Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/b62e59-e2c5-4a76-8b67-55672634cbc1/1/9dJznijATDc0kUtlqELPl6m7Fho.roa
File: 9dJznijATDc0kUtlqELPl6m7Fho.roa (raw, json)
Hash identifier: v/RaX/Cxbl0TNmHRaXE8fnRBXn2pGoHgzyXGTs/c8BM=
Subject key identifier: F5:D2:73:9E:28:C0:4C:37:34:91:4B:65:A8:42:CF:97:A9:BB:16:1A
Certificate issuer: /CN=a3679bf4c627d85fee2ce13a53c44851b9df0563
Certificate serial: 019155B0DBC34CAEE7746758A97B1180BEDC
Authority key identifier: A3:67:9B:F4:C6:27:D8:5F:EE:2C:E1:3A:53:C4:48:51:B9:DF:05:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o2eb9MYn2F_uLOE6U8RIUbnfBWM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/b62e59-e2c5-4a76-8b67-55672634cbc1/1/9dJznijATDc0kUtlqELPl6m7Fho.roa
Signing time: Thu 15 Aug 2024 10:58:59 +0000
ROA not before: Thu 15 Aug 2024 10:58:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35807
IP address blocks: 87.248.224.0/19 maxlen: 24
88.201.128.0/17 maxlen: 24
93.100.0.0/16 maxlen: 24
94.19.0.0/16 maxlen: 24
185.37.128.0/22 maxlen: 24
185.88.156.0/22 maxlen: 24
185.123.64.0/22 maxlen: 24
188.242.0.0/15 maxlen: 24
2a05:3580::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/b62e59-e2c5-4a76-8b67-55672634cbc1/1/o2eb9MYn2F_uLOE6U8RIUbnfBWM.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/b62e59-e2c5-4a76-8b67-55672634cbc1/1/o2eb9MYn2F_uLOE6U8RIUbnfBWM.mft
rsync://rpki.ripe.net/repository/DEFAULT/o2eb9MYn2F_uLOE6U8RIUbnfBWM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:55:b0:db:c3:4c:ae:e7:74:67:58:a9:7b:11:80:be:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3679bf4c627d85fee2ce13a53c44851b9df0563
Validity
Not Before: Aug 15 10:58:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5d2739e28c04c3734914b65a842cf97a9bb161a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:60:15:e7:0f:05:67:23:9f:ed:2a:a6:28:0a:
89:c4:7c:2d:e9:d4:3c:cf:b4:5a:5a:60:c4:a2:17:
20:03:80:23:5f:d7:64:ec:01:12:30:1e:b3:29:6a:
ad:5e:7f:e3:77:24:df:cc:2b:5e:36:6c:b0:6c:b5:
b3:6e:dc:7e:cb:51:e6:9a:b7:d2:f5:01:35:c2:0c:
83:37:7a:32:2b:94:87:89:cd:f6:dd:8e:64:f4:55:
1d:d0:c6:5b:ab:5e:13:e9:8e:a8:45:91:23:6b:9a:
c3:92:84:4a:0d:ed:42:69:ed:81:3b:6f:09:e2:ca:
c3:2b:77:0b:0f:7e:38:ad:9d:22:22:c2:4c:54:e6:
2a:05:da:31:37:30:a5:e6:d4:51:23:1b:e6:40:a1:
b9:61:5e:23:39:7c:35:5f:bc:a5:21:aa:8b:ba:5f:
52:84:c3:5e:6c:0d:93:8c:f1:c8:ba:b0:97:46:5f:
61:f6:f2:ef:10:bb:d6:3e:51:43:11:d5:2f:e3:2e:
aa:3a:12:ce:27:76:b7:a0:2a:93:59:01:7c:7c:2b:
99:b6:f3:57:35:c8:c8:ff:4d:8b:f1:11:88:4d:10:
ef:12:2c:65:76:34:2e:d8:9f:5f:3e:73:f3:b2:9a:
76:34:4e:6f:ca:12:83:53:60:7c:70:da:51:a6:a0:
7e:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:D2:73:9E:28:C0:4C:37:34:91:4B:65:A8:42:CF:97:A9:BB:16:1A
X509v3 Authority Key Identifier:
keyid:A3:67:9B:F4:C6:27:D8:5F:EE:2C:E1:3A:53:C4:48:51:B9:DF:05:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2eb9MYn2F_uLOE6U8RIUbnfBWM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/b62e59-e2c5-4a76-8b67-55672634cbc1/1/9dJznijATDc0kUtlqELPl6m7Fho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/b62e59-e2c5-4a76-8b67-55672634cbc1/1/o2eb9MYn2F_uLOE6U8RIUbnfBWM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.248.224.0/19
88.201.128.0/17
93.100.0.0/16
94.19.0.0/16
185.37.128.0/22
185.88.156.0/22
185.123.64.0/22
188.242.0.0/15
IPv6:
2a05:3580::/29
Signature Algorithm: sha256WithRSAEncryption
bc:f9:00:2f:b2:e4:c2:84:49:13:39:bb:a1:ea:5b:04:df:48:
0f:29:8f:27:85:7b:93:6c:f6:78:dc:d9:78:64:13:dc:2f:67:
61:e7:df:69:75:83:98:19:91:51:4e:b9:92:41:29:0d:d0:2c:
df:e7:2c:02:25:9f:8e:74:02:ed:3f:d6:d6:41:23:5d:e1:9b:
dd:89:e0:ee:ba:78:70:df:9c:e4:f7:59:ef:8c:5c:92:f7:df:
9a:ed:01:c5:93:e7:ef:3c:fd:88:75:50:4e:77:f8:88:d8:9a:
80:b9:a8:7e:8d:3f:e5:7c:38:4e:c1:0a:60:63:1c:88:36:6e:
43:80:9c:3f:26:c8:e1:cb:59:94:c5:da:3e:28:58:e7:8f:01:
d9:e4:b7:16:3e:b7:4c:29:f9:b5:c8:0e:1a:03:20:a6:26:6a:
c1:36:4f:86:8f:03:25:1e:f4:96:be:a7:43:84:86:6a:7d:40:
59:c2:b0:1a:07:e8:54:ad:2a:53:a9:08:77:7b:60:b8:3f:48:
7b:97:63:8f:d2:2b:0c:6d:f4:67:cc:6c:20:02:cf:38:90:6e:
69:a6:18:cb:1c:82:96:df:af:eb:5d:d0:74:ff:f9:3b:b4:c5:
40:a7:a3:8a:d8:42:fb:89:2c:ab:a4:e3:0e:b0:c6:71:e1:74:
56:0d:c2:cc
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZFVsNvDTK7ndGdYqXsRgL7cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNjc5YmY0YzYyN2Q4NWZlZTJjZTEzYTUzYzQ0ODUxYjlk
ZjA1NjMwHhcNMjQwODE1MTA1ODU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWQyNzM5ZTI4YzA0YzM3MzQ5MTRiNjVhODQyY2Y5N2E5YmIxNjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0GAV5w8FZyOf7SqmKAqJxHwt6dQ8
z7RaWmDEohcgA4AjX9dk7AESMB6zKWqtXn/jdyTfzCteNmywbLWzbtx+y1HmmrfS
9QE1wgyDN3oyK5SHic323Y5k9FUd0MZbq14T6Y6oRZEja5rDkoRKDe1Cae2BO28J
4srDK3cLD344rZ0iIsJMVOYqBdoxNzCl5tRRIxvmQKG5YV4jOXw1X7ylIaqLul9S
hMNebA2TjPHIurCXRl9h9vLvELvWPlFDEdUv4y6qOhLOJ3a3oCqTWQF8fCuZtvNX
NcjI/02L8RGITRDvEixldjQu2J9fPnPzspp2NE5vyhKDU2B8cNpRpqB+5wIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFPXSc54owEw3NJFLZahCz5epuxYaMB8GA1UdIwQY
MBaAFKNnm/TGJ9hf7izhOlPESFG53wVjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzJlYjlNWW4yRl91TE9FNlU4UklVYm5mQldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9iNjJlNTktZTJjNS00YTc2LThiNjct
NTU2NzI2MzRjYmMxLzEvOWRKem5pakFURGMwa1V0bHFFTFBsNm03RmhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9iNjJlNTktZTJjNS00YTc2LThiNjctNTU2NzI2MzRjYmMx
LzEvbzJlYjlNWW4yRl91TE9FNlU4UklVYm5mQldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAzBAIAATAtAwQFV/jgAwQH
WMmAAwMAXWQDAwBeEwMEArklgAMEArlYnAMEArl7QAMDAbzyMA0EAgACMAcDBQMq
BTWAMA0GCSqGSIb3DQEBCwUAA4IBAQC8+QAvsuTChEkTObuh6lsE30gPKY8nhXuT
bPZ43Nl4ZBPcL2dh599pdYOYGZFRTrmSQSkN0Czf5ywCJZ+OdALtP9bWQSNd4Zvd
ieDuunhw35zk91nvjFyS99+a7QHFk+fvPP2IdVBOd/iI2JqAuah+jT/lfDhOwQpg
YxyINm5DgJw/Jsjhy1mUxdo+KFjnjwHZ5LcWPrdMKfm1yA4aAyCmJmrBNk+GjwMl
HvSWvqdDhIZqfUBZwrAaB+hUrSpTqQh3e2C4P0h7l2OP0isMbfRnzGwgAs84kG5p
phjLHIKW36/rXdB0//k7tMVAp6OK2EL7iSyrpOMOsMZx4XRWDcLM
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:22:34 2024 by rpki-client on console-ams.rpki-client.org