Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/16b02c-833a-48f0-ba56-ad6f0bf88438/1/nHSvW-jc6BMeOVWp_LAOwUGRG4k.roa
File: nHSvW-jc6BMeOVWp_LAOwUGRG4k.roa (raw, json)
Hash identifier: WIKZLwqUaowrJSUc5bKqllUzouINYdWh0cBNLK/Spkg=
Subject key identifier: 9C:74:AF:5B:E8:DC:E8:13:1E:39:55:A9:FC:B0:0E:C1:41:91:1B:89
Certificate issuer: /CN=12c889964b35b51ba8e5e679a15b19a31f133578
Certificate serial: 018CC726DB9A218962636895691710796C90
Authority key identifier: 12:C8:89:96:4B:35:B5:1B:A8:E5:E6:79:A1:5B:19:A3:1F:13:35:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsiJlks1tRuo5eZ5oVsZox8TNXg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/16b02c-833a-48f0-ba56-ad6f0bf88438/1/nHSvW-jc6BMeOVWp_LAOwUGRG4k.roa
Signing time: Mon 01 Jan 2024 22:31:01 +0000
ROA not before: Mon 01 Jan 2024 22:31:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9051
IP address blocks: 91.245.248.0/22 maxlen: 24
82.146.160.0/19 maxlen: 24
82.146.170.0/24 maxlen: 24
2a0d:b3c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/16b02c-833a-48f0-ba56-ad6f0bf88438/1/EsiJlks1tRuo5eZ5oVsZox8TNXg.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/16b02c-833a-48f0-ba56-ad6f0bf88438/1/EsiJlks1tRuo5eZ5oVsZox8TNXg.mft
rsync://rpki.ripe.net/repository/DEFAULT/EsiJlks1tRuo5eZ5oVsZox8TNXg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:db:9a:21:89:62:63:68:95:69:17:10:79:6c:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c889964b35b51ba8e5e679a15b19a31f133578
Validity
Not Before: Jan 1 22:31:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c74af5be8dce8131e3955a9fcb00ec141911b89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:4b:1b:2b:d1:f2:c4:6e:6e:9d:ba:18:73:60:
15:af:11:c3:ed:f3:a7:31:ee:dd:6c:4f:dc:98:14:
a8:30:c9:fd:9c:d1:e0:32:0b:4d:9d:e3:35:19:ad:
70:1d:76:f5:b8:69:fa:18:ec:31:97:34:e4:05:57:
f5:67:ab:1a:6a:a7:6c:27:62:be:ed:c7:d2:9c:4e:
9f:68:69:75:78:6d:c0:3c:b4:ef:eb:a7:be:6f:46:
de:46:3d:ac:bc:71:52:66:0c:fa:b8:27:86:48:7c:
26:77:57:8a:5b:21:5f:93:2d:4e:87:53:87:98:3f:
fe:b1:09:e4:4b:99:08:f3:95:94:27:35:82:77:9d:
57:21:09:8f:c4:a6:74:f5:2c:d5:ca:67:06:ac:34:
7d:37:49:c6:21:07:82:39:fb:16:b3:0e:c1:54:27:
3d:17:0f:6b:6f:db:b9:4b:7b:4a:4e:99:d5:fd:f5:
ec:ba:d3:97:33:bc:96:14:a0:56:9e:22:b4:47:9a:
a8:e4:d3:3f:9a:15:9f:79:bf:a7:9d:db:bd:4e:e6:
c0:a8:46:c0:c6:d3:78:2e:01:7d:66:cf:d5:f6:c6:
79:4a:68:15:65:d8:1f:11:2a:65:0b:71:3b:30:71:
ce:a0:09:15:67:7a:08:18:ae:c4:04:e9:b8:20:dd:
09:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:74:AF:5B:E8:DC:E8:13:1E:39:55:A9:FC:B0:0E:C1:41:91:1B:89
X509v3 Authority Key Identifier:
keyid:12:C8:89:96:4B:35:B5:1B:A8:E5:E6:79:A1:5B:19:A3:1F:13:35:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsiJlks1tRuo5eZ5oVsZox8TNXg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/16b02c-833a-48f0-ba56-ad6f0bf88438/1/nHSvW-jc6BMeOVWp_LAOwUGRG4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/16b02c-833a-48f0-ba56-ad6f0bf88438/1/EsiJlks1tRuo5eZ5oVsZox8TNXg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.146.160.0/19
91.245.248.0/22
IPv6:
2a0d:b3c0::/29
Signature Algorithm: sha256WithRSAEncryption
78:d2:c9:6d:74:34:e7:c0:7d:15:9a:d8:bc:2f:52:88:2f:cb:
b0:b0:1c:d5:51:8e:79:4a:31:83:ed:39:a5:ae:e0:33:92:03:
d9:43:56:a7:d1:c2:7f:e2:1f:02:42:83:44:75:0c:ae:1b:5d:
9f:7d:bc:61:f0:64:6f:68:78:b2:0b:a3:4b:06:c2:92:3d:6d:
fd:ae:0f:82:6e:f5:fc:be:4e:06:86:3f:78:4a:0f:00:c8:10:
b4:e6:e3:f1:36:91:b1:38:f6:ab:8f:3c:51:21:46:2d:36:b6:
62:db:95:a6:45:98:34:36:f9:04:df:6c:eb:ca:dc:d8:c1:19:
c3:67:45:0c:a1:f6:ed:65:77:72:15:84:14:1f:85:49:51:ea:
29:01:5f:da:00:ed:ea:d2:9d:a0:10:6d:0c:f8:89:4f:b3:07:
b2:1f:ed:41:76:4c:85:e0:a5:65:6b:96:9a:8f:5c:28:66:71:
e6:76:93:ea:7d:f5:1d:46:ae:74:01:39:ab:80:0d:71:28:8b:
db:7d:b1:c4:bd:90:9a:b1:35:b0:97:5d:b3:1f:d7:91:2a:37:
c5:0f:5b:fe:ee:39:70:ae:29:2b:ef:02:e9:aa:82:69:85:db:
91:a7:8a:d5:33:c7:32:33:90:fd:13:21:fa:b7:51:5e:5a:35:
ff:cd:e0:8d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzHJtuaIYliY2iVaRcQeWyQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYzg4OTk2NGIzNWI1MWJhOGU1ZTY3OWExNWIxOWEzMWYx
MzM1NzgwHhcNMjQwMTAxMjIzMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yzc0YWY1YmU4ZGNlODEzMWUzOTU1YTlmY2IwMGVjMTQxOTExYjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUsbK9HyxG5unboYc2AVrxHD7fOn
Me7dbE/cmBSoMMn9nNHgMgtNneM1Ga1wHXb1uGn6GOwxlzTkBVf1Z6saaqdsJ2K+
7cfSnE6faGl1eG3APLTv66e+b0beRj2svHFSZgz6uCeGSHwmd1eKWyFfky1Oh1OH
mD/+sQnkS5kI85WUJzWCd51XIQmPxKZ09SzVymcGrDR9N0nGIQeCOfsWsw7BVCc9
Fw9rb9u5S3tKTpnV/fXsutOXM7yWFKBWniK0R5qo5NM/mhWfeb+nndu9TubAqEbA
xtN4LgF9Zs/V9sZ5SmgVZdgfESplC3E7MHHOoAkVZ3oIGK7EBOm4IN0JEQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJx0r1vo3OgTHjlVqfywDsFBkRuJMB8GA1UdIwQY
MBaAFBLIiZZLNbUbqOXmeaFbGaMfEzV4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXNpSmxrczF0UnVvNWVaNW9Wc1pveDhUTlhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8xNmIwMmMtODMzYS00OGYwLWJhNTYt
YWQ2ZjBiZjg4NDM4LzEvbkhTdlctamM2Qk1lT1ZXcF9MQU93VUdSRzRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8xNmIwMmMtODMzYS00OGYwLWJhNTYtYWQ2ZjBiZjg4NDM4
LzEvRXNpSmxrczF0UnVvNWVaNW9Wc1pveDhUTlhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFUpKgAwQC
W/X4MA0EAgACMAcDBQMqDbPAMA0GCSqGSIb3DQEBCwUAA4IBAQB40sltdDTnwH0V
mti8L1KIL8uwsBzVUY55SjGD7TmlruAzkgPZQ1an0cJ/4h8CQoNEdQyuG12ffbxh
8GRvaHiyC6NLBsKSPW39rg+CbvX8vk4Ghj94Sg8AyBC05uPxNpGxOParjzxRIUYt
NrZi25WmRZg0NvkE32zrytzYwRnDZ0UMofbtZXdyFYQUH4VJUeopAV/aAO3q0p2g
EG0M+IlPsweyH+1BdkyF4KVla5aaj1woZnHmdpPqffUdRq50ATmrgA1xKIvbfbHE
vZCasTWwl12zH9eRKjfFD1v+7jlwrikr7wLpqoJphduRp4rVM8cyM5D9EyH6t1Fe
WjX/zeCN
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:12:53 2024 by rpki-client on console-fra.rpki-client.org