Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/n0ayEBBCIwGKssHMqtkY5I1ghqQ.roa
File: n0ayEBBCIwGKssHMqtkY5I1ghqQ.roa (raw, json)
Hash identifier: 1V87bteT+eyMx9O3z82Rsdu/wEnFn+t962+ha2/4Skw=
Subject key identifier: 9F:46:B2:10:10:42:23:01:8A:B2:C1:CC:AA:D9:18:E4:8D:60:86:A4
Certificate issuer: /CN=90d753a2547e03a4b0d2f91c70e9ce4e44680418
Certificate serial: 018CC2DB22B0AB3673D42F67708BBADB56B6
Authority key identifier: 90:D7:53:A2:54:7E:03:A4:B0:D2:F9:1C:70:E9:CE:4E:44:68:04:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kNdTolR-A6Sw0vkccOnOTkRoBBg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/n0ayEBBCIwGKssHMqtkY5I1ghqQ.roa
Signing time: Mon 01 Jan 2024 02:29:50 +0000
ROA not before: Mon 01 Jan 2024 02:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35224
IP address blocks: 94.231.240.0/24 maxlen: 24
94.231.244.0/22 maxlen: 22
94.231.242.0/23 maxlen: 23
94.231.241.0/24 maxlen: 24
94.231.249.0/24 maxlen: 24
94.231.248.0/24 maxlen: 24
94.231.250.0/24 maxlen: 24
94.231.252.0/24 maxlen: 24
94.231.251.0/24 maxlen: 24
94.231.253.0/24 maxlen: 24
185.9.253.0/24 maxlen: 24
185.9.252.0/24 maxlen: 24
185.9.255.0/24 maxlen: 24
185.9.254.0/24 maxlen: 24
94.231.254.0/24 maxlen: 24
94.231.255.0/24 maxlen: 24
193.239.92.0/22 maxlen: 22
92.118.0.0/22 maxlen: 22
45.150.0.0/22 maxlen: 22
195.222.116.0/22 maxlen: 22
91.189.96.0/24 maxlen: 24
91.189.98.0/24 maxlen: 24
91.189.97.0/24 maxlen: 24
91.189.100.0/24 maxlen: 24
91.189.99.0/24 maxlen: 24
91.189.102.0/24 maxlen: 24
91.189.101.0/24 maxlen: 24
91.189.103.0/24 maxlen: 24
193.239.186.0/23 maxlen: 23
45.66.76.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/kNdTolR-A6Sw0vkccOnOTkRoBBg.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/kNdTolR-A6Sw0vkccOnOTkRoBBg.mft
rsync://rpki.ripe.net/repository/DEFAULT/kNdTolR-A6Sw0vkccOnOTkRoBBg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:22:b0:ab:36:73:d4:2f:67:70:8b:ba:db:56:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90d753a2547e03a4b0d2f91c70e9ce4e44680418
Validity
Not Before: Jan 1 02:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f46b210104223018ab2c1ccaad918e48d6086a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d8:cd:33:6f:8c:38:b4:76:72:5a:26:19:96:
9d:f5:c4:0e:a4:c3:76:48:6f:42:7f:2c:a0:a5:de:
f3:0d:14:30:a1:92:2d:2c:f4:e7:44:dd:39:bf:ba:
24:6e:cf:5b:f4:9f:99:4d:89:c3:da:15:c4:13:36:
7a:a9:c8:78:9f:e7:8a:62:4d:6f:1e:ba:9b:1e:50:
e4:07:f0:07:6b:e6:c7:08:74:bd:86:02:b9:45:aa:
44:59:e4:96:c6:1a:ba:e8:63:f2:75:e4:e2:ff:ef:
7f:c4:dd:ad:b4:5a:a0:50:ee:17:26:cf:91:2a:18:
df:61:ea:e3:d6:12:ee:2f:bf:b3:3d:e0:88:e1:f6:
9c:3a:07:0a:30:57:bf:3a:e7:15:84:6c:78:b5:54:
f8:40:e4:57:53:26:d9:d5:07:c7:e9:dd:45:6b:d5:
d3:2f:0f:e3:6d:ce:e5:0f:75:dd:79:d4:ea:7b:3f:
11:14:d0:5e:1d:25:bd:b3:7a:67:da:1d:60:7b:49:
43:68:20:6c:14:5c:9a:fc:82:44:16:72:9a:e7:fe:
89:c4:6d:0c:57:50:88:aa:aa:e6:b1:9d:cd:70:47:
e6:36:4b:d3:0d:05:9d:2f:c4:9b:d9:eb:55:66:55:
a7:97:27:59:dc:5a:7e:b1:15:8a:b9:2a:40:f9:68:
86:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:46:B2:10:10:42:23:01:8A:B2:C1:CC:AA:D9:18:E4:8D:60:86:A4
X509v3 Authority Key Identifier:
keyid:90:D7:53:A2:54:7E:03:A4:B0:D2:F9:1C:70:E9:CE:4E:44:68:04:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kNdTolR-A6Sw0vkccOnOTkRoBBg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/n0ayEBBCIwGKssHMqtkY5I1ghqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/kNdTolR-A6Sw0vkccOnOTkRoBBg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.76.0/22
45.150.0.0/22
91.189.96.0/21
92.118.0.0/22
94.231.240.0/20
185.9.252.0/22
193.239.92.0/22
193.239.186.0/23
195.222.116.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:5e:dd:a6:54:f4:d4:af:af:63:9f:92:13:53:32:e3:54:fd:
eb:dc:3d:9c:f9:6b:2b:b2:40:48:f8:93:9a:d3:96:0e:be:63:
9e:b7:8a:0c:95:57:6c:09:04:ca:23:12:40:48:61:ec:cd:e8:
a8:f8:32:bb:c2:6f:4f:43:14:39:b2:8a:9e:84:2e:e1:78:b0:
25:9a:2d:9e:12:05:9d:f8:a0:c1:f3:86:4e:e3:1b:56:85:d1:
86:5c:87:68:41:6c:30:44:03:61:c9:b1:eb:6c:2c:69:6c:87:
51:2e:8a:09:52:16:0e:69:b5:c1:f8:6b:60:f2:15:9e:dd:d8:
aa:17:0c:5a:c9:4f:1f:e2:ba:79:cb:ad:87:9a:28:dd:b3:cc:
77:aa:27:d4:67:80:25:06:66:4e:86:90:3f:85:be:7c:a7:dc:
44:88:ff:38:e7:d4:a6:fd:29:41:8f:e7:e4:37:97:26:54:b2:
19:15:99:ed:12:b8:d2:f5:a1:20:ef:8a:64:9f:fa:cd:07:7a:
61:12:2c:f4:04:95:cc:ee:62:61:d2:e9:c3:b4:fc:66:17:05:
b6:44:48:35:96:ef:a0:1e:e1:88:59:57:c3:6a:2a:c5:4b:f7:
a7:d8:99:36:7c:88:5f:1a:32:a6:95:e1:d9:2b:9a:e0:ed:0b:
ae:d0:f1:a5
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYzC2yKwqzZz1C9ncIu621a2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZDc1M2EyNTQ3ZTAzYTRiMGQyZjkxYzcwZTljZTRlNDQ2
ODA0MTgwHhcNMjQwMTAxMDIyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjQ2YjIxMDEwNDIyMzAxOGFiMmMxY2NhYWQ5MThlNDhkNjA4NmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNjNM2+MOLR2clomGZad9cQOpMN2
SG9Cfyygpd7zDRQwoZItLPTnRN05v7okbs9b9J+ZTYnD2hXEEzZ6qch4n+eKYk1v
HrqbHlDkB/AHa+bHCHS9hgK5RapEWeSWxhq66GPydeTi/+9/xN2ttFqgUO4XJs+R
KhjfYerj1hLuL7+zPeCI4facOgcKMFe/OucVhGx4tVT4QORXUybZ1QfH6d1Fa9XT
Lw/jbc7lD3XdedTqez8RFNBeHSW9s3pn2h1ge0lDaCBsFFya/IJEFnKa5/6JxG0M
V1CIqqrmsZ3NcEfmNkvTDQWdL8Sb2etVZlWnlydZ3Fp+sRWKuSpA+WiG3QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFJ9GshAQQiMBirLBzKrZGOSNYIakMB8GA1UdIwQY
MBaAFJDXU6JUfgOksNL5HHDpzk5EaAQYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva05kVG9sUi1BNlN3MHZrY2NPbk9Ua1JvQkJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9jYzkwOTktNzEwMS00NzJlLWFlZmMt
NWViNjZiY2UzMThkLzEvbjBheUVCQkNJd0dLc3NITXF0a1k1STFnaHFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9jYzkwOTktNzEwMS00NzJlLWFlZmMtNWViNjZiY2UzMThk
LzEva05kVG9sUi1BNlN3MHZrY2NPbk9Ua1JvQkJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCLUJMAwQC
LZYAAwQDW71gAwQCXHYAAwQEXufwAwQCuQn8AwQCwe9cAwQBwe+6AwQCw950MA0G
CSqGSIb3DQEBCwUAA4IBAQBsXt2mVPTUr69jn5ITUzLjVP3r3D2c+WsrskBI+JOa
05YOvmOet4oMlVdsCQTKIxJASGHszeio+DK7wm9PQxQ5soqehC7heLAlmi2eEgWd
+KDB84ZO4xtWhdGGXIdoQWwwRANhybHrbCxpbIdRLooJUhYOabXB+Gtg8hWe3diq
FwxayU8f4rp5y62Hmijds8x3qifUZ4AlBmZOhpA/hb58p9xEiP8459Sm/SlBj+fk
N5cmVLIZFZntErjS9aEg74pkn/rNB3phEiz0BJXM7mJh0unDtPxmFwW2REg1lu+g
HuGIWVfDairFS/en2Jk2fIhfGjKmleHZK5rg7Quu0PGl
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:48:30 2024 by rpki-client on console-fra.rpki-client.org