Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/C9Vejok0B-rSCAZxvy-0BP5uHx8.roa
File: C9Vejok0B-rSCAZxvy-0BP5uHx8.roa (raw, json)
Hash identifier: 8R7WVJ4thUhY+WpISdxZy5zrgvpUKIW3PlsFRAPwpuM=
Subject key identifier: 0B:D5:5E:8E:89:34:07:EA:D2:08:06:71:BF:2F:B4:04:FE:6E:1F:1F
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 018CC94DB5A2B32D1CF82768A1E7B1A43B10
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/C9Vejok0B-rSCAZxvy-0BP5uHx8.roa
Signing time: Tue 02 Jan 2024 08:32:42 +0000
ROA not before: Tue 02 Jan 2024 08:32:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203600
IP address blocks: 178.156.106.0/24 maxlen: 24
178.156.24.0/24 maxlen: 24
5.154.114.0/24 maxlen: 24
37.230.86.0/24 maxlen: 24
84.236.191.0/24 maxlen: 24
84.236.200.0/22 maxlen: 22
84.236.202.0/24 maxlen: 24
84.236.200.0/23 maxlen: 23
84.236.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:b5:a2:b3:2d:1c:f8:27:68:a1:e7:b1:a4:3b:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 08:32:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0bd55e8e893407ead2080671bf2fb404fe6e1f1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b0:ac:86:87:41:56:67:7c:0a:4d:f9:7d:62:
48:bf:b5:6c:40:55:cd:9a:8c:c9:57:d6:94:a0:27:
37:07:03:a0:5c:a9:ac:a1:17:81:7f:ff:76:c3:e0:
b1:a5:88:67:c8:28:27:f9:43:8c:4b:59:1e:09:ea:
fe:75:32:15:72:c4:c2:03:e4:d4:96:91:40:fc:fe:
50:22:56:22:07:77:65:42:d1:82:19:6c:ab:39:35:
7a:5c:25:a3:ca:d9:85:97:ad:be:da:61:4f:c8:1a:
87:4b:49:a6:9e:4e:52:bf:68:84:07:e3:06:da:79:
17:c4:1b:4d:3d:ef:73:9f:93:cc:0b:97:d5:f9:34:
e2:b8:57:7b:a6:de:d7:4b:16:14:54:c4:ff:f0:f4:
31:e6:cf:15:1e:90:04:de:3e:00:11:9a:b2:f6:5d:
c2:80:a4:c7:4f:ac:1b:e9:68:e9:3b:3e:65:78:66:
20:85:6b:15:23:16:be:4f:f4:b5:1a:f7:0a:b0:cb:
07:9e:df:74:19:8a:05:fe:07:75:d9:03:0f:63:db:
bc:f8:e7:13:9d:d7:22:ee:37:6f:3c:72:b6:87:df:
70:93:6f:13:55:fa:de:93:13:cc:c6:e8:86:e7:6e:
8e:e8:39:a5:ce:67:aa:05:ef:2c:7e:b2:4c:d1:2d:
d6:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:D5:5E:8E:89:34:07:EA:D2:08:06:71:BF:2F:B4:04:FE:6E:1F:1F
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/C9Vejok0B-rSCAZxvy-0BP5uHx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.114.0/24
37.230.86.0/24
84.236.191.0/24
84.236.200.0/22
178.156.24.0/24
178.156.106.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:ca:1a:e4:9d:3d:0d:02:d6:d9:27:1d:bf:ae:bc:5f:ab:a4:
a9:b2:77:8c:59:cb:63:4e:49:e9:a0:f1:d8:b1:5f:21:f2:21:
f2:2f:59:3c:fa:f7:5a:49:b0:98:a6:4c:92:c1:97:1f:19:b8:
b1:99:9f:b9:26:d0:9a:45:c7:32:50:b7:bb:30:4a:11:60:df:
65:1f:1e:83:e6:bf:c9:c4:50:de:45:a6:09:a7:bd:ae:43:2a:
68:f1:c9:b3:d2:df:90:ce:e7:15:18:66:cb:45:27:b9:2d:8a:
e4:67:33:64:f5:d5:c2:db:aa:52:0e:85:fd:54:ed:4e:81:85:
e7:5d:6e:46:20:5f:96:64:7a:50:5a:34:f2:da:b7:89:16:dc:
ad:9b:bc:93:b3:57:8e:d4:18:2d:7e:63:d2:1a:af:4a:2b:a6:
2a:21:a9:6f:cc:62:e8:06:3e:2d:81:cd:bb:ec:ca:36:07:4d:
66:70:ed:d6:8f:d0:3c:1b:d3:2f:03:d1:26:5f:33:3f:21:e9:
bd:d5:22:06:f6:72:16:c8:c3:e8:ee:30:a7:90:07:4c:14:70:
40:2d:e3:38:10:6d:d7:74:1a:8e:f5:f2:bf:aa:65:a2:6c:50:
57:80:50:f1:b4:26:d2:db:01:c9:73:8b:c4:1a:cc:4a:61:14:
ae:5d:64:d7
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzJTbWisy0c+CdooeexpDsQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjQwMTAyMDgzMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmQ1NWU4ZTg5MzQwN2VhZDIwODA2NzFiZjJmYjQwNGZlNmUxZjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0bCshodBVmd8Ck35fWJIv7VsQFXN
mozJV9aUoCc3BwOgXKmsoReBf/92w+CxpYhnyCgn+UOMS1keCer+dTIVcsTCA+TU
lpFA/P5QIlYiB3dlQtGCGWyrOTV6XCWjytmFl62+2mFPyBqHS0mmnk5Sv2iEB+MG
2nkXxBtNPe9zn5PMC5fV+TTiuFd7pt7XSxYUVMT/8PQx5s8VHpAE3j4AEZqy9l3C
gKTHT6wb6WjpOz5leGYghWsVIxa+T/S1GvcKsMsHnt90GYoF/gd12QMPY9u8+OcT
ndci7jdvPHK2h99wk28TVfrekxPMxuiG526O6DmlzmeqBe8sfrJM0S3WEQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAvVXo6JNAfq0ggGcb8vtAT+bh8fMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvQzlWZWpvazBCLXJTQ0FaeHZ5LTBCUDV1SHg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABZpyAwQA
JeZWAwQAVOy/AwQCVOzIAwQAspwYAwQAspxqMA0GCSqGSIb3DQEBCwUAA4IBAQCm
yhrknT0NAtbZJx2/rrxfq6SpsneMWctjTknpoPHYsV8h8iHyL1k8+vdaSbCYpkyS
wZcfGbixmZ+5JtCaRccyULe7MEoRYN9lHx6D5r/JxFDeRaYJp72uQypo8cmz0t+Q
zucVGGbLRSe5LYrkZzNk9dXC26pSDoX9VO1OgYXnXW5GIF+WZHpQWjTy2reJFtyt
m7yTs1eO1BgtfmPSGq9KK6YqIalvzGLoBj4tgc277Mo2B01mcO3Wj9A8G9MvA9Em
XzM/Iem91SIG9nIWyMPo7jCnkAdMFHBALeM4EG3XdBqO9fK/qmWibFBXgFDxtCbS
2wHJc4vEGsxKYRSuXWTX
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:56:52 2024 by rpki-client on console-fra.rpki-client.org