Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/uJNgYXBCQsdQojuzH5x__BIqpco.roa
File: uJNgYXBCQsdQojuzH5x__BIqpco.roa (raw, json)
Hash identifier: lIz2WY6W7HBOB2Yox0UyXtKWJWUNxtdUX5oGmbwTbCc=
Subject key identifier: B8:93:60:61:70:42:42:C7:50:A2:3B:B3:1F:9C:7F:FC:12:2A:A5:CA
Certificate issuer: /CN=059b86f99e2d6bde14fa8799de71ce41b98020b9
Certificate serial: 018DA71FE5D29DDC344FE5F5A98A350AA745
Authority key identifier: 05:9B:86:F9:9E:2D:6B:DE:14:FA:87:99:DE:71:CE:41:B9:80:20:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZuG-Z4ta94U-oeZ3nHOQbmAILk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/uJNgYXBCQsdQojuzH5x__BIqpco.roa
Signing time: Wed 14 Feb 2024 10:18:21 +0000
ROA not before: Wed 14 Feb 2024 10:18:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209984
IP address blocks: 89.40.238.0/24 maxlen: 24
89.43.72.0/24 maxlen: 24
89.43.198.0/24 maxlen: 24
89.44.145.0/24 maxlen: 24
109.205.136.0/22 maxlen: 24
185.237.136.0/22 maxlen: 24
185.249.232.0/24 maxlen: 24
185.253.145.0/24 maxlen: 24
185.253.146.0/24 maxlen: 24
193.39.95.0/24 maxlen: 24
194.15.219.0/24 maxlen: 24
194.15.232.0/24 maxlen: 24
194.15.236.0/24 maxlen: 24
194.26.1.0/24 maxlen: 24
2a06:ce00::/29 maxlen: 29
2a0c:1380::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/BZuG-Z4ta94U-oeZ3nHOQbmAILk.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/BZuG-Z4ta94U-oeZ3nHOQbmAILk.mft
rsync://rpki.ripe.net/repository/DEFAULT/BZuG-Z4ta94U-oeZ3nHOQbmAILk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 18:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a7:1f:e5:d2:9d:dc:34:4f:e5:f5:a9:8a:35:0a:a7:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=059b86f99e2d6bde14fa8799de71ce41b98020b9
Validity
Not Before: Feb 14 10:18:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8936061704242c750a23bb31f9c7ffc122aa5ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:2e:74:b4:3c:62:58:d1:dc:02:eb:9d:ae:77:
5f:63:cb:2b:dd:d1:14:39:9a:22:cb:e9:e0:b3:05:
33:2d:a5:d6:ab:5c:9f:89:a8:8d:c9:b0:2b:7c:9a:
dd:a5:4a:eb:6e:b7:40:11:40:d1:78:0c:c6:15:73:
5e:5e:6e:4a:0b:df:2f:47:a1:c7:ef:1f:bd:54:28:
49:ac:b8:53:0b:31:62:77:f0:26:7d:c6:21:9d:b5:
f8:8b:2a:22:c1:4b:2f:5b:15:59:43:66:41:2d:cf:
6e:88:04:43:b5:50:f7:78:22:f6:33:0a:3f:8a:34:
cb:d4:df:08:e1:80:92:59:ec:3d:35:4e:66:50:fb:
96:67:73:91:b9:9b:f7:c2:8d:1a:2a:05:7d:40:19:
58:b3:45:71:70:aa:b4:fe:8f:ed:8f:70:cb:6c:ee:
bb:b5:75:61:ea:c0:36:e9:16:91:ef:0d:cf:90:76:
c2:36:dd:cb:57:c9:55:6a:77:f5:21:ba:bc:11:05:
dc:fc:86:07:d3:05:25:f6:7b:39:cf:d3:42:16:eb:
57:84:5b:0d:99:01:61:9f:a8:40:3f:97:7c:2b:c2:
6f:61:c3:ee:b2:ba:57:90:20:59:4f:16:4b:f0:2b:
13:32:90:b4:85:cc:b4:8b:35:9f:0e:12:a4:47:87:
25:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:93:60:61:70:42:42:C7:50:A2:3B:B3:1F:9C:7F:FC:12:2A:A5:CA
X509v3 Authority Key Identifier:
keyid:05:9B:86:F9:9E:2D:6B:DE:14:FA:87:99:DE:71:CE:41:B9:80:20:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZuG-Z4ta94U-oeZ3nHOQbmAILk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/uJNgYXBCQsdQojuzH5x__BIqpco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/BZuG-Z4ta94U-oeZ3nHOQbmAILk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.238.0/24
89.43.72.0/24
89.43.198.0/24
89.44.145.0/24
109.205.136.0/22
185.237.136.0/22
185.249.232.0/24
185.253.145.0-185.253.146.255
193.39.95.0/24
194.15.219.0/24
194.15.232.0/24
194.15.236.0/24
194.26.1.0/24
IPv6:
2a06:ce00::/29
2a0c:1380::/29
Signature Algorithm: sha256WithRSAEncryption
b1:08:45:3f:a7:00:13:c0:b5:99:56:59:7e:3c:fc:b9:51:7f:
b3:02:b9:a9:a3:43:37:17:79:c0:0d:3c:92:de:c1:fe:15:76:
3c:ef:fd:30:fa:81:97:69:95:66:c7:f7:4b:75:83:74:51:77:
bd:01:4a:67:f4:26:ab:fb:f3:07:2b:48:2c:40:9c:7e:4c:8d:
4b:da:f4:bc:d0:97:96:85:3e:07:44:b3:3b:e5:75:8c:57:b0:
e4:af:42:e9:20:ee:27:67:1a:ec:60:f7:ed:0d:95:16:0b:37:
5d:e4:31:8a:60:fa:12:f7:9b:4f:42:5e:d0:5e:ed:30:e7:68:
5e:aa:9e:14:ae:fc:1b:ea:f9:da:d8:3b:19:5a:7c:62:b7:1e:
0c:bf:5e:b2:d9:60:7b:66:63:6a:dc:ac:5a:08:7e:73:d2:14:
5f:1d:a8:e3:19:86:27:2c:87:14:0c:0d:fa:df:fe:cc:8d:49:
bf:38:10:fa:5e:34:01:ad:3c:d1:ab:3c:5d:2a:d3:a3:34:78:
a1:4c:00:48:44:a4:1e:b7:67:ca:0f:82:53:9c:63:42:d5:03:
4b:eb:8f:3d:b6:89:f3:b1:b9:c7:9b:23:0f:2c:b1:12:4d:cc:
f8:a7:ad:d8:ae:04:50:21:9c:16:f0:96:a1:d8:d1:3d:c0:8c:
de:11:bb:c0
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAY2nH+XSndw0T+X1qYo1CqdFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OWI4NmY5OWUyZDZiZGUxNGZhODc5OWRlNzFjZTQxYjk4
MDIwYjkwHhcNMjQwMjE0MTAxODIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODkzNjA2MTcwNDI0MmM3NTBhMjNiYjMxZjljN2ZmYzEyMmFhNWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxC50tDxiWNHcAuudrndfY8sr3dEU
OZoiy+ngswUzLaXWq1yfiaiNybArfJrdpUrrbrdAEUDReAzGFXNeXm5KC98vR6HH
7x+9VChJrLhTCzFid/AmfcYhnbX4iyoiwUsvWxVZQ2ZBLc9uiARDtVD3eCL2Mwo/
ijTL1N8I4YCSWew9NU5mUPuWZ3ORuZv3wo0aKgV9QBlYs0VxcKq0/o/tj3DLbO67
tXVh6sA26RaR7w3PkHbCNt3LV8lVanf1Ibq8EQXc/IYH0wUl9ns5z9NCFutXhFsN
mQFhn6hAP5d8K8JvYcPusrpXkCBZTxZL8CsTMpC0hcy0izWfDhKkR4clEQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFLiTYGFwQkLHUKI7sx+cf/wSKqXKMB8GA1UdIwQY
MBaAFAWbhvmeLWveFPqHmd5xzkG5gCC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlp1Ry1aNHRhOTRVLW9lWjNuSE9RYm1BSUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8zNTg0MTYtMjc1Mi00MTU5LWFkZDYt
Y2MzZmIzNTFlMzM2LzEvdUpOZ1lYQkNRc2RRb2p1ekg1eF9fQklxcGNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8zNTg0MTYtMjc1Mi00MTU5LWFkZDYtY2MzZmIzNTFlMzM2
LzEvQlp1Ry1aNHRhOTRVLW9lWjNuSE9RYm1BSUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwXAQCAAEwVgMEAFko7gME
AFkrSAMEAFkrxgMEAFkskQMEAm3NiAMEArntiAMEALn56DAMAwQAuf2RAwQAuf2S
AwQAwSdfAwQAwg/bAwQAwg/oAwQAwg/sAwQAwhoBMBQEAgACMA4DBQMqBs4AAwUD
KgwTgDANBgkqhkiG9w0BAQsFAAOCAQEAsQhFP6cAE8C1mVZZfjz8uVF/swK5qaND
Nxd5wA08kt7B/hV2PO/9MPqBl2mVZsf3S3WDdFF3vQFKZ/Qmq/vzBytILECcfkyN
S9r0vNCXloU+B0SzO+V1jFew5K9C6SDuJ2ca7GD37Q2VFgs3XeQximD6EvebT0Je
0F7tMOdoXqqeFK78G+r52tg7GVp8YrceDL9estlge2ZjatysWgh+c9IUXx2o4xmG
JyyHFAwN+t/+zI1JvzgQ+l40Aa080as8XSrTozR4oUwASESkHrdnyg+CU5xjQtUD
S+uPPbaJ87G5x5sjDyyxEk3M+Ket2K4EUCGcFvCWodjRPcCM3hG7wA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:16:22 2024 by rpki-client on console-fra.rpki-client.org