Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/c80d48-830c-4cc3-ae52-e6812dab6999/1/nB0iBqYfvmx35lQqWdPD-o6S2yY.roa
File: nB0iBqYfvmx35lQqWdPD-o6S2yY.roa (raw, json)
Hash identifier: syq6jubpksgiySEaUrD3G8DUUYR6uNCG0uV3raGwU/k=
Subject key identifier: 9C:1D:22:06:A6:1F:BE:6C:77:E6:54:2A:59:D3:C3:FA:8E:92:DB:26
Certificate issuer: /CN=e43baafc64b33e43db78dc7aed605ef70406d9af
Certificate serial: 018CC49357E483245E357DE92D1074243620
Authority key identifier: E4:3B:AA:FC:64:B3:3E:43:DB:78:DC:7A:ED:60:5E:F7:04:06:D9:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Duq_GSzPkPbeNx67WBe9wQG2a8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/c80d48-830c-4cc3-ae52-e6812dab6999/1/nB0iBqYfvmx35lQqWdPD-o6S2yY.roa
Signing time: Mon 01 Jan 2024 10:30:39 +0000
ROA not before: Mon 01 Jan 2024 10:30:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3209
IP address blocks: 83.169.128.0/18 maxlen: 18
185.19.196.0/22 maxlen: 22
90.187.0.0/16 maxlen: 16
31.16.0.0/14 maxlen: 24
188.192.0.0/14 maxlen: 24
91.64.0.0/14 maxlen: 14
24.134.0.0/16 maxlen: 16
88.134.0.0/16 maxlen: 24
146.52.0.0/16 maxlen: 24
109.84.0.0/15 maxlen: 15
37.4.0.0/15 maxlen: 23
109.47.0.0/16 maxlen: 16
77.20.0.0/14 maxlen: 24
77.24.0.0/16 maxlen: 16
178.24.0.0/14 maxlen: 24
95.88.0.0/14 maxlen: 24
77.25.0.0/17 maxlen: 23
2a02:8100::/27 maxlen: 27
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/c80d48-830c-4cc3-ae52-e6812dab6999/1/5Duq_GSzPkPbeNx67WBe9wQG2a8.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/c80d48-830c-4cc3-ae52-e6812dab6999/1/5Duq_GSzPkPbeNx67WBe9wQG2a8.mft
rsync://rpki.ripe.net/repository/DEFAULT/5Duq_GSzPkPbeNx67WBe9wQG2a8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:57:e4:83:24:5e:35:7d:e9:2d:10:74:24:36:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e43baafc64b33e43db78dc7aed605ef70406d9af
Validity
Not Before: Jan 1 10:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c1d2206a61fbe6c77e6542a59d3c3fa8e92db26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:33:75:90:44:9a:4d:e2:62:62:1d:7b:15:b7:
b7:26:11:ec:59:4e:07:8b:7b:81:f9:e2:b8:c5:00:
5b:13:d8:d7:76:38:1a:dd:d8:84:70:55:86:25:36:
b0:d4:c0:44:1b:58:cb:64:56:c0:f3:0c:75:ad:1d:
fc:79:9d:8f:2f:2a:ba:b2:9a:45:a2:12:10:2a:0f:
45:13:f5:c3:77:49:a9:d7:7b:d4:47:31:25:4a:bc:
17:ca:8b:e8:ed:12:4f:26:db:49:56:bf:80:b3:2f:
8e:d5:64:63:47:c8:84:93:75:f8:0e:09:1c:92:b2:
fc:0b:9c:13:55:f8:88:b2:ee:c5:d1:67:73:32:6d:
0c:53:32:1e:20:36:75:8b:e5:13:47:53:63:47:08:
d6:08:91:55:86:e3:56:2d:02:52:ab:c8:d1:06:d6:
d7:82:b8:32:23:9c:86:eb:f3:26:0d:98:a1:eb:fd:
8e:48:3e:45:6e:95:a0:64:a4:46:ad:b8:0f:87:73:
2e:d7:10:d1:ee:8f:74:93:ec:1e:27:9e:3a:a0:19:
7f:89:a6:cd:cf:9c:2e:90:83:f8:19:2c:79:15:47:
c1:e5:95:fa:41:31:09:e8:f3:b8:38:5d:3b:9d:20:
ad:0f:e7:85:40:b7:05:56:eb:a8:bb:4e:e0:33:95:
a1:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:1D:22:06:A6:1F:BE:6C:77:E6:54:2A:59:D3:C3:FA:8E:92:DB:26
X509v3 Authority Key Identifier:
keyid:E4:3B:AA:FC:64:B3:3E:43:DB:78:DC:7A:ED:60:5E:F7:04:06:D9:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Duq_GSzPkPbeNx67WBe9wQG2a8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c80d48-830c-4cc3-ae52-e6812dab6999/1/nB0iBqYfvmx35lQqWdPD-o6S2yY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c80d48-830c-4cc3-ae52-e6812dab6999/1/5Duq_GSzPkPbeNx67WBe9wQG2a8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
24.134.0.0/16
31.16.0.0/14
37.4.0.0/15
77.20.0.0-77.25.127.255
83.169.128.0/18
88.134.0.0/16
90.187.0.0/16
91.64.0.0/14
95.88.0.0/14
109.47.0.0/16
109.84.0.0/15
146.52.0.0/16
178.24.0.0/14
185.19.196.0/22
188.192.0.0/14
IPv6:
2a02:8100::/27
Signature Algorithm: sha256WithRSAEncryption
93:ae:20:f4:14:98:e0:d9:d6:49:a3:a7:02:a6:ec:b9:10:0b:
70:b7:a0:ba:ee:2f:0d:d7:68:e8:fe:98:08:d3:94:e4:bf:43:
f6:b4:35:6a:d0:b6:15:59:3b:51:98:91:27:90:b2:9b:ed:6d:
77:37:d0:52:07:0f:70:e2:c6:6f:7c:ca:a7:4e:58:d9:7a:d1:
1c:8c:ec:e4:bf:9b:1c:88:1d:68:19:3a:f1:b6:4d:e4:96:13:
2e:30:47:b6:f2:c1:c7:24:b3:86:13:b6:fe:e0:fe:f8:e4:a3:
de:ef:1a:11:7e:79:6b:04:83:ab:2b:60:20:5f:0e:83:09:be:
5c:e6:84:02:40:d4:9b:52:a4:c6:53:1d:87:4e:76:b0:7c:3b:
a8:1f:57:0f:7e:a8:7e:22:25:3b:7e:ec:ba:af:6c:9e:e3:3b:
d7:77:a4:5d:03:ce:87:15:75:15:aa:48:40:72:6d:f6:66:1c:
5a:e2:ae:a1:12:7a:15:f4:ca:1c:39:03:03:79:82:43:7d:6f:
e4:32:67:a5:63:0f:b9:90:b2:e0:9a:5e:a6:cd:7f:74:3e:d3:
93:bc:43:90:df:54:b0:23:80:00:98:0a:6d:d5:a4:1e:5f:2c:
19:52:fc:ca:55:ea:01:99:2f:aa:75:24:92:be:bc:60:9d:c7:
d4:e7:de:76
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAYzEk1fkgyReNX3pLRB0JDYgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0M2JhYWZjNjRiMzNlNDNkYjc4ZGM3YWVkNjA1ZWY3MDQw
NmQ5YWYwHhcNMjQwMTAxMTAzMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzFkMjIwNmE2MWZiZTZjNzdlNjU0MmE1OWQzYzNmYThlOTJkYjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzN1kESaTeJiYh17Fbe3JhHsWU4H
i3uB+eK4xQBbE9jXdjga3diEcFWGJTaw1MBEG1jLZFbA8wx1rR38eZ2PLyq6sppF
ohIQKg9FE/XDd0mp13vURzElSrwXyovo7RJPJttJVr+Asy+O1WRjR8iEk3X4Dgkc
krL8C5wTVfiIsu7F0WdzMm0MUzIeIDZ1i+UTR1NjRwjWCJFVhuNWLQJSq8jRBtbX
grgyI5yG6/MmDZih6/2OSD5FbpWgZKRGrbgPh3Mu1xDR7o90k+weJ546oBl/iabN
z5wukIP4GSx5FUfB5ZX6QTEJ6PO4OF07nSCtD+eFQLcFVuuou07gM5Wh6QIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFJwdIgamH75sd+ZUKlnTw/qOktsmMB8GA1UdIwQY
MBaAFOQ7qvxksz5D23jceu1gXvcEBtmvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUR1cV9HU3pQa1BiZU54NjdXQmU5d1FHMmE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9jODBkNDgtODMwYy00Y2MzLWFlNTIt
ZTY4MTJkYWI2OTk5LzEvbkIwaUJxWWZ2bXgzNWxRcVdkUEQtbzZTMnlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9jODBkNDgtODMwYy00Y2MzLWFlNTItZTY4MTJkYWI2OTk5
LzEvNUR1cV9HU3pQa1BiZU54NjdXQmU5d1FHMmE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBbBAIAATBVAwMAGIYDAwIf
EAMDASUEMAsDAwJNFAMEB00ZAAMEBlOpgAMDAFiGAwMAWrsDAwJbQAMDAl9YAwMA
bS8DAwFtVAMDAJI0AwMCshgDBAK5E8QDAwK8wDANBAIAAjAHAwUFKgKBADANBgkq
hkiG9w0BAQsFAAOCAQEAk64g9BSY4NnWSaOnAqbsuRALcLeguu4vDddo6P6YCNOU
5L9D9rQ1atC2FVk7UZiRJ5Cym+1tdzfQUgcPcOLGb3zKp05Y2XrRHIzs5L+bHIgd
aBk68bZN5JYTLjBHtvLBxySzhhO2/uD++OSj3u8aEX55awSDqytgIF8Ogwm+XOaE
AkDUm1KkxlMdh052sHw7qB9XD36ofiIlO37suq9snuM713ekXQPOhxV1FapIQHJt
9mYcWuKuoRJ6FfTKHDkDA3mCQ31v5DJnpWMPuZCy4Jpeps1/dD7Tk7xDkN9UsCOA
AJgKbdWkHl8sGVL8ylXqAZkvqnUkkr68YJ3H1Ofedg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:04:15 2024 by rpki-client on console-ams.rpki-client.org