Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/9HZtbfE1zbO2Mkn8L5I38oSfLxo.roa
File: 9HZtbfE1zbO2Mkn8L5I38oSfLxo.roa (raw, json)
Hash identifier: YHDUFxBX/O+uVS0WSYJ+CRSz1wV4y0hoGap3kJGv0UQ=
Subject key identifier: F4:76:6D:6D:F1:35:CD:B3:B6:32:49:FC:2F:92:37:F2:84:9F:2F:1A
Certificate issuer: /CN=9ba94bc14937bb0b3632374355a446724104a981
Certificate serial: 019321B721989AFA37AF3092DB8E5DE74A4F
Authority key identifier: 9B:A9:4B:C1:49:37:BB:0B:36:32:37:43:55:A4:46:72:41:04:A9:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m6lLwUk3uws2MjdDVaRGckEEqYE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/9HZtbfE1zbO2Mkn8L5I38oSfLxo.roa
Signing time: Tue 12 Nov 2024 18:51:10 +0000
ROA not before: Tue 12 Nov 2024 18:51:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31480
IP address blocks: 91.196.32.0/22 maxlen: 22
91.196.34.0/24 maxlen: 24
91.196.35.0/24 maxlen: 24
185.59.136.0/24 maxlen: 24
193.151.108.0/22 maxlen: 22
193.151.108.0/23 maxlen: 23
193.151.108.0/24 maxlen: 24
193.151.110.0/24 maxlen: 24
2a0c:1d80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/m6lLwUk3uws2MjdDVaRGckEEqYE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/m6lLwUk3uws2MjdDVaRGckEEqYE.mft
rsync://rpki.ripe.net/repository/DEFAULT/m6lLwUk3uws2MjdDVaRGckEEqYE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:21:b7:21:98:9a:fa:37:af:30:92:db:8e:5d:e7:4a:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ba94bc14937bb0b3632374355a446724104a981
Validity
Not Before: Nov 12 18:51:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4766d6df135cdb3b63249fc2f9237f2849f2f1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b3:71:52:99:27:dc:de:29:66:d6:2c:9e:dd:
e4:65:45:6e:f8:fc:4c:74:c4:82:f7:27:61:c1:77:
dc:89:c2:20:f1:fa:6f:b1:b7:94:78:bf:83:e8:2a:
5b:f6:87:b3:36:c0:22:c9:a7:4a:36:b2:77:47:58:
83:3b:18:48:22:24:49:09:08:69:cf:2d:e3:cb:40:
de:cb:a8:f1:84:0c:b9:75:b2:d2:48:c2:26:57:af:
21:aa:5c:85:05:c1:99:b7:4a:be:e4:ae:e9:5c:41:
53:47:8a:9a:b6:03:e0:82:dd:29:1d:43:06:ed:1a:
17:5b:f3:ec:1c:ff:c9:25:71:8d:95:f7:a6:b0:c9:
98:bf:d1:e3:a4:91:47:6f:3c:a7:11:64:99:0e:93:
b4:5b:a3:dc:47:57:c6:e1:26:54:24:c0:68:d0:1a:
01:70:ed:ea:e3:7d:78:28:65:c9:3c:7a:ce:6b:1d:
96:cc:7a:24:0a:92:27:48:3d:7c:b5:76:0e:40:f0:
28:a4:9b:e5:74:f4:2f:39:80:c9:63:7e:3a:88:40:
6f:51:cd:45:3a:c3:2d:ea:27:d6:dc:6f:18:ef:50:
f7:f9:c3:7a:4c:a8:99:6f:48:fc:17:67:6c:eb:c0:
80:10:30:b9:9d:00:59:b2:0e:75:2c:6a:63:c2:7c:
89:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:76:6D:6D:F1:35:CD:B3:B6:32:49:FC:2F:92:37:F2:84:9F:2F:1A
X509v3 Authority Key Identifier:
keyid:9B:A9:4B:C1:49:37:BB:0B:36:32:37:43:55:A4:46:72:41:04:A9:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m6lLwUk3uws2MjdDVaRGckEEqYE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/9HZtbfE1zbO2Mkn8L5I38oSfLxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/cc7843-d136-4ffb-8b99-836c312ac8c2/1/m6lLwUk3uws2MjdDVaRGckEEqYE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.32.0/22
185.59.136.0/24
193.151.108.0/22
IPv6:
2a0c:1d80::/29
Signature Algorithm: sha256WithRSAEncryption
8a:57:6d:ee:7d:df:27:89:05:94:91:10:2b:00:f9:11:3c:12:
0e:ee:c0:ae:35:02:d7:a4:16:56:e3:35:38:29:8b:f7:46:64:
83:33:b4:53:c4:d0:87:34:e6:99:3f:fd:d7:58:53:37:a8:9c:
e9:fc:97:0f:89:04:a8:88:05:f0:84:68:56:4b:cd:a6:b2:95:
33:64:77:25:23:3b:04:02:29:cc:30:ed:27:90:90:42:15:6f:
65:99:c4:00:c4:da:5c:06:33:24:5a:4c:20:21:65:11:f5:08:
75:4c:7e:b5:e4:29:86:8c:b0:19:b1:64:5a:25:4d:87:19:5c:
b9:53:48:19:ec:bb:0c:b4:3a:cf:49:1b:f6:55:56:3e:1c:25:
43:8a:ca:e1:88:5b:22:4c:6b:3f:bb:af:2d:4d:24:25:a4:95:
cb:43:28:50:db:9a:7e:6b:38:a1:5e:5a:97:6f:96:a1:d3:5e:
50:dc:5e:ec:60:32:d8:0a:5b:7a:0f:3c:57:36:c0:39:38:ed:
e9:1f:1b:0a:c3:fe:0d:54:78:f1:c9:63:85:97:08:36:a7:0e:
6c:31:f2:11:45:1e:95:d8:1f:2b:a5:0f:65:33:d2:68:50:84:
8b:e1:81:c1:2e:06:0a:4b:4d:ba:13:28:0b:e2:2c:d1:a2:ac:
0b:8a:fa:bd
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZMhtyGYmvo3rzCS245d50pPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliYTk0YmMxNDkzN2JiMGIzNjMyMzc0MzU1YTQ0NjcyNDEw
NGE5ODEwHhcNMjQxMTEyMTg1MTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDc2NmQ2ZGYxMzVjZGIzYjYzMjQ5ZmMyZjkyMzdmMjg0OWYyZjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrNxUpkn3N4pZtYsnt3kZUVu+PxM
dMSC9ydhwXfcicIg8fpvsbeUeL+D6Cpb9oezNsAiyadKNrJ3R1iDOxhIIiRJCQhp
zy3jy0Dey6jxhAy5dbLSSMImV68hqlyFBcGZt0q+5K7pXEFTR4qatgPggt0pHUMG
7RoXW/PsHP/JJXGNlfemsMmYv9HjpJFHbzynEWSZDpO0W6PcR1fG4SZUJMBo0BoB
cO3q4314KGXJPHrOax2WzHokCpInSD18tXYOQPAopJvldPQvOYDJY346iEBvUc1F
OsMt6ifW3G8Y71D3+cN6TKiZb0j8F2ds68CAEDC5nQBZsg51LGpjwnyJvQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPR2bW3xNc2ztjJJ/C+SN/KEny8aMB8GA1UdIwQY
MBaAFJupS8FJN7sLNjI3Q1WkRnJBBKmBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTZsTHdVazN1d3MyTWpkRFZhUkdja0VFcVlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9jYzc4NDMtZDEzNi00ZmZiLThiOTkt
ODM2YzMxMmFjOGMyLzEvOUhadGJmRTF6Yk8yTWtuOEw1STM4b1NmTHhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9jYzc4NDMtZDEzNi00ZmZiLThiOTktODM2YzMxMmFjOGMy
LzEvbTZsTHdVazN1d3MyTWpkRFZhUkdja0VFcVlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCW8QgAwQA
uTuIAwQCwZdsMA0EAgACMAcDBQMqDB2AMA0GCSqGSIb3DQEBCwUAA4IBAQCKV23u
fd8niQWUkRArAPkRPBIO7sCuNQLXpBZW4zU4KYv3RmSDM7RTxNCHNOaZP/3XWFM3
qJzp/JcPiQSoiAXwhGhWS82mspUzZHclIzsEAinMMO0nkJBCFW9lmcQAxNpcBjMk
WkwgIWUR9Qh1TH615CmGjLAZsWRaJU2HGVy5U0gZ7LsMtDrPSRv2VVY+HCVDisrh
iFsiTGs/u68tTSQlpJXLQyhQ25p+azihXlqXb5ah015Q3F7sYDLYClt6DzxXNsA5
OO3pHxsKw/4NVHjxyWOFlwg2pw5sMfIRRR6V2B8rpQ9lM9JoUISL4YHBLgYKS026
EygL4izRoqwLivq9
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:39:57 2024 by rpki-client on console-ams.rpki-client.org