Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/n_1QmiOkn6Q7niCKvucLsLG-8pI.roa
File: n_1QmiOkn6Q7niCKvucLsLG-8pI.roa (raw, json)
Hash identifier: iDsmRsq7CNApSo7V5fVe1oTexBmF/nU61xFORJCiTYY=
Subject key identifier: 9F:FD:50:9A:23:A4:9F:A4:3B:9E:20:8A:BE:E7:0B:B0:B1:BE:F2:92
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 019341362E4939F31D9A5EF47088307AFAB5
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/n_1QmiOkn6Q7niCKvucLsLG-8pI.roa
Signing time: Mon 18 Nov 2024 21:38:10 +0000
ROA not before: Mon 18 Nov 2024 21:38:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198668
IP address blocks: 37.221.240.0/20 maxlen: 32
45.153.192.0/22 maxlen: 24
85.255.88.0/22 maxlen: 22
185.19.0.0/22 maxlen: 32
185.64.222.0/24 maxlen: 32
185.74.60.0/23 maxlen: 32
185.97.24.0/22 maxlen: 22
185.188.100.0/22 maxlen: 24
185.188.100.0/24 maxlen: 24
2a03:d840::/32 maxlen: 48
2a03:d840:ffff::/48 maxlen: 48
2a04:c740::/29 maxlen: 48
2a0d:3140::/29 maxlen: 29
2a0f:9300::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.mft
rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 18:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:41:36:2e:49:39:f3:1d:9a:5e:f4:70:88:30:7a:fa:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Nov 18 21:38:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ffd509a23a49fa43b9e208abee70bb0b1bef292
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:04:bb:18:96:67:d0:ba:67:de:6c:78:c6:1c:
8c:3b:61:bd:4b:14:13:88:08:b9:38:ac:54:85:a7:
ee:32:4a:02:4a:64:23:d1:72:d3:dc:36:80:bc:da:
94:85:06:8d:58:9d:9f:af:f0:bb:26:e1:5e:09:12:
1a:6c:d9:6f:63:c2:0d:5b:59:54:67:09:c6:9a:be:
4b:c1:09:11:3f:91:27:d7:c9:e5:9d:09:81:85:6a:
bf:60:99:86:36:15:c2:e4:18:d2:15:3e:46:a8:7e:
da:d5:3a:b3:0a:65:70:75:c7:b2:0c:00:aa:ce:75:
71:95:df:47:92:dd:3c:81:57:81:42:a5:8a:81:4d:
eb:96:85:bd:af:40:dd:44:2f:6b:5c:8a:ad:6b:df:
7c:19:ed:29:9a:8c:a9:c2:61:95:9f:e2:ef:1f:84:
1e:cf:7e:00:2f:11:75:f2:98:a6:68:b7:e8:62:84:
2f:14:29:58:bb:3d:69:ea:0b:f4:df:03:e3:69:63:
b0:75:82:7a:e2:e1:62:60:92:71:2a:37:b7:1e:4d:
25:91:ef:d0:1d:b5:b8:c5:59:b2:a3:8b:c4:5b:cb:
3c:fb:40:4d:db:e9:5e:33:76:fa:8b:05:73:19:e1:
58:15:38:ea:73:18:51:68:f7:e9:fa:1a:29:01:10:
3d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:FD:50:9A:23:A4:9F:A4:3B:9E:20:8A:BE:E7:0B:B0:B1:BE:F2:92
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/n_1QmiOkn6Q7niCKvucLsLG-8pI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.240.0/20
45.153.192.0/22
85.255.88.0/22
185.19.0.0/22
185.64.222.0/24
185.74.60.0/23
185.97.24.0/22
185.188.100.0/22
IPv6:
2a03:d840::/32
2a04:c740::/29
2a0d:3140::/29
2a0f:9300::/29
Signature Algorithm: sha256WithRSAEncryption
b0:cc:d7:02:ec:cd:07:bb:2c:99:e5:f9:52:0d:c3:b9:95:24:
df:45:d0:e8:08:3b:7c:14:5e:89:60:bd:44:20:d0:3e:a3:d8:
7d:94:6b:a4:6d:f7:f2:71:99:fe:7c:ac:6e:fe:85:52:a2:7d:
2c:df:54:9b:61:92:5b:6e:b7:f2:43:fa:14:31:20:9c:cb:bb:
e7:ff:ee:da:f8:4f:b1:ba:c1:05:50:ec:1a:c9:63:6d:ef:8d:
a0:e7:dd:30:40:d6:0f:4f:02:85:fe:9c:29:fb:55:a2:d1:04:
f6:3d:08:2c:da:70:53:58:d7:7c:f9:5d:d1:3a:22:d2:b0:71:
de:b0:16:74:4f:f1:78:b4:ef:b7:c2:86:df:0a:2f:87:9e:d5:
a6:03:c7:3d:7a:79:35:dc:8f:c4:6f:05:82:16:0c:49:70:7b:
dc:f2:2f:63:7b:3a:7f:47:92:87:95:cc:b8:e6:80:de:56:aa:
f8:e7:ab:1f:29:b5:95:99:e5:8a:7d:ff:de:4f:02:da:2b:34:
f3:4b:76:ec:0a:b4:62:98:d0:97:38:bc:50:8f:75:7d:05:8c:
4b:5c:99:6d:5b:99:45:1d:79:e9:48:17:bd:51:77:cd:da:30:
c0:47:dc:6b:92:4c:63:4f:5e:86:7b:cb:fb:59:80:c6:36:be:
bf:97:34:63
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZNBNi5JOfMdml70cIgwevq1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2
MGY2ZjMwHhcNMjQxMTE4MjEzODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmZkNTA5YTIzYTQ5ZmE0M2I5ZTIwOGFiZWU3MGJiMGIxYmVmMjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgS7GJZn0Lpn3mx4xhyMO2G9SxQT
iAi5OKxUhafuMkoCSmQj0XLT3DaAvNqUhQaNWJ2fr/C7JuFeCRIabNlvY8INW1lU
ZwnGmr5LwQkRP5En18nlnQmBhWq/YJmGNhXC5BjSFT5GqH7a1TqzCmVwdceyDACq
znVxld9Hkt08gVeBQqWKgU3rloW9r0DdRC9rXIqta998Ge0pmoypwmGVn+LvH4Qe
z34ALxF18pimaLfoYoQvFClYuz1p6gv03wPjaWOwdYJ64uFiYJJxKje3Hk0lke/Q
HbW4xVmyo4vEW8s8+0BN2+leM3b6iwVzGeFYFTjqcxhRaPfp+hopARA9xQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFJ/9UJojpJ+kO54gir7nC7CxvvKSMB8GA1UdIwQY
MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It
ZDFhYmY0ZWUzMmNiLzEvbl8xUW1pT2tuNlE3bmlDS3Z1Y0xzTEctOHBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi
LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDA2BAIAATAwAwQEJd3wAwQC
LZnAAwQCVf9YAwQCuRMAAwQAuUDeAwQBuUo8AwQCuWEYAwQCubxkMCIEAgACMBwD
BQAqA9hAAwUDKgTHQAMFAyoNMUADBQMqD5MAMA0GCSqGSIb3DQEBCwUAA4IBAQCw
zNcC7M0HuyyZ5flSDcO5lSTfRdDoCDt8FF6JYL1EINA+o9h9lGukbffycZn+fKxu
/oVSon0s31SbYZJbbrfyQ/oUMSCcy7vn/+7a+E+xusEFUOwayWNt742g590wQNYP
TwKF/pwp+1Wi0QT2PQgs2nBTWNd8+V3ROiLSsHHesBZ0T/F4tO+3wobfCi+HntWm
A8c9enk13I/EbwWCFgxJcHvc8i9jezp/R5KHlcy45oDeVqr456sfKbWVmeWKff/e
TwLaKzTzS3bsCrRimNCXOLxQj3V9BYxLXJltW5lFHXnpSBe9UXfN2jDAR9xrkkxj
T16Ge8v7WYDGNr6/lzRj
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:24:16 2024 by rpki-client on console-ams.rpki-client.org