx_no8YKaqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/18b6da-b02e-40b1-97ae-d7399292019a/1/dR4MCaXI2KKqJUWzbrZYMQa5Ms0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/18b6da-b02e-40b1-97ae-d7399292019a/1/nt7fR4Iq7ifaKNNNqx_no8YKaqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.221.32.0/21
185.99.232.0/22
IPv6:
2a03:9c80:8000::/34
Signature Algorithm: sha256WithRSAEncryption
29:28:64:c3:d0:3e:ec:01:6d:26:6d:fb:ae:9c:e8:1e:26:9f:
55:4f:15:0e:01:f3:00:e2:33:a1:31:15:7f:cb:ee:68:69:78:
b1:f5:6e:33:dc:d8:ac:89:17:25:84:bc:1c:f1:93:d2:ab:db:
81:3c:4f:d5:56:6c:d4:74:fa:27:3d:a5:3b:24:3a:15:47:a5:
a0:c5:87:69:c1:54:7b:2c:23:fe:e3:f3:da:85:37:af:ca:c6:
89:c0:85:62:5c:84:19:57:f1:ac:1c:b5:b2:1c:bc:f7:ff:67:
64:f3:53:0f:ee:9d:ab:5e:a3:ac:63:28:1b:16:32:3d:00:f5:
7f:15:f0:86:23:01:66:54:8e:29:6f:ff:7d:ae:08:99:30:bc:
30:95:a5:fa:96:c6:6e:c6:10:41:3b:77:dd:f3:6c:0e:ba:88:
c0:6c:f4:81:cf:15:1d:be:5c:59:0b:a9:e7:78:6d:05:69:87:
e5:ff:8c:36:e3:a3:c2:be:88:52:34:54:af:fd:56:05:e0:97:
70:43:58:35:fc:34:27:be:5a:e3:b7:bd:18:5c:b8:97:95:ba:
4a:62:63:02:04:d3:41:d6:af:be:77:53:e9:44:c6:8b:a1:b6:
ed:f8:12:11:40:1f:07:9a:d4:29:85:36:e6:61:a3:18:83:c2:
50:3d:bf:58
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZMrWKV+tSCG6A4/+1D098bSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllZGVkZjQ3ODIyYWVlMjdkYTI4ZDM0ZGFiMWZlN2EzYzYw
YTZhYWEwHhcNMjQxMTE0MTU0NDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTFlMGMwOWE1YzhkOGEyYWEyNTQ1YjM2ZWI2NTgzMTA2YjkzMmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3S/CxZ5ujZ2gTFcPjZ0153T44e8U
sTwndMU4f0bRJIMXLiDnGnPvDopv6doxEDriE5jhkpVSJrPzvuCaJ72Yz67dLMUw
FQyOlFdTGmvml1LEyEjScGw4St4tEefNdmAOVZDyKqUa8xK7u/sBY50ygU/C4W5G
OtmE+lvznWEwUsxDMPIpUxT2nGV7DUFux/F03F9rfIiZ7Mg2RPiE6b3WHukBYVAs
91hBnCvj2o22p3G1N+nagHh5QITIM9BcW0lPeiAFc+g/n3aLuO+GzTdinN6mWUTX
MUNK6dMl95XlJKfBmYogvumQRKqfGu+H1tcH1Wp50vNgTw7fKo2sHKtjrwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFHUeDAmlyNiiqiVFs262WDEGuTLNMB8GA1UdIwQY
MBaAFJ7e30eCKu4n2ijTTasf56PGCmqqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnQ3ZlI0SXE3aWZhS05OTnF4X25vOFlLYXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8xOGI2ZGEtYjAyZS00MGIxLTk3YWUt
ZDczOTkyOTIwMTlhLzEvZFI0TUNhWEkyS0txSlVXemJyWllNUWE1TXMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8xOGI2ZGEtYjAyZS00MGIxLTk3YWUtZDczOTkyOTIwMTlh
LzEvbnQ3ZlI0SXE3aWZhS05OTnF4X25vOFlLYXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQDsN0gAwQC
uWPoMA4EAgACMAgDBgYqA5yAgDANBgkqhkiG9w0BAQsFAAOCAQEAKShkw9A+7AFt
Jm37rpzoHiafVU8VDgHzAOIzoTEVf8vuaGl4sfVuM9zYrIkXJYS8HPGT0qvbgTxP
1VZs1HT6Jz2lOyQ6FUeloMWHacFUeywj/uPz2oU3r8rGicCFYlyEGVfxrBy1shy8
9/9nZPNTD+6dq16jrGMoGxYyPQD1fxXwhiMBZlSOKW//fa4ImTC8MJWl+pbGbsYQ
QTt33fNsDrqIwGz0gc8VHb5cWQup53htBWmH5f+MNuOjwr6IUjRUr/1WBeCXcENY
Nfw0J75a47e9GFy4l5W6SmJjAgTTQdavvndT6UTGi6G27fgSEUAfB5rUKYU25mGj
GIPCUD2/WA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:58:27 2024 by rpki-client on console-ams.rpki-client.org