Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/nYog6lA9ybxBqkB6-U4Sr4iiShQ.roa
File: nYog6lA9ybxBqkB6-U4Sr4iiShQ.roa (raw, json)
Hash identifier: IHgqGTWHhR68bWYV/EuiJz9jkRKBZvBi7RZfgNyX5pg=
Subject key identifier: 9D:8A:20:EA:50:3D:C9:BC:41:AA:40:7A:F9:4E:12:AF:88:A2:4A:14
Certificate issuer: /CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Certificate serial: 018CC86EF94CD677B61067AE305D5F3CEC14
Authority key identifier: BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/nYog6lA9ybxBqkB6-U4Sr4iiShQ.roa
Signing time: Tue 02 Jan 2024 04:29:25 +0000
ROA not before: Tue 02 Jan 2024 04:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8477
IP address blocks: 213.156.112.0/22 maxlen: 22
213.156.108.0/22 maxlen: 22
213.156.116.0/22 maxlen: 22
213.156.120.0/22 maxlen: 22
213.156.124.0/22 maxlen: 22
109.232.24.0/22 maxlen: 22
213.156.96.0/22 maxlen: 22
185.13.168.0/22 maxlen: 22
213.156.104.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.mft
rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 15 Nov 2024 00:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6e:f9:4c:d6:77:b6:10:67:ae:30:5d:5f:3c:ec:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Validity
Not Before: Jan 2 04:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d8a20ea503dc9bc41aa407af94e12af88a24a14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:89:e1:c7:c7:fd:c5:f9:43:81:73:b1:87:9e:
db:6b:9d:72:39:80:ee:7c:29:6a:d3:35:25:39:36:
60:90:a4:d4:b9:1b:2a:ca:5e:45:ef:ea:5d:53:ba:
7b:ca:91:91:65:1b:74:d1:c3:d5:d6:bb:4a:0b:03:
aa:28:f6:d8:7c:10:64:2b:68:0a:9f:df:a5:8d:48:
e0:96:31:63:24:36:72:dc:bc:04:c8:ff:c5:71:f5:
7f:86:f0:c7:26:c6:fc:9d:22:c4:e4:98:3e:4b:ac:
bc:c6:c3:f2:40:25:4c:0f:da:1c:bd:be:a3:ce:aa:
d2:14:76:3b:01:06:55:30:a1:c6:17:d7:be:0c:56:
a8:77:21:27:32:bb:69:5f:be:20:fa:63:95:85:74:
48:ef:da:a9:07:60:75:91:ad:7a:4f:1e:17:bb:f6:
04:94:e4:b8:c0:66:98:82:14:51:7d:6b:c7:f3:21:
79:03:49:c5:1b:44:09:3e:80:5f:f7:26:7f:49:4c:
c9:05:52:e2:90:72:c0:31:4c:1e:df:05:1b:f5:1e:
54:19:9d:55:af:83:7e:a7:43:b2:b2:5c:eb:5e:d8:
45:d2:e8:59:d4:fa:24:62:5a:af:e7:75:f2:bf:04:
bc:77:6c:a5:3f:1a:2d:fc:fc:fc:39:8c:4b:e0:ac:
6a:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:8A:20:EA:50:3D:C9:BC:41:AA:40:7A:F9:4E:12:AF:88:A2:4A:14
X509v3 Authority Key Identifier:
keyid:BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/nYog6lA9ybxBqkB6-U4Sr4iiShQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.232.24.0/22
185.13.168.0/22
213.156.96.0/22
213.156.104.0-213.156.127.255
Signature Algorithm: sha256WithRSAEncryption
44:0d:43:ca:ae:52:9d:38:8c:96:ee:e6:bb:d7:12:73:e4:92:
04:27:89:4f:29:af:a7:68:6f:5a:91:f6:08:c2:a4:cd:01:8f:
51:9e:12:22:53:55:e6:d0:97:dc:d3:bd:eb:e9:ea:15:2c:aa:
66:fe:11:7b:f6:21:e7:5a:42:2c:33:79:03:b5:72:bb:89:7f:
13:7e:0f:79:7b:9b:a9:64:08:c3:f2:0c:9d:56:9d:6a:54:ea:
c8:16:c6:81:25:d9:13:85:a3:32:f8:cc:65:5a:1a:63:ee:cb:
75:77:24:a0:f6:5f:e4:5f:5e:ad:66:bb:72:ab:e0:4a:3c:77:
fd:34:f8:03:ac:c4:a4:dd:1b:0d:13:7d:5c:43:20:e1:f4:29:
50:b9:8a:7f:9c:b5:e2:23:69:8b:40:19:f6:92:24:a1:6a:8f:
b2:b6:23:0a:20:be:34:d0:4f:fd:f1:fb:42:e3:fd:50:12:70:
86:e8:3b:ff:88:a2:26:d5:b9:fe:a5:ad:0e:3f:fc:b8:c6:26:
ab:7f:85:b9:6b:83:5e:7f:d9:32:79:09:3e:ed:a3:d3:59:a5:
2b:38:c4:64:12:2e:db:a9:9c:d3:9d:f7:d5:4a:41:8d:1b:77:
25:32:99:fa:59:4b:60:7d:f3:b4:13:2b:c7:45:9c:b2:31:23:
cd:1d:da:06
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzIbvlM1ne2EGeuMF1fPOwUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNDcwM2UwOGNhMGQ2YTMxMGNiYzY0M2ZmY2IzMDdmZjZj
ZGM2NWMwHhcNMjQwMTAyMDQyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDhhMjBlYTUwM2RjOWJjNDFhYTQwN2FmOTRlMTJhZjg4YTI0YTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhInhx8f9xflDgXOxh57ba51yOYDu
fClq0zUlOTZgkKTUuRsqyl5F7+pdU7p7ypGRZRt00cPV1rtKCwOqKPbYfBBkK2gK
n9+ljUjgljFjJDZy3LwEyP/FcfV/hvDHJsb8nSLE5Jg+S6y8xsPyQCVMD9ocvb6j
zqrSFHY7AQZVMKHGF9e+DFaodyEnMrtpX74g+mOVhXRI79qpB2B1ka16Tx4Xu/YE
lOS4wGaYghRRfWvH8yF5A0nFG0QJPoBf9yZ/SUzJBVLikHLAMUwe3wUb9R5UGZ1V
r4N+p0OyslzrXthF0uhZ1PokYlqv53XyvwS8d2ylPxot/Pz8OYxL4KxqtwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJ2KIOpQPcm8QapAevlOEq+IokoUMB8GA1UdIwQY
MBaAFLxHA+CMoNajEMvGQ//LMH/2zcZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTct
NjZlZGEyMjhmZWM3LzEvbllvZzZsQTl5YnhCcWtCNi1VNFNyNGlpU2hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTctNjZlZGEyMjhmZWM3
LzEvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCbegYAwQC
uQ2oAwQC1ZxgMAwDBAPVnGgDBAfVnAAwDQYJKoZIhvcNAQELBQADggEBAEQNQ8qu
Up04jJbu5rvXEnPkkgQniU8pr6dob1qR9gjCpM0Bj1GeEiJTVebQl9zTvevp6hUs
qmb+EXv2IedaQiwzeQO1cruJfxN+D3l7m6lkCMPyDJ1WnWpU6sgWxoEl2ROFozL4
zGVaGmPuy3V3JKD2X+RfXq1mu3Kr4Eo8d/00+AOsxKTdGw0TfVxDIOH0KVC5in+c
teIjaYtAGfaSJKFqj7K2IwogvjTQT/3x+0Lj/VAScIboO/+IoibVuf6lrQ4//LjG
Jqt/hblrg15/2TJ5CT7to9NZpSs4xGQSLtupnNOd99VKQY0bdyUymfpZS2B987QT
K8dFnLIxI80d2gY=
-----END CERTIFICATE-----
Generated at Thu Nov 14 03:41:37 2024 by rpki-client on console-fra.rpki-client.org