Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/jPhJYlyraV6eCE4hAjFciycTXfw.roa
File: jPhJYlyraV6eCE4hAjFciycTXfw.roa (raw, json)
Hash identifier: PRRS2o2zxDLDOANFq9AKUNUKa+SwfGS7GEkhLDTMNi8=
Subject key identifier: 8C:F8:49:62:5C:AB:69:5E:9E:08:4E:21:02:31:5C:8B:27:13:5D:FC
Certificate issuer: /CN=9e459aa4602bffa2d2650ba66818458c89fc4582
Certificate serial: 018CC2DB2ABC69B44A8A4BE7D034DAFD7452
Authority key identifier: 9E:45:9A:A4:60:2B:FF:A2:D2:65:0B:A6:68:18:45:8C:89:FC:45:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/jPhJYlyraV6eCE4hAjFciycTXfw.roa
Signing time: Mon 01 Jan 2024 02:29:52 +0000
ROA not before: Mon 01 Jan 2024 02:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 89.149.16.0/24 maxlen: 24
89.149.15.0/24 maxlen: 24
89.149.14.0/24 maxlen: 24
89.149.17.0/24 maxlen: 24
89.149.22.0/24 maxlen: 24
89.149.18.0/24 maxlen: 24
89.149.26.0/24 maxlen: 24
89.149.38.0/24 maxlen: 24
89.149.37.0/24 maxlen: 24
89.149.43.0/24 maxlen: 24
89.149.42.0/24 maxlen: 24
89.149.41.0/24 maxlen: 24
89.149.40.0/24 maxlen: 24
89.149.39.0/24 maxlen: 24
89.149.44.0/24 maxlen: 24
89.149.48.0/24 maxlen: 24
89.149.47.0/24 maxlen: 24
89.149.46.0/24 maxlen: 24
89.149.45.0/24 maxlen: 24
89.149.56.0/24 maxlen: 24
89.149.53.0/24 maxlen: 24
89.149.52.0/24 maxlen: 24
89.149.62.0/24 maxlen: 24
84.247.112.0/24 maxlen: 24
84.247.111.0/24 maxlen: 24
84.247.116.0/24 maxlen: 24
84.247.115.0/24 maxlen: 24
84.247.114.0/24 maxlen: 24
84.247.113.0/24 maxlen: 24
84.247.118.0/24 maxlen: 24
84.247.117.0/24 maxlen: 24
84.247.121.0/24 maxlen: 24
84.247.119.0/24 maxlen: 24
84.247.78.0/24 maxlen: 24
83.166.205.0/24 maxlen: 24
83.166.208.0/24 maxlen: 24
83.166.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/nkWapGAr_6LSZQumaBhFjIn8RYI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/nkWapGAr_6LSZQumaBhFjIn8RYI.mft
rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:2a:bc:69:b4:4a:8a:4b:e7:d0:34:da:fd:74:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e459aa4602bffa2d2650ba66818458c89fc4582
Validity
Not Before: Jan 1 02:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8cf849625cab695e9e084e2102315c8b27135dfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:4c:77:04:15:a4:35:f3:1a:e2:a9:bb:fd:56:
92:e7:6f:0f:e7:c9:c7:1b:8c:1b:71:9f:58:ba:52:
3b:07:14:d5:1c:fe:33:b2:52:4f:b3:eb:70:e1:d1:
2c:00:61:55:1d:39:9d:49:5a:20:ff:e6:8f:8d:0b:
46:a5:7d:09:fd:e8:24:49:2d:8b:67:92:de:5d:86:
6c:a9:24:0d:ee:65:12:1a:a7:8e:ea:94:c6:88:19:
b6:69:13:55:63:84:e3:63:31:e0:79:13:36:22:31:
b8:39:e1:65:cb:5d:e0:7e:8a:d1:9b:65:b6:4a:79:
dc:e8:86:69:78:2f:08:50:e3:66:0b:42:86:75:d2:
b2:05:4d:fa:0c:63:2d:37:55:d2:dd:d7:5b:cd:08:
02:16:83:59:e1:1f:97:31:25:3b:5b:51:50:18:f6:
52:75:a2:44:e7:33:0a:7b:da:2e:4f:74:24:47:26:
70:20:d9:56:a8:19:0a:66:9e:ef:54:19:56:00:2e:
c1:46:34:8b:e8:6f:eb:db:94:01:36:07:c8:26:0b:
cd:c6:a0:a0:e7:cc:57:ef:09:52:04:4a:6f:8f:10:
89:95:8f:34:90:3f:b1:b7:88:9d:94:f6:54:a3:cd:
b7:63:70:48:8c:64:97:18:82:04:9f:df:69:46:d9:
b5:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:F8:49:62:5C:AB:69:5E:9E:08:4E:21:02:31:5C:8B:27:13:5D:FC
X509v3 Authority Key Identifier:
keyid:9E:45:9A:A4:60:2B:FF:A2:D2:65:0B:A6:68:18:45:8C:89:FC:45:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/jPhJYlyraV6eCE4hAjFciycTXfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/nkWapGAr_6LSZQumaBhFjIn8RYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.166.205.0/24
83.166.208.0/24
83.166.216.0/24
84.247.78.0/24
84.247.111.0-84.247.119.255
84.247.121.0/24
89.149.14.0-89.149.18.255
89.149.22.0/24
89.149.26.0/24
89.149.37.0-89.149.48.255
89.149.52.0/23
89.149.56.0/24
89.149.62.0/24
Signature Algorithm: sha256WithRSAEncryption
55:80:0a:08:e3:93:f2:9e:03:dd:5a:78:67:33:0d:26:46:7b:
c3:44:34:76:11:73:fd:c1:b2:1e:66:b7:85:2f:d5:b9:6f:2d:
89:4e:57:fd:72:40:5e:dd:a2:74:4c:3b:47:a4:29:1a:72:67:
dc:d3:1b:dc:5e:18:43:75:83:6f:7b:5f:89:29:15:e0:d5:82:
bd:9f:4f:eb:e3:5b:c2:a5:30:d2:17:eb:7e:9f:75:98:56:5a:
f5:ba:20:23:b4:d6:d8:3e:04:29:49:4d:f1:e8:cc:0f:1d:fa:
54:94:a1:97:93:b5:42:6f:8c:02:59:48:57:60:c2:4f:57:b6:
f1:6a:4b:2a:34:28:69:a1:7b:82:e6:e4:ca:b3:2d:58:84:c9:
dc:87:1f:4f:41:16:c9:33:59:96:c7:fa:4b:36:78:c6:44:15:
72:84:1b:6a:7a:07:35:43:09:83:8a:a6:e0:99:bc:7e:d5:9b:
2b:71:30:78:ea:bf:59:77:0c:5a:98:d7:c4:1f:9f:c3:31:a1:
16:c7:46:05:59:21:5d:45:f5:8a:16:8b:05:79:82:76:23:04:
8b:6a:69:45:62:59:00:aa:a4:c5:c9:a4:4c:2a:3e:f2:a4:4c:
31:8a:98:b3:f2:2d:9e:ae:6f:d6:8b:13:ee:5b:6a:5d:44:08:
c5:8b:27:01
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYzC2yq8abRKikvn0DTa/XRSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNDU5YWE0NjAyYmZmYTJkMjY1MGJhNjY4MTg0NThjODlm
YzQ1ODIwHhcNMjQwMTAxMDIyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2Y4NDk2MjVjYWI2OTVlOWUwODRlMjEwMjMxNWM4YjI3MTM1ZGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkx3BBWkNfMa4qm7/VaS528P58nH
G4wbcZ9YulI7BxTVHP4zslJPs+tw4dEsAGFVHTmdSVog/+aPjQtGpX0J/egkSS2L
Z5LeXYZsqSQN7mUSGqeO6pTGiBm2aRNVY4TjYzHgeRM2IjG4OeFly13gforRm2W2
Snnc6IZpeC8IUONmC0KGddKyBU36DGMtN1XS3ddbzQgCFoNZ4R+XMSU7W1FQGPZS
daJE5zMKe9ouT3QkRyZwINlWqBkKZp7vVBlWAC7BRjSL6G/r25QBNgfIJgvNxqCg
58xX7wlSBEpvjxCJlY80kD+xt4idlPZUo823Y3BIjGSXGIIEn99pRtm18QIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFIz4SWJcq2lenghOIQIxXIsnE138MB8GA1UdIwQY
MBaAFJ5FmqRgK/+i0mULpmgYRYyJ/EWCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmtXYXBHQXJfNkxTWlF1bWFCaEZqSW44UllJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi85Y2MzMzMtNjhkNS00NjkyLTljNWIt
MjhhODQxZGEwYmZkLzEvalBoSllseXJhVjZlQ0U0aEFqRmNpeWNUWGZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi85Y2MzMzMtNjhkNS00NjkyLTljNWItMjhhODQxZGEwYmZk
LzEvbmtXYXBHQXJfNkxTWlF1bWFCaEZqSW44UllJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAU6bNAwQA
U6bQAwQAU6bYAwQAVPdOMAwDBABU928DBANU93ADBABU93kwDAMEAVmVDgMEAFmV
EgMEAFmVFgMEAFmVGjAMAwQAWZUlAwQAWZUwAwQBWZU0AwQAWZU4AwQAWZU+MA0G
CSqGSIb3DQEBCwUAA4IBAQBVgAoI45PyngPdWnhnMw0mRnvDRDR2EXP9wbIeZreF
L9W5by2JTlf9ckBe3aJ0TDtHpCkacmfc0xvcXhhDdYNve1+JKRXg1YK9n0/r41vC
pTDSF+t+n3WYVlr1uiAjtNbYPgQpSU3x6MwPHfpUlKGXk7VCb4wCWUhXYMJPV7bx
aksqNChpoXuC5uTKsy1YhMnchx9PQRbJM1mWx/pLNnjGRBVyhBtqegc1QwmDiqbg
mbx+1ZsrcTB46r9ZdwxamNfEH5/DMaEWx0YFWSFdRfWKFosFeYJ2IwSLamlFYlkA
qqTFyaRMKj7ypEwxipiz8i2erm/WixPuW2pdRAjFiycB
-----END CERTIFICATE-----
Generated at Sat Apr 27 20:34:03 2024 by rpki-client on console-ams.rpki-client.org