Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/9Z4Z0hq8md_LXynYxL1MUZ_T4jU.roa
File: 9Z4Z0hq8md_LXynYxL1MUZ_T4jU.roa (raw, json)
Hash identifier: C47HDZ3V1V8mrPbuALVEjRSsuTcqL66mqazS4wPXb+g=
Subject key identifier: F5:9E:19:D2:1A:BC:99:DF:CB:5F:29:D8:C4:BD:4C:51:9F:D3:E2:35
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 018CC8DF88FC46F2E437043D215D96B3E2AE
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/9Z4Z0hq8md_LXynYxL1MUZ_T4jU.roa
Signing time: Tue 02 Jan 2024 06:32:21 +0000
ROA not before: Tue 02 Jan 2024 06:32:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206375
IP address blocks: 188.132.132.0/24 maxlen: 24
188.132.139.0/24 maxlen: 24
188.132.138.0/24 maxlen: 24
188.132.136.0/24 maxlen: 24
188.132.137.0/24 maxlen: 24
188.132.133.0/24 maxlen: 24
188.132.145.0/24 maxlen: 24
188.132.143.0/24 maxlen: 24
188.132.144.0/24 maxlen: 24
188.132.140.0/24 maxlen: 24
78.135.94.0/24 maxlen: 24
78.135.95.0/24 maxlen: 24
188.132.247.0/24 maxlen: 24
188.132.248.0/24 maxlen: 24
188.132.162.0/24 maxlen: 24
78.135.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:88:fc:46:f2:e4:37:04:3d:21:5d:96:b3:e2:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jan 2 06:32:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f59e19d21abc99dfcb5f29d8c4bd4c519fd3e235
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:1d:97:3b:61:f2:41:80:cc:24:90:d7:7b:7f:
ec:da:3e:10:d8:8a:87:ae:73:ab:a3:3d:af:b7:72:
96:21:43:6d:11:f5:d6:ec:c6:ad:a9:26:e0:74:84:
af:67:f3:bd:a6:89:bd:50:bc:51:25:a6:e6:d8:dc:
c3:33:22:f7:41:22:02:d8:d3:61:65:a9:53:1f:46:
8c:70:ba:80:b4:6d:c1:ad:31:1f:e8:10:f4:fc:d5:
dd:5e:29:e3:ce:6b:2b:8c:e4:3e:91:c5:c1:61:19:
d6:df:59:cb:6f:58:a2:fd:fd:43:dd:17:96:f7:8a:
53:3b:9e:6b:51:6e:f2:40:d9:97:3a:50:4a:fb:f9:
ed:c5:4e:e7:48:84:6f:35:55:ea:65:ec:3a:61:5a:
0e:75:d2:16:e7:c5:ca:a8:00:78:5a:01:fa:8e:1b:
bb:2c:d3:a0:dc:51:1d:8a:8b:f5:61:41:a0:f5:be:
36:b9:1e:cc:70:af:e2:56:63:fc:15:10:98:59:1a:
5d:ff:a9:89:f4:44:18:67:e1:54:93:51:96:2d:53:
8a:20:91:34:b3:04:6c:42:91:94:01:ac:c4:08:50:
9e:49:4d:75:5a:7f:14:30:12:1c:75:40:c8:8a:f1:
f2:e7:c9:6e:fe:fd:5a:8d:70:ee:50:35:dd:25:73:
4c:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:9E:19:D2:1A:BC:99:DF:CB:5F:29:D8:C4:BD:4C:51:9F:D3:E2:35
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/9Z4Z0hq8md_LXynYxL1MUZ_T4jU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.135.91.0/24
78.135.94.0/23
188.132.132.0/23
188.132.136.0-188.132.140.255
188.132.143.0-188.132.145.255
188.132.162.0/24
188.132.247.0-188.132.248.255
Signature Algorithm: sha256WithRSAEncryption
6b:d1:af:fe:5f:4f:e9:eb:94:c4:4a:02:28:a3:0c:c9:89:67:
2b:4d:6f:54:e2:49:f2:bb:e1:f5:29:34:e5:2f:46:20:75:1e:
95:41:d5:bc:df:f3:89:10:51:d6:b4:ff:b3:65:59:6d:25:cf:
f3:80:d2:2c:59:3b:d8:b2:bd:68:59:c3:a8:72:64:10:26:7c:
0d:97:0d:48:43:82:db:ef:1e:1e:a6:dd:13:4a:9f:6d:29:f2:
0b:06:49:68:33:32:58:7f:28:15:8f:cb:c5:8d:72:f8:92:a9:
7c:5b:4d:93:6b:8a:34:2b:d0:80:74:bb:24:45:de:6a:0e:c3:
45:e6:08:29:2b:b9:7f:8f:b1:17:a8:32:a2:67:64:b5:14:24:
ca:d5:08:c3:37:5c:f1:b9:13:cd:74:b6:e8:6c:c7:05:0c:de:
ea:e5:5c:e3:83:01:cd:27:53:39:d4:47:e7:7c:e5:81:56:b0:
3a:3f:2e:7d:24:52:30:49:bd:7a:81:41:fb:ae:92:9c:55:40:
fa:e8:e1:72:ba:f9:5e:2f:46:74:27:04:fd:34:7d:b6:ff:5b:
50:b2:81:b9:7d:70:95:3d:ad:99:fc:dc:10:08:15:f4:e0:c3:
d1:15:81:19:af:48:fd:fb:71:1f:72:e1:8a:39:4e:4d:6d:63:
e9:6e:9e:ed
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYzI34j8RvLkNwQ9IV2Ws+KuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjQwMTAyMDYzMjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTllMTlkMjFhYmM5OWRmY2I1ZjI5ZDhjNGJkNGM1MTlmZDNlMjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlh2XO2HyQYDMJJDXe3/s2j4Q2IqH
rnOroz2vt3KWIUNtEfXW7MatqSbgdISvZ/O9pom9ULxRJabm2NzDMyL3QSIC2NNh
ZalTH0aMcLqAtG3BrTEf6BD0/NXdXinjzmsrjOQ+kcXBYRnW31nLb1ii/f1D3ReW
94pTO55rUW7yQNmXOlBK+/ntxU7nSIRvNVXqZew6YVoOddIW58XKqAB4WgH6jhu7
LNOg3FEdiov1YUGg9b42uR7McK/iVmP8FRCYWRpd/6mJ9EQYZ+FUk1GWLVOKIJE0
swRsQpGUAazECFCeSU11Wn8UMBIcdUDIivHy58lu/v1ajXDuUDXdJXNMxQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFPWeGdIavJnfy18p2MS9TFGf0+I1MB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvOVo0WjBocThtZF9MWHluWXhMMU1VWl9UNGpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQATodbAwQB
TodeAwQBvISEMAwDBAO8hIgDBAC8hIwwDAMEALyEjwMEAbyEkAMEALyEojAMAwQA
vIT3AwQAvIT4MA0GCSqGSIb3DQEBCwUAA4IBAQBr0a/+X0/p65TESgIoowzJiWcr
TW9U4knyu+H1KTTlL0YgdR6VQdW83/OJEFHWtP+zZVltJc/zgNIsWTvYsr1oWcOo
cmQQJnwNlw1IQ4Lb7x4ept0TSp9tKfILBkloMzJYfygVj8vFjXL4kql8W02Ta4o0
K9CAdLskRd5qDsNF5ggpK7l/j7EXqDKiZ2S1FCTK1QjDN1zxuRPNdLbobMcFDN7q
5VzjgwHNJ1M51EfnfOWBVrA6Py59JFIwSb16gUH7rpKcVUD66OFyuvleL0Z0JwT9
NH22/1tQsoG5fXCVPa2Z/NwQCBX04MPRFYEZr0j9+3EfcuGKOU5NbWPpbp7t
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:12:55 2024 by rpki-client on console-fra.rpki-client.org