Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/nd3sQXT5PJ5OEXx7HlsdQkdZ0k4.roa
File: nd3sQXT5PJ5OEXx7HlsdQkdZ0k4.roa (raw, json)
Hash identifier: EDbgwuY+hwOnd3AouApLEL2x74FgUlqHF1OnH33vu90=
Subject key identifier: 9D:DD:EC:41:74:F9:3C:9E:4E:11:7C:7B:1E:5B:1D:42:47:59:D2:4E
Certificate issuer: /CN=979f5ca8c33f134c3c157d48b9c2ae4e91b630bf
Certificate serial: 018EF0DB953F87BD740C96F21631556B7B07
Authority key identifier: 97:9F:5C:A8:C3:3F:13:4C:3C:15:7D:48:B9:C2:AE:4E:91:B6:30:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/nd3sQXT5PJ5OEXx7HlsdQkdZ0k4.roa
Signing time: Thu 18 Apr 2024 10:58:26 +0000
ROA not before: Thu 18 Apr 2024 10:58:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47787
IP address blocks: 146.19.95.0/24 maxlen: 24
146.19.249.0/24 maxlen: 24
185.112.251.0/24 maxlen: 24
185.166.144.0/24 maxlen: 24
188.93.192.0/21 maxlen: 24
188.93.198.0/24 maxlen: 24
188.93.199.0/24 maxlen: 24
193.107.13.0/24 maxlen: 24
193.163.151.0/24 maxlen: 24
212.52.23.0/24 maxlen: 24
2001:b18::/32 maxlen: 48
2001:b18:a::/48 maxlen: 48
2001:b18:b::/48 maxlen: 48
2001:b18:10::/48 maxlen: 48
2001:b18:1000::/48 maxlen: 48
2001:b18:1001::/48 maxlen: 48
2001:b18:1002::/48 maxlen: 48
2001:b18:1005::/48 maxlen: 48
2001:b18:1008::/48 maxlen: 48
2001:b18:1009::/48 maxlen: 48
2001:b18:1012::/48 maxlen: 48
2001:b18:1014::/48 maxlen: 48
2001:b18:1016::/48 maxlen: 48
2001:b18:1018::/48 maxlen: 48
2001:b18:1019::/48 maxlen: 48
2001:b18:1020::/48 maxlen: 48
2001:b18:bbbb::/48 maxlen: 48
2a0b:e740::/29 maxlen: 29
2a0d:82c0::/29 maxlen: 48
2a0d:82c7:9::/48 maxlen: 48
2a0e:5f00::/29 maxlen: 48
2a0f:7700::/29 maxlen: 29
2a0f:8900::/29 maxlen: 29
2a0f:d300::/29 maxlen: 48
2a10:ee40::/29 maxlen: 29
2a11:c00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/l59cqMM_E0w8FX1IucKuTpG2ML8.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/l59cqMM_E0w8FX1IucKuTpG2ML8.mft
rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f0:db:95:3f:87:bd:74:0c:96:f2:16:31:55:6b:7b:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=979f5ca8c33f134c3c157d48b9c2ae4e91b630bf
Validity
Not Before: Apr 18 10:58:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9dddec4174f93c9e4e117c7b1e5b1d424759d24e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:6d:9e:54:88:4e:ae:9d:da:69:9c:d8:ad:0f:
8d:71:44:59:c6:d1:ae:f3:40:32:ca:08:91:34:50:
72:a2:a1:5f:ac:4e:81:39:31:a4:db:2a:25:1e:16:
56:86:2b:a5:c1:35:48:4a:d9:58:f2:13:d8:fd:52:
35:cb:93:89:dc:36:d5:10:14:db:2e:fc:60:72:29:
30:b9:03:a8:04:b5:b8:00:f7:2c:86:bb:53:4a:ff:
69:9c:46:11:e4:09:01:13:0b:1f:5f:f4:e0:57:23:
bf:de:3c:c3:17:aa:c4:3e:85:06:dc:0d:97:eb:38:
0c:06:53:9f:93:9e:07:73:d0:53:01:fe:1f:0b:cf:
21:ad:b6:23:e6:21:38:30:28:9a:06:a5:34:af:54:
f0:a2:67:cb:5a:30:7a:7d:2c:9d:3d:8f:c4:8c:ee:
72:2a:4e:26:60:0f:0c:a4:3f:c6:7c:31:92:e0:46:
19:c2:0b:df:e3:02:51:ac:5a:1e:90:20:57:e1:44:
a5:16:54:a4:5d:11:e8:49:69:ac:b2:87:ee:e1:44:
a5:c5:5e:04:7b:ce:8e:31:a8:ac:40:5c:47:82:df:
13:57:5b:92:83:7d:9a:d2:b8:93:4b:7e:0e:29:e2:
1c:d7:73:50:0e:b8:1f:cb:2e:57:ef:ee:96:18:7f:
6d:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:DD:EC:41:74:F9:3C:9E:4E:11:7C:7B:1E:5B:1D:42:47:59:D2:4E
X509v3 Authority Key Identifier:
keyid:97:9F:5C:A8:C3:3F:13:4C:3C:15:7D:48:B9:C2:AE:4E:91:B6:30:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/nd3sQXT5PJ5OEXx7HlsdQkdZ0k4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/l59cqMM_E0w8FX1IucKuTpG2ML8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.95.0/24
146.19.249.0/24
185.112.251.0/24
185.166.144.0/24
188.93.192.0/21
193.107.13.0/24
193.163.151.0/24
212.52.23.0/24
IPv6:
2001:b18::/32
2a0b:e740::/29
2a0d:82c0::/29
2a0e:5f00::/29
2a0f:7700::/29
2a0f:8900::/29
2a0f:d300::/29
2a10:ee40::/29
2a11:c00::/29
Signature Algorithm: sha256WithRSAEncryption
59:5d:ab:c0:d9:c4:18:d0:86:41:b5:3a:34:96:21:50:85:87:
ee:78:67:c5:49:95:40:c3:7b:5c:b7:70:29:4f:1f:3f:2c:cc:
7c:7b:1c:46:ab:67:28:f8:79:69:4b:6c:a8:04:d7:d2:ea:51:
a5:80:e3:64:5c:03:31:77:ad:a4:d7:38:4b:87:f6:b9:2e:37:
3f:a5:20:91:5c:2e:62:a0:a4:e1:69:d9:e6:ca:c5:b5:f3:a4:
fb:b9:1e:0c:c6:dd:53:97:9e:78:a1:6f:f5:d9:8b:fe:6f:e9:
84:0f:78:d6:99:b0:9b:11:db:83:3c:fc:77:58:41:de:b8:15:
34:30:da:83:5e:61:af:51:33:98:54:bd:95:ca:48:a0:b5:1a:
d5:bc:e1:2a:de:c0:f4:c6:aa:2c:7a:38:db:16:52:1f:51:97:
a1:83:08:29:38:74:09:cb:bb:72:86:d5:61:2a:4d:4c:61:89:
12:04:4a:73:c7:8b:25:14:9a:98:6e:78:02:ea:04:b8:d0:da:
d2:5a:33:2d:59:e4:ac:9e:1d:ff:f3:05:e7:bf:4a:93:06:bd:
3b:a0:d9:bb:02:2f:f0:c9:eb:1a:eb:19:56:e7:cd:56:fb:37:
f6:04:a3:c6:7d:57:23:7a:dd:90:c8:ab:9b:5d:5b:95:aa:c6:
c8:18:c3:cb
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgISAY7w25U/h710DJbyFjFVa3sHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OWY1Y2E4YzMzZjEzNGMzYzE1N2Q0OGI5YzJhZTRlOTFi
NjMwYmYwHhcNMjQwNDE4MTA1ODI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGRkZWM0MTc0ZjkzYzllNGUxMTdjN2IxZTViMWQ0MjQ3NTlkMjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgm2eVIhOrp3aaZzYrQ+NcURZxtGu
80AyygiRNFByoqFfrE6BOTGk2yolHhZWhiulwTVIStlY8hPY/VI1y5OJ3DbVEBTb
LvxgcikwuQOoBLW4APcshrtTSv9pnEYR5AkBEwsfX/TgVyO/3jzDF6rEPoUG3A2X
6zgMBlOfk54Hc9BTAf4fC88hrbYj5iE4MCiaBqU0r1TwomfLWjB6fSydPY/EjO5y
Kk4mYA8MpD/GfDGS4EYZwgvf4wJRrFoekCBX4USlFlSkXRHoSWmssofu4USlxV4E
e86OMaisQFxHgt8TV1uSg32a0riTS34OKeIc13NQDrgfyy5X7+6WGH9tqQIDAQAB
o4ICfDCCAngwHQYDVR0OBBYEFJ3d7EF0+TyeThF8ex5bHUJHWdJOMB8GA1UdIwQY
MBaAFJefXKjDPxNMPBV9SLnCrk6RtjC/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDU5Y3FNTV9FMHc4RlgxSXVjS3VUcEcyTUw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9mNjU2MTAtNTlmNi00YWQ2LWE5ZDgt
MTQ3MGFjMzY0ZGQyLzEvbmQzc1FYVDVQSjVPRVh4N0hsc2RRa2RaMGs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9mNjU2MTAtNTlmNi00YWQ2LWE5ZDgtMTQ3MGFjMzY0ZGQy
LzEvbDU5Y3FNTV9FMHc4RlgxSXVjS3VUcEcyTUw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGRBggrBgEFBQcBBwEB/wSBgTB/MDYEAgABMDADBACSE18D
BACSE/kDBAC5cPsDBAC5ppADBAO8XcADBADBaw0DBADBo5cDBADUNBcwRQQCAAIw
PwMFACABCxgDBQMqC+dAAwUDKg2CwAMFAyoOXwADBQMqD3cAAwUDKg+JAAMFAyoP
0wADBQMqEO5AAwUDKhEMADANBgkqhkiG9w0BAQsFAAOCAQEAWV2rwNnEGNCGQbU6
NJYhUIWH7nhnxUmVQMN7XLdwKU8fPyzMfHscRqtnKPh5aUtsqATX0upRpYDjZFwD
MXetpNc4S4f2uS43P6UgkVwuYqCk4WnZ5srFtfOk+7keDMbdU5eeeKFv9dmL/m/p
hA941pmwmxHbgzz8d1hB3rgVNDDag15hr1EzmFS9lcpIoLUa1bzhKt7A9MaqLHo4
2xZSH1GXoYMIKTh0Ccu7cobVYSpNTGGJEgRKc8eLJRSamG54AuoEuNDa0lozLVnk
rJ4d//MF579Kkwa9O6DZuwIv8MnrGusZVufNVvs39gSjxn1XI3rdkMirm11blarG
yBjDyw==
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:20:45 2024 by rpki-client on console-ams.rpki-client.org