Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/744df3-8e29-458b-a459-8f8c89226e3e/1/m9ncveC2mJWuhL28Ytu64CksrOw.roa
File: m9ncveC2mJWuhL28Ytu64CksrOw.roa (raw, json)
Hash identifier: bwowW7E4AERoc1t9uDdQma5F2wd7uxmR+x12mMijpdE=
Subject key identifier: 9B:D9:DC:BD:E0:B6:98:95:AE:84:BD:BC:62:DB:BA:E0:29:2C:AC:EC
Certificate issuer: /CN=7744c6b6fba373811e00bee484e224c6b6e23fd2
Certificate serial: 018CC492317D814A0DEB5D061EB6FA48FCC9
Authority key identifier: 77:44:C6:B6:FB:A3:73:81:1E:00:BE:E4:84:E2:24:C6:B6:E2:3F:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d0TGtvujc4EeAL7khOIkxrbiP9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/744df3-8e29-458b-a459-8f8c89226e3e/1/m9ncveC2mJWuhL28Ytu64CksrOw.roa
Signing time: Mon 01 Jan 2024 10:29:24 +0000
ROA not before: Mon 01 Jan 2024 10:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49232
IP address blocks: 193.169.164.0/23 maxlen: 23
37.123.225.0/24 maxlen: 24
37.123.224.0/21 maxlen: 21
194.169.225.0/24 maxlen: 24
2a00:59c0::/32 maxlen: 32
2a00:59c0:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/744df3-8e29-458b-a459-8f8c89226e3e/1/d0TGtvujc4EeAL7khOIkxrbiP9I.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/744df3-8e29-458b-a459-8f8c89226e3e/1/d0TGtvujc4EeAL7khOIkxrbiP9I.mft
rsync://rpki.ripe.net/repository/DEFAULT/d0TGtvujc4EeAL7khOIkxrbiP9I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:31:7d:81:4a:0d:eb:5d:06:1e:b6:fa:48:fc:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7744c6b6fba373811e00bee484e224c6b6e23fd2
Validity
Not Before: Jan 1 10:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9bd9dcbde0b69895ae84bdbc62dbbae0292cacec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c6:a3:c2:76:e8:40:9d:22:79:3d:95:3b:db:
dd:8e:8e:e7:db:21:6a:ce:11:5f:af:18:79:45:80:
b0:99:36:b2:b3:59:99:a8:73:a1:ac:6f:11:55:40:
a7:d2:9d:6a:b8:a2:cc:df:1c:1d:71:a9:18:4f:12:
3e:6e:e0:a5:1b:c1:b2:f7:a6:9d:8f:0d:78:6d:5e:
51:d8:07:43:0f:6a:09:07:7d:39:36:78:6c:53:d8:
03:33:53:5a:48:9d:ca:db:43:87:41:aa:5f:b0:67:
25:a2:2a:f5:45:7f:a4:aa:fb:fd:e5:49:f9:18:a6:
7a:68:a1:c9:81:c7:ed:ee:19:7e:d4:24:59:08:0b:
fc:36:60:d5:bc:63:bc:88:09:f3:06:b7:e7:9d:36:
ef:ff:cb:89:c0:69:74:a7:7c:e5:84:e2:c7:1a:d0:
67:52:3f:c8:e5:2c:a6:d8:46:bc:1f:25:c0:c1:35:
5d:75:a1:2c:fd:7a:2a:05:cd:9e:3c:c8:96:5c:de:
e2:d7:c8:45:67:e5:2a:72:32:c6:5c:1d:45:7d:1d:
3e:14:3d:44:bb:2f:88:87:e5:61:76:a5:2b:bc:4d:
8f:57:1b:fc:0c:6d:10:23:c0:84:8d:6a:c0:cf:7b:
aa:08:8e:7c:c3:60:17:8f:b3:2f:54:b9:b6:04:91:
26:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:D9:DC:BD:E0:B6:98:95:AE:84:BD:BC:62:DB:BA:E0:29:2C:AC:EC
X509v3 Authority Key Identifier:
keyid:77:44:C6:B6:FB:A3:73:81:1E:00:BE:E4:84:E2:24:C6:B6:E2:3F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0TGtvujc4EeAL7khOIkxrbiP9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/744df3-8e29-458b-a459-8f8c89226e3e/1/m9ncveC2mJWuhL28Ytu64CksrOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/744df3-8e29-458b-a459-8f8c89226e3e/1/d0TGtvujc4EeAL7khOIkxrbiP9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.123.224.0/21
193.169.164.0/23
194.169.225.0/24
IPv6:
2a00:59c0::/32
Signature Algorithm: sha256WithRSAEncryption
78:72:53:ac:08:9c:b7:e2:12:73:52:e0:84:bf:98:e2:72:71:
3e:1b:6e:39:89:ed:5a:10:c0:ec:6d:4e:70:d7:67:ff:11:4c:
f9:d5:b9:bc:f1:c2:93:21:82:12:22:5f:11:36:f3:fb:22:2f:
c0:a2:75:79:4d:c7:5a:e8:8a:e7:3f:78:ed:ed:59:60:74:fe:
ca:c8:8a:2d:84:a9:7f:35:89:a2:3f:c2:99:c3:73:d6:e6:fb:
c8:d2:01:fd:b0:16:77:3e:3e:8f:b9:9f:13:90:4d:8b:9c:b6:
43:17:51:a0:f7:cc:e4:69:f7:6d:e5:02:1a:b7:3d:47:85:46:
97:f0:85:dd:61:7f:97:08:ee:58:bb:62:93:28:c0:9f:c1:6b:
00:f7:a8:b1:14:99:58:a1:cb:fa:c1:52:36:7a:5e:b3:aa:35:
55:42:3a:59:4e:7a:1f:97:2a:47:00:fc:31:76:f2:a1:52:cd:
20:57:85:7b:be:0e:81:14:91:4f:9e:ea:79:0e:d7:53:5b:cb:
55:0b:d7:31:bf:99:89:2e:fb:bc:9c:37:25:bc:71:51:c0:b6:
dd:37:a3:f4:af:82:65:9b:3e:09:16:3a:78:b2:34:08:05:de:
b6:f3:71:c2:ec:e6:2e:8c:c6:af:ca:0a:bc:35:87:cf:4a:fe:
92:03:64:bd
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzEkjF9gUoN610GHrb6SPzJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NDRjNmI2ZmJhMzczODExZTAwYmVlNDg0ZTIyNGM2YjZl
MjNmZDIwHhcNMjQwMTAxMTAyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmQ5ZGNiZGUwYjY5ODk1YWU4NGJkYmM2MmRiYmFlMDI5MmNhY2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcajwnboQJ0ieT2VO9vdjo7n2yFq
zhFfrxh5RYCwmTays1mZqHOhrG8RVUCn0p1quKLM3xwdcakYTxI+buClG8Gy96ad
jw14bV5R2AdDD2oJB305NnhsU9gDM1NaSJ3K20OHQapfsGcloir1RX+kqvv95Un5
GKZ6aKHJgcft7hl+1CRZCAv8NmDVvGO8iAnzBrfnnTbv/8uJwGl0p3zlhOLHGtBn
Uj/I5Sym2Ea8HyXAwTVddaEs/XoqBc2ePMiWXN7i18hFZ+UqcjLGXB1FfR0+FD1E
uy+Ih+VhdqUrvE2PVxv8DG0QI8CEjWrAz3uqCI58w2AXj7MvVLm2BJEm7wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJvZ3L3gtpiVroS9vGLbuuApLKzsMB8GA1UdIwQY
MBaAFHdExrb7o3OBHgC+5ITiJMa24j/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDBUR3R2dWpjNEVlQUw3a2hPSWt4cmJpUDlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83NDRkZjMtOGUyOS00NThiLWE0NTkt
OGY4Yzg5MjI2ZTNlLzEvbTluY3ZlQzJtSld1aEwyOFl0dTY0Q2tzck93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83NDRkZjMtOGUyOS00NThiLWE0NTktOGY4Yzg5MjI2ZTNl
LzEvZDBUR3R2dWpjNEVlQUw3a2hPSWt4cmJpUDlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDJXvgAwQB
wamkAwQAwqnhMA0EAgACMAcDBQAqAFnAMA0GCSqGSIb3DQEBCwUAA4IBAQB4clOs
CJy34hJzUuCEv5jicnE+G245ie1aEMDsbU5w12f/EUz51bm88cKTIYISIl8RNvP7
Ii/AonV5Tcda6IrnP3jt7VlgdP7KyIothKl/NYmiP8KZw3PW5vvI0gH9sBZ3Pj6P
uZ8TkE2LnLZDF1Gg98zkafdt5QIatz1HhUaX8IXdYX+XCO5Yu2KTKMCfwWsA96ix
FJlYocv6wVI2el6zqjVVQjpZTnoflypHAPwxdvKhUs0gV4V7vg6BFJFPnup5DtdT
W8tVC9cxv5mJLvu8nDclvHFRwLbdN6P0r4Jlmz4JFjp4sjQIBd6283HC7OYujMav
ygq8NYfPSv6SA2S9
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:40:58 2024 by rpki-client on console-ams.rpki-client.org