Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/m9jQYJ_peXw4tQy4cz0Ttcy6Wmo.roa
File: m9jQYJ_peXw4tQy4cz0Ttcy6Wmo.roa (raw, json)
Hash identifier: tGLM4V0qABUmPOmQgwMiTSgG4GnJAY7CnsOSAPOIH6o=
Subject key identifier: 9B:D8:D0:60:9F:E9:79:7C:38:B5:0C:B8:73:3D:13:B5:CC:BA:5A:6A
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0190BF78AB3CA4F6774B4AAE1C9E99556085
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/m9jQYJ_peXw4tQy4cz0Ttcy6Wmo.roa
Signing time: Wed 17 Jul 2024 06:54:34 +0000
ROA not before: Wed 17 Jul 2024 06:54:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204770
IP address blocks: 84.32.32.0/24 maxlen: 24
84.32.34.0/24 maxlen: 24
84.32.71.0/24 maxlen: 24
84.32.128.0/22 maxlen: 32
84.32.220.0/24 maxlen: 24
88.216.39.0/24 maxlen: 24
88.216.198.0/24 maxlen: 24
88.216.210.0/24 maxlen: 24
88.216.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bf:78:ab:3c:a4:f6:77:4b:4a:ae:1c:9e:99:55:60:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jul 17 06:54:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9bd8d0609fe9797c38b50cb8733d13b5ccba5a6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a5:44:db:33:c2:c6:23:ef:30:fa:dd:db:5b:
66:33:68:02:78:74:13:01:31:87:6c:4a:28:4b:84:
c2:33:81:1a:16:19:4b:e3:42:f7:1b:58:95:00:d9:
9b:66:15:13:b3:f3:b4:4c:0a:1d:3b:17:5f:62:72:
c9:d2:ad:88:75:e9:18:5e:5c:82:f8:54:8f:1e:2e:
fa:e1:73:58:c9:9b:4d:87:d9:86:78:69:6f:49:19:
72:73:ed:b4:20:57:85:14:8f:b2:fd:dc:fc:9a:34:
4d:87:71:4c:17:11:a9:e8:21:62:7a:b8:06:2a:a0:
db:75:63:42:dd:c5:fe:51:b9:3f:70:08:72:a9:e2:
89:d6:bf:16:ad:ab:d4:54:6c:9f:19:39:33:02:f3:
1b:36:b4:a0:bc:89:b3:8d:4e:88:a9:9f:50:77:da:
ff:ed:a8:c8:ef:c3:c9:8c:62:c9:b6:ae:51:9a:c2:
6d:0e:2a:22:60:5b:a2:48:0d:fc:7a:c9:36:01:a9:
f6:c8:49:db:c3:b0:77:53:f1:7e:ab:84:a3:cb:ae:
be:e2:76:64:bf:6b:14:d2:83:dc:ba:ab:3c:85:3e:
04:c0:98:fb:a4:32:a1:7f:fc:38:27:fb:60:46:de:
49:b3:55:e0:93:ac:63:a5:97:81:f7:6d:14:f1:d9:
e5:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:D8:D0:60:9F:E9:79:7C:38:B5:0C:B8:73:3D:13:B5:CC:BA:5A:6A
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/m9jQYJ_peXw4tQy4cz0Ttcy6Wmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.32.0/24
84.32.34.0/24
84.32.71.0/24
84.32.128.0/22
84.32.220.0/24
88.216.39.0/24
88.216.198.0/24
88.216.210.0/24
88.216.222.0/24
Signature Algorithm: sha256WithRSAEncryption
01:97:d6:48:9a:1d:d1:bf:e2:c2:b8:f6:dd:58:8b:c5:93:87:
10:c6:4a:f4:d6:bf:e3:ed:c4:ad:d2:39:9b:9f:83:63:c2:06:
ad:0a:34:63:16:f9:19:35:d6:45:7c:5b:63:af:5e:0c:84:8e:
35:21:6a:c5:cd:20:09:27:a6:b7:e1:a8:5b:45:02:e6:5c:19:
82:93:e8:d5:82:4e:5d:9e:ee:9c:66:1a:bc:ce:58:9c:21:00:
4b:d8:6a:17:21:c9:7d:39:9d:2b:06:09:4f:d5:fd:c9:c6:1d:
72:03:c3:6a:ce:db:15:25:2b:0f:27:fc:77:d8:a4:f4:aa:bb:
eb:1b:79:d3:63:b8:c8:50:e2:b1:19:db:81:76:8a:17:bf:8c:
43:25:e4:6e:0b:45:f8:4a:72:53:63:ac:83:99:7a:43:e5:4e:
28:25:12:dd:00:c0:30:e0:a2:d8:b2:e5:ab:71:41:75:73:a9:
44:10:88:ea:47:20:83:20:f8:3f:c2:e2:52:2e:b7:6b:05:52:
70:e9:e3:cc:bf:74:9f:29:ed:43:fe:a2:01:5a:8d:55:72:87:
c1:4b:32:e4:4d:ac:b2:cf:4e:2d:5a:05:f3:aa:a3:fc:99:10:
66:ac:a1:82:19:de:b6:bb:7a:bc:32:df:4b:14:51:df:d5:b2:
48:3a:d7:a6
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZC/eKs8pPZ3S0quHJ6ZVWCFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwNzE3MDY1NDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmQ4ZDA2MDlmZTk3OTdjMzhiNTBjYjg3MzNkMTNiNWNjYmE1YTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmaVE2zPCxiPvMPrd21tmM2gCeHQT
ATGHbEooS4TCM4EaFhlL40L3G1iVANmbZhUTs/O0TAodOxdfYnLJ0q2IdekYXlyC
+FSPHi764XNYyZtNh9mGeGlvSRlyc+20IFeFFI+y/dz8mjRNh3FMFxGp6CFiergG
KqDbdWNC3cX+Ubk/cAhyqeKJ1r8WravUVGyfGTkzAvMbNrSgvImzjU6IqZ9Qd9r/
7ajI78PJjGLJtq5RmsJtDioiYFuiSA38esk2Aan2yEnbw7B3U/F+q4Sjy66+4nZk
v2sU0oPcuqs8hT4EwJj7pDKhf/w4J/tgRt5Js1Xgk6xjpZeB920U8dnl7QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFJvY0GCf6Xl8OLUMuHM9E7XMulpqMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvbTlqUVlKX3BlWHc0dFF5NGN6MFR0Y3k2V21vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAVCAgAwQA
VCAiAwQAVCBHAwQCVCCAAwQAVCDcAwQAWNgnAwQAWNjGAwQAWNjSAwQAWNjeMA0G
CSqGSIb3DQEBCwUAA4IBAQABl9ZImh3Rv+LCuPbdWIvFk4cQxkr01r/j7cSt0jmb
n4NjwgatCjRjFvkZNdZFfFtjr14MhI41IWrFzSAJJ6a34ahbRQLmXBmCk+jVgk5d
nu6cZhq8zlicIQBL2GoXIcl9OZ0rBglP1f3Jxh1yA8NqztsVJSsPJ/x32KT0qrvr
G3nTY7jIUOKxGduBdooXv4xDJeRuC0X4SnJTY6yDmXpD5U4oJRLdAMAw4KLYsuWr
cUF1c6lEEIjqRyCDIPg/wuJSLrdrBVJw6ePMv3SfKe1D/qIBWo1VcofBSzLkTayy
z04tWgXzqqP8mRBmrKGCGd62u3q8Mt9LFFHf1bJIOtem
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:45:08 2024 by rpki-client on console-fra.rpki-client.org