Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/9yGldZ9RRMs7wQZhJ7izpvJr9kQ.roa
File: 9yGldZ9RRMs7wQZhJ7izpvJr9kQ.roa (raw, json)
Hash identifier: oMr1gXg3C4TCLe1W+M69USjbHWqE60bgtITnFOhr4FU=
Subject key identifier: F7:21:A5:75:9F:51:44:CB:3B:C1:06:61:27:B8:B3:A6:F2:6B:F6:44
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 018F948A064FBCAAF82AB6DA65E197724592
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/9yGldZ9RRMs7wQZhJ7izpvJr9kQ.roa
Signing time: Mon 20 May 2024 05:47:04 +0000
ROA not before: Mon 20 May 2024 05:47:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34418
IP address blocks: 85.153.153.0/24 maxlen: 24
85.153.154.0/24 maxlen: 24
176.236.215.0/24 maxlen: 24
212.252.208.0/23 maxlen: 23
212.252.208.0/24 maxlen: 24
212.252.209.0/24 maxlen: 24
212.252.210.0/23 maxlen: 23
212.252.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.mft
rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:94:8a:06:4f:bc:aa:f8:2a:b6:da:65:e1:97:72:45:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: May 20 05:47:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f721a5759f5144cb3bc1066127b8b3a6f26bf644
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:e8:69:a4:f5:47:68:c9:e5:4a:7a:15:ec:1e:
41:af:04:95:9f:ec:4b:5b:14:21:0a:5d:ef:58:d9:
9f:62:17:7c:3d:0f:e2:54:96:63:dd:d5:e0:e9:d5:
5e:4f:6e:6b:55:5a:e8:83:10:f9:24:90:da:b3:8c:
67:ca:63:71:57:64:b1:73:b5:58:dc:48:3c:27:e8:
b6:02:15:18:73:94:c5:58:41:41:59:6b:08:b3:5a:
29:71:79:65:2b:ee:d6:53:bf:ae:dc:97:cc:d1:95:
66:a1:62:64:c3:8d:e5:12:58:4f:fa:4c:18:19:7d:
2c:49:10:53:48:43:f1:95:2e:80:f8:40:11:60:e1:
f0:77:3c:17:3d:b9:f8:ca:40:95:85:ff:b2:d4:a9:
8f:22:c9:47:a0:87:a6:9f:79:84:1b:88:2f:39:ac:
45:5e:f9:7b:cd:3b:1d:7c:52:55:8e:49:d9:ac:1c:
e1:e2:7c:5d:5f:89:12:90:52:49:be:c9:67:a4:9c:
8c:b4:30:44:f2:57:4d:00:c5:35:4c:26:91:18:4e:
d2:37:41:50:1c:8c:1d:56:71:3a:a4:02:4c:59:48:
15:e6:78:5a:ff:da:00:6e:a8:16:64:61:a1:36:86:
91:31:3a:3d:2c:dc:7a:49:7d:40:ec:c0:59:22:01:
54:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:21:A5:75:9F:51:44:CB:3B:C1:06:61:27:B8:B3:A6:F2:6B:F6:44
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/9yGldZ9RRMs7wQZhJ7izpvJr9kQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.153.153.0-85.153.154.255
176.236.215.0/24
212.252.208.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:53:84:9c:b8:a9:d8:8e:79:16:e0:9e:d9:8c:a7:18:d1:88:
97:7d:f1:b5:8c:9f:b6:38:12:7e:15:b4:c5:fe:98:84:27:97:
6b:b2:aa:c1:46:86:27:41:60:28:b8:83:96:3b:1b:0f:1b:d9:
ad:27:20:c7:88:67:0d:e9:f1:55:ef:d1:61:36:2c:64:01:6e:
98:3d:2b:0f:05:ce:be:23:a1:0b:9c:3d:41:ed:1a:99:72:03:
ab:45:2f:26:b8:cd:b8:ea:4d:0d:26:00:d1:68:27:1e:c3:88:
ff:13:a6:c4:3f:57:02:ab:f8:ad:89:f3:2b:92:4d:65:f6:29:
50:8d:29:9a:35:b7:c1:3e:ec:27:23:6a:dd:6b:05:67:e6:de:
db:e7:13:43:64:2e:77:5c:5e:af:9c:34:61:1e:7a:23:12:53:
7c:59:e6:e1:5e:1c:73:fe:27:9f:f2:d2:5e:6e:36:f2:5a:b4:
f8:92:f2:4e:6b:d3:a5:a5:9a:29:76:5f:e1:16:f8:9d:61:14:
cc:86:7d:42:9e:5b:1b:86:1a:12:26:a3:8e:4b:59:6a:51:cb:
ac:ae:9d:7b:4c:04:41:99:8c:65:07:c7:f2:87:6a:be:c7:20:
9e:80:bd:69:37:9d:ad:02:48:77:90:59:07:dd:9c:ae:f6:d9:
79:5b:c4:15
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY+UigZPvKr4KrbaZeGXckWSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjQwNTIwMDU0NzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzIxYTU3NTlmNTE0NGNiM2JjMTA2NjEyN2I4YjNhNmYyNmJmNjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvOhppPVHaMnlSnoV7B5BrwSVn+xL
WxQhCl3vWNmfYhd8PQ/iVJZj3dXg6dVeT25rVVrogxD5JJDas4xnymNxV2Sxc7VY
3Eg8J+i2AhUYc5TFWEFBWWsIs1opcXllK+7WU7+u3JfM0ZVmoWJkw43lElhP+kwY
GX0sSRBTSEPxlS6A+EARYOHwdzwXPbn4ykCVhf+y1KmPIslHoIemn3mEG4gvOaxF
Xvl7zTsdfFJVjknZrBzh4nxdX4kSkFJJvslnpJyMtDBE8ldNAMU1TCaRGE7SN0FQ
HIwdVnE6pAJMWUgV5nha/9oAbqgWZGGhNoaRMTo9LNx6SX1A7MBZIgFUxQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFPchpXWfUUTLO8EGYSe4s6bya/ZEMB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvOXlHbGRaOVJSTXM3d1FaaEo3aXpwdkpyOWtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj
LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABVmZkD
BABVmZoDBACw7NcDBALU/NAwDQYJKoZIhvcNAQELBQADggEBACxThJy4qdiOeRbg
ntmMpxjRiJd98bWMn7Y4En4VtMX+mIQnl2uyqsFGhidBYCi4g5Y7Gw8b2a0nIMeI
Zw3p8VXv0WE2LGQBbpg9Kw8Fzr4joQucPUHtGplyA6tFLya4zbjqTQ0mANFoJx7D
iP8TpsQ/VwKr+K2J8yuSTWX2KVCNKZo1t8E+7Ccjat1rBWfm3tvnE0NkLndcXq+c
NGEeeiMSU3xZ5uFeHHP+J5/y0l5uNvJatPiS8k5r06Wlmil2X+EW+J1hFMyGfUKe
WxuGGhImo45LWWpRy6yunXtMBEGZjGUHx/KHar7HIJ6AvWk3na0CSHeQWQfdnK72
2XlbxBU=
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:00:03 2024 by rpki-client on console-ams.rpki-client.org