Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/UR-_nO0HPbzrVTLHShK-S3p4epo.roa
File: UR-_nO0HPbzrVTLHShK-S3p4epo.roa (raw, json)
Hash identifier: cH2VVqUYzKLMmHdSnVzJlxIJy7rIrXi2bGpT7ihvaG4=
Subject key identifier: 51:1F:BF:9C:ED:07:3D:BC:EB:55:32:C7:4A:12:BE:4B:7A:78:7A:9A
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 01917F49B632B0786B5C7D25A1776A039F79
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/UR-_nO0HPbzrVTLHShK-S3p4epo.roa
Signing time: Fri 23 Aug 2024 12:50:22 +0000
ROA not before: Fri 23 Aug 2024 12:50:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209372
IP address blocks: 89.19.57.0/24 maxlen: 24
89.19.58.0/24 maxlen: 24
89.19.59.0/24 maxlen: 24
185.68.245.0/24 maxlen: 24
185.79.51.0/24 maxlen: 24
185.79.79.0/24 maxlen: 24
185.81.172.0/24 maxlen: 24
185.81.173.0/24 maxlen: 24
185.81.174.0/23 maxlen: 24
185.81.174.0/24 maxlen: 24
185.81.184.0/23 maxlen: 24
185.81.186.0/23 maxlen: 24
185.89.40.0/24 maxlen: 24
185.89.108.0/22 maxlen: 24
185.95.100.0/23 maxlen: 24
185.95.102.0/23 maxlen: 24
185.96.80.0/24 maxlen: 24
185.96.83.0/24 maxlen: 24
185.97.1.0/24 maxlen: 24
185.97.3.0/24 maxlen: 24
185.101.203.0/24 maxlen: 24
185.104.151.0/24 maxlen: 24
185.112.56.0/23 maxlen: 24
185.175.224.0/24 maxlen: 24
185.175.225.0/24 maxlen: 24
185.185.147.0/24 maxlen: 24
193.221.215.0/24 maxlen: 24
213.170.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 10:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7f:49:b6:32:b0:78:6b:5c:7d:25:a1:77:6a:03:9f:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Aug 23 12:50:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=511fbf9ced073dbceb5532c74a12be4b7a787a9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:15:ab:9f:2c:23:f4:62:43:6d:a4:cd:e7:16:
e9:8a:cf:05:03:e4:98:dd:d1:6e:6d:d0:1f:02:95:
af:32:35:3a:f0:5f:59:77:04:be:38:86:fd:0f:12:
a9:fe:7c:d5:b8:9e:d9:0e:72:ad:29:33:bf:f5:eb:
9e:d1:62:dc:1f:88:82:c9:a4:ec:f8:64:2b:ee:bf:
15:02:25:bf:de:27:c5:04:4b:53:d8:e5:dc:c3:3e:
b3:17:91:6f:51:4e:f6:9e:45:64:c5:22:35:3c:23:
46:92:49:10:84:21:cc:4f:2b:d9:7e:62:4a:c5:b3:
a1:96:c0:34:41:10:e8:58:f8:6e:0b:91:2a:39:4b:
3c:fe:3b:e9:f5:89:0f:2c:9b:b8:eb:dd:70:cf:7b:
98:20:7c:f1:c1:2e:5c:1b:55:b9:b9:d1:2f:30:5f:
8f:41:17:33:52:02:44:cb:2b:6f:6b:bd:90:e9:79:
f1:3e:0d:bc:e3:56:72:63:4f:d2:d1:66:8d:17:bb:
79:81:b9:88:2c:ad:1a:5d:ee:1b:77:33:61:ca:01:
c5:c9:7c:17:ff:c9:61:43:ef:24:58:43:11:2b:02:
e6:e1:7c:56:27:99:c1:86:57:41:fe:b3:45:79:c0:
42:cb:b3:7e:f3:09:6a:9d:5e:be:0d:8e:73:ed:2f:
94:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:1F:BF:9C:ED:07:3D:BC:EB:55:32:C7:4A:12:BE:4B:7A:78:7A:9A
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/UR-_nO0HPbzrVTLHShK-S3p4epo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.19.57.0-89.19.59.255
185.68.245.0/24
185.79.51.0/24
185.79.79.0/24
185.81.172.0/22
185.81.184.0/22
185.89.40.0/24
185.89.108.0/22
185.95.100.0/22
185.96.80.0/24
185.96.83.0/24
185.97.1.0/24
185.97.3.0/24
185.101.203.0/24
185.104.151.0/24
185.112.56.0/23
185.175.224.0/23
185.185.147.0/24
193.221.215.0/24
213.170.223.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:30:4d:3c:c3:7c:9a:ba:aa:7c:3b:c7:45:1d:67:0d:5e:1a:
b2:e4:39:ea:9e:61:16:9a:88:ae:7c:24:e4:f5:5a:cf:7f:11:
b2:4c:e9:ba:a4:58:7d:7c:c6:db:8c:e2:e3:1f:21:e1:04:fc:
68:0f:cd:53:b7:14:c2:ba:22:f3:3a:a2:36:43:d5:28:00:e1:
f4:90:0d:3e:87:a1:0e:d7:b6:06:08:9a:4a:70:3e:6c:fb:c3:
db:cf:7e:6a:6e:23:d1:34:b6:06:a4:f7:6a:be:bd:6d:64:57:
b1:f8:b8:e0:ab:dd:5b:2d:0a:ba:4b:02:b2:95:e0:3a:7d:c0:
71:0d:56:2a:36:e0:64:67:5f:fd:be:72:63:5e:d5:b4:3a:1b:
27:0e:a5:e1:fb:78:82:c1:af:07:b0:fd:98:34:6a:30:69:6d:
85:d8:ac:ac:ca:aa:31:91:2d:05:70:df:07:3a:02:fc:27:72:
03:4f:42:28:cd:ae:07:7e:7e:dd:67:09:63:86:4d:da:32:d4:
76:64:33:77:05:cc:8e:59:a4:6d:87:99:2a:be:8a:0f:b8:93:
d7:06:15:59:93:ae:c8:0b:6b:68:c3:18:62:f7:6a:ad:80:fc:
55:d1:24:9c:9d:5d:9c:8a:b4:84:82:8d:67:42:cb:3f:f2:59:
fb:f2:ed:72
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAZF/SbYysHhrXH0loXdqA595MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjQwODIzMTI1MDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTFmYmY5Y2VkMDczZGJjZWI1NTMyYzc0YTEyYmU0YjdhNzg3YTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRWrnywj9GJDbaTN5xbpis8FA+SY
3dFubdAfApWvMjU68F9ZdwS+OIb9DxKp/nzVuJ7ZDnKtKTO/9eue0WLcH4iCyaTs
+GQr7r8VAiW/3ifFBEtT2OXcwz6zF5FvUU72nkVkxSI1PCNGkkkQhCHMTyvZfmJK
xbOhlsA0QRDoWPhuC5EqOUs8/jvp9YkPLJu4691wz3uYIHzxwS5cG1W5udEvMF+P
QRczUgJEyytva72Q6XnxPg2841ZyY0/S0WaNF7t5gbmILK0aXe4bdzNhygHFyXwX
/8lhQ+8kWEMRKwLm4XxWJ5nBhldB/rNFecBCy7N+8wlqnV6+DY5z7S+UpwIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFFEfv5ztBz2861Uyx0oSvkt6eHqaMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvVVItX25PMEhQYnpyVlRMSFNoSy1TM3A0ZXBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYAwDAME
AFkTOQMEAlkTOAMEALlE9QMEALlPMwMEALlPTwMEArlRrAMEArlRuAMEALlZKAME
ArlZbAMEArlfZAMEALlgUAMEALlgUwMEALlhAQMEALlhAwMEALllywMEALlolwME
AblwOAMEAbmv4AMEALm5kwMEAMHd1wMEANWq3zANBgkqhkiG9w0BAQsFAAOCAQEA
LjBNPMN8mrqqfDvHRR1nDV4asuQ56p5hFpqIrnwk5PVaz38RskzpuqRYfXzG24zi
4x8h4QT8aA/NU7cUwroi8zqiNkPVKADh9JANPoehDte2BgiaSnA+bPvD289+am4j
0TS2BqT3ar69bWRXsfi44KvdWy0KuksCspXgOn3AcQ1WKjbgZGdf/b5yY17VtDob
Jw6l4ft4gsGvB7D9mDRqMGlthdisrMqqMZEtBXDfBzoC/CdyA09CKM2uB35+3WcJ
Y4ZN2jLUdmQzdwXMjlmkbYeZKr6KD7iT1wYVWZOuyAtraMMYYvdqrYD8VdEknJ1d
nIq0hIKNZ0LLP/JZ+/Ltcg==
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:16:18 2024 by rpki-client on console-fra.rpki-client.org