Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/091473-4d8b-4bc9-a912-812248b65370/1/v2eiuMyNef6BUoPyJRXBFy5LEIU.roa
File: v2eiuMyNef6BUoPyJRXBFy5LEIU.roa (raw, json)
Hash identifier: ox0HG9oMeEV4aKKFXzTp4tR3m8qynB7N4IcSC2eJPDU=
Subject key identifier: BF:67:A2:B8:CC:8D:79:FE:81:52:83:F2:25:15:C1:17:2E:4B:10:85
Certificate issuer: /CN=1083c436279537d4f726d2310cef14a42f1b2b8a
Certificate serial: 01924CFAA92FAEA9FE0B1E261A1489452294
Authority key identifier: 10:83:C4:36:27:95:37:D4:F7:26:D2:31:0C:EF:14:A4:2F:1B:2B:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EIPENieVN9T3JtIxDO8UpC8bK4o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/091473-4d8b-4bc9-a912-812248b65370/1/v2eiuMyNef6BUoPyJRXBFy5LEIU.roa
Signing time: Wed 02 Oct 2024 11:25:48 +0000
ROA not before: Wed 02 Oct 2024 11:25:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39375
IP address blocks: 89.161.0.0/22 maxlen: 22
89.161.4.0/22 maxlen: 22
89.161.8.0/22 maxlen: 22
89.161.12.0/22 maxlen: 22
89.161.16.0/22 maxlen: 22
89.161.20.0/22 maxlen: 22
89.161.24.0/24 maxlen: 24
89.161.25.0/24 maxlen: 24
89.161.26.0/24 maxlen: 24
89.161.27.0/24 maxlen: 24
89.161.28.0/24 maxlen: 24
89.161.29.0/24 maxlen: 24
89.161.30.0/24 maxlen: 24
89.161.31.0/24 maxlen: 24
89.161.32.0/22 maxlen: 22
89.161.36.0/22 maxlen: 22
89.161.40.0/22 maxlen: 22
89.161.44.0/22 maxlen: 22
89.161.48.0/22 maxlen: 22
89.161.52.0/22 maxlen: 22
89.161.56.0/24 maxlen: 24
89.161.57.0/24 maxlen: 24
89.161.58.0/24 maxlen: 24
89.161.59.0/24 maxlen: 24
89.161.60.0/23 maxlen: 23
89.161.62.0/24 maxlen: 24
89.161.63.0/24 maxlen: 24
89.161.64.0/20 maxlen: 20
89.161.64.0/24 maxlen: 24
89.161.65.0/24 maxlen: 24
89.161.66.0/24 maxlen: 24
89.161.67.0/24 maxlen: 24
89.161.68.0/24 maxlen: 24
89.161.69.0/24 maxlen: 24
89.161.70.0/24 maxlen: 24
89.161.71.0/24 maxlen: 24
89.161.72.0/24 maxlen: 24
89.161.73.0/24 maxlen: 24
89.161.74.0/23 maxlen: 23
89.161.76.0/22 maxlen: 22
89.161.80.0/22 maxlen: 22
89.161.84.0/22 maxlen: 22
89.161.88.0/24 maxlen: 24
89.161.89.0/24 maxlen: 24
89.161.90.0/24 maxlen: 24
89.161.91.0/24 maxlen: 24
89.161.92.0/22 maxlen: 22
89.161.96.0/24 maxlen: 24
89.161.97.0/24 maxlen: 24
89.161.98.0/24 maxlen: 24
89.161.99.0/24 maxlen: 24
89.161.100.0/24 maxlen: 24
89.161.101.0/24 maxlen: 24
89.161.102.0/23 maxlen: 23
89.161.104.0/23 maxlen: 23
89.161.106.0/23 maxlen: 23
89.161.108.0/23 maxlen: 23
185.212.40.0/24 maxlen: 24
185.212.41.0/24 maxlen: 24
185.212.42.0/24 maxlen: 24
185.212.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/091473-4d8b-4bc9-a912-812248b65370/1/EIPENieVN9T3JtIxDO8UpC8bK4o.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/091473-4d8b-4bc9-a912-812248b65370/1/EIPENieVN9T3JtIxDO8UpC8bK4o.mft
rsync://rpki.ripe.net/repository/DEFAULT/EIPENieVN9T3JtIxDO8UpC8bK4o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4c:fa:a9:2f:ae:a9:fe:0b:1e:26:1a:14:89:45:22:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1083c436279537d4f726d2310cef14a42f1b2b8a
Validity
Not Before: Oct 2 11:25:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf67a2b8cc8d79fe815283f22515c1172e4b1085
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d1:3b:52:c8:b8:3a:4a:f1:2f:bf:db:a9:8f:
80:3c:a4:d3:8a:e3:e0:54:46:53:71:aa:65:44:18:
79:67:75:db:1a:eb:dc:78:0d:d2:22:f1:9e:b3:85:
6c:5a:07:25:48:16:81:5d:15:d6:8d:2c:93:89:56:
bc:16:5b:af:7d:39:7b:82:02:bc:70:42:0c:20:15:
30:46:54:1a:ab:96:48:f0:6f:10:08:21:6a:78:d3:
82:49:7f:72:1b:35:04:0f:a0:fc:9d:d5:17:fe:1b:
d4:c3:d9:59:2f:10:9d:8f:6c:8b:f4:95:df:4a:86:
41:d5:be:2c:59:37:52:2b:d6:e9:61:d7:e4:30:2a:
a4:75:7d:c7:6e:f3:9a:7b:60:32:55:3b:4a:83:44:
71:c8:30:88:0d:7c:08:1d:ad:30:41:0a:14:9d:6d:
6a:78:f1:e9:57:1a:04:5b:9c:c8:fb:c8:1b:79:ad:
86:77:be:8e:7d:a9:87:b5:76:e8:55:f8:7a:df:72:
a7:8b:ea:a6:d7:28:71:4b:4c:88:98:4c:04:2d:5c:
fd:61:aa:e7:49:b9:be:de:d0:d9:b3:fa:c7:ce:fc:
9e:ca:a1:16:0f:70:c3:2b:33:88:2a:d9:0f:d4:e1:
16:d6:4e:dd:6b:f0:4e:f9:3e:4e:fe:f9:68:0e:fc:
d9:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:67:A2:B8:CC:8D:79:FE:81:52:83:F2:25:15:C1:17:2E:4B:10:85
X509v3 Authority Key Identifier:
keyid:10:83:C4:36:27:95:37:D4:F7:26:D2:31:0C:EF:14:A4:2F:1B:2B:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EIPENieVN9T3JtIxDO8UpC8bK4o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/091473-4d8b-4bc9-a912-812248b65370/1/v2eiuMyNef6BUoPyJRXBFy5LEIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/091473-4d8b-4bc9-a912-812248b65370/1/EIPENieVN9T3JtIxDO8UpC8bK4o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.161.0.0-89.161.109.255
185.212.40.0/22
Signature Algorithm: sha256WithRSAEncryption
13:6b:84:73:65:04:d1:eb:bc:34:6c:db:b6:96:18:e1:32:ac:
37:f5:48:22:c3:d5:79:b2:e2:e4:e8:d2:2b:5e:e5:b9:ba:4b:
20:3a:62:a2:bd:3b:a4:79:94:bb:54:ab:6a:56:f5:9c:a0:8e:
d3:60:45:89:b5:f5:bf:48:90:d4:8d:f1:7e:e2:27:52:ed:86:
69:98:8a:46:5d:f3:74:b2:84:6b:1b:cc:4a:49:81:3d:c9:25:
28:01:e1:31:ea:52:7a:c1:99:65:29:72:04:ee:8a:93:24:39:
cb:ac:87:ca:91:28:6b:77:e2:53:c0:2f:c7:09:e1:33:83:8f:
58:bf:42:a4:00:9f:76:e9:9e:62:ec:33:cc:b4:ca:89:48:8a:
55:18:34:fe:66:9c:e8:e9:ed:1e:dc:d2:44:a3:5c:73:75:db:
98:89:75:84:fb:b8:cc:2b:10:88:8a:b9:b6:84:86:21:c1:fb:
51:14:cc:d6:87:9d:fa:eb:eb:df:80:a2:98:cd:f7:b8:03:ba:
76:b3:7b:f9:91:4a:ff:ae:ff:41:85:90:2f:0a:20:d7:41:29:
ff:0c:5b:b1:a4:ea:a2:e4:8a:86:e8:f4:0b:4c:22:14:33:b1:
35:1b:4e:67:50:4c:28:4b:a5:ba:fd:72:02:81:06:4b:0a:4e:
2b:b9:ea:6e
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZJM+qkvrqn+Cx4mGhSJRSKUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwODNjNDM2Mjc5NTM3ZDRmNzI2ZDIzMTBjZWYxNGE0MmYx
YjJiOGEwHhcNMjQxMDAyMTEyNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjY3YTJiOGNjOGQ3OWZlODE1MjgzZjIyNTE1YzExNzJlNGIxMDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntE7Usi4OkrxL7/bqY+APKTTiuPg
VEZTcaplRBh5Z3XbGuvceA3SIvGes4VsWgclSBaBXRXWjSyTiVa8FluvfTl7ggK8
cEIMIBUwRlQaq5ZI8G8QCCFqeNOCSX9yGzUED6D8ndUX/hvUw9lZLxCdj2yL9JXf
SoZB1b4sWTdSK9bpYdfkMCqkdX3HbvOae2AyVTtKg0RxyDCIDXwIHa0wQQoUnW1q
ePHpVxoEW5zI+8gbea2Gd76OfamHtXboVfh633Kni+qm1yhxS0yImEwELVz9Yarn
Sbm+3tDZs/rHzvyeyqEWD3DDKzOIKtkP1OEW1k7da/BO+T5O/vloDvzZVQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFL9norjMjXn+gVKD8iUVwRcuSxCFMB8GA1UdIwQY
MBaAFBCDxDYnlTfU9ybSMQzvFKQvGyuKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUlQRU5pZVZOOVQzSnRJeERPOFVwQzhiSzRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8wOTE0NzMtNGQ4Yi00YmM5LWE5MTIt
ODEyMjQ4YjY1MzcwLzEvdjJlaXVNeU5lZjZCVW9QeUpSWEJGeTVMRUlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8wOTE0NzMtNGQ4Yi00YmM5LWE5MTItODEyMjQ4YjY1Mzcw
LzEvRUlQRU5pZVZOOVQzSnRJeERPOFVwQzhiSzRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATMAsDAwBZoQME
AVmhbAMEArnUKDANBgkqhkiG9w0BAQsFAAOCAQEAE2uEc2UE0eu8NGzbtpYY4TKs
N/VIIsPVebLi5OjSK17lubpLIDpior07pHmUu1Sralb1nKCO02BFibX1v0iQ1I3x
fuInUu2GaZiKRl3zdLKEaxvMSkmBPcklKAHhMepSesGZZSlyBO6KkyQ5y6yHypEo
a3fiU8AvxwnhM4OPWL9CpACfdumeYuwzzLTKiUiKVRg0/mac6OntHtzSRKNcc3Xb
mIl1hPu4zCsQiIq5toSGIcH7URTM1oed+uvr34CimM33uAO6drN7+ZFK/67/QYWQ
Lwog10Ep/wxbsaTqouSKhuj0C0wiFDOxNRtOZ1BMKEuluv1yAoEGSwpOK7nqbg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:54:29 2024 by rpki-client on console-fra.rpki-client.org