Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/f0767c-b019-463c-a0b1-8d4bfd0aace8/1/n8Bi8by_Va0hoVGay867KpXYEkM.roa
File: n8Bi8by_Va0hoVGay867KpXYEkM.roa (raw, json)
Hash identifier: zt6dg7mL2VPDqI9LJ30LKX+wIkQKa7d+IqfJQxuly8Q=
Subject key identifier: 9F:C0:62:F1:BC:BF:55:AD:21:A1:51:9A:CB:CE:BB:2A:95:D8:12:43
Certificate issuer: /CN=925cecefe522817405d26fc92bb5104ac90cfdc5
Certificate serial: 018CC5DC1C9194316EF5FDF7E43660080CFC
Authority key identifier: 92:5C:EC:EF:E5:22:81:74:05:D2:6F:C9:2B:B5:10:4A:C9:0C:FD:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/klzs7-UigXQF0m_JK7UQSskM_cU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/f0767c-b019-463c-a0b1-8d4bfd0aace8/1/n8Bi8by_Va0hoVGay867KpXYEkM.roa
Signing time: Mon 01 Jan 2024 16:29:45 +0000
ROA not before: Mon 01 Jan 2024 16:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49601
IP address blocks: 185.189.124.0/22 maxlen: 22
185.189.125.0/24 maxlen: 24
185.189.124.0/24 maxlen: 24
185.189.126.0/24 maxlen: 24
185.189.127.0/24 maxlen: 24
91.229.56.0/24 maxlen: 24
91.229.182.0/24 maxlen: 24
91.229.210.0/24 maxlen: 24
185.226.62.0/24 maxlen: 24
185.226.60.0/22 maxlen: 22
185.226.63.0/24 maxlen: 24
185.226.60.0/24 maxlen: 24
185.226.61.0/24 maxlen: 24
185.252.96.0/24 maxlen: 24
185.252.97.0/24 maxlen: 24
185.252.98.0/24 maxlen: 24
185.252.96.0/22 maxlen: 22
185.252.99.0/24 maxlen: 24
2a0c:3e00::/29 maxlen: 29
2a0b:e680::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/f0767c-b019-463c-a0b1-8d4bfd0aace8/1/klzs7-UigXQF0m_JK7UQSskM_cU.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/f0767c-b019-463c-a0b1-8d4bfd0aace8/1/klzs7-UigXQF0m_JK7UQSskM_cU.mft
rsync://rpki.ripe.net/repository/DEFAULT/klzs7-UigXQF0m_JK7UQSskM_cU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Dec 2024 10:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:1c:91:94:31:6e:f5:fd:f7:e4:36:60:08:0c:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=925cecefe522817405d26fc92bb5104ac90cfdc5
Validity
Not Before: Jan 1 16:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9fc062f1bcbf55ad21a1519acbcebb2a95d81243
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:bc:ec:0b:7e:39:38:bc:5e:c1:a2:41:f4:f0:
83:95:cf:47:69:6d:5a:d9:1e:8f:dd:e3:39:d2:24:
3b:1b:fe:37:63:a4:e6:fb:4b:cc:25:02:c0:41:a8:
b1:93:59:22:9c:ea:1c:23:ce:05:36:c5:5a:c3:3f:
4a:d8:96:2d:64:5a:05:dc:d4:db:ff:e2:66:de:c2:
52:1c:99:b1:10:dc:04:72:c0:d5:7d:b7:bb:17:84:
3a:d2:d2:fd:b8:bb:6b:0b:05:bf:e0:91:48:4f:c3:
0b:15:30:2c:e9:d5:54:47:9b:b9:7d:9f:42:b4:fa:
67:af:bf:4f:8a:99:d5:57:51:76:35:5a:7c:b1:93:
7d:88:c7:2d:02:63:a7:88:e7:63:b7:cf:00:9c:7e:
85:b9:9c:2e:96:16:f4:87:b6:21:96:0b:79:91:69:
a6:81:3d:c3:d2:ad:80:86:da:e2:64:4e:51:1c:16:
e9:98:e6:67:dd:69:90:b0:ca:28:50:3a:41:d8:a8:
07:ab:da:5d:56:62:12:00:99:86:d4:77:73:4f:d9:
14:66:97:fd:47:fe:4b:b5:64:23:17:5a:46:7a:e1:
95:90:75:5e:b0:3b:b7:ec:c9:fb:c9:40:be:5f:64:
8a:8d:0c:7b:01:af:62:63:95:72:0d:b0:14:bb:ff:
6d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:C0:62:F1:BC:BF:55:AD:21:A1:51:9A:CB:CE:BB:2A:95:D8:12:43
X509v3 Authority Key Identifier:
keyid:92:5C:EC:EF:E5:22:81:74:05:D2:6F:C9:2B:B5:10:4A:C9:0C:FD:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/klzs7-UigXQF0m_JK7UQSskM_cU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/f0767c-b019-463c-a0b1-8d4bfd0aace8/1/n8Bi8by_Va0hoVGay867KpXYEkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/f0767c-b019-463c-a0b1-8d4bfd0aace8/1/klzs7-UigXQF0m_JK7UQSskM_cU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.56.0/24
91.229.182.0/24
91.229.210.0/24
185.189.124.0/22
185.226.60.0/22
185.252.96.0/22
IPv6:
2a0b:e680::/29
2a0c:3e00::/29
Signature Algorithm: sha256WithRSAEncryption
4c:1f:de:29:8c:14:4d:19:fc:19:2a:ad:ba:84:a0:95:ae:cb:
ea:da:94:c9:16:bd:b6:f8:a9:d8:da:6c:2b:67:f3:21:36:f2:
12:02:02:df:f3:c5:f8:db:44:14:57:69:0f:08:cc:82:23:24:
94:91:d5:01:f3:6d:d6:02:82:e7:20:c2:2a:ef:ad:ff:30:a7:
cc:09:ca:12:72:64:e3:18:f6:74:d0:a5:62:29:92:28:b5:d6:
11:d9:41:30:41:8c:24:43:36:db:b6:74:c9:49:cc:73:dd:37:
1b:b5:c2:91:01:a6:6b:50:49:9e:ab:88:16:a8:31:c0:35:11:
56:00:61:90:30:66:c7:da:7f:3b:14:2c:2f:f3:0b:be:61:e8:
b1:d6:28:3f:14:4f:0e:f8:34:96:54:db:92:67:3a:96:d1:e4:
49:28:71:12:1e:32:22:b8:a8:7d:79:78:23:23:30:41:ce:cf:
a7:69:a3:24:b1:cc:ba:a3:c4:e0:76:e2:10:61:39:96:dc:2e:
79:58:cf:29:ed:9c:58:6a:57:a7:0d:28:e7:2a:26:72:3a:a6:
1a:5a:f3:5d:a4:02:0e:92:7a:a6:a8:10:15:7e:ba:3e:a4:cd:
13:fb:9e:78:a7:a2:0c:bf:e1:2d:69:83:9b:26:c0:6b:04:8d:
8f:e1:6f:dd
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYzF3ByRlDFu9f335DZgCAz8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNWNlY2VmZTUyMjgxNzQwNWQyNmZjOTJiYjUxMDRhYzkw
Y2ZkYzUwHhcNMjQwMTAxMTYyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmMwNjJmMWJjYmY1NWFkMjFhMTUxOWFjYmNlYmIyYTk1ZDgxMjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbzsC345OLxewaJB9PCDlc9HaW1a
2R6P3eM50iQ7G/43Y6Tm+0vMJQLAQaixk1kinOocI84FNsVawz9K2JYtZFoF3NTb
/+Jm3sJSHJmxENwEcsDVfbe7F4Q60tL9uLtrCwW/4JFIT8MLFTAs6dVUR5u5fZ9C
tPpnr79PipnVV1F2NVp8sZN9iMctAmOniOdjt88AnH6FuZwulhb0h7Yhlgt5kWmm
gT3D0q2AhtriZE5RHBbpmOZn3WmQsMooUDpB2KgHq9pdVmISAJmG1HdzT9kUZpf9
R/5LtWQjF1pGeuGVkHVesDu37Mn7yUC+X2SKjQx7Aa9iY5VyDbAUu/9tMQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFJ/AYvG8v1WtIaFRmsvOuyqV2BJDMB8GA1UdIwQY
MBaAFJJc7O/lIoF0BdJvySu1EErJDP3FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2x6czctVWlnWFFGMG1fSks3VVFTc2tNX2NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mMDc2N2MtYjAxOS00NjNjLWEwYjEt
OGQ0YmZkMGFhY2U4LzEvbjhCaThieV9WYTBob1ZHYXk4NjdLcFhZRWtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mMDc2N2MtYjAxOS00NjNjLWEwYjEtOGQ0YmZkMGFhY2U4
LzEva2x6czctVWlnWFFGMG1fSks3VVFTc2tNX2NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQAW+U4AwQA
W+W2AwQAW+XSAwQCub18AwQCueI8AwQCufxgMBQEAgACMA4DBQMqC+aAAwUDKgw+
ADANBgkqhkiG9w0BAQsFAAOCAQEATB/eKYwUTRn8GSqtuoSgla7L6tqUyRa9tvip
2NpsK2fzITbyEgIC3/PF+NtEFFdpDwjMgiMklJHVAfNt1gKC5yDCKu+t/zCnzAnK
EnJk4xj2dNClYimSKLXWEdlBMEGMJEM227Z0yUnMc903G7XCkQGma1BJnquIFqgx
wDURVgBhkDBmx9p/OxQsL/MLvmHosdYoPxRPDvg0llTbkmc6ltHkSShxEh4yIrio
fXl4IyMwQc7Pp2mjJLHMuqPE4HbiEGE5ltwueVjPKe2cWGpXpw0o5yomcjqmGlrz
XaQCDpJ6pqgQFX66PqTNE/ueeKeiDL/hLWmDmybAawSNj+Fv3Q==
-----END CERTIFICATE-----
Generated at Tue Dec 3 17:38:31 2024 by rpki-client on console-ams.rpki-client.org