Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/nST9m65xp8ka1VTCsPw3sZ6qKq8.roa
File: nST9m65xp8ka1VTCsPw3sZ6qKq8.roa (raw, json)
Hash identifier: OrIH+A7GEalqJ4gNZVlJM+AzG5pxOax5wAF/O+xkvAM=
Subject key identifier: 9D:24:FD:9B:AE:71:A7:C9:1A:D5:54:C2:B0:FC:37:B1:9E:AA:2A:AF
Certificate issuer: /CN=5bd74e39dda400d136126e6c3efb1cf9344277ef
Certificate serial: 018ECC45E84D55C077721625FE5E1E2E6235
Authority key identifier: 5B:D7:4E:39:DD:A4:00:D1:36:12:6E:6C:3E:FB:1C:F9:34:42:77:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W9dOOd2kANE2Em5sPvsc-TRCd-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/nST9m65xp8ka1VTCsPw3sZ6qKq8.roa
Signing time: Thu 11 Apr 2024 08:28:37 +0000
ROA not before: Thu 11 Apr 2024 08:28:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 91.210.68.0/24 maxlen: 24
146.19.136.0/24 maxlen: 24
176.116.25.0/24 maxlen: 24
194.104.237.0/24 maxlen: 24
2a11:68c3::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/W9dOOd2kANE2Em5sPvsc-TRCd-8.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/W9dOOd2kANE2Em5sPvsc-TRCd-8.mft
rsync://rpki.ripe.net/repository/DEFAULT/W9dOOd2kANE2Em5sPvsc-TRCd-8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 01:04:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cc:45:e8:4d:55:c0:77:72:16:25:fe:5e:1e:2e:62:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bd74e39dda400d136126e6c3efb1cf9344277ef
Validity
Not Before: Apr 11 08:28:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d24fd9bae71a7c91ad554c2b0fc37b19eaa2aaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:68:10:ed:db:3a:32:fa:c4:8a:1a:af:ac:67:
6d:d9:1a:56:b8:3a:58:37:a6:7b:c7:6e:e3:43:a4:
e3:27:0f:7b:79:24:17:f9:38:72:1c:7d:8c:72:49:
81:d9:f0:5c:02:dd:bd:07:c3:e4:27:db:01:c6:c0:
2c:38:81:06:a3:f6:0e:25:34:6a:ba:73:2d:39:6b:
0b:37:dd:2a:ad:a0:6f:b6:ef:56:73:3f:d4:07:d9:
d3:58:06:04:b7:e7:4a:47:58:5c:78:fe:bf:ce:83:
a8:dc:a7:cf:71:b4:1c:fb:75:8e:50:58:c5:d7:f0:
d9:c0:2e:60:8c:86:08:03:ac:14:6f:b0:67:29:6b:
8b:50:f0:d3:6f:aa:ec:16:cb:fd:62:f5:b2:76:b7:
d1:18:83:9e:fb:d7:60:3e:b9:c9:c4:d6:f4:00:d7:
81:a1:1f:2b:76:64:82:d1:c8:e9:9a:1f:c5:4b:e4:
9b:f5:f1:d5:60:00:76:7f:53:9a:94:0f:d9:e6:f7:
fd:7c:92:01:ce:47:9d:f5:ef:54:b5:a1:4c:61:24:
d7:21:14:89:c4:f9:37:ac:72:28:a4:7c:79:2b:ad:
7f:d7:f2:11:53:10:bc:84:03:8e:9e:ac:8d:67:52:
da:36:5b:34:4a:ed:13:be:41:7b:4e:fe:96:1e:3f:
1f:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:24:FD:9B:AE:71:A7:C9:1A:D5:54:C2:B0:FC:37:B1:9E:AA:2A:AF
X509v3 Authority Key Identifier:
keyid:5B:D7:4E:39:DD:A4:00:D1:36:12:6E:6C:3E:FB:1C:F9:34:42:77:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W9dOOd2kANE2Em5sPvsc-TRCd-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/nST9m65xp8ka1VTCsPw3sZ6qKq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/W9dOOd2kANE2Em5sPvsc-TRCd-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.68.0/24
146.19.136.0/24
176.116.25.0/24
194.104.237.0/24
IPv6:
2a11:68c3::/32
Signature Algorithm: sha256WithRSAEncryption
0d:5a:1e:e1:10:ab:75:0a:f3:2c:ae:dd:46:3b:eb:e1:23:a0:
3b:f9:8f:84:82:41:ef:78:c5:82:a5:34:70:2a:09:fc:69:f8:
13:4e:74:ce:3b:43:8f:c8:7e:16:24:08:5b:c0:10:ad:47:2e:
00:4b:ec:ac:02:e9:b0:6e:2b:d1:ad:84:33:71:1d:b1:cf:20:
1c:1f:84:6b:cc:11:55:60:c9:45:24:0e:b6:2f:38:12:02:8d:
ba:7c:dc:4c:21:bc:ad:e7:ca:bb:5e:a2:cb:53:65:65:ad:7e:
5b:92:dc:9a:fb:95:df:86:7e:7d:cb:26:a5:47:2a:ba:36:d7:
35:9f:4c:6a:a4:85:17:7f:e0:f7:1d:07:38:4a:8f:19:8a:49:
84:72:18:1a:80:a7:4b:7c:b1:03:86:63:c6:3a:4a:3d:6b:d6:
45:2b:52:d0:0d:1e:88:d2:ed:89:d1:8e:15:e1:16:a0:5f:b9:
d5:c4:71:1e:7d:19:4a:ab:e4:9e:61:a0:40:0a:01:cc:b5:a6:
31:51:13:81:68:4c:fb:56:3a:92:3d:a0:89:27:74:99:86:81:
67:de:25:fc:77:65:40:a1:a2:25:f2:8e:f0:a2:0e:6c:3f:a6:
2e:d6:7f:c9:24:a5:95:70:27:57:62:d7:2b:75:fa:b3:4d:21:
a9:e8:d7:44
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY7MRehNVcB3chYl/l4eLmI1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZDc0ZTM5ZGRhNDAwZDEzNjEyNmU2YzNlZmIxY2Y5MzQ0
Mjc3ZWYwHhcNMjQwNDExMDgyODM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDI0ZmQ5YmFlNzFhN2M5MWFkNTU0YzJiMGZjMzdiMTllYWEyYWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2gQ7ds6MvrEihqvrGdt2RpWuDpY
N6Z7x27jQ6TjJw97eSQX+ThyHH2MckmB2fBcAt29B8PkJ9sBxsAsOIEGo/YOJTRq
unMtOWsLN90qraBvtu9Wcz/UB9nTWAYEt+dKR1hceP6/zoOo3KfPcbQc+3WOUFjF
1/DZwC5gjIYIA6wUb7BnKWuLUPDTb6rsFsv9YvWydrfRGIOe+9dgPrnJxNb0ANeB
oR8rdmSC0cjpmh/FS+Sb9fHVYAB2f1OalA/Z5vf9fJIBzked9e9UtaFMYSTXIRSJ
xPk3rHIopHx5K61/1/IRUxC8hAOOnqyNZ1LaNls0Su0TvkF7Tv6WHj8fyQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJ0k/ZuucafJGtVUwrD8N7GeqiqvMB8GA1UdIwQY
MBaAFFvXTjndpADRNhJubD77HPk0QnfvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzlkT09kMmtBTkUyRW01c1B2c2MtVFJDZC04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC84OWVjMjUtNzJkYy00ZjBmLThiMmYt
YWQ3ODkwYzJlNzUyLzEvblNUOW02NXhwOGthMVZUQ3NQdzNzWjZxS3E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC84OWVjMjUtNzJkYy00ZjBmLThiMmYtYWQ3ODkwYzJlNzUy
LzEvVzlkT09kMmtBTkUyRW01c1B2c2MtVFJDZC04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW9JEAwQA
khOIAwQAsHQZAwQAwmjtMA0EAgACMAcDBQAqEWjDMA0GCSqGSIb3DQEBCwUAA4IB
AQANWh7hEKt1CvMsrt1GO+vhI6A7+Y+EgkHveMWCpTRwKgn8afgTTnTOO0OPyH4W
JAhbwBCtRy4AS+ysAumwbivRrYQzcR2xzyAcH4RrzBFVYMlFJA62LzgSAo26fNxM
Ibyt58q7XqLLU2VlrX5bktya+5Xfhn59yyalRyq6Ntc1n0xqpIUXf+D3HQc4So8Z
ikmEchgagKdLfLEDhmPGOko9a9ZFK1LQDR6I0u2J0Y4V4RagX7nVxHEefRlKq+Se
YaBACgHMtaYxUROBaEz7VjqSPaCJJ3SZhoFn3iX8d2VAoaIl8o7wog5sP6Yu1n/J
JKWVcCdXYtcrdfqzTSGp6NdE
-----END CERTIFICATE-----
Generated at Mon May 6 03:59:15 2024 by rpki-client on console-fra.rpki-client.org