Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/nBA6XUnC0NljiCFDcDce3KpV6tI.roa
File: nBA6XUnC0NljiCFDcDce3KpV6tI.roa (raw, json)
Hash identifier: w5TkvCcLYsqG/wVj3rFpSfdY8X2VvO7HWEnb6F7alZs=
Subject key identifier: 9C:10:3A:5D:49:C2:D0:D9:63:88:21:43:70:37:1E:DC:AA:55:EA:D2
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 018DA1F5E1F938117F30CA59CAB5C2D6DBD3
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/nBA6XUnC0NljiCFDcDce3KpV6tI.roa
Signing time: Tue 13 Feb 2024 10:14:22 +0000
ROA not before: Tue 13 Feb 2024 10:14:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12429
IP address blocks: 188.92.48.0/21 maxlen: 22
188.92.48.0/22 maxlen: 22
193.222.64.0/19 maxlen: 20
193.223.20.0/22 maxlen: 22
193.223.24.0/22 maxlen: 22
193.223.44.0/22 maxlen: 22
193.223.48.0/20 maxlen: 20
193.246.32.0/21 maxlen: 21
193.246.40.0/21 maxlen: 21
193.246.208.0/20 maxlen: 20
193.247.246.0/24 maxlen: 24
194.11.144.0/21 maxlen: 24
2a02:a90::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.mft
rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 19:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a1:f5:e1:f9:38:11:7f:30:ca:59:ca:b5:c2:d6:db:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Feb 13 10:14:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c103a5d49c2d0d96388214370371edcaa55ead2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:cc:8e:65:e9:c0:ef:ee:60:13:0c:3e:63:b3:
81:0d:1b:b9:05:ad:f9:a5:07:f9:8d:1e:3b:92:ab:
ba:b9:dd:5e:27:86:ba:48:d9:c9:d5:90:5e:0d:1f:
40:37:ce:75:8b:7a:76:0f:36:6e:05:81:12:c9:61:
ac:34:19:a4:bb:99:35:94:5c:40:a5:ac:46:90:cc:
a2:ae:09:c0:3c:5d:2f:5b:c8:2b:28:ed:25:7b:ab:
5c:6f:2c:33:8f:e9:25:fa:19:91:b7:e2:0b:7d:c5:
4f:32:b3:0f:c9:b6:0e:78:04:b0:28:db:2c:8a:d8:
f5:11:bf:25:f4:66:b8:b7:e2:6c:81:c4:e2:43:3d:
af:97:c6:3f:d7:5e:d4:5a:e7:d8:a2:6c:c3:45:e6:
df:ad:22:8e:a3:d3:cf:d8:e5:e8:f2:68:3e:d7:f2:
ad:bc:e5:52:e3:15:4a:88:50:2c:f0:b5:a5:ab:d1:
f1:74:7f:93:0a:9e:95:ea:d2:a7:59:87:e4:f5:5c:
c7:c1:16:78:f7:c9:d6:ec:3f:2e:fa:cc:0e:03:db:
c1:0f:a6:37:df:8d:fc:4f:b7:dc:04:92:97:24:fb:
5b:14:54:12:08:b8:88:d9:d1:da:61:f1:7f:fe:5c:
a5:22:a4:b9:2e:ca:54:59:cb:3a:48:7a:66:ec:ee:
62:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:10:3A:5D:49:C2:D0:D9:63:88:21:43:70:37:1E:DC:AA:55:EA:D2
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/nBA6XUnC0NljiCFDcDce3KpV6tI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.92.48.0/21
193.222.64.0/19
193.223.20.0-193.223.27.255
193.223.44.0-193.223.63.255
193.246.32.0/20
193.246.208.0/20
193.247.246.0/24
194.11.144.0/21
IPv6:
2a02:a90::/32
Signature Algorithm: sha256WithRSAEncryption
37:af:07:fe:25:3c:c0:1d:5d:28:53:97:89:0b:89:77:e9:3a:
e1:bd:b4:2a:6e:7d:2b:72:88:4c:ed:e8:b2:b8:d6:a9:2b:69:
a8:d3:d5:13:08:4e:a7:03:9e:be:3b:60:d2:27:bc:d2:b5:78:
f8:76:25:f1:b0:fe:3e:3b:42:c8:bb:05:17:ee:7e:2a:e1:c7:
d9:5e:88:b3:cb:1e:48:c2:dd:ee:2e:f5:13:b6:63:23:44:4f:
65:72:da:c4:cf:56:91:f8:f2:3e:b7:bf:dc:52:f9:a2:69:2d:
14:85:55:d1:82:db:66:2a:a2:f5:02:db:71:dc:85:4f:70:68:
e2:55:64:b2:71:7d:af:8c:03:bb:22:d4:b5:16:af:8d:e4:98:
04:df:2c:06:78:ce:10:ef:0d:b0:a1:29:c8:17:91:ee:bb:7d:
06:93:88:17:43:9b:68:01:8d:ac:1c:5c:e7:96:71:59:f3:ad:
7a:52:c1:70:41:8d:62:1d:d0:22:5c:e0:f6:f6:17:d1:d5:67:
5d:4b:1b:0c:fa:30:27:3e:07:fc:79:07:11:7a:cb:96:6f:64:
34:ac:2e:e3:7c:c4:d5:85:b5:83:f4:a1:7f:4a:a4:16:c7:5d:
71:77:74:bc:9a:e3:97:0d:fa:3b:1c:44:7e:9f:62:50:dd:b0:
62:11:59:43
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAY2h9eH5OBF/MMpZyrXC1tvTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjQwMjEzMTAxNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzEwM2E1ZDQ5YzJkMGQ5NjM4ODIxNDM3MDM3MWVkY2FhNTVlYWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcyOZenA7+5gEww+Y7OBDRu5Ba35
pQf5jR47kqu6ud1eJ4a6SNnJ1ZBeDR9AN851i3p2DzZuBYESyWGsNBmku5k1lFxA
paxGkMyirgnAPF0vW8grKO0le6tcbywzj+kl+hmRt+ILfcVPMrMPybYOeASwKNss
itj1Eb8l9Ga4t+JsgcTiQz2vl8Y/117UWufYomzDRebfrSKOo9PP2OXo8mg+1/Kt
vOVS4xVKiFAs8LWlq9HxdH+TCp6V6tKnWYfk9VzHwRZ498nW7D8u+swOA9vBD6Y3
3438T7fcBJKXJPtbFFQSCLiI2dHaYfF//lylIqS5LspUWcs6SHpm7O5i0QIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFJwQOl1JwtDZY4ghQ3A3HtyqVerSMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvbkJBNlhVbkMwTmxqaUNGRGNEY2UzS3BWNnRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzBGBAIAATBAAwQDvFwwAwQF
wd5AMAwDBALB3xQDBALB3xgwDAMEAsHfLAMEBsHfAAMEBMH2IAMEBMH20AMEAMH3
9gMEA8ILkDANBAIAAjAHAwUAKgIKkDANBgkqhkiG9w0BAQsFAAOCAQEAN68H/iU8
wB1dKFOXiQuJd+k64b20Km59K3KITO3osrjWqStpqNPVEwhOpwOevjtg0ie80rV4
+HYl8bD+PjtCyLsFF+5+KuHH2V6Is8seSMLd7i71E7ZjI0RPZXLaxM9WkfjyPre/
3FL5omktFIVV0YLbZiqi9QLbcdyFT3Bo4lVksnF9r4wDuyLUtRavjeSYBN8sBnjO
EO8NsKEpyBeR7rt9BpOIF0ObaAGNrBxc55ZxWfOtelLBcEGNYh3QIlzg9vYX0dVn
XUsbDPowJz4H/HkHEXrLlm9kNKwu43zE1YW1g/Shf0qkFsddcXd0vJrjlw36OxxE
fp9iUN2wYhFZQw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:01:16 2024 by rpki-client on console-ams.rpki-client.org