Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/9bLSB-NanigL8dKyQio3cXa2zOc.roa
File: 9bLSB-NanigL8dKyQio3cXa2zOc.roa (raw, json)
Hash identifier: IIsbKS2ycb8d/MQJifg/2b1/+WRjk3hd3CxOYymFktI=
Subject key identifier: F5:B2:D2:07:E3:5A:9E:28:0B:F1:D2:B2:42:2A:37:71:76:B6:CC:E7
Certificate issuer: /CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Certificate serial: 0190CD3BAF30DA5C210AAF87D89631EA6EDF
Authority key identifier: 95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/9bLSB-NanigL8dKyQio3cXa2zOc.roa
Signing time: Fri 19 Jul 2024 23:02:38 +0000
ROA not before: Fri 19 Jul 2024 23:02:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62651
IP address blocks: 185.147.212.0/24 maxlen: 24
185.147.213.0/24 maxlen: 24
185.147.214.0/24 maxlen: 24
185.147.215.0/24 maxlen: 24
2a03:efc0:500::/40 maxlen: 40
2a03:efc0:700::/40 maxlen: 40
2a03:efc0:900::/40 maxlen: 40
2a03:efc0:1100::/40 maxlen: 40
2a03:efc0:1500::/40 maxlen: 40
2a03:efc0:1700::/40 maxlen: 40
2a03:efc0:2300::/40 maxlen: 40
2a03:efc0:2500::/40 maxlen: 40
2a03:efc0:2700::/40 maxlen: 40
2a03:efc0:2900::/40 maxlen: 40
2a03:efc0:3100::/40 maxlen: 40
2a03:efc0:3300::/40 maxlen: 40
2a03:efc0:3500::/40 maxlen: 40
2a03:efc0:3700::/40 maxlen: 40
2a03:efc0:4100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 04:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:cd:3b:af:30:da:5c:21:0a:af:87:d8:96:31:ea:6e:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Validity
Not Before: Jul 19 23:02:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5b2d207e35a9e280bf1d2b2422a377176b6cce7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:93:50:d1:54:59:79:66:4e:fc:ed:98:b8:be:
08:1d:c1:32:4e:8e:1d:99:45:47:6c:0f:72:23:36:
7e:2b:2c:28:56:60:bf:89:e3:13:cf:81:16:23:cb:
bf:d2:f8:22:93:90:4f:02:a1:ff:0a:99:37:4f:6b:
83:e0:44:f4:14:54:5c:87:72:84:66:8d:8d:88:d0:
4a:e1:11:01:fc:8a:4b:cc:b7:4f:af:cf:56:9e:2a:
ff:8a:23:24:13:71:b7:7f:88:70:b5:19:e6:f2:51:
62:1c:53:d0:fd:5f:b5:4a:f1:53:6c:da:16:22:c4:
a1:4c:26:a1:9a:53:bd:78:19:e9:05:81:c6:24:8b:
3e:08:19:69:15:62:dc:af:7e:b0:82:c4:58:20:ff:
de:f8:cf:d6:96:5b:55:01:29:8b:5e:3a:13:16:dc:
71:85:aa:1d:22:53:a5:2d:38:15:42:46:f6:56:e7:
4a:06:88:42:2a:20:a2:d9:2c:04:60:bc:7a:e4:18:
e3:da:6c:c7:f1:b0:31:da:bb:e9:c4:c2:77:22:f5:
57:96:4c:78:9e:8b:22:4d:b2:ec:f8:94:f0:30:e1:
96:1d:4f:fe:37:c9:04:48:47:a2:a3:ed:8c:d3:7d:
70:03:80:cd:11:f7:67:a4:ef:43:ef:c4:ef:dd:af:
f5:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:B2:D2:07:E3:5A:9E:28:0B:F1:D2:B2:42:2A:37:71:76:B6:CC:E7
X509v3 Authority Key Identifier:
keyid:95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/9bLSB-NanigL8dKyQio3cXa2zOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.147.212.0/22
IPv6:
2a03:efc0:500::/40
2a03:efc0:700::/40
2a03:efc0:900::/40
2a03:efc0:1100::/40
2a03:efc0:1500::/40
2a03:efc0:1700::/40
2a03:efc0:2300::/40
2a03:efc0:2500::/40
2a03:efc0:2700::/40
2a03:efc0:2900::/40
2a03:efc0:3100::/40
2a03:efc0:3300::/40
2a03:efc0:3500::/40
2a03:efc0:3700::/40
2a03:efc0:4100::/40
Signature Algorithm: sha256WithRSAEncryption
29:a7:d0:d5:35:21:ca:f1:b6:55:7b:74:10:be:00:1b:6b:88:
e5:0c:74:07:32:e3:60:58:fa:82:d8:52:26:f7:ad:60:2b:93:
45:ac:37:31:c6:3e:e4:43:ed:8f:15:08:8a:8d:57:73:d8:93:
ed:dd:bf:32:a2:e9:36:8a:3d:e7:a1:21:d5:6f:d9:d8:da:3c:
c3:ed:48:9b:eb:8b:b3:83:94:2a:38:a3:2a:5b:25:ea:a9:a5:
7a:30:78:94:fd:34:11:b6:bc:1c:ac:9c:2e:05:35:2e:c8:3a:
81:04:1e:2c:ba:03:c8:c6:70:df:76:fc:76:27:11:f9:1a:d4:
03:db:b5:73:3c:28:5a:53:a9:ea:c0:4f:69:51:b1:b9:ef:2a:
b3:b0:2c:cb:dc:c6:74:07:a5:bf:69:32:22:3b:14:86:8b:38:
e3:7a:e8:d6:a1:c4:72:c6:c9:0b:1f:e3:ee:28:71:00:45:5d:
5c:04:8a:7f:6a:45:ca:ac:54:f5:e3:e9:f1:41:a2:4e:1d:dc:
5f:18:ec:79:8d:14:53:7d:4d:8e:7e:2a:bc:f7:d1:31:d2:48:
06:60:df:86:ab:ce:07:4f:29:45:50:2a:24:cb:bd:5f:69:cd:
85:b0:78:d2:f6:f4:67:ff:15:f3:a1:53:f6:28:e3:20:0f:f1:
b5:c9:db:f2
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZDNO68w2lwhCq+H2JYx6m7fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MDJkOGI4MjY5YzZiMDdmODE0YWNmMGM3ZWQ3MjliM2Y0
YjU5ODQwHhcNMjQwNzE5MjMwMjM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWIyZDIwN2UzNWE5ZTI4MGJmMWQyYjI0MjJhMzc3MTc2YjZjY2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5NQ0VRZeWZO/O2YuL4IHcEyTo4d
mUVHbA9yIzZ+KywoVmC/ieMTz4EWI8u/0vgik5BPAqH/Cpk3T2uD4ET0FFRch3KE
Zo2NiNBK4REB/IpLzLdPr89Wnir/iiMkE3G3f4hwtRnm8lFiHFPQ/V+1SvFTbNoW
IsShTCahmlO9eBnpBYHGJIs+CBlpFWLcr36wgsRYIP/e+M/WlltVASmLXjoTFtxx
haodIlOlLTgVQkb2VudKBohCKiCi2SwEYLx65Bjj2mzH8bAx2rvpxMJ3IvVXlkx4
nosiTbLs+JTwMOGWHU/+N8kESEeio+2M031wA4DNEfdnpO9D78Tv3a/1pQIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFPWy0gfjWp4oC/HSskIqN3F2tsznMB8GA1UdIwQY
MBaAFJUC2LgmnGsH+BSs8Mftcps/S1mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYt
MDFiOGJiNmFkOTBhLzEvOWJMU0ItTmFuaWdMOGRLeVFpbzNjWGEyek9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYtMDFiOGJiNmFkOTBh
LzEvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjAMBAIAATAGAwQCuZPU
MH4EAgACMHgDBgAqA+/ABQMGACoD78AHAwYAKgPvwAkDBgAqA+/AEQMGACoD78AV
AwYAKgPvwBcDBgAqA+/AIwMGACoD78AlAwYAKgPvwCcDBgAqA+/AKQMGACoD78Ax
AwYAKgPvwDMDBgAqA+/ANQMGACoD78A3AwYAKgPvwEEwDQYJKoZIhvcNAQELBQAD
ggEBACmn0NU1IcrxtlV7dBC+ABtriOUMdAcy42BY+oLYUib3rWArk0WsNzHGPuRD
7Y8VCIqNV3PYk+3dvzKi6TaKPeehIdVv2djaPMPtSJvri7ODlCo4oypbJeqppXow
eJT9NBG2vBysnC4FNS7IOoEEHiy6A8jGcN92/HYnEfka1APbtXM8KFpTqerAT2lR
sbnvKrOwLMvcxnQHpb9pMiI7FIaLOON66NahxHLGyQsf4+4ocQBFXVwEin9qRcqs
VPXj6fFBok4d3F8Y7HmNFFN9TY5+Krz30THSSAZg34arzgdPKUVQKiTLvV9pzYWw
eNL29Gf/FfOhU/Yo4yAP8bXJ2/I=
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:49:35 2024 by rpki-client on console-fra.rpki-client.org