Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/0NznaS0GecyfFCw5bDllAi_GfkE.roa
File: 0NznaS0GecyfFCw5bDllAi_GfkE.roa (raw, json)
Hash identifier: bnK2jkX0RaJKXlGqTbWEx8gtMxtPcTKlvbM0CvkhfOM=
Subject key identifier: D0:DC:E7:69:2D:06:79:CC:9F:14:2C:39:6C:39:65:02:2F:C6:7E:41
Certificate issuer: /CN=4f9131775b3260b11a16240d1d8e76891d7f3732
Certificate serial: 01931174193BA325B31DDB2B1D768B0DFB2D
Authority key identifier: 4F:91:31:77:5B:32:60:B1:1A:16:24:0D:1D:8E:76:89:1D:7F:37:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5Exd1syYLEaFiQNHY52iR1_NzI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/0NznaS0GecyfFCw5bDllAi_GfkE.roa
Signing time: Sat 09 Nov 2024 15:04:01 +0000
ROA not before: Sat 09 Nov 2024 15:04:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 43.226.0.0/23 maxlen: 23
46.17.217.0/24 maxlen: 24
63.251.117.0/24 maxlen: 24
64.95.150.0/23 maxlen: 23
64.225.244.0/23 maxlen: 23
91.198.19.0/24 maxlen: 24
91.246.38.0/24 maxlen: 24
103.94.60.0/22 maxlen: 22
103.199.80.0/24 maxlen: 24
104.225.253.0/24 maxlen: 24
117.18.104.0/24 maxlen: 24
123.100.227.0/24 maxlen: 24
148.222.40.0/22 maxlen: 22
167.234.38.0/24 maxlen: 24
198.49.103.0/24 maxlen: 24
202.2.60.0/22 maxlen: 22
203.27.201.0/24 maxlen: 24
216.183.120.0/24 maxlen: 24
216.203.15.0/24 maxlen: 24
217.11.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/T5Exd1syYLEaFiQNHY52iR1_NzI.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/T5Exd1syYLEaFiQNHY52iR1_NzI.mft
rsync://rpki.ripe.net/repository/DEFAULT/T5Exd1syYLEaFiQNHY52iR1_NzI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 00:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:11:74:19:3b:a3:25:b3:1d:db:2b:1d:76:8b:0d:fb:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9131775b3260b11a16240d1d8e76891d7f3732
Validity
Not Before: Nov 9 15:04:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0dce7692d0679cc9f142c396c3965022fc67e41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c2:0e:6c:40:72:fb:86:25:fa:d4:7e:5f:15:
eb:a1:d5:cb:ee:f4:e6:66:56:23:64:32:1a:d1:3c:
c6:14:e3:4f:34:0c:fa:5e:38:c8:26:e0:87:a6:55:
e3:88:43:a4:fd:96:80:b3:1d:dc:49:23:95:5a:0a:
7b:ef:15:27:bb:7f:a3:59:4a:da:28:f2:47:57:e5:
d3:cd:f2:5f:0c:8d:77:41:1a:ca:1b:14:90:5d:3b:
b7:91:35:e8:a4:0d:9c:b2:59:80:95:01:1e:40:cf:
39:03:d6:a5:a7:99:e4:b7:96:b1:58:94:25:c7:d0:
a7:38:b1:d1:66:31:9b:31:f0:dd:d6:b7:77:34:12:
62:91:0d:57:da:7b:b8:78:e0:cd:d2:de:f4:9f:c3:
35:98:13:8a:96:d5:15:8c:a6:14:bc:3a:64:f4:d9:
e5:c5:83:7c:44:d7:c8:01:df:66:f4:2f:f6:78:80:
f4:8e:28:83:87:10:27:96:89:2d:50:74:ed:c8:95:
86:cf:ed:35:bb:a4:7f:41:e1:88:48:de:2d:ba:d7:
58:5f:a0:2c:16:d1:7f:a4:14:91:9c:02:c0:5b:30:
e4:de:97:be:61:23:45:ab:5e:48:47:9a:c4:c3:b5:
83:43:d7:3e:98:7b:2f:d5:0a:71:97:e2:dc:bc:8e:
f1:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:DC:E7:69:2D:06:79:CC:9F:14:2C:39:6C:39:65:02:2F:C6:7E:41
X509v3 Authority Key Identifier:
keyid:4F:91:31:77:5B:32:60:B1:1A:16:24:0D:1D:8E:76:89:1D:7F:37:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5Exd1syYLEaFiQNHY52iR1_NzI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/0NznaS0GecyfFCw5bDllAi_GfkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/T5Exd1syYLEaFiQNHY52iR1_NzI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.226.0.0/23
46.17.217.0/24
63.251.117.0/24
64.95.150.0/23
64.225.244.0/23
91.198.19.0/24
91.246.38.0/24
103.94.60.0/22
103.199.80.0/24
104.225.253.0/24
117.18.104.0/24
123.100.227.0/24
148.222.40.0/22
167.234.38.0/24
198.49.103.0/24
202.2.60.0/22
203.27.201.0/24
216.183.120.0/24
216.203.15.0/24
217.11.174.0/24
Signature Algorithm: sha256WithRSAEncryption
14:73:72:58:d7:4c:ac:71:c3:9c:89:6e:2f:81:30:4f:25:c9:
14:73:4d:61:3e:3f:f7:8c:c3:88:8c:13:ba:14:42:ba:0b:59:
de:26:5f:63:cd:ba:64:65:12:42:6c:58:78:54:d2:94:42:55:
11:70:cd:a4:d7:23:92:0d:ab:81:13:16:57:7b:c0:de:b4:5f:
05:41:5f:2c:bc:16:74:21:ba:e4:4e:23:8b:4f:e3:df:d4:23:
88:60:7f:a1:d3:4d:8b:ba:77:37:cf:c3:9e:d7:52:84:77:b3:
6b:92:6f:68:9b:33:af:ac:4d:05:18:12:a1:69:b5:46:50:39:
16:d9:c8:59:3d:d7:cb:81:03:c6:48:5a:d4:5e:95:ae:1c:db:
4a:6b:3b:8d:35:2b:fa:5d:f8:78:a8:66:fd:f4:a1:a1:7c:23:
7e:35:2a:bb:98:3e:28:6b:a7:8b:10:db:ab:29:a6:fc:0f:6c:
6b:76:70:b5:c8:d2:62:fe:57:e0:f3:4c:c9:60:4c:35:ef:d4:
b3:ce:1e:55:b7:e8:ec:00:b3:03:d2:d9:76:ad:da:a9:6c:2f:
1e:48:62:58:4f:a6:81:1b:e4:35:1a:e9:c3:4d:2b:4b:1e:3c:
68:ec:ae:f4:f7:a0:40:d8:f2:6f:5a:48:0e:7d:67:fd:65:4c:
a7:e8:f5:fd
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAZMRdBk7oyWzHdsrHXaLDfstMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTEzMTc3NWIzMjYwYjExYTE2MjQwZDFkOGU3Njg5MWQ3
ZjM3MzIwHhcNMjQxMTA5MTUwNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGRjZTc2OTJkMDY3OWNjOWYxNDJjMzk2YzM5NjUwMjJmYzY3ZTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8IObEBy+4Yl+tR+XxXrodXL7vTm
ZlYjZDIa0TzGFONPNAz6XjjIJuCHplXjiEOk/ZaAsx3cSSOVWgp77xUnu3+jWUra
KPJHV+XTzfJfDI13QRrKGxSQXTu3kTXopA2cslmAlQEeQM85A9alp5nkt5axWJQl
x9CnOLHRZjGbMfDd1rd3NBJikQ1X2nu4eODN0t70n8M1mBOKltUVjKYUvDpk9Nnl
xYN8RNfIAd9m9C/2eID0jiiDhxAnloktUHTtyJWGz+01u6R/QeGISN4tutdYX6As
FtF/pBSRnALAWzDk3pe+YSNFq15IR5rEw7WDQ9c+mHsv1Qpxl+LcvI7xWQIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFNDc52ktBnnMnxQsOWw5ZQIvxn5BMB8GA1UdIwQY
MBaAFE+RMXdbMmCxGhYkDR2OdokdfzcyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVFeGQxc3lZTEVhRmlRTkhZNTJpUjFfTnpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi84OTk2MmUtYjExYy00ZTY5LWI0MTMt
YWI2M2Q0NWY0YjZhLzEvME56bmFTMEdlY3lmRkN3NWJEbGxBaV9HZmtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi84OTk2MmUtYjExYy00ZTY5LWI0MTMtYWI2M2Q0NWY0YjZh
LzEvVDVFeGQxc3lZTEVhRmlRTkhZNTJpUjFfTnpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQBK+IA
AwQALhHZAwQAP/t1AwQBQF+WAwQBQOH0AwQAW8YTAwQAW/YmAwQCZ148AwQAZ8dQ
AwQAaOH9AwQAdRJoAwQAe2TjAwQClN4oAwQAp+omAwQAxjFnAwQCygI8AwQAyxvJ
AwQA2Ld4AwQA2MsPAwQA2QuuMA0GCSqGSIb3DQEBCwUAA4IBAQAUc3JY10ysccOc
iW4vgTBPJckUc01hPj/3jMOIjBO6FEK6C1neJl9jzbpkZRJCbFh4VNKUQlURcM2k
1yOSDauBExZXe8DetF8FQV8svBZ0IbrkTiOLT+Pf1COIYH+h002Lunc3z8Oe11KE
d7Nrkm9omzOvrE0FGBKhabVGUDkW2chZPdfLgQPGSFrUXpWuHNtKazuNNSv6Xfh4
qGb99KGhfCN+NSq7mD4oa6eLENurKab8D2xrdnC1yNJi/lfg80zJYEw179Szzh5V
t+jsALMD0tl2rdqpbC8eSGJYT6aBG+Q1GunDTStLHjxo7K7096BA2PJvWkgOfWf9
ZUyn6PX9
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:46:45 2024 by rpki-client on console-ams.rpki-client.org