Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/yxWxoZ9MX8ZoUyhLS8fsmCsStv0.roa
File: yxWxoZ9MX8ZoUyhLS8fsmCsStv0.roa (raw, json)
Hash identifier: bD98P+c7QHCtWnLECPPs5qhRhAWvpIV1VQNdW0PTazA=
Subject key identifier: CB:15:B1:A1:9F:4C:5F:C6:68:53:28:4B:4B:C7:EC:98:2B:12:B6:FD
Certificate issuer: /CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Certificate serial: 018CC8DECDA713ED99F9533D058B96DA30A2
Authority key identifier: 9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/yxWxoZ9MX8ZoUyhLS8fsmCsStv0.roa
Signing time: Tue 02 Jan 2024 06:31:33 +0000
ROA not before: Tue 02 Jan 2024 06:31:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44682
IP address blocks: 89.35.50.0/24 maxlen: 24
188.210.88.0/24 maxlen: 24
86.107.68.0/23 maxlen: 23
93.113.156.0/24 maxlen: 24
188.213.2.0/23 maxlen: 23
89.43.194.0/23 maxlen: 23
89.42.28.0/24 maxlen: 24
89.46.220.0/23 maxlen: 23
93.114.172.0/22 maxlen: 22
89.42.59.0/24 maxlen: 24
89.45.163.0/24 maxlen: 24
89.35.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.mft
rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:cd:a7:13:ed:99:f9:53:3d:05:8b:96:da:30:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Validity
Not Before: Jan 2 06:31:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb15b1a19f4c5fc66853284b4bc7ec982b12b6fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:f9:d1:9c:d6:60:e9:5c:ba:8f:8a:28:8e:c8:
32:3b:d9:1d:54:8f:f3:6f:68:e2:f7:08:3d:34:7d:
a3:74:8f:a4:ac:2b:88:ee:a1:5f:dc:93:28:53:59:
66:ff:56:68:2d:a3:76:3d:f3:00:aa:34:d5:9d:12:
81:89:90:42:a3:ae:58:83:c7:00:5d:46:ef:be:0d:
b4:02:53:18:49:b4:b1:82:d9:82:07:f3:bb:75:05:
11:27:ba:9d:4d:82:86:cf:2e:6f:ba:a5:22:04:d7:
26:c3:71:54:d2:fe:e6:bf:7a:c7:33:0d:1f:d6:d1:
42:a6:4b:42:d1:8a:79:ca:68:c0:93:7e:a0:5a:3a:
1d:ee:46:4d:45:98:b6:08:b8:a7:e7:ef:fe:7b:77:
43:28:03:6c:19:b7:b7:de:4b:dc:1e:0d:75:c9:f9:
02:60:88:71:a6:3c:81:0c:7d:07:e3:40:3f:c4:63:
2a:6e:83:57:77:a0:68:76:0f:10:e3:60:ce:ff:ab:
b1:80:a9:d0:5c:57:0f:57:45:2b:c4:df:6d:d9:c2:
4c:5e:2d:73:2d:54:6a:17:f1:34:1a:04:c1:19:94:
f6:16:27:55:1c:c6:0a:bb:55:44:c0:35:6d:23:f3:
69:cd:bc:2e:63:63:f4:1d:cf:66:29:89:a2:38:82:
40:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:15:B1:A1:9F:4C:5F:C6:68:53:28:4B:4B:C7:EC:98:2B:12:B6:FD
X509v3 Authority Key Identifier:
keyid:9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/yxWxoZ9MX8ZoUyhLS8fsmCsStv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.68.0/23
89.35.33.0/24
89.35.50.0/24
89.42.28.0/24
89.42.59.0/24
89.43.194.0/23
89.45.163.0/24
89.46.220.0/23
93.113.156.0/24
93.114.172.0/22
188.210.88.0/24
188.213.2.0/23
Signature Algorithm: sha256WithRSAEncryption
78:7f:52:2d:32:dd:f8:1f:6d:59:fe:96:8a:70:64:85:51:e2:
bc:73:0e:be:f4:7f:0c:55:cf:d8:ed:66:32:b1:c5:be:32:1e:
1b:19:56:77:1a:9c:e9:d2:18:2d:d8:29:de:86:61:42:7f:94:
d7:05:ca:34:c3:8d:a8:95:84:07:4b:de:76:a7:16:20:8c:26:
9e:17:06:5b:12:fc:9c:0d:89:09:ea:d1:8c:18:54:93:9e:3e:
c4:3c:f2:b6:b3:90:2a:d2:18:3a:bc:a6:42:1b:12:2d:e9:b7:
31:ca:50:4c:d5:64:48:85:c7:f1:05:ef:00:82:02:d1:22:b4:
43:33:59:b9:0f:d3:9b:9f:9b:a4:f3:6f:e9:de:9a:e3:3d:20:
15:74:2b:42:17:06:d9:ac:ef:f0:37:69:5d:09:96:7e:02:e1:
5f:44:a2:27:25:11:67:4b:9d:f2:13:cc:21:e9:74:61:48:fd:
70:da:d5:82:04:c8:1d:4f:20:6f:f4:11:51:29:6d:03:3a:76:
a8:f7:4e:6a:98:f9:0c:69:46:0a:92:b5:39:ce:27:3c:2e:83:
21:50:84:4b:ef:0a:01:80:16:89:75:6d:73:a9:1f:70:86:a5:
b7:43:3d:eb:ad:ad:ce:a2:80:90:fe:0c:b7:cf:a7:49:70:5f:
28:c3:1f:44
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYzI3s2nE+2Z+VM9BYuW2jCiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNTQyZjVkZjNjMWFjYjg1N2ZkNTBlZWIwMTZlZWQwNzM4
NWZmOGMwHhcNMjQwMTAyMDYzMTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjE1YjFhMTlmNGM1ZmM2Njg1MzI4NGI0YmM3ZWM5ODJiMTJiNmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyvnRnNZg6Vy6j4oojsgyO9kdVI/z
b2ji9wg9NH2jdI+krCuI7qFf3JMoU1lm/1ZoLaN2PfMAqjTVnRKBiZBCo65Yg8cA
XUbvvg20AlMYSbSxgtmCB/O7dQURJ7qdTYKGzy5vuqUiBNcmw3FU0v7mv3rHMw0f
1tFCpktC0Yp5ymjAk36gWjod7kZNRZi2CLin5+/+e3dDKANsGbe33kvcHg11yfkC
YIhxpjyBDH0H40A/xGMqboNXd6Bodg8Q42DO/6uxgKnQXFcPV0UrxN9t2cJMXi1z
LVRqF/E0GgTBGZT2FidVHMYKu1VEwDVtI/NpzbwuY2P0Hc9mKYmiOIJASQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFMsVsaGfTF/GaFMoS0vH7JgrErb9MB8GA1UdIwQY
MBaAFJxUL13zway4V/1Q7rAW7tBzhf+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUt
MjVkYmY0MzgwNGM1LzEveXhXeG9aOU1YOFpvVXloTFM4ZnNtQ3NTdHYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUtMjVkYmY0MzgwNGM1
LzEvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQBVmtEAwQA
WSMhAwQAWSMyAwQAWSocAwQAWSo7AwQBWSvCAwQAWS2jAwQBWS7cAwQAXXGcAwQC
XXKsAwQAvNJYAwQBvNUCMA0GCSqGSIb3DQEBCwUAA4IBAQB4f1ItMt34H21Z/paK
cGSFUeK8cw6+9H8MVc/Y7WYyscW+Mh4bGVZ3Gpzp0hgt2CnehmFCf5TXBco0w42o
lYQHS952pxYgjCaeFwZbEvycDYkJ6tGMGFSTnj7EPPK2s5Aq0hg6vKZCGxIt6bcx
ylBM1WRIhcfxBe8AggLRIrRDM1m5D9Obn5uk82/p3prjPSAVdCtCFwbZrO/wN2ld
CZZ+AuFfRKInJRFnS53yE8wh6XRhSP1w2tWCBMgdTyBv9BFRKW0DOnao905qmPkM
aUYKkrU5zic8LoMhUIRL7woBgBaJdW1zqR9whqW3Qz3rra3OooCQ/gy3z6dJcF8o
wx9E
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:25:14 2024 by rpki-client on console-fra.rpki-client.org