Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/nSbgjJcupK6sAg0Qy8uJLJUhQFE.roa
File: nSbgjJcupK6sAg0Qy8uJLJUhQFE.roa (raw, json)
Hash identifier: hAnfSHHLhurwy7TGdCsTpbBDjRH9a8XxcWmbkNKNW6M=
Subject key identifier: 9D:26:E0:8C:97:2E:A4:AE:AC:02:0D:10:CB:CB:89:2C:95:21:40:51
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 018CC5DC32BDF69D6B0638D8B03C473E1443
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/nSbgjJcupK6sAg0Qy8uJLJUhQFE.roa
Signing time: Mon 01 Jan 2024 16:29:51 +0000
ROA not before: Mon 01 Jan 2024 16:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198357
IP address blocks: 5.159.48.0/24 maxlen: 24
5.159.50.0/24 maxlen: 24
5.159.51.0/24 maxlen: 24
5.159.52.0/24 maxlen: 24
5.159.53.0/24 maxlen: 24
5.159.55.0/24 maxlen: 24
188.240.212.0/24 maxlen: 24
185.3.202.0/24 maxlen: 24
185.3.201.0/24 maxlen: 24
185.3.203.0/24 maxlen: 24
89.46.216.0/24 maxlen: 24
89.46.218.0/24 maxlen: 24
89.46.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:32:bd:f6:9d:6b:06:38:d8:b0:3c:47:3e:14:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Jan 1 16:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d26e08c972ea4aeac020d10cbcb892c95214051
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:3b:85:6a:25:2a:ca:fc:2b:70:1d:fb:80:5d:
60:a6:de:91:3e:e0:1e:e5:00:30:f2:b0:88:70:1b:
2b:18:4e:8b:6d:0d:27:ed:05:f1:f1:97:1a:53:a2:
9e:28:b9:af:92:bd:cc:65:bd:4f:82:a8:12:3e:05:
b9:af:8e:e5:fb:18:29:3c:53:45:90:0d:23:b6:d2:
35:01:d8:c9:c0:82:ee:be:78:e7:01:39:ec:a2:ea:
e9:38:2b:9a:db:6f:3b:27:00:a5:0f:14:c7:1b:d0:
5a:ea:8d:b8:c5:d5:6d:13:4d:a9:91:3a:d3:99:a5:
57:26:7c:d3:5c:04:46:64:82:88:f3:48:9d:dd:bd:
1c:3f:0e:37:81:5b:02:b1:00:08:d3:e1:da:4b:6c:
12:57:b6:9d:7e:ef:08:04:63:9d:0a:85:3c:eb:9b:
f4:5e:7b:8e:1c:3b:d8:16:5f:95:53:8c:ed:4a:c5:
92:e7:80:53:5d:a9:84:f9:32:c1:87:cb:c2:11:c3:
ad:e1:7d:f4:86:15:f2:42:65:04:be:c4:3b:44:6f:
78:34:07:fd:07:e1:b1:6d:6d:8f:96:28:ef:04:10:
37:f7:a8:ca:72:79:67:b6:8a:b8:68:9a:95:f8:67:
e1:0f:ba:10:03:a5:62:96:d7:fd:9f:fa:22:09:3d:
1b:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:26:E0:8C:97:2E:A4:AE:AC:02:0D:10:CB:CB:89:2C:95:21:40:51
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/nSbgjJcupK6sAg0Qy8uJLJUhQFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.48.0/24
5.159.50.0-5.159.53.255
5.159.55.0/24
89.46.216.0/24
89.46.218.0/23
185.3.201.0-185.3.203.255
188.240.212.0/24
Signature Algorithm: sha256WithRSAEncryption
51:cd:d9:12:38:f2:a1:be:82:f1:2e:17:ba:df:96:ef:0b:54:
c3:20:0e:97:b6:fd:0e:c5:21:47:4a:37:7f:b5:46:07:0f:df:
f4:e2:10:4f:d3:9e:42:2d:9b:d9:b4:ad:d9:77:77:be:0f:9e:
bc:6b:41:10:ee:d5:ac:05:9b:7f:01:26:64:40:b4:eb:62:c9:
c1:7e:8d:d5:68:02:41:9b:f9:36:b6:97:48:7c:bf:9d:d6:50:
c1:d5:f5:97:7d:08:91:34:fc:02:80:88:f9:5d:ef:c5:4c:a6:
50:20:db:db:aa:b4:07:21:cc:ea:44:42:1a:bc:d7:e0:2b:39:
9f:33:dd:40:a3:08:55:d2:4f:51:10:ec:0c:9b:b3:28:18:97:
92:6d:3e:b4:84:6a:93:57:d3:5a:b7:1e:2b:8e:d4:7e:e2:db:
f9:ec:e8:21:f6:64:af:85:7d:a9:40:66:1c:28:76:da:71:07:
3f:8c:49:db:68:d3:6f:15:5a:7b:61:38:5f:06:b1:0a:76:35:
93:b2:5c:8f:53:dd:a2:18:a1:8a:a5:4b:43:a4:05:52:41:29:
2b:e4:a7:38:76:a1:03:a0:27:48:d1:c1:13:d8:50:86:aa:59:
42:15:e7:cc:c4:f2:53:3c:db:4e:c8:0a:4b:3f:00:98:73:0a:
91:58:c1:78
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYzF3DK99p1rBjjYsDxHPhRDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQwMTAxMTYyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDI2ZTA4Yzk3MmVhNGFlYWMwMjBkMTBjYmNiODkyYzk1MjE0MDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTuFaiUqyvwrcB37gF1gpt6RPuAe
5QAw8rCIcBsrGE6LbQ0n7QXx8ZcaU6KeKLmvkr3MZb1PgqgSPgW5r47l+xgpPFNF
kA0jttI1AdjJwILuvnjnATnsourpOCua2287JwClDxTHG9Ba6o24xdVtE02pkTrT
maVXJnzTXARGZIKI80id3b0cPw43gVsCsQAI0+HaS2wSV7adfu8IBGOdCoU865v0
XnuOHDvYFl+VU4ztSsWS54BTXamE+TLBh8vCEcOt4X30hhXyQmUEvsQ7RG94NAf9
B+GxbW2PlijvBBA396jKcnlntoq4aJqV+GfhD7oQA6Viltf9n/oiCT0bcQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFJ0m4IyXLqSurAINEMvLiSyVIUBRMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvblNiZ2pKY3VwSzZzQWcwUXk4dUpMSlVoUUZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQABZ8wMAwD
BAEFnzIDBAEFnzQDBAAFnzcDBABZLtgDBAFZLtowDAMEALkDyQMEArkDyAMEALzw
1DANBgkqhkiG9w0BAQsFAAOCAQEAUc3ZEjjyob6C8S4Xut+W7wtUwyAOl7b9DsUh
R0o3f7VGBw/f9OIQT9OeQi2b2bSt2Xd3vg+evGtBEO7VrAWbfwEmZEC062LJwX6N
1WgCQZv5NraXSHy/ndZQwdX1l30IkTT8AoCI+V3vxUymUCDb26q0ByHM6kRCGrzX
4Cs5nzPdQKMIVdJPURDsDJuzKBiXkm0+tIRqk1fTWrceK47UfuLb+ezoIfZkr4V9
qUBmHCh22nEHP4xJ22jTbxVae2E4XwaxCnY1k7Jcj1PdohihiqVLQ6QFUkEpK+Sn
OHahA6AnSNHBE9hQhqpZQhXnzMTyUzzbTsgKSz8AmHMKkVjBeA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:52:31 2024 by rpki-client on console-fra.rpki-client.org