Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/nS5bHrpU9wN7S5LG1MnOrqRiyL8.roa
File: nS5bHrpU9wN7S5LG1MnOrqRiyL8.roa (raw, json)
Hash identifier: hxrBJk0tT4+O9Xo6sXmCjLyAL6prFfJEyqj5AUiye5Q=
Subject key identifier: 9D:2E:5B:1E:BA:54:F7:03:7B:4B:92:C6:D4:C9:CE:AE:A4:62:C8:BF
Certificate issuer: /CN=c1bf8f3e609072889e74dd0fb4e27f9bac47b3b0
Certificate serial: 01927681349486A4DB81B999343D8ADE4306
Authority key identifier: C1:BF:8F:3E:60:90:72:88:9E:74:DD:0F:B4:E2:7F:9B:AC:47:B3:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wb-PPmCQcoiedN0PtOJ_m6xHs7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/nS5bHrpU9wN7S5LG1MnOrqRiyL8.roa
Signing time: Thu 10 Oct 2024 12:57:11 +0000
ROA not before: Thu 10 Oct 2024 12:57:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34187
IP address blocks: 78.26.128.0/18 maxlen: 18
78.26.128.0/19 maxlen: 19
78.26.128.0/24 maxlen: 24
78.26.129.0/24 maxlen: 24
78.26.130.0/24 maxlen: 24
78.26.140.0/22 maxlen: 22
78.26.151.0/24 maxlen: 24
78.26.160.0/19 maxlen: 19
78.26.161.0/24 maxlen: 24
78.26.180.0/23 maxlen: 23
78.26.192.0/18 maxlen: 18
78.26.192.0/19 maxlen: 19
78.26.192.0/20 maxlen: 20
78.26.192.0/22 maxlen: 22
78.26.224.0/19 maxlen: 19
185.70.108.0/22 maxlen: 22
185.70.108.0/23 maxlen: 23
185.70.110.0/23 maxlen: 23
195.245.118.0/23 maxlen: 23
195.245.118.0/24 maxlen: 24
195.245.119.0/24 maxlen: 24
2a03:1240::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/wb-PPmCQcoiedN0PtOJ_m6xHs7A.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/wb-PPmCQcoiedN0PtOJ_m6xHs7A.mft
rsync://rpki.ripe.net/repository/DEFAULT/wb-PPmCQcoiedN0PtOJ_m6xHs7A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:76:81:34:94:86:a4:db:81:b9:99:34:3d:8a:de:43:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1bf8f3e609072889e74dd0fb4e27f9bac47b3b0
Validity
Not Before: Oct 10 12:57:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d2e5b1eba54f7037b4b92c6d4c9ceaea462c8bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:91:2b:cc:2a:70:2a:bf:30:36:e2:69:55:35:
68:d6:31:d3:0a:9c:02:9e:2c:42:5b:a3:70:dd:80:
04:f8:8d:f8:d1:b8:16:a7:09:ba:8f:99:a3:f1:b5:
32:b6:a6:a1:e9:e9:a8:36:81:40:19:5e:b3:f2:3f:
1e:d5:2c:ec:4d:43:75:84:9c:53:81:75:d6:2c:fa:
39:72:70:c5:f8:65:86:bd:cf:c2:e9:aa:bd:55:74:
7e:f4:d9:92:f2:d0:60:76:95:d1:b8:b5:a7:44:68:
d4:83:63:19:b6:7b:e0:fa:2e:ec:99:d5:f8:8c:02:
04:f1:45:4a:14:fe:f5:e3:d8:a3:43:b4:9a:e4:3f:
69:06:36:03:1b:83:8e:cc:65:b4:f5:6c:2a:3a:d0:
5c:ad:67:19:2f:75:48:16:13:4a:ec:b6:8d:c2:df:
42:74:a4:f9:88:c6:fb:a4:60:3f:2d:6c:8d:bd:32:
ce:b8:73:cf:cf:52:5d:22:c5:1d:7e:9e:90:01:6e:
ef:65:14:a8:cc:c6:27:b5:b2:22:bc:e9:9f:8e:80:
fb:04:41:02:16:45:08:ff:0d:63:17:d7:8c:22:38:
2f:3b:fa:c8:d3:b6:84:38:03:b0:69:ee:29:67:03:
f4:29:83:ad:68:5a:f4:2a:ad:36:4b:52:7a:91:85:
53:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:2E:5B:1E:BA:54:F7:03:7B:4B:92:C6:D4:C9:CE:AE:A4:62:C8:BF
X509v3 Authority Key Identifier:
keyid:C1:BF:8F:3E:60:90:72:88:9E:74:DD:0F:B4:E2:7F:9B:AC:47:B3:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wb-PPmCQcoiedN0PtOJ_m6xHs7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/nS5bHrpU9wN7S5LG1MnOrqRiyL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/wb-PPmCQcoiedN0PtOJ_m6xHs7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.26.128.0/17
185.70.108.0/22
195.245.118.0/23
IPv6:
2a03:1240::/48
Signature Algorithm: sha256WithRSAEncryption
51:e7:5a:0d:46:3b:c9:c6:ca:e5:fc:c2:2d:4a:60:b2:17:62:
c5:a3:bd:1d:ed:41:29:f0:8b:70:72:93:a9:02:f6:1e:e1:34:
60:b3:ed:5a:bf:f4:d9:a2:f3:98:2d:fe:e7:a1:6b:79:bd:ae:
3d:99:ee:40:4d:fe:2c:6e:71:b6:1d:8e:1a:02:7a:be:e4:ee:
de:13:2e:f5:9d:1c:61:1c:54:6f:09:27:71:9e:c3:cf:cf:51:
86:70:a0:ef:ce:47:b3:3b:b7:0e:70:38:8c:82:79:93:6a:24:
33:35:33:5b:30:81:9f:53:2d:3b:18:21:19:64:38:e2:b7:c2:
b8:2e:da:94:78:d4:d0:e9:70:a0:93:8e:72:bc:8b:24:ce:1e:
32:95:a1:18:5c:cf:af:08:dd:04:c0:81:5a:87:61:65:79:5a:
ce:37:b9:89:d5:40:ce:1f:49:11:55:22:5a:53:cc:8f:ff:48:
9a:6d:f2:64:05:9d:5c:b6:ee:11:08:9d:ed:4c:43:70:56:40:
a3:60:ea:32:cf:44:69:e5:c2:6e:00:10:ad:53:9f:5a:89:8d:
87:56:99:a8:63:6c:cd:28:d0:27:00:a4:a0:85:9d:7c:56:ee:
0b:17:b8:95:81:6d:fc:b4:ed:1e:77:57:a7:d3:a9:92:a8:48:
10:4b:7f:84
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZJ2gTSUhqTbgbmZND2K3kMGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYmY4ZjNlNjA5MDcyODg5ZTc0ZGQwZmI0ZTI3ZjliYWM0
N2IzYjAwHhcNMjQxMDEwMTI1NzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDJlNWIxZWJhNTRmNzAzN2I0YjkyYzZkNGM5Y2VhZWE0NjJjOGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZErzCpwKr8wNuJpVTVo1jHTCpwC
nixCW6Nw3YAE+I340bgWpwm6j5mj8bUytqah6emoNoFAGV6z8j8e1SzsTUN1hJxT
gXXWLPo5cnDF+GWGvc/C6aq9VXR+9NmS8tBgdpXRuLWnRGjUg2MZtnvg+i7smdX4
jAIE8UVKFP7149ijQ7Sa5D9pBjYDG4OOzGW09WwqOtBcrWcZL3VIFhNK7LaNwt9C
dKT5iMb7pGA/LWyNvTLOuHPPz1JdIsUdfp6QAW7vZRSozMYntbIivOmfjoD7BEEC
FkUI/w1jF9eMIjgvO/rI07aEOAOwae4pZwP0KYOtaFr0Kq02S1J6kYVTiQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJ0uWx66VPcDe0uSxtTJzq6kYsi/MB8GA1UdIwQY
MBaAFMG/jz5gkHKInnTdD7Tif5usR7OwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2ItUFBtQ1Fjb2llZE4wUHRPSl9tNnhIczdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9hMWM2YzAtZTc1NC00NzllLTg1MWQt
MGQwZGEwZDEwNDMyLzEvblM1YkhycFU5d043UzVMRzFNbk9ycVJpeUw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9hMWM2YzAtZTc1NC00NzllLTg1MWQtMGQwZGEwZDEwNDMy
LzEvd2ItUFBtQ1Fjb2llZE4wUHRPSl9tNnhIczdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQHThqAAwQC
uUZsAwQBw/V2MA8EAgACMAkDBwAqAxJAAAAwDQYJKoZIhvcNAQELBQADggEBAFHn
Wg1GO8nGyuX8wi1KYLIXYsWjvR3tQSnwi3Byk6kC9h7hNGCz7Vq/9Nmi85gt/ueh
a3m9rj2Z7kBN/ixucbYdjhoCer7k7t4TLvWdHGEcVG8JJ3Gew8/PUYZwoO/OR7M7
tw5wOIyCeZNqJDM1M1swgZ9TLTsYIRlkOOK3wrgu2pR41NDpcKCTjnK8iyTOHjKV
oRhcz68I3QTAgVqHYWV5Ws43uYnVQM4fSRFVIlpTzI//SJpt8mQFnVy27hEIne1M
Q3BWQKNg6jLPRGnlwm4AEK1Tn1qJjYdWmahjbM0o0CcApKCFnXxW7gsXuJWBbfy0
7R53V6fTqZKoSBBLf4Q=
-----END CERTIFICATE-----
Generated at Tue Nov 26 02:54:16 2024 by rpki-client on console-fra.rpki-client.org