Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/9YSMFiMlRZwV7h05Ma0v0N760ek.roa
File: 9YSMFiMlRZwV7h05Ma0v0N760ek.roa (raw, json)
Hash identifier: d9/tk6apx1v04behTcTeiIJfHvXUawhNcQI7h/Wb+OY=
Subject key identifier: F5:84:8C:16:23:25:45:9C:15:EE:1D:39:31:AD:2F:D0:DE:FA:D1:E9
Certificate issuer: /CN=94e59d245d150dc38c4896263dcbdcbbd67470a7
Certificate serial: 018CC7272F4CA067BC80B805408470D1FB0B
Authority key identifier: 94:E5:9D:24:5D:15:0D:C3:8C:48:96:26:3D:CB:DC:BB:D6:74:70:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/9YSMFiMlRZwV7h05Ma0v0N760ek.roa
Signing time: Mon 01 Jan 2024 22:31:23 +0000
ROA not before: Mon 01 Jan 2024 22:31:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 86.62.31.0/24 maxlen: 24
86.62.28.0/24 maxlen: 24
86.62.29.0/24 maxlen: 24
86.62.30.0/24 maxlen: 24
193.228.139.0/24 maxlen: 24
194.36.32.0/23 maxlen: 23
45.80.28.0/24 maxlen: 24
45.80.30.0/24 maxlen: 24
45.80.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.mft
rsync://rpki.ripe.net/repository/DEFAULT/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 01:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:2f:4c:a0:67:bc:80:b8:05:40:84:70:d1:fb:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94e59d245d150dc38c4896263dcbdcbbd67470a7
Validity
Not Before: Jan 1 22:31:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5848c162325459c15ee1d3931ad2fd0defad1e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d8:06:aa:9f:22:2c:6e:ec:d0:b0:f5:28:de:
ca:23:a5:cd:ec:10:a6:b3:f2:ff:a5:b0:c4:e5:19:
3d:01:0e:8c:c3:dc:42:68:d9:3c:f6:df:c2:80:2a:
cd:b6:d1:c0:89:b2:48:1c:cf:41:cd:2c:42:25:3e:
23:e3:02:82:1e:af:e5:1e:cf:34:94:50:ad:ae:b2:
a6:a5:40:9c:96:b2:5a:b5:22:f2:22:ee:15:f4:6a:
8d:fb:0e:a0:3b:70:f8:ad:94:a1:38:48:66:87:86:
8b:ba:2a:75:14:f8:a8:65:0b:03:67:e9:89:39:62:
2e:a6:9a:9d:48:05:b3:de:78:06:20:43:15:0e:39:
82:e5:4f:c5:f1:33:42:44:f0:d5:06:25:d7:7b:10:
4a:78:9f:2e:b3:2b:cb:f9:cb:54:06:be:45:25:b4:
cf:a4:60:4a:60:66:40:c6:32:de:14:83:72:c3:e0:
92:65:aa:cd:7d:53:d8:59:6d:15:db:de:f4:5f:6b:
f6:67:71:7e:a7:4a:d9:b1:8d:57:cb:44:12:7f:f7:
49:fa:29:cc:5f:4f:f0:f7:9e:b1:f1:38:f9:56:e8:
1a:15:69:52:22:14:ec:a3:f2:64:51:c0:2e:4e:b5:
4a:4b:85:9d:c6:52:97:99:c4:07:2c:fe:d0:64:df:
05:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:84:8C:16:23:25:45:9C:15:EE:1D:39:31:AD:2F:D0:DE:FA:D1:E9
X509v3 Authority Key Identifier:
keyid:94:E5:9D:24:5D:15:0D:C3:8C:48:96:26:3D:CB:DC:BB:D6:74:70:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/9YSMFiMlRZwV7h05Ma0v0N760ek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.28.0/24
45.80.30.0/23
86.62.28.0/22
193.228.139.0/24
194.36.32.0/23
Signature Algorithm: sha256WithRSAEncryption
5f:7d:91:df:f1:fd:1c:39:26:50:43:00:5d:23:c9:36:0a:6c:
bc:00:3c:13:42:a6:e8:eb:44:c0:21:e2:32:21:78:05:8c:90:
41:4b:55:a8:2b:51:d1:d2:d7:80:a9:f9:69:42:2d:a5:4b:57:
21:aa:0f:b0:b9:02:eb:a0:d2:31:93:44:be:68:31:b3:5d:0c:
42:05:ac:1e:fe:4c:54:06:71:3e:43:3e:51:af:91:52:00:65:
84:9e:ef:6f:cb:16:5e:0b:e6:75:ad:68:3b:1e:84:47:4f:90:
14:fb:fb:09:25:c7:f9:ce:a6:db:6f:3a:5b:99:24:54:5e:89:
a4:04:1e:29:19:9d:0f:14:6a:62:9d:0e:2e:df:1b:d6:8a:2d:
57:90:07:35:2b:72:cc:4f:62:5b:0c:af:4f:c5:ad:55:6e:69:
fa:82:63:7e:3a:c4:da:1b:18:34:3c:18:d4:ed:c6:9f:9f:cf:
fc:2c:81:61:92:94:f6:35:9b:d1:52:7f:00:85:72:0c:28:d5:
92:d1:1e:3a:37:31:9c:d4:21:ff:f8:b2:1e:86:84:09:4e:f3:
c0:de:de:37:8e:a5:4f:59:94:e7:71:eb:0b:a9:34:01:27:87:
d9:eb:85:ca:bb:09:85:0b:32:2a:fe:f9:2c:cf:fc:99:d4:9c:
f9:6e:5d:f5
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzHJy9MoGe8gLgFQIRw0fsLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZTU5ZDI0NWQxNTBkYzM4YzQ4OTYyNjNkY2JkY2JiZDY3
NDcwYTcwHhcNMjQwMTAxMjIzMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTg0OGMxNjIzMjU0NTljMTVlZTFkMzkzMWFkMmZkMGRlZmFkMWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtgGqp8iLG7s0LD1KN7KI6XN7BCm
s/L/pbDE5Rk9AQ6Mw9xCaNk89t/CgCrNttHAibJIHM9BzSxCJT4j4wKCHq/lHs80
lFCtrrKmpUCclrJatSLyIu4V9GqN+w6gO3D4rZShOEhmh4aLuip1FPioZQsDZ+mJ
OWIuppqdSAWz3ngGIEMVDjmC5U/F8TNCRPDVBiXXexBKeJ8usyvL+ctUBr5FJbTP
pGBKYGZAxjLeFINyw+CSZarNfVPYWW0V2970X2v2Z3F+p0rZsY1Xy0QSf/dJ+inM
X0/w956x8Tj5VugaFWlSIhTso/JkUcAuTrVKS4WdxlKXmcQHLP7QZN8FgwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPWEjBYjJUWcFe4dOTGtL9De+tHpMB8GA1UdIwQY
MBaAFJTlnSRdFQ3DjEiWJj3L3LvWdHCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE9XZEpGMFZEY09NU0pZbVBjdmN1OVowY0tjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8yODdjZDItZjFkOC00NGE5LWJlZDIt
ZWU5NWI2Y2MzNDc0LzEvOVlTTUZpTWxSWndWN2gwNU1hMHYwTjc2MGVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8yODdjZDItZjFkOC00NGE5LWJlZDItZWU5NWI2Y2MzNDc0
LzEvbE9XZEpGMFZEY09NU0pZbVBjdmN1OVowY0tjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALVAcAwQB
LVAeAwQCVj4cAwQAweSLAwQBwiQgMA0GCSqGSIb3DQEBCwUAA4IBAQBffZHf8f0c
OSZQQwBdI8k2Cmy8ADwTQqbo60TAIeIyIXgFjJBBS1WoK1HR0teAqflpQi2lS1ch
qg+wuQLroNIxk0S+aDGzXQxCBawe/kxUBnE+Qz5Rr5FSAGWEnu9vyxZeC+Z1rWg7
HoRHT5AU+/sJJcf5zqbbbzpbmSRUXomkBB4pGZ0PFGpinQ4u3xvWii1XkAc1K3LM
T2JbDK9Pxa1Vbmn6gmN+OsTaGxg0PBjU7cafn8/8LIFhkpT2NZvRUn8AhXIMKNWS
0R46NzGc1CH/+LIehoQJTvPA3t43jqVPWZTncesLqTQBJ4fZ64XKuwmFCzIq/vks
z/yZ1Jz5bl31
-----END CERTIFICATE-----
Generated at Thu May 2 09:20:42 2024 by rpki-client on console-fra.rpki-client.org