Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/NTSuY7OnXkdtvr94EwHh0QyvXq4.roa
File: NTSuY7OnXkdtvr94EwHh0QyvXq4.roa (raw, json)
Hash identifier: Y41gZiYm4Wi/34aZUgqzwhSg1JZrSGbpU3NqiXBircs=
Subject key identifier: 35:34:AE:63:B3:A7:5E:47:6D:BE:BF:78:13:01:E1:D1:0C:AF:5E:AE
Certificate issuer: /CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Certificate serial: 0192D97502AD4E222B68BA8E62F763F2BB67
Authority key identifier: 0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/NTSuY7OnXkdtvr94EwHh0QyvXq4.roa
Signing time: Tue 29 Oct 2024 18:06:17 +0000
ROA not before: Tue 29 Oct 2024 18:06:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 5.61.60.0/23 maxlen: 23
5.61.62.0/23 maxlen: 23
45.136.196.0/24 maxlen: 24
45.136.197.0/24 maxlen: 24
45.136.198.0/24 maxlen: 24
45.136.199.0/24 maxlen: 24
176.97.64.0/23 maxlen: 23
176.97.66.0/23 maxlen: 23
176.97.68.0/23 maxlen: 23
176.97.70.0/23 maxlen: 23
176.97.72.0/24 maxlen: 24
176.97.73.0/24 maxlen: 24
176.97.75.0/24 maxlen: 24
176.97.76.0/24 maxlen: 24
176.97.77.0/24 maxlen: 24
176.97.78.0/24 maxlen: 24
185.87.148.0/23 maxlen: 23
185.87.150.0/23 maxlen: 23
185.132.125.0/24 maxlen: 24
188.116.22.0/24 maxlen: 24
195.54.170.0/24 maxlen: 24
195.54.171.0/24 maxlen: 24
2a02:c6c1:4::/48 maxlen: 48
2a02:c6c1:5::/48 maxlen: 48
2a02:c6c1:6::/48 maxlen: 48
2a02:c6c1:7::/48 maxlen: 48
2a02:c6c1:8::/48 maxlen: 48
2a02:c6c1:9::/48 maxlen: 48
2a02:c6c1:a::/48 maxlen: 48
2a02:c6c1:b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d9:75:02:ad:4e:22:2b:68:ba:8e:62:f7:63:f2:bb:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Validity
Not Before: Oct 29 18:06:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3534ae63b3a75e476dbebf781301e1d10caf5eae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:39:bd:77:b5:9e:00:96:f5:d0:90:df:6a:51:
f0:a4:da:4f:5a:c1:ee:e2:27:90:10:6a:f7:b6:b0:
c2:91:6f:3f:16:33:ce:ed:19:c6:96:68:c8:1d:2f:
63:55:c4:68:f0:1d:6f:30:fb:b9:d4:20:57:ba:d7:
c5:50:29:08:a5:00:73:c1:e1:05:f2:50:3c:fb:32:
51:5b:36:a0:31:88:54:fd:b4:05:b1:78:f9:3b:10:
24:76:1c:28:85:af:32:4d:ad:34:7d:4f:2c:27:0a:
30:16:3d:5e:1a:bb:eb:cb:04:db:bc:83:22:6b:b5:
08:22:69:54:13:ed:87:70:1f:41:dc:c3:61:03:b4:
31:48:b9:49:ae:46:49:13:e1:35:00:a7:28:8b:12:
70:df:dd:4f:b2:03:13:4e:2f:01:a9:6f:30:55:f6:
04:ec:b9:cd:89:3c:aa:95:bf:7b:a4:59:8d:4d:d0:
d4:69:a8:24:0e:bf:1a:71:33:b2:19:46:d7:f9:f7:
1a:4c:05:61:60:06:a0:6f:9e:15:d3:cc:7f:87:5f:
b9:f8:c9:a4:29:6b:2c:10:23:d1:f8:7b:1b:48:f6:
22:37:f0:25:cb:48:73:4f:bd:71:ed:5d:2f:62:e2:
29:89:91:2e:52:2d:4f:b2:ee:fe:16:89:da:db:db:
ce:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:34:AE:63:B3:A7:5E:47:6D:BE:BF:78:13:01:E1:D1:0C:AF:5E:AE
X509v3 Authority Key Identifier:
keyid:0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/NTSuY7OnXkdtvr94EwHh0QyvXq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.60.0/22
45.136.196.0/22
176.97.64.0-176.97.73.255
176.97.75.0-176.97.78.255
185.87.148.0/22
185.132.125.0/24
188.116.22.0/24
195.54.170.0/23
IPv6:
2a02:c6c1:4::-2a02:c6c1:b:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7e:f5:f7:fb:78:19:f3:56:f1:37:f4:9e:11:5d:fd:39:b4:e5:
6b:1a:ff:c3:50:1b:ec:c8:c1:6e:44:7a:3d:66:b4:43:30:f9:
45:01:ba:1b:c4:26:be:5f:2b:59:62:f9:c8:4b:a2:89:f8:57:
b6:14:ba:e2:c3:2f:e4:dd:c7:5e:ff:9d:ed:a1:5d:0e:86:65:
b2:89:2b:c5:3d:57:24:6c:7a:17:1d:28:01:e6:83:89:c7:e5:
35:62:8c:8e:28:7b:20:13:63:73:02:3e:f3:a1:82:3a:df:5c:
e9:67:c6:31:7a:b3:43:3e:55:a0:64:bc:11:dc:52:77:91:0c:
c8:48:c5:3e:8a:fc:66:e1:8a:a9:de:51:f8:90:c8:ec:75:5f:
fb:3f:c3:a1:4b:1e:df:64:79:34:35:48:90:1d:95:f2:02:a7:
b4:61:00:4c:0e:41:f4:33:03:38:ba:fb:b3:21:2a:49:9c:3b:
81:51:80:77:ba:18:a4:44:d3:79:a1:4e:b6:f6:f0:c5:02:80:
4d:c1:66:d6:a6:f7:3f:cf:72:e3:1c:c4:f9:e5:ea:f1:ac:48:
4d:f5:33:3d:6b:df:90:f0:b5:1d:b1:da:9e:94:7d:dc:13:8d:
23:b9:9e:cb:e6:64:74:23:45:51:e1:41:11:ab:cb:a9:33:fc:
19:eb:97:15
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZLZdQKtTiIraLqOYvdj8rtnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZjVjYjJmNTkwZDA0MTY1NGY0ZGZkYjYwYTI4ZjlhMTU0
NGY0NDQwHhcNMjQxMDI5MTgwNjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTM0YWU2M2IzYTc1ZTQ3NmRiZWJmNzgxMzAxZTFkMTBjYWY1ZWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzm9d7WeAJb10JDfalHwpNpPWsHu
4ieQEGr3trDCkW8/FjPO7RnGlmjIHS9jVcRo8B1vMPu51CBXutfFUCkIpQBzweEF
8lA8+zJRWzagMYhU/bQFsXj5OxAkdhwoha8yTa00fU8sJwowFj1eGrvrywTbvIMi
a7UIImlUE+2HcB9B3MNhA7QxSLlJrkZJE+E1AKcoixJw391PsgMTTi8BqW8wVfYE
7LnNiTyqlb97pFmNTdDUaagkDr8acTOyGUbX+fcaTAVhYAagb54V08x/h1+5+Mmk
KWssECPR+HsbSPYiN/Aly0hzT71x7V0vYuIpiZEuUi1Psu7+Fona29vOqwIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFDU0rmOzp15Hbb6/eBMB4dEMr16uMB8GA1UdIwQY
MBaAFA71yy9ZDQQWVPTf22Cij5oVRPREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmIt
ZWU0MzVkM2NkNTg1LzEvTlRTdVk3T25Ya2R0dnI5NEV3SGgwUXl2WHE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmItZWU0MzVkM2NkNTg1
LzEvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBGBAIAATBAAwQCBT08AwQC
LYjEMAwDBAawYUADBAGwYUgwDAMEALBhSwMEALBhTgMEArlXlAMEALmEfQMEALx0
FgMEAcM2qjAaBAIAAjAUMBIDBwIqAsbBAAQDBwIqAsbBAAgwDQYJKoZIhvcNAQEL
BQADggEBAH719/t4GfNW8Tf0nhFd/Tm05Wsa/8NQG+zIwW5Eej1mtEMw+UUBuhvE
Jr5fK1li+chLoon4V7YUuuLDL+Tdx17/ne2hXQ6GZbKJK8U9VyRsehcdKAHmg4nH
5TVijI4oeyATY3MCPvOhgjrfXOlnxjF6s0M+VaBkvBHcUneRDMhIxT6K/Gbhiqne
UfiQyOx1X/s/w6FLHt9keTQ1SJAdlfICp7RhAEwOQfQzAzi6+7MhKkmcO4FRgHe6
GKRE03mhTrb28MUCgE3BZtam9z/PcuMcxPnl6vGsSE31Mz1r35DwtR2x2p6UfdwT
jSO5nsvmZHQjRVHhQRGry6kz/BnrlxU=
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:55:50 2024 by rpki-client on console-ams.rpki-client.org