Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/r-P9SRQaLjCAqODdRPJHFZbQFyY.roa
File: r-P9SRQaLjCAqODdRPJHFZbQFyY.roa (raw, json)
Hash identifier: yiYRKYsvrcXeOhvVDmc7hGjWjv/AwxIf0u1kutAtevE=
Subject key identifier: AF:E3:FD:49:14:1A:2E:30:80:A8:E0:DD:44:F2:47:15:96:D0:17:26
Certificate issuer: /CN=9d210f2259093aaf45285922a588e9a661aba9fa
Certificate serial: 018CC2DB22045919907C8063EB83DACF0FCC
Authority key identifier: 9D:21:0F:22:59:09:3A:AF:45:28:59:22:A5:88:E9:A6:61:AB:A9:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSEPIlkJOq9FKFkipYjppmGrqfo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/r-P9SRQaLjCAqODdRPJHFZbQFyY.roa
Signing time: Mon 01 Jan 2024 02:29:50 +0000
ROA not before: Mon 01 Jan 2024 02:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9
IP address blocks: 188.127.37.0/24 maxlen: 24
95.141.135.0/24 maxlen: 24
188.0.131.0/24 maxlen: 24
188.0.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/nSEPIlkJOq9FKFkipYjppmGrqfo.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/nSEPIlkJOq9FKFkipYjppmGrqfo.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSEPIlkJOq9FKFkipYjppmGrqfo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:22:04:59:19:90:7c:80:63:eb:83:da:cf:0f:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d210f2259093aaf45285922a588e9a661aba9fa
Validity
Not Before: Jan 1 02:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=afe3fd49141a2e3080a8e0dd44f2471596d01726
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d8:90:db:84:66:ea:fe:bf:07:06:59:37:08:
aa:cd:ed:81:3c:85:9e:ab:f2:ec:72:7a:6e:1f:0a:
88:62:35:fe:86:3f:a1:a6:20:43:03:d8:46:da:b8:
40:dc:89:68:c6:ab:a5:47:06:29:cc:95:6a:28:7b:
fb:93:6d:7d:3e:dd:af:f0:e3:c9:55:72:1f:fa:fc:
7b:b0:10:4f:0d:36:ac:e3:3b:82:bb:df:20:b7:2c:
27:ed:ed:6f:9e:db:4d:8e:b1:c5:e9:15:71:36:fe:
c5:3d:50:d4:cf:87:54:fb:df:99:e1:e9:9b:4f:5f:
4e:f9:03:32:ce:6b:f0:ff:76:7d:65:a3:cd:d0:40:
93:47:dd:34:2c:43:35:62:71:81:c7:fb:11:84:da:
0c:a6:ee:4a:fc:5f:68:7d:40:b6:fe:eb:07:83:0a:
22:65:c7:d5:30:44:90:62:cd:34:7a:ac:3d:72:f4:
a6:c2:28:c2:c1:f9:00:bd:1f:e6:ca:28:36:dd:8a:
14:38:a6:df:49:c1:64:23:39:f2:ec:47:4b:a3:87:
81:b6:5f:44:09:91:bd:53:5b:bf:51:37:71:7a:5d:
8c:c9:26:58:ab:6b:94:e2:9f:5f:9b:de:19:3e:8b:
15:da:34:40:4c:91:e2:dd:1f:69:f6:9a:98:2a:9f:
52:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:E3:FD:49:14:1A:2E:30:80:A8:E0:DD:44:F2:47:15:96:D0:17:26
X509v3 Authority Key Identifier:
keyid:9D:21:0F:22:59:09:3A:AF:45:28:59:22:A5:88:E9:A6:61:AB:A9:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSEPIlkJOq9FKFkipYjppmGrqfo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/r-P9SRQaLjCAqODdRPJHFZbQFyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/nSEPIlkJOq9FKFkipYjppmGrqfo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.141.135.0/24
188.0.131.0/24
188.0.144.0/24
188.127.37.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:12:50:56:4a:da:c7:6e:78:08:2f:e4:cd:37:2e:64:28:05:
d2:c6:f4:d1:23:3f:fc:f4:c5:75:21:0d:a0:eb:0d:fb:06:35:
f9:f6:fb:07:ca:d8:f2:7d:04:d9:28:88:ff:d3:90:73:8c:82:
2c:c3:d8:ea:cd:6d:13:47:13:df:58:b7:fa:44:aa:1a:17:aa:
12:13:ee:ed:05:0f:88:3c:97:14:6c:9b:60:2c:dc:6d:00:62:
4d:cc:96:0f:be:38:b1:a4:96:cd:20:8a:54:5c:f4:c0:96:96:
05:27:bc:fd:ec:76:03:39:51:e9:93:1e:37:07:fa:46:bf:2c:
db:b2:5f:70:78:b9:0a:ec:f1:27:17:e4:4a:d6:24:a6:c2:b4:
bb:58:68:8f:27:63:51:7f:3d:a7:59:c0:c0:53:e2:df:69:f0:
c9:1f:27:14:d9:64:5d:f2:18:32:1a:84:59:be:c3:8d:7b:8c:
04:57:1f:cb:0f:62:94:a0:27:6e:23:59:67:82:05:9a:b6:e0:
b4:7a:45:10:8b:ff:ae:fb:71:9a:82:10:75:4f:08:55:f6:b8:
af:74:e3:05:4a:41:2e:bb:a6:22:a6:3c:4f:c9:a9:67:d8:43:
93:c3:4a:5d:e6:f7:10:06:44:9d:10:81:2b:db:cb:cc:1a:c0:
81:d2:1d:ce
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzC2yIEWRmQfIBj64Pazw/MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjEwZjIyNTkwOTNhYWY0NTI4NTkyMmE1ODhlOWE2NjFh
YmE5ZmEwHhcNMjQwMTAxMDIyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmUzZmQ0OTE0MWEyZTMwODBhOGUwZGQ0NGYyNDcxNTk2ZDAxNzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdiQ24Rm6v6/BwZZNwiqze2BPIWe
q/LscnpuHwqIYjX+hj+hpiBDA9hG2rhA3IloxqulRwYpzJVqKHv7k219Pt2v8OPJ
VXIf+vx7sBBPDTas4zuCu98gtywn7e1vnttNjrHF6RVxNv7FPVDUz4dU+9+Z4emb
T19O+QMyzmvw/3Z9ZaPN0ECTR900LEM1YnGBx/sRhNoMpu5K/F9ofUC2/usHgwoi
ZcfVMESQYs00eqw9cvSmwijCwfkAvR/myig23YoUOKbfScFkIzny7EdLo4eBtl9E
CZG9U1u/UTdxel2MySZYq2uU4p9fm94ZPosV2jRATJHi3R9p9pqYKp9S1wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFK/j/UkUGi4wgKjg3UTyRxWW0BcmMB8GA1UdIwQY
MBaAFJ0hDyJZCTqvRShZIqWI6aZhq6n6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNFUElsa0pPcTlGS0ZraXBZanBwbUdycWZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS85MzY4NmQtMTFmNS00ZTNlLWI1YzQt
NDM4NDNjMmU5NDNiLzEvci1QOVNSUWFMakNBcU9EZFJQSkhGWmJRRnlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS85MzY4NmQtMTFmNS00ZTNlLWI1YzQtNDM4NDNjMmU5NDNi
LzEvblNFUElsa0pPcTlGS0ZraXBZanBwbUdycWZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAX42HAwQA
vACDAwQAvACQAwQAvH8lMA0GCSqGSIb3DQEBCwUAA4IBAQC1ElBWStrHbngIL+TN
Ny5kKAXSxvTRIz/89MV1IQ2g6w37BjX59vsHytjyfQTZKIj/05BzjIIsw9jqzW0T
RxPfWLf6RKoaF6oSE+7tBQ+IPJcUbJtgLNxtAGJNzJYPvjixpJbNIIpUXPTAlpYF
J7z97HYDOVHpkx43B/pGvyzbsl9weLkK7PEnF+RK1iSmwrS7WGiPJ2NRfz2nWcDA
U+LfafDJHycU2WRd8hgyGoRZvsONe4wEVx/LD2KUoCduI1lnggWatuC0ekUQi/+u
+3GaghB1TwhV9rivdOMFSkEuu6YipjxPyaln2EOTw0pd5vcQBkSdEIEr28vMGsCB
0h3O
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:29:37 2024 by rpki-client on console-ams.rpki-client.org