Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/RgNx5b_UfxjfKFrtm4RN5Yx54Ps.roa
File: RgNx5b_UfxjfKFrtm4RN5Yx54Ps.roa (raw, json)
Hash identifier: P6J4ViOUDakXe8Z1OP+SOBNddaAUDPsMkX4XFk7Ea+o=
Subject key identifier: 46:03:71:E5:BF:D4:7F:18:DF:28:5A:ED:9B:84:4D:E5:8C:79:E0:FB
Certificate issuer: /CN=9e459aa4602bffa2d2650ba66818458c89fc4582
Certificate serial: 01920A2818044A4A3F65F85241D1001B4DA1
Authority key identifier: 9E:45:9A:A4:60:2B:FF:A2:D2:65:0B:A6:68:18:45:8C:89:FC:45:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/RgNx5b_UfxjfKFrtm4RN5Yx54Ps.roa
Signing time: Thu 19 Sep 2024 12:00:52 +0000
ROA not before: Thu 19 Sep 2024 12:00:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 89.149.15.0/24 maxlen: 24
89.149.42.0/24 maxlen: 24
89.149.43.0/24 maxlen: 24
89.149.44.0/24 maxlen: 24
89.149.45.0/24 maxlen: 24
89.149.46.0/24 maxlen: 24
89.149.47.0/24 maxlen: 24
89.149.48.0/24 maxlen: 24
89.149.52.0/24 maxlen: 24
89.149.53.0/24 maxlen: 24
89.149.56.0/24 maxlen: 24
89.149.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/nkWapGAr_6LSZQumaBhFjIn8RYI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/nkWapGAr_6LSZQumaBhFjIn8RYI.mft
rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0a:28:18:04:4a:4a:3f:65:f8:52:41:d1:00:1b:4d:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e459aa4602bffa2d2650ba66818458c89fc4582
Validity
Not Before: Sep 19 12:00:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=460371e5bfd47f18df285aed9b844de58c79e0fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:03:28:fa:70:15:b8:6f:fe:84:dd:fe:73:3b:
df:36:24:09:b7:35:ed:04:4b:9f:1c:c3:c3:0c:c1:
9b:97:78:af:2a:4c:05:6d:bb:d3:cc:52:8c:de:8c:
67:12:25:3a:ce:3b:2b:38:3f:40:7d:f9:43:ca:a7:
9a:b5:fe:0b:cb:54:f9:2a:40:10:87:c1:c6:de:31:
56:08:3c:2e:6a:bb:ec:07:a3:00:51:c1:a5:a6:f2:
cc:ad:6d:00:a4:a0:2a:9c:34:79:54:b2:b6:f7:df:
3d:29:2f:de:ad:0d:16:de:70:01:43:f9:06:98:b9:
4f:45:2f:ad:51:4e:e4:4d:40:52:19:57:84:fc:82:
84:46:4c:5e:f1:4c:ea:f6:85:ec:1e:38:52:77:53:
65:1a:20:67:b2:7c:4e:1f:e7:f7:25:9e:ba:84:b6:
92:eb:03:58:26:1c:b7:1e:bd:ad:7f:7f:8c:37:ac:
2a:ea:02:c2:56:a4:52:c3:1e:e0:fb:bd:08:e0:c0:
2e:0f:3a:03:bc:b3:95:18:6e:ee:1a:d6:8c:7f:0b:
27:52:1c:7f:3c:a9:b0:06:6f:96:94:b1:56:47:09:
60:4c:d5:0d:14:82:1a:7a:bc:5e:46:64:a4:78:5b:
5d:e0:8c:6f:70:d3:c3:5c:49:e4:29:4f:e2:31:77:
f9:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:03:71:E5:BF:D4:7F:18:DF:28:5A:ED:9B:84:4D:E5:8C:79:E0:FB
X509v3 Authority Key Identifier:
keyid:9E:45:9A:A4:60:2B:FF:A2:D2:65:0B:A6:68:18:45:8C:89:FC:45:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/RgNx5b_UfxjfKFrtm4RN5Yx54Ps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/nkWapGAr_6LSZQumaBhFjIn8RYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.149.15.0/24
89.149.42.0-89.149.48.255
89.149.52.0/23
89.149.56.0/24
89.149.62.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:4a:ac:5e:0c:b1:b4:e0:9a:2d:e8:a1:f1:78:57:3f:e2:8f:
f1:2d:db:be:92:b6:e8:37:36:ad:6b:07:78:0e:03:67:cc:ea:
90:30:4c:43:99:50:f2:b3:95:9c:88:46:a6:f3:cb:a4:29:8b:
21:05:d0:b5:44:ef:e6:80:79:bd:a3:c6:9c:10:79:85:86:ff:
64:56:fa:ed:bc:e4:c0:2f:c5:77:a9:52:c0:11:ee:3f:68:f5:
cc:06:f7:d0:02:51:ab:5f:57:c1:be:00:be:21:62:3b:cd:5b:
0c:af:0e:6f:5f:8c:28:d1:45:6c:9f:97:30:2b:f7:e2:73:fa:
e5:d9:64:7d:26:46:e1:08:91:d3:b2:50:ca:b4:6b:f9:e4:e6:
ab:62:5e:88:ca:09:f6:93:9d:3a:41:86:a7:1b:eb:c7:16:01:
ad:6b:ed:d7:64:59:29:35:cf:7e:c8:ab:37:f6:d2:0d:9c:e9:
1a:30:93:96:9e:fe:16:7c:59:26:44:9f:8b:f2:3b:6a:02:44:
85:24:b6:a0:48:46:1f:04:34:0d:36:d3:24:4d:7b:36:ab:ac:
5a:bd:72:45:1f:60:76:6c:8b:52:4f:32:eb:8e:c2:1f:78:69:
09:57:19:03:6c:d6:3a:ba:69:fa:f1:37:e7:14:41:b5:af:18:
88:7b:2d:ad
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZIKKBgESko/ZfhSQdEAG02hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNDU5YWE0NjAyYmZmYTJkMjY1MGJhNjY4MTg0NThjODlm
YzQ1ODIwHhcNMjQwOTE5MTIwMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjAzNzFlNWJmZDQ3ZjE4ZGYyODVhZWQ5Yjg0NGRlNThjNzllMGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3wMo+nAVuG/+hN3+czvfNiQJtzXt
BEufHMPDDMGbl3ivKkwFbbvTzFKM3oxnEiU6zjsrOD9AfflDyqeatf4Ly1T5KkAQ
h8HG3jFWCDwuarvsB6MAUcGlpvLMrW0ApKAqnDR5VLK29989KS/erQ0W3nABQ/kG
mLlPRS+tUU7kTUBSGVeE/IKERkxe8Uzq9oXsHjhSd1NlGiBnsnxOH+f3JZ66hLaS
6wNYJhy3Hr2tf3+MN6wq6gLCVqRSwx7g+70I4MAuDzoDvLOVGG7uGtaMfwsnUhx/
PKmwBm+WlLFWRwlgTNUNFIIaerxeRmSkeFtd4IxvcNPDXEnkKU/iMXf51QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFEYDceW/1H8Y3yha7ZuETeWMeeD7MB8GA1UdIwQY
MBaAFJ5FmqRgK/+i0mULpmgYRYyJ/EWCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmtXYXBHQXJfNkxTWlF1bWFCaEZqSW44UllJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi85Y2MzMzMtNjhkNS00NjkyLTljNWIt
MjhhODQxZGEwYmZkLzEvUmdOeDViX1VmeGpmS0ZydG00Uk41WXg1NFBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi85Y2MzMzMtNjhkNS00NjkyLTljNWItMjhhODQxZGEwYmZk
LzEvbmtXYXBHQXJfNkxTWlF1bWFCaEZqSW44UllJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAWZUPMAwD
BAFZlSoDBABZlTADBAFZlTQDBABZlTgDBABZlT4wDQYJKoZIhvcNAQELBQADggEB
ABtKrF4MsbTgmi3oofF4Vz/ij/Et276Stug3Nq1rB3gOA2fM6pAwTEOZUPKzlZyI
Rqbzy6QpiyEF0LVE7+aAeb2jxpwQeYWG/2RW+u285MAvxXepUsAR7j9o9cwG99AC
UatfV8G+AL4hYjvNWwyvDm9fjCjRRWyflzAr9+Jz+uXZZH0mRuEIkdOyUMq0a/nk
5qtiXojKCfaTnTpBhqcb68cWAa1r7ddkWSk1z37Iqzf20g2c6Rowk5ae/hZ8WSZE
n4vyO2oCRIUktqBIRh8ENA020yRNezarrFq9ckUfYHZsi1JPMuuOwh94aQlXGQNs
1jq6afrxN+cUQbWvGIh7La0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:17:37 2024 by rpki-client on console-ams.rpki-client.org