Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/tRGuzRNaltL4x6V82TbNAMmRjQk.roa
File: tRGuzRNaltL4x6V82TbNAMmRjQk.roa (raw, json)
Hash identifier: IhIF0ZsjlvUrffcCadqqwlpVcYK+1j+K1IXlCyF1S4E=
Subject key identifier: B5:11:AE:CD:13:5A:96:D2:F8:C7:A5:7C:D9:36:CD:00:C9:91:8D:09
Certificate issuer: /CN=9e4b3281b08e6b5ec1fdeb0d0440528ed934dc3f
Certificate serial: 0191B2EFC15D7BF348F236CE1F6529FEF6EE
Authority key identifier: 9E:4B:32:81:B0:8E:6B:5E:C1:FD:EB:0D:04:40:52:8E:D9:34:DC:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nksygbCOa17B_esNBEBSjtk03D8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/tRGuzRNaltL4x6V82TbNAMmRjQk.roa
Signing time: Mon 02 Sep 2024 13:32:22 +0000
ROA not before: Mon 02 Sep 2024 13:32:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12322
IP address blocks: 62.147.0.0/16 maxlen: 16
78.192.0.0/10 maxlen: 11
82.64.0.0/14 maxlen: 15
82.224.0.0/11 maxlen: 13
88.160.0.0/11 maxlen: 15
212.27.32.0/19 maxlen: 19
213.228.0.0/18 maxlen: 18
2a01:e00::/26 maxlen: 39
2a01:e08::/32 maxlen: 32
2a01:e08:100::/44 maxlen: 44
2a01:e08:500::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/nksygbCOa17B_esNBEBSjtk03D8.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/nksygbCOa17B_esNBEBSjtk03D8.mft
rsync://rpki.ripe.net/repository/DEFAULT/nksygbCOa17B_esNBEBSjtk03D8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b2:ef:c1:5d:7b:f3:48:f2:36:ce:1f:65:29:fe:f6:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e4b3281b08e6b5ec1fdeb0d0440528ed934dc3f
Validity
Not Before: Sep 2 13:32:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b511aecd135a96d2f8c7a57cd936cd00c9918d09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:7a:4f:44:01:c7:59:67:a2:50:16:57:a0:b2:
8a:b2:a1:d5:83:c4:97:05:01:a9:ad:8e:ee:ac:5a:
b1:94:fe:8c:bb:54:c5:b2:60:87:8a:18:0f:58:82:
e9:89:d3:7e:ff:33:09:68:90:bc:89:57:04:8c:af:
39:01:fb:e5:f3:11:4c:e6:29:f9:98:4e:c2:bf:c2:
75:80:a3:4f:f4:cf:ac:6f:97:77:9e:2d:48:90:17:
ec:da:bc:6b:c4:9e:d8:fb:25:7c:bc:44:ac:76:48:
45:79:48:73:96:78:5c:18:d8:29:26:e1:57:31:cd:
9d:54:f0:6e:06:ac:f9:de:49:9e:67:a9:2f:60:d5:
a2:ea:a2:2b:03:9a:2f:23:b2:25:44:f2:b0:be:a1:
2c:06:d9:74:af:ad:fd:c3:18:9c:8e:de:71:46:63:
40:3d:36:d2:2e:9c:63:98:e7:e1:30:55:5f:60:d3:
73:b7:64:cf:bf:6a:14:b9:fa:2b:c0:a3:01:f9:13:
e4:9f:1c:b6:db:a2:66:32:0c:b4:2f:4b:8f:c1:f6:
c2:3a:1d:16:70:b2:93:7a:9c:14:ea:71:4a:e2:fd:
bd:17:d1:77:50:3e:05:75:9c:04:ef:0f:3b:cb:1b:
21:66:10:00:54:f9:38:c7:81:30:8e:4f:43:fc:28:
ae:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:11:AE:CD:13:5A:96:D2:F8:C7:A5:7C:D9:36:CD:00:C9:91:8D:09
X509v3 Authority Key Identifier:
keyid:9E:4B:32:81:B0:8E:6B:5E:C1:FD:EB:0D:04:40:52:8E:D9:34:DC:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nksygbCOa17B_esNBEBSjtk03D8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/tRGuzRNaltL4x6V82TbNAMmRjQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/nksygbCOa17B_esNBEBSjtk03D8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.147.0.0/16
78.192.0.0/10
82.64.0.0/14
82.224.0.0/11
88.160.0.0/11
212.27.32.0/19
213.228.0.0/18
IPv6:
2a01:e00::/26
Signature Algorithm: sha256WithRSAEncryption
89:25:09:4e:cb:1a:c6:dc:fd:5a:92:b7:cc:3a:21:8c:ca:08:
6d:0a:25:b4:b3:c5:8d:3b:f0:f5:a5:20:4e:08:19:ae:61:bb:
fe:58:31:3d:53:ec:7a:c5:00:5d:cb:d1:b2:65:3c:bb:ea:e9:
e5:e5:e6:e8:91:15:60:55:71:0d:fb:ec:ae:4c:e3:d5:3a:d4:
75:ce:42:8e:94:3e:83:89:38:9b:67:a5:f9:a8:bc:8e:e3:94:
bf:bd:71:3b:7a:04:16:4c:0b:f8:21:57:a8:d9:7c:9d:ea:fe:
8d:c8:ca:f6:a0:e8:2b:dd:dc:5c:fb:c1:9b:43:89:e5:30:c6:
44:ad:39:26:94:44:83:29:bc:4a:14:5b:6a:72:e2:61:df:65:
12:8e:34:08:b3:ed:91:b5:49:ee:9b:40:3d:16:4a:f5:90:9b:
90:f7:4f:da:60:f7:e7:33:2d:b2:e8:67:21:9b:c0:de:17:a2:
ee:85:b6:6c:86:f4:97:7b:c8:df:c7:86:07:d4:d2:17:85:c9:
d2:a8:83:7f:8c:5a:5e:f9:71:ed:5c:03:d1:24:be:91:65:57:
ea:e0:b7:0a:c1:69:60:6f:dd:7e:d5:8a:1f:1f:ac:95:ba:d2:
5d:df:06:ac:9a:83:d7:21:3a:9d:34:21:40:b9:ec:f6:99:a3:
ff:b4:84:41
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZGy78Fde/NI8jbOH2Up/vbuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNGIzMjgxYjA4ZTZiNWVjMWZkZWIwZDA0NDA1MjhlZDkz
NGRjM2YwHhcNMjQwOTAyMTMzMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTExYWVjZDEzNWE5NmQyZjhjN2E1N2NkOTM2Y2QwMGM5OTE4ZDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXpPRAHHWWeiUBZXoLKKsqHVg8SX
BQGprY7urFqxlP6Mu1TFsmCHihgPWILpidN+/zMJaJC8iVcEjK85Afvl8xFM5in5
mE7Cv8J1gKNP9M+sb5d3ni1IkBfs2rxrxJ7Y+yV8vESsdkhFeUhzlnhcGNgpJuFX
Mc2dVPBuBqz53kmeZ6kvYNWi6qIrA5ovI7IlRPKwvqEsBtl0r639wxicjt5xRmNA
PTbSLpxjmOfhMFVfYNNzt2TPv2oUuforwKMB+RPknxy226JmMgy0L0uPwfbCOh0W
cLKTepwU6nFK4v29F9F3UD4FdZwE7w87yxshZhAAVPk4x4Ewjk9D/CiulQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFLURrs0TWpbS+MelfNk2zQDJkY0JMB8GA1UdIwQY
MBaAFJ5LMoGwjmtewf3rDQRAUo7ZNNw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmtzeWdiQ09hMTdCX2VzTkJFQlNqdGswM0Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9mZjdkMzMtZTRmNy00M2MwLTkyNGIt
NmIyZDQ2OTI0YzZmLzEvdFJHdXpSTmFsdEw0eDZWODJUYk5BTW1SalFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9mZjdkMzMtZTRmNy00M2MwLTkyNGItNmIyZDQ2OTI0YzZm
LzEvbmtzeWdiQ09hMTdCX2VzTkJFQlNqdGswM0Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDArBAIAATAlAwMAPpMDAwZO
wAMDAlJAAwMFUuADAwVYoAMEBdQbIAMEBtXkADANBAIAAjAHAwUGKgEOADANBgkq
hkiG9w0BAQsFAAOCAQEAiSUJTssaxtz9WpK3zDohjMoIbQoltLPFjTvw9aUgTggZ
rmG7/lgxPVPsesUAXcvRsmU8u+rp5eXm6JEVYFVxDfvsrkzj1TrUdc5CjpQ+g4k4
m2el+ai8juOUv71xO3oEFkwL+CFXqNl8ner+jcjK9qDoK93cXPvBm0OJ5TDGRK05
JpREgym8ShRbanLiYd9lEo40CLPtkbVJ7ptAPRZK9ZCbkPdP2mD35zMtsuhnIZvA
3hei7oW2bIb0l3vI38eGB9TSF4XJ0qiDf4xaXvlx7VwD0SS+kWVX6uC3CsFpYG/d
ftWKHx+slbrSXd8GrJqD1yE6nTQhQLns9pmj/7SEQQ==
-----END CERTIFICATE-----
Generated at Tue Nov 26 09:13:04 2024 by rpki-client on console-fra.rpki-client.org