Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/9NrDnWQa90o5-ovWC22aKf3xG-4.roa
File: 9NrDnWQa90o5-ovWC22aKf3xG-4.roa (raw, json)
Hash identifier: GS6T+EoPNU9/3z1/BhYjtzUfjf/aumIjD5JWmkG8y8g=
Subject key identifier: F4:DA:C3:9D:64:1A:F7:4A:39:FA:8B:D6:0B:6D:9A:29:FD:F1:1B:EE
Certificate issuer: /CN=e92c415d1775ae9993e900a7536b46ab144a9aa2
Certificate serial: 0193104165B683D73AD753858D027B4F7A1A
Authority key identifier: E9:2C:41:5D:17:75:AE:99:93:E9:00:A7:53:6B:46:AB:14:4A:9A:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/9NrDnWQa90o5-ovWC22aKf3xG-4.roa
Signing time: Sat 09 Nov 2024 09:29:01 +0000
ROA not before: Sat 09 Nov 2024 09:29:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41343
IP address blocks: 89.29.192.0/21 maxlen: 21
89.29.192.0/24 maxlen: 24
89.29.193.0/24 maxlen: 24
89.29.194.0/24 maxlen: 24
89.29.195.0/24 maxlen: 24
89.29.196.0/24 maxlen: 24
89.29.197.0/24 maxlen: 24
89.29.198.0/24 maxlen: 24
89.29.199.0/24 maxlen: 24
89.29.200.0/23 maxlen: 23
89.29.202.0/24 maxlen: 24
89.29.204.0/24 maxlen: 24
89.29.205.0/24 maxlen: 24
89.29.226.0/24 maxlen: 24
89.29.227.0/24 maxlen: 24
89.29.228.0/24 maxlen: 24
185.40.36.0/24 maxlen: 24
213.181.70.0/23 maxlen: 23
213.181.70.0/24 maxlen: 24
213.181.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/6SxBXRd1rpmT6QCnU2tGqxRKmqI.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/6SxBXRd1rpmT6QCnU2tGqxRKmqI.mft
rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:10:41:65:b6:83:d7:3a:d7:53:85:8d:02:7b:4f:7a:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e92c415d1775ae9993e900a7536b46ab144a9aa2
Validity
Not Before: Nov 9 09:29:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4dac39d641af74a39fa8bd60b6d9a29fdf11bee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:85:5c:21:91:d0:f5:a8:e7:b1:42:15:72:b6:
0f:17:0a:ae:98:0a:87:4e:0e:a6:4d:ae:c0:81:0b:
01:e5:51:0f:2d:97:b7:09:a6:6e:2c:cb:95:94:d5:
3f:3e:68:b5:e5:ef:b5:62:19:80:ca:33:cd:71:ed:
de:e4:10:d9:03:2e:7d:11:78:0a:ae:de:30:25:46:
a9:16:81:bd:87:09:c6:ed:46:1e:ad:75:44:0e:19:
31:ea:7c:67:ce:b7:d3:7b:1a:df:93:a8:3e:8d:82:
53:5f:9e:bf:90:0e:72:8a:89:d6:04:68:bf:0e:45:
a5:26:bd:7a:7e:de:45:a3:4b:f9:e4:e2:77:bf:b2:
f3:a5:c7:41:31:ff:53:22:0b:d4:02:73:d2:9b:4f:
1e:c6:52:cf:f5:ca:5f:13:cb:b4:93:9c:a9:26:7e:
fe:3f:39:1c:3a:4b:d1:e6:17:56:9d:e4:73:dd:08:
49:b1:02:a2:53:dd:5c:5f:99:0c:2d:7e:d4:11:d4:
e1:45:ff:14:d0:4e:4a:bc:ec:6b:99:2e:e0:b3:68:
8f:cc:9f:69:62:ea:20:63:d5:c7:1a:d0:2f:8b:eb:
1f:c7:90:43:6e:6c:99:e7:e2:2e:73:7c:ff:e2:af:
60:b2:cc:63:10:79:1e:aa:32:ab:71:e3:dd:57:9c:
af:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:DA:C3:9D:64:1A:F7:4A:39:FA:8B:D6:0B:6D:9A:29:FD:F1:1B:EE
X509v3 Authority Key Identifier:
keyid:E9:2C:41:5D:17:75:AE:99:93:E9:00:A7:53:6B:46:AB:14:4A:9A:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/9NrDnWQa90o5-ovWC22aKf3xG-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/6SxBXRd1rpmT6QCnU2tGqxRKmqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.29.192.0-89.29.202.255
89.29.204.0/23
89.29.226.0-89.29.228.255
185.40.36.0/24
213.181.70.0/23
Signature Algorithm: sha256WithRSAEncryption
41:e1:a3:18:77:3e:57:f5:20:21:be:57:55:e7:96:02:25:d9:
37:2f:c2:17:d0:45:a9:a9:de:ac:4d:99:fb:5f:56:1f:e3:7c:
85:5e:62:b2:36:c4:96:a3:39:06:63:b3:02:9f:38:2b:ed:dc:
18:25:07:30:b3:4a:b9:eb:06:08:22:01:26:58:9d:7c:de:f0:
c2:2b:d3:10:d9:47:9d:35:da:f5:18:9e:0b:28:83:ea:17:6d:
52:97:66:17:32:72:f0:e9:cc:51:ba:bb:a6:64:4e:67:28:01:
78:8a:67:15:84:17:2b:35:69:5b:43:68:fb:45:e2:ce:eb:76:
27:10:a0:68:a2:c7:85:8f:5d:90:5a:7c:3d:e6:11:aa:10:4c:
fb:db:a5:74:cf:66:30:c3:fb:44:b4:12:46:8b:ca:43:00:9c:
6d:2d:53:e4:41:ae:d3:44:7d:43:01:29:24:50:9c:26:21:d3:
24:76:0e:4f:06:4f:75:e6:3b:c2:53:63:28:98:1c:3a:1b:e0:
8a:88:1c:73:b4:85:41:53:ef:1d:1e:98:75:8f:66:fa:db:5b:
ab:dd:1f:26:f6:db:02:45:48:38:8a:ce:e3:99:2f:31:ee:93:
ef:a7:9f:3d:3a:8e:3d:9d:4a:8c:e3:77:5e:39:86:88:d8:2c:
5a:5c:04:33
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZMQQWW2g9c611OFjQJ7T3oaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MmM0MTVkMTc3NWFlOTk5M2U5MDBhNzUzNmI0NmFiMTQ0
YTlhYTIwHhcNMjQxMTA5MDkyOTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGRhYzM5ZDY0MWFmNzRhMzlmYThiZDYwYjZkOWEyOWZkZjExYmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAooVcIZHQ9ajnsUIVcrYPFwqumAqH
Tg6mTa7AgQsB5VEPLZe3CaZuLMuVlNU/Pmi15e+1YhmAyjPNce3e5BDZAy59EXgK
rt4wJUapFoG9hwnG7UYerXVEDhkx6nxnzrfTexrfk6g+jYJTX56/kA5yionWBGi/
DkWlJr16ft5Fo0v55OJ3v7LzpcdBMf9TIgvUAnPSm08exlLP9cpfE8u0k5ypJn7+
PzkcOkvR5hdWneRz3QhJsQKiU91cX5kMLX7UEdThRf8U0E5KvOxrmS7gs2iPzJ9p
YuogY9XHGtAvi+sfx5BDbmyZ5+Iuc3z/4q9gssxjEHkeqjKrcePdV5yvzQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFPTaw51kGvdKOfqL1gttmin98RvuMB8GA1UdIwQY
MBaAFOksQV0Xda6Zk+kAp1NrRqsUSpqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlN4QlhSZDFycG1UNlFDblUydEdxeFJLbXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wODk4YmUtYjAzNy00MjlmLWI1MDQt
MWQ5MzRhMDQ4NDc0LzEvOU5yRG5XUWE5MG81LW92V0MyMmFLZjN4Ry00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wODk4YmUtYjAzNy00MjlmLWI1MDQtMWQ5MzRhMDQ4NDc0
LzEvNlN4QlhSZDFycG1UNlFDblUydEdxeFJLbXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAZZHcAD
BABZHcoDBAFZHcwwDAMEAVkd4gMEAFkd5AMEALkoJAMEAdW1RjANBgkqhkiG9w0B
AQsFAAOCAQEAQeGjGHc+V/UgIb5XVeeWAiXZNy/CF9BFqanerE2Z+19WH+N8hV5i
sjbElqM5BmOzAp84K+3cGCUHMLNKuesGCCIBJlidfN7wwivTENlHnTXa9RieCyiD
6hdtUpdmFzJy8OnMUbq7pmROZygBeIpnFYQXKzVpW0No+0Xizut2JxCgaKLHhY9d
kFp8PeYRqhBM+9uldM9mMMP7RLQSRovKQwCcbS1T5EGu00R9QwEpJFCcJiHTJHYO
TwZPdeY7wlNjKJgcOhvgiogcc7SFQVPvHR6YdY9m+ttbq90fJvbbAkVIOIrO45kv
Me6T76efPTqOPZ1KjON3XjmGiNgsWlwEMw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:05:02 2024 by rpki-client on console-ams.rpki-client.org