Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/nCBd4cJL6mp4PLSom8KtYrehMgs.roa
File: nCBd4cJL6mp4PLSom8KtYrehMgs.roa (raw, json)
Hash identifier: 6sTj1F7k9ziu7hFIusa/R0qu2P27TdbtH0LguKvTpa0=
Subject key identifier: 9C:20:5D:E1:C2:4B:EA:6A:78:3C:B4:A8:9B:C2:AD:62:B7:A1:32:0B
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 018CC56E0C3B7CF0D72901A2D8531E4C6B3E
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/nCBd4cJL6mp4PLSom8KtYrehMgs.roa
Signing time: Mon 01 Jan 2024 14:29:32 +0000
ROA not before: Mon 01 Jan 2024 14:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59729
IP address blocks: 91.243.44.0/22 maxlen: 22
5.188.10.0/23 maxlen: 23
46.161.26.0/24 maxlen: 24
5.8.66.0/23 maxlen: 23
91.243.52.0/22 maxlen: 22
91.243.56.0/22 maxlen: 22
46.161.28.0/22 maxlen: 22
5.101.92.0/22 maxlen: 22
46.161.41.0/24 maxlen: 24
5.188.48.0/23 maxlen: 23
5.188.60.0/23 maxlen: 23
91.243.32.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:0c:3b:7c:f0:d7:29:01:a2:d8:53:1e:4c:6b:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 1 14:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c205de1c24bea6a783cb4a89bc2ad62b7a1320b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:12:74:41:47:f2:2d:24:b7:9c:13:04:07:42:
c0:59:e4:4d:32:f3:28:3b:a6:e9:55:06:ae:fb:be:
d6:c8:ca:4a:b5:9b:f3:1c:2d:d0:33:f0:b5:8f:bb:
04:40:9b:a7:f1:33:84:6e:33:7e:6c:6e:30:ed:57:
ff:2b:b6:35:92:3c:da:f2:2d:2b:38:b2:cc:0c:cc:
7f:61:92:08:e6:fc:c1:a5:b9:45:ae:dd:84:c7:0e:
72:52:ad:b9:a6:2f:e6:0e:3c:f5:e5:31:06:21:99:
08:3d:18:73:3b:02:c1:ca:1f:15:0e:6c:6d:df:6b:
c0:5d:eb:70:de:9d:f6:53:1e:af:4f:8a:51:d4:68:
dc:39:07:ec:f4:48:c0:04:92:c1:33:09:ff:7d:3f:
6b:0e:ef:c1:ad:24:88:0c:fb:34:94:52:31:b8:64:
47:e6:1e:51:62:66:99:af:57:45:cd:ac:6c:15:9d:
07:43:21:35:fb:92:17:0a:7c:74:29:08:72:84:63:
e8:d4:3c:6e:5c:69:87:42:09:5f:81:85:d6:e4:f4:
c9:31:f2:6a:8e:ed:75:1a:3c:a6:6a:ac:f0:59:99:
69:02:1e:98:8b:cc:c2:c5:c0:5d:42:be:3e:3c:e4:
fd:5a:13:dc:d5:13:ce:a7:3d:9d:d2:36:89:39:a1:
96:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:20:5D:E1:C2:4B:EA:6A:78:3C:B4:A8:9B:C2:AD:62:B7:A1:32:0B
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/nCBd4cJL6mp4PLSom8KtYrehMgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.66.0/23
5.101.92.0/22
5.188.10.0/23
5.188.48.0/23
5.188.60.0/23
46.161.26.0/24
46.161.28.0/22
46.161.41.0/24
91.243.32.0/22
91.243.44.0/22
91.243.52.0-91.243.59.255
Signature Algorithm: sha256WithRSAEncryption
41:61:f9:fc:bf:13:ba:bd:2b:c3:95:98:64:45:07:9a:d6:02:
7c:35:b5:70:e4:62:5e:14:e7:b7:48:e5:00:3a:26:13:d1:99:
de:fb:b6:12:60:c1:59:56:ba:af:01:31:db:a2:63:06:fc:57:
b9:4a:c6:40:f3:a0:59:20:7c:f9:9c:ae:bd:7f:dd:75:c8:71:
e4:82:7b:6d:8e:c2:73:11:1e:28:83:5f:7b:57:a0:17:a6:74:
38:2d:0f:9e:f1:80:dc:04:06:d0:1a:ac:1f:f5:b8:67:b7:bd:
2a:b8:14:a6:62:b6:48:c6:1e:79:29:8f:d3:06:fb:ae:03:a5:
52:b0:bd:9b:44:de:ad:6d:94:03:67:37:2e:fa:62:8c:fa:7d:
09:94:97:47:de:cc:09:52:ac:ed:1c:19:e6:17:b8:2d:97:ff:
c2:b4:1d:7d:b1:17:a0:ec:3e:60:19:5c:b2:9b:d1:5c:71:54:
bb:da:04:7f:83:ec:87:ef:e0:5e:4c:ef:9b:25:f8:da:cf:b6:
60:71:7f:e7:c7:7d:99:55:ba:f1:c0:18:2d:7e:a4:fe:62:ac:
d3:8c:ad:17:37:83:ac:e4:92:17:a6:62:ba:73:39:7a:66:74:
a9:63:68:15:93:98:d8:bc:25:50:13:58:0a:00:56:01:34:3f:
c2:6a:cd:8e
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYzFbgw7fPDXKQGi2FMeTGs+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjQwMTAxMTQyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzIwNWRlMWMyNGJlYTZhNzgzY2I0YTg5YmMyYWQ2MmI3YTEzMjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRJ0QUfyLSS3nBMEB0LAWeRNMvMo
O6bpVQau+77WyMpKtZvzHC3QM/C1j7sEQJun8TOEbjN+bG4w7Vf/K7Y1kjza8i0r
OLLMDMx/YZII5vzBpblFrt2Exw5yUq25pi/mDjz15TEGIZkIPRhzOwLByh8VDmxt
32vAXetw3p32Ux6vT4pR1GjcOQfs9EjABJLBMwn/fT9rDu/BrSSIDPs0lFIxuGRH
5h5RYmaZr1dFzaxsFZ0HQyE1+5IXCnx0KQhyhGPo1DxuXGmHQglfgYXW5PTJMfJq
ju11GjymaqzwWZlpAh6Yi8zCxcBdQr4+POT9WhPc1RPOpz2d0jaJOaGWNQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFJwgXeHCS+pqeDy0qJvCrWK3oTILMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvbkNCZDRjSkw2bXA0UExTb204S3RZcmVoTWdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQBBQhCAwQC
BWVcAwQBBbwKAwQBBbwwAwQBBbw8AwQALqEaAwQCLqEcAwQALqEpAwQCW/MgAwQC
W/MsMAwDBAJb8zQDBAJb8zgwDQYJKoZIhvcNAQELBQADggEBAEFh+fy/E7q9K8OV
mGRFB5rWAnw1tXDkYl4U57dI5QA6JhPRmd77thJgwVlWuq8BMduiYwb8V7lKxkDz
oFkgfPmcrr1/3XXIceSCe22OwnMRHiiDX3tXoBemdDgtD57xgNwEBtAarB/1uGe3
vSq4FKZitkjGHnkpj9MG+64DpVKwvZtE3q1tlANnNy76Yoz6fQmUl0fezAlSrO0c
GeYXuC2X/8K0HX2xF6DsPmAZXLKb0VxxVLvaBH+D7Ifv4F5M75sl+NrPtmBxf+fH
fZlVuvHAGC1+pP5irNOMrRc3g6zkkhemYrpzOXpmdKljaBWTmNi8JVATWAoAVgE0
P8JqzY4=
-----END CERTIFICATE-----
Generated at Mon May 13 13:14:05 2024 by rpki-client on console-fra.rpki-client.org