Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/l9x9i55J3oK8iD9yK-TCbbz0cl4.roa
File: l9x9i55J3oK8iD9yK-TCbbz0cl4.roa (raw, json)
Hash identifier: pSy/ELdqj0c0POA+Q8sLC47AYyPKVPGNs86SMajowcU=
Subject key identifier: 97:DC:7D:8B:9E:49:DE:82:BC:88:3F:72:2B:E4:C2:6D:BC:F4:72:5E
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 018CC56E163903E4305B1D29983C3F2B8F9E
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/l9x9i55J3oK8iD9yK-TCbbz0cl4.roa
Signing time: Mon 01 Jan 2024 14:29:35 +0000
ROA not before: Mon 01 Jan 2024 14:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203936
IP address blocks: 185.226.192.0/23 maxlen: 23
217.26.190.0/23 maxlen: 23
89.42.112.0/23 maxlen: 23
77.247.120.0/22 maxlen: 22
185.227.103.0/24 maxlen: 24
45.67.244.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 00:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:16:39:03:e4:30:5b:1d:29:98:3c:3f:2b:8f:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 1 14:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97dc7d8b9e49de82bc883f722be4c26dbcf4725e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:9a:6b:29:05:81:ea:99:b4:d7:82:40:54:fe:
21:19:eb:81:c8:42:4d:a8:eb:ef:9e:c8:8f:41:0b:
f9:44:0b:43:f8:b3:bf:aa:19:65:06:67:54:b7:b1:
53:3e:aa:4c:40:b3:65:71:08:37:b2:06:14:c1:8d:
3e:ca:92:08:be:d9:69:84:cd:d4:67:5d:db:99:e5:
2e:73:1f:f9:b7:42:84:b9:66:f0:35:9e:4a:64:49:
bb:85:61:e3:e9:10:39:eb:f5:aa:4b:f0:a8:32:25:
d4:15:98:6d:6f:2f:71:ae:ee:0a:7b:ee:fe:21:6a:
38:81:4f:b9:e4:b4:e4:ec:d7:29:70:da:02:d2:c3:
45:b4:81:88:38:86:39:f6:dc:db:39:85:b5:81:86:
b5:b2:a9:7c:eb:cd:7b:07:28:60:a0:42:4a:9b:52:
a3:96:6b:18:40:0d:fe:d5:e7:ec:22:4d:86:ab:2e:
d6:1d:a3:87:93:9f:ff:02:94:7b:73:5e:0c:4e:8c:
1a:2a:a7:bb:8c:25:95:11:0b:95:df:7e:e4:63:29:
b0:93:5b:16:67:c3:05:d2:82:d9:af:06:28:42:a3:
98:7f:8c:2c:bb:e6:19:a4:45:6c:01:aa:73:2d:ee:
00:9a:2c:a5:a2:ec:3a:1b:9e:05:ff:fa:cc:bb:57:
07:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:DC:7D:8B:9E:49:DE:82:BC:88:3F:72:2B:E4:C2:6D:BC:F4:72:5E
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/l9x9i55J3oK8iD9yK-TCbbz0cl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.244.0/22
77.247.120.0/22
89.42.112.0/23
185.226.192.0/23
185.227.103.0/24
217.26.190.0/23
Signature Algorithm: sha256WithRSAEncryption
a9:d1:9c:d6:9f:f5:65:3b:25:e2:43:bc:cb:d5:d0:1f:17:fe:
fe:65:e9:86:a3:37:10:8e:96:1b:66:36:63:81:15:ec:c3:8c:
b3:16:68:9b:35:24:79:a3:56:00:85:48:1e:1a:81:40:a7:cc:
10:b5:aa:91:0f:40:ae:3f:57:eb:c3:ce:1b:9e:a5:7e:31:09:
ec:a6:9e:27:6f:ef:c0:ba:3a:ac:06:6a:4c:0b:2e:05:19:e9:
f9:93:5f:b3:7d:17:53:d8:5f:03:0a:97:11:18:ef:ea:73:eb:
39:98:b6:06:19:8c:d3:d1:6a:dc:ab:87:2f:df:c2:58:42:6a:
78:b9:e6:9b:25:a1:87:c5:b2:60:6c:40:71:db:77:bd:15:21:
fc:69:fc:ba:7a:29:78:91:0d:2e:43:24:13:20:b0:9e:25:ef:
6d:e1:3f:9a:c0:c4:4c:8a:6f:03:5e:79:63:87:ee:57:19:03:
c9:ce:8e:2a:ec:61:86:23:9a:be:42:f5:ea:c0:55:a4:94:51:
66:21:9f:da:bd:f6:64:65:87:b7:69:5a:22:c1:62:3c:af:f6:
c6:75:0a:06:6b:4a:23:0a:d1:03:46:16:f8:19:bc:f8:af:e7:
59:02:69:b1:4b:f0:e7:6c:1a:33:23:5d:8a:f9:6e:20:53:99:
7f:9e:14:f4
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzFbhY5A+QwWx0pmDw/K4+eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwMTAxMTQyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2RjN2Q4YjllNDlkZTgyYmM4ODNmNzIyYmU0YzI2ZGJjZjQ3MjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpprKQWB6pm014JAVP4hGeuByEJN
qOvvnsiPQQv5RAtD+LO/qhllBmdUt7FTPqpMQLNlcQg3sgYUwY0+ypIIvtlphM3U
Z13bmeUucx/5t0KEuWbwNZ5KZEm7hWHj6RA56/WqS/CoMiXUFZhtby9xru4Ke+7+
IWo4gU+55LTk7NcpcNoC0sNFtIGIOIY59tzbOYW1gYa1sql86817ByhgoEJKm1Kj
lmsYQA3+1efsIk2Gqy7WHaOHk5//ApR7c14MTowaKqe7jCWVEQuV337kYymwk1sW
Z8MF0oLZrwYoQqOYf4wsu+YZpEVsAapzLe4Amiylouw6G54F//rMu1cH7wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJfcfYueSd6CvIg/civkwm289HJeMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvbDl4OWk1NUozb0s4aUQ5eUstVENiYnowY2w0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLUP0AwQC
Tfd4AwQBWSpwAwQBueLAAwQAueNnAwQB2Rq+MA0GCSqGSIb3DQEBCwUAA4IBAQCp
0ZzWn/VlOyXiQ7zL1dAfF/7+ZemGozcQjpYbZjZjgRXsw4yzFmibNSR5o1YAhUge
GoFAp8wQtaqRD0CuP1frw84bnqV+MQnspp4nb+/AujqsBmpMCy4FGen5k1+zfRdT
2F8DCpcRGO/qc+s5mLYGGYzT0Wrcq4cv38JYQmp4ueabJaGHxbJgbEBx23e9FSH8
afy6eil4kQ0uQyQTILCeJe9t4T+awMRMim8DXnljh+5XGQPJzo4q7GGGI5q+QvXq
wFWklFFmIZ/avfZkZYe3aVoiwWI8r/bGdQoGa0ojCtEDRhb4Gbz4r+dZAmmxS/Dn
bBozI12K+W4gU5l/nhT0
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:50:09 2024 by rpki-client on console-ams.rpki-client.org