Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/791c33-a10e-43a9-ac29-e0d13230b9d5/1/A9qfHLTM60pn5ogmYFw-raQP1Sk.roa
File: A9qfHLTM60pn5ogmYFw-raQP1Sk.roa (raw, json)
Hash identifier: SMOYn0zYL4sf5T+uz7HBz5Wf46XKnU59rpaYNmsOG1U=
Subject key identifier: 03:DA:9F:1C:B4:CC:EB:4A:67:E6:88:26:60:5C:3E:AD:A4:0F:D5:29
Certificate issuer: /CN=59d0a3f9c34307b0a5b36d2e6d1899aefe7bbeb4
Certificate serial: 018CC94DA2F221B4CE4A03D6EDA78A9DC572
Authority key identifier: 59:D0:A3:F9:C3:43:07:B0:A5:B3:6D:2E:6D:18:99:AE:FE:7B:BE:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WdCj-cNDB7Cls20ubRiZrv57vrQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/791c33-a10e-43a9-ac29-e0d13230b9d5/1/A9qfHLTM60pn5ogmYFw-raQP1Sk.roa
Signing time: Tue 02 Jan 2024 08:32:37 +0000
ROA not before: Tue 02 Jan 2024 08:32:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43352
IP address blocks: 195.155.155.0/24 maxlen: 24
37.9.200.0/21 maxlen: 24
195.155.128.0/19 maxlen: 24
195.155.135.0/24 maxlen: 24
185.4.208.0/22 maxlen: 24
185.4.211.0/24 maxlen: 24
2a02:cb04:4::/48 maxlen: 48
2a02:cb00::/29 maxlen: 48
2a02:cb04:5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/791c33-a10e-43a9-ac29-e0d13230b9d5/1/WdCj-cNDB7Cls20ubRiZrv57vrQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/791c33-a10e-43a9-ac29-e0d13230b9d5/1/WdCj-cNDB7Cls20ubRiZrv57vrQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/WdCj-cNDB7Cls20ubRiZrv57vrQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:a2:f2:21:b4:ce:4a:03:d6:ed:a7:8a:9d:c5:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59d0a3f9c34307b0a5b36d2e6d1899aefe7bbeb4
Validity
Not Before: Jan 2 08:32:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03da9f1cb4cceb4a67e68826605c3eada40fd529
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:b3:db:be:fc:2a:d0:57:61:9c:b1:a7:3b:af:
d3:84:3b:bd:a2:0a:8c:6f:1e:68:02:d1:20:29:e8:
5d:b6:9b:fc:4f:c8:ac:b6:ad:15:c2:33:9d:12:ca:
6b:12:02:c5:35:02:c9:0d:c1:69:b3:73:91:79:0d:
d0:48:1e:73:ec:3a:cf:54:f2:2f:14:82:4b:39:43:
a6:9e:e6:5f:c8:70:35:55:ec:43:bb:23:3d:ef:72:
5a:eb:d7:ae:5d:31:8b:2a:31:cf:20:f6:c3:54:67:
21:f5:4c:fa:86:df:a6:b4:e9:08:ab:0b:85:ac:16:
be:47:9b:05:10:37:8a:19:87:fb:66:7d:b0:ec:0c:
2c:ba:3f:4b:b7:d3:9b:24:32:e3:45:af:f9:22:b8:
46:3e:85:9e:5b:3e:6d:0b:ed:fc:5d:43:88:a9:3b:
e7:e4:a4:04:e0:cb:77:0c:42:07:75:29:d3:6c:b6:
bc:77:37:61:68:f2:84:69:03:1f:c1:05:ba:33:25:
52:76:55:e0:81:ea:15:47:99:78:55:e0:5a:68:81:
04:19:1c:d8:b0:36:1c:e7:15:89:cf:b6:da:c2:7d:
e9:81:5b:63:96:30:e0:a1:2e:5c:12:bb:b1:52:80:
d4:6d:35:6e:59:a8:79:61:1c:e4:d2:d5:a4:d3:ef:
c2:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:DA:9F:1C:B4:CC:EB:4A:67:E6:88:26:60:5C:3E:AD:A4:0F:D5:29
X509v3 Authority Key Identifier:
keyid:59:D0:A3:F9:C3:43:07:B0:A5:B3:6D:2E:6D:18:99:AE:FE:7B:BE:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WdCj-cNDB7Cls20ubRiZrv57vrQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/791c33-a10e-43a9-ac29-e0d13230b9d5/1/A9qfHLTM60pn5ogmYFw-raQP1Sk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/791c33-a10e-43a9-ac29-e0d13230b9d5/1/WdCj-cNDB7Cls20ubRiZrv57vrQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.9.200.0/21
185.4.208.0/22
195.155.128.0/19
IPv6:
2a02:cb00::/29
Signature Algorithm: sha256WithRSAEncryption
54:61:d0:8d:ca:ad:e3:e9:d5:7b:a2:cd:f4:0a:da:59:ac:ce:
35:fc:ff:e7:28:fa:0b:91:75:2b:11:27:df:51:9d:79:17:dc:
6e:b6:2c:09:51:0e:5f:6b:1d:ba:14:9e:d4:66:2b:46:ae:f5:
19:b5:0c:d9:f5:c1:34:56:b0:00:79:c2:39:43:a4:a8:3f:12:
86:95:43:aa:3f:46:54:34:f0:9b:59:4b:c6:e9:76:1d:33:0f:
00:64:41:20:11:32:75:f8:27:7e:b6:3d:a1:28:ce:0f:62:53:
94:21:05:e2:c2:04:2a:cd:e7:ab:b5:52:df:e5:6c:67:4b:bd:
53:ad:55:0d:ae:a0:68:c0:f8:8d:bd:0b:9f:ef:e1:e4:59:f1:
7b:80:af:12:9c:2f:6b:0c:e4:38:1d:14:76:7a:98:6e:9a:de:
b6:5b:4d:8e:54:31:c1:18:dd:36:51:67:6c:76:c9:6d:d1:ac:
d0:11:81:10:d1:f9:74:67:85:0a:2a:28:ba:84:29:c3:c0:31:
cc:1f:31:fb:10:0a:14:b8:68:cb:3e:fc:04:58:9a:15:c9:87:
e9:71:6e:ab:4d:33:13:5a:ba:6e:bc:59:ce:8c:f1:1c:bc:48:
a2:4a:9d:4c:96:42:98:89:38:2f:a9:f7:34:fc:ec:a5:69:36:
2b:30:dc:5d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzJTaLyIbTOSgPW7aeKncVyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5ZDBhM2Y5YzM0MzA3YjBhNWIzNmQyZTZkMTg5OWFlZmU3
YmJlYjQwHhcNMjQwMTAyMDgzMjM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2RhOWYxY2I0Y2NlYjRhNjdlNjg4MjY2MDVjM2VhZGE0MGZkNTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2bPbvvwq0FdhnLGnO6/ThDu9ogqM
bx5oAtEgKehdtpv8T8istq0VwjOdEsprEgLFNQLJDcFps3OReQ3QSB5z7DrPVPIv
FIJLOUOmnuZfyHA1VexDuyM973Ja69euXTGLKjHPIPbDVGch9Uz6ht+mtOkIqwuF
rBa+R5sFEDeKGYf7Zn2w7Awsuj9Lt9ObJDLjRa/5IrhGPoWeWz5tC+38XUOIqTvn
5KQE4Mt3DEIHdSnTbLa8dzdhaPKEaQMfwQW6MyVSdlXggeoVR5l4VeBaaIEEGRzY
sDYc5xWJz7bawn3pgVtjljDgoS5cEruxUoDUbTVuWah5YRzk0tWk0+/CCwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAPanxy0zOtKZ+aIJmBcPq2kD9UpMB8GA1UdIwQY
MBaAFFnQo/nDQwewpbNtLm0Yma7+e760MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2RDai1jTkRCN0NsczIwdWJSaVpydjU3dnJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC83OTFjMzMtYTEwZS00M2E5LWFjMjkt
ZTBkMTMyMzBiOWQ1LzEvQTlxZkhMVE02MHBuNW9nbVlGdy1yYVFQMVNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC83OTFjMzMtYTEwZS00M2E5LWFjMjktZTBkMTMyMzBiOWQ1
LzEvV2RDai1jTkRCN0NsczIwdWJSaVpydjU3dnJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDJQnIAwQC
uQTQAwQFw5uAMA0EAgACMAcDBQMqAssAMA0GCSqGSIb3DQEBCwUAA4IBAQBUYdCN
yq3j6dV7os30CtpZrM41/P/nKPoLkXUrESffUZ15F9xutiwJUQ5fax26FJ7UZitG
rvUZtQzZ9cE0VrAAecI5Q6SoPxKGlUOqP0ZUNPCbWUvG6XYdMw8AZEEgETJ1+Cd+
tj2hKM4PYlOUIQXiwgQqzeertVLf5WxnS71TrVUNrqBowPiNvQuf7+HkWfF7gK8S
nC9rDOQ4HRR2ephumt62W02OVDHBGN02UWdsdslt0azQEYEQ0fl0Z4UKKii6hCnD
wDHMHzH7EAoUuGjLPvwEWJoVyYfpcW6rTTMTWrpuvFnOjPEcvEiiSp1MlkKYiTgv
qfc0/OylaTYrMNxd
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:15:31 2024 by rpki-client on console-fra.rpki-client.org