Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/f3jegiPXmul5Ea8gHkTvznFhBJ0.roa
File: f3jegiPXmul5Ea8gHkTvznFhBJ0.roa (raw, json)
Hash identifier: 9lR1fPIfA+V9SDqA9/Ozxe/Ypr0c1AhnqJAzVZMsLPU=
Subject key identifier: 7F:78:DE:82:23:D7:9A:E9:79:11:AF:20:1E:44:EF:CE:71:61:04:9D
Certificate issuer: /CN=9e459aa4602bffa2d2650ba66818458c89fc4582
Certificate serial: 018CC2DB297099C74C99FBC4BFDF38C9C63F
Authority key identifier: 9E:45:9A:A4:60:2B:FF:A2:D2:65:0B:A6:68:18:45:8C:89:FC:45:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/f3jegiPXmul5Ea8gHkTvznFhBJ0.roa
Signing time: Mon 01 Jan 2024 02:29:52 +0000
ROA not before: Mon 01 Jan 2024 02:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 46562
IP address blocks: 89.149.25.0/24 maxlen: 24
84.247.65.0/24 maxlen: 24
84.247.66.0/24 maxlen: 24
84.247.74.0/24 maxlen: 24
84.247.75.0/24 maxlen: 24
84.247.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/nkWapGAr_6LSZQumaBhFjIn8RYI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/nkWapGAr_6LSZQumaBhFjIn8RYI.mft
rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 29 Apr 2024 05:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:29:70:99:c7:4c:99:fb:c4:bf:df:38:c9:c6:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e459aa4602bffa2d2650ba66818458c89fc4582
Validity
Not Before: Jan 1 02:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f78de8223d79ae97911af201e44efce7161049d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:73:67:c5:da:06:84:61:f0:e5:cb:3b:e8:10:
a8:49:c6:05:16:a1:9a:34:02:bd:0c:ca:c7:bd:21:
f7:a6:e9:ec:f4:b1:bc:6e:e0:ae:16:71:18:80:02:
5d:82:2b:71:73:f2:4c:9a:3c:9d:97:59:6c:41:a3:
70:58:da:49:24:cb:a7:76:da:4e:72:73:ae:f6:19:
4c:7d:3b:d5:f9:5e:72:47:b9:30:14:6b:2f:f9:e7:
28:05:10:38:64:43:53:92:0b:ad:a4:60:fa:92:64:
49:d7:a6:89:4b:fb:ea:4d:fc:f5:fd:5c:9a:82:3c:
07:0a:84:42:71:48:d8:06:44:5f:b6:a5:d3:cb:5f:
6d:f8:66:ed:37:97:ad:2a:8e:da:5f:18:9b:b9:be:
fa:24:89:88:eb:82:7a:20:8f:89:2d:0d:ee:11:5f:
10:31:99:ed:3b:30:d5:50:7c:31:77:c0:0f:a7:72:
91:12:a1:bf:4f:05:20:19:b4:c9:35:b6:f1:11:e9:
cd:d4:35:18:11:64:12:e3:3b:37:a8:7c:c4:70:78:
12:a5:cd:66:18:ec:a8:00:f9:f7:ab:65:bd:42:68:
5c:da:3b:f9:8c:10:43:25:0f:3b:ee:e5:22:a2:c0:
0e:fe:af:32:a4:55:3f:0e:db:06:a9:eb:34:f1:49:
f1:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:78:DE:82:23:D7:9A:E9:79:11:AF:20:1E:44:EF:CE:71:61:04:9D
X509v3 Authority Key Identifier:
keyid:9E:45:9A:A4:60:2B:FF:A2:D2:65:0B:A6:68:18:45:8C:89:FC:45:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/f3jegiPXmul5Ea8gHkTvznFhBJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/nkWapGAr_6LSZQumaBhFjIn8RYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.65.0-84.247.66.255
84.247.73.0-84.247.75.255
89.149.25.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:cc:f1:b5:3e:f4:e3:60:3c:d7:6c:cf:ae:e2:91:96:4f:b1:
93:d2:b5:0d:08:1c:d4:fa:bb:50:e5:5a:f3:3e:d5:4a:84:f9:
38:3d:29:5e:41:7f:7d:6d:f9:01:29:99:19:0c:44:b7:68:72:
65:f7:a6:a6:96:53:dd:42:37:cb:69:ca:f3:1d:5a:3a:7b:70:
18:cf:1d:73:05:61:4d:6b:b2:74:34:d8:25:b7:c8:00:5c:b6:
57:06:16:8f:2e:70:ae:d5:72:e4:a2:36:3d:ee:3d:10:c9:7e:
8c:d5:50:96:5a:65:e2:f0:50:1a:6f:34:11:e6:48:b3:4f:b4:
99:c9:d3:9c:cf:0c:63:20:1d:50:bd:f6:18:52:c4:1d:96:87:
bb:17:4e:3c:6c:44:f0:75:a2:cc:97:f9:fb:4f:9b:b6:cf:3b:
68:3b:35:d2:14:8c:18:c2:af:d7:57:8c:b7:b4:8c:fe:d4:2e:
40:63:43:f0:70:16:96:3f:db:3c:8a:6a:37:31:62:31:a5:f0:
81:f6:9b:c3:a3:f9:9b:68:00:6a:27:5a:1f:6e:66:23:52:e6:
66:e2:34:67:38:9d:e9:91:69:d9:33:48:39:c5:7a:0e:9a:6c:
fb:2e:ff:d5:08:80:a0:fb:6c:52:08:31:9b:7a:0e:53:db:6f:
b2:cc:da:7e
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzC2ylwmcdMmfvEv984ycY/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNDU5YWE0NjAyYmZmYTJkMjY1MGJhNjY4MTg0NThjODlm
YzQ1ODIwHhcNMjQwMTAxMDIyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Zjc4ZGU4MjIzZDc5YWU5NzkxMWFmMjAxZTQ0ZWZjZTcxNjEwNDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnNnxdoGhGHw5cs76BCoScYFFqGa
NAK9DMrHvSH3puns9LG8buCuFnEYgAJdgitxc/JMmjydl1lsQaNwWNpJJMundtpO
cnOu9hlMfTvV+V5yR7kwFGsv+ecoBRA4ZENTkgutpGD6kmRJ16aJS/vqTfz1/Vya
gjwHCoRCcUjYBkRftqXTy19t+GbtN5etKo7aXxibub76JImI64J6II+JLQ3uEV8Q
MZntOzDVUHwxd8APp3KREqG/TwUgGbTJNbbxEenN1DUYEWQS4zs3qHzEcHgSpc1m
GOyoAPn3q2W9Qmhc2jv5jBBDJQ877uUiosAO/q8ypFU/DtsGqes08UnxjwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFH943oIj15rpeRGvIB5E785xYQSdMB8GA1UdIwQY
MBaAFJ5FmqRgK/+i0mULpmgYRYyJ/EWCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmtXYXBHQXJfNkxTWlF1bWFCaEZqSW44UllJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi85Y2MzMzMtNjhkNS00NjkyLTljNWIt
MjhhODQxZGEwYmZkLzEvZjNqZWdpUFhtdWw1RWE4Z0hrVHZ6bkZoQkowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi85Y2MzMzMtNjhkNS00NjkyLTljNWItMjhhODQxZGEwYmZk
LzEvbmtXYXBHQXJfNkxTWlF1bWFCaEZqSW44UllJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBABU90ED
BABU90IwDAMEAFT3SQMEAlT3SAMEAFmVGTANBgkqhkiG9w0BAQsFAAOCAQEAsszx
tT7042A812zPruKRlk+xk9K1DQgc1Pq7UOVa8z7VSoT5OD0pXkF/fW35ASmZGQxE
t2hyZfemppZT3UI3y2nK8x1aOntwGM8dcwVhTWuydDTYJbfIAFy2VwYWjy5wrtVy
5KI2Pe49EMl+jNVQllpl4vBQGm80EeZIs0+0mcnTnM8MYyAdUL32GFLEHZaHuxdO
PGxE8HWizJf5+0+bts87aDs10hSMGMKv11eMt7SM/tQuQGND8HAWlj/bPIpqNzFi
MaXwgfabw6P5m2gAaidaH25mI1LmZuI0Zzid6ZFp2TNIOcV6Dpps+y7/1QiAoPts
Uggxm3oOU9tvsszafg==
-----END CERTIFICATE-----
Generated at Sun Apr 28 15:04:44 2024 by rpki-client on console-ams.rpki-client.org