Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/732a87-4db0-4ef1-bafb-ac4016120cb9/1/xZ9rC0_bIwspMNrzzCNkaIN9hks.roa
File: xZ9rC0_bIwspMNrzzCNkaIN9hks.roa (raw, json)
Hash identifier: CQdcVF2J0+OkAXd3Gttfb0KR0SgTiLnUxIYTNL2zUFs=
Subject key identifier: C5:9F:6B:0B:4F:DB:23:0B:29:30:DA:F3:CC:23:64:68:83:7D:86:4B
Certificate issuer: /CN=f7b50c7e81d8cf264d1209b6ad5a3ccb82c16fdd
Certificate serial: 018CC64B232422DC726A44C5BB27BC64B275
Authority key identifier: F7:B5:0C:7E:81:D8:CF:26:4D:12:09:B6:AD:5A:3C:CB:82:C1:6F:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/97UMfoHYzyZNEgm2rVo8y4LBb90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/732a87-4db0-4ef1-bafb-ac4016120cb9/1/xZ9rC0_bIwspMNrzzCNkaIN9hks.roa
Signing time: Mon 01 Jan 2024 18:31:02 +0000
ROA not before: Mon 01 Jan 2024 18:31:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 63473
IP address blocks: 188.244.117.0/24 maxlen: 24
194.29.186.0/24 maxlen: 24
194.29.187.0/24 maxlen: 24
91.190.155.0/24 maxlen: 24
188.93.140.0/24 maxlen: 24
45.132.74.0/24 maxlen: 24
45.132.75.0/24 maxlen: 24
83.138.53.0/24 maxlen: 24
212.52.0.0/24 maxlen: 24
185.223.207.0/24 maxlen: 24
194.29.100.0/24 maxlen: 24
194.29.101.0/24 maxlen: 24
45.91.95.0/24 maxlen: 24
45.91.92.0/24 maxlen: 24
45.91.93.0/24 maxlen: 24
45.91.94.0/24 maxlen: 24
109.205.61.0/24 maxlen: 24
2a0e:dc0:4::/48 maxlen: 48
2a0e:dc0:5::/48 maxlen: 48
2a0e:dc0:8::/48 maxlen: 48
2a0e:dc0:3::/48 maxlen: 48
2a0e:dc0:9::/48 maxlen: 48
2a0e:dc0:2::/48 maxlen: 48
2a0e:dc0:6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/732a87-4db0-4ef1-bafb-ac4016120cb9/1/97UMfoHYzyZNEgm2rVo8y4LBb90.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/732a87-4db0-4ef1-bafb-ac4016120cb9/1/97UMfoHYzyZNEgm2rVo8y4LBb90.mft
rsync://rpki.ripe.net/repository/DEFAULT/97UMfoHYzyZNEgm2rVo8y4LBb90.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:23:24:22:dc:72:6a:44:c5:bb:27:bc:64:b2:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7b50c7e81d8cf264d1209b6ad5a3ccb82c16fdd
Validity
Not Before: Jan 1 18:31:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c59f6b0b4fdb230b2930daf3cc236468837d864b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:15:ad:0d:1b:d7:d6:45:db:8f:84:f0:9b:df:
d7:bd:8f:77:42:4c:54:15:af:91:22:e6:9b:8c:64:
81:d4:d8:f9:67:81:07:cf:2d:71:d6:4a:13:cd:cd:
d2:30:25:7c:77:86:eb:f1:88:7c:2b:06:b8:04:cd:
93:44:44:68:67:b8:52:ec:2a:44:41:43:23:1d:e5:
d5:fc:97:0b:23:35:89:a2:66:d2:9f:2b:42:ac:00:
6a:a9:bf:2b:9b:31:13:5f:35:07:04:df:69:14:da:
78:5a:b1:26:86:9f:bb:66:42:ca:65:33:0e:b9:57:
d2:dd:58:12:b7:aa:0c:f9:f4:67:b2:c1:ab:3a:e9:
22:7f:6c:df:bd:66:09:5d:6a:7c:9c:43:7d:e5:b8:
dd:d5:78:77:8c:4f:59:a6:ae:8b:2c:e1:d7:c3:8c:
9b:fe:9f:dd:d3:68:9b:f8:7e:c4:3d:fa:6c:4d:6e:
9d:4b:15:f1:f5:1b:bf:c1:0b:c9:e7:62:3b:db:e4:
0a:ce:14:88:5b:1e:23:34:f9:b1:79:f6:d2:1d:3e:
87:8e:c1:f5:cc:13:61:f1:8c:f4:ed:ca:ae:cd:01:
89:19:74:6c:d2:5a:38:76:c0:f6:ae:90:d9:25:1a:
36:22:84:f6:15:19:cf:b6:6b:c0:ff:9a:b2:c0:8f:
ed:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:9F:6B:0B:4F:DB:23:0B:29:30:DA:F3:CC:23:64:68:83:7D:86:4B
X509v3 Authority Key Identifier:
keyid:F7:B5:0C:7E:81:D8:CF:26:4D:12:09:B6:AD:5A:3C:CB:82:C1:6F:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/97UMfoHYzyZNEgm2rVo8y4LBb90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/732a87-4db0-4ef1-bafb-ac4016120cb9/1/xZ9rC0_bIwspMNrzzCNkaIN9hks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/732a87-4db0-4ef1-bafb-ac4016120cb9/1/97UMfoHYzyZNEgm2rVo8y4LBb90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.92.0/22
45.132.74.0/23
83.138.53.0/24
91.190.155.0/24
109.205.61.0/24
185.223.207.0/24
188.93.140.0/24
188.244.117.0/24
194.29.100.0/23
194.29.186.0/23
212.52.0.0/24
IPv6:
2a0e:dc0:2::-2a0e:dc0:6:ffff:ffff:ffff:ffff:ffff
2a0e:dc0:8::/47
Signature Algorithm: sha256WithRSAEncryption
8f:17:ca:ad:00:5c:85:b0:3d:79:ca:33:1e:fe:70:4b:d5:73:
9f:a4:c8:e0:84:c2:2e:de:e4:87:83:94:44:e7:d2:c2:92:23:
72:9c:d0:5d:d4:15:d8:98:6b:14:56:8e:9d:11:44:80:2c:ee:
ad:45:b2:c5:38:1d:ab:ca:b6:f2:4a:f4:5e:ce:8d:0b:52:81:
b0:16:20:95:15:ca:bf:2d:26:1e:59:17:96:69:b9:81:7c:a4:
d6:a2:ad:a3:ac:f3:50:84:fa:dc:4e:0b:af:d2:ee:b3:61:62:
ad:c4:de:7e:0f:74:bb:79:52:ea:a9:26:82:85:7c:ee:f6:ed:
09:ae:a7:6f:04:a0:af:3a:6c:fd:10:76:ea:74:47:4b:0f:c8:
0a:3a:50:cf:d6:1b:8f:fb:37:d0:db:7e:68:0b:c4:e4:c4:61:
2a:47:3f:7b:2f:8d:93:45:44:a4:1d:15:60:6f:30:14:70:9e:
28:0f:e4:9a:8c:82:6f:e8:89:6d:40:22:b6:af:f0:82:47:50:
eb:02:f1:a4:5e:de:b9:44:0f:5d:e2:91:fe:d6:57:01:40:79:
1c:7d:7d:c6:44:2b:ab:c6:26:b8:4a:5c:75:4a:13:04:5c:e1:
78:b3:f1:dc:43:ca:2b:6b:4e:e1:31:f7:2a:9d:88:6e:dd:ef:
79:f7:b6:4e
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgISAYzGSyMkItxyakTFuye8ZLJ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3YjUwYzdlODFkOGNmMjY0ZDEyMDliNmFkNWEzY2NiODJj
MTZmZGQwHhcNMjQwMTAxMTgzMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTlmNmIwYjRmZGIyMzBiMjkzMGRhZjNjYzIzNjQ2ODgzN2Q4NjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2BWtDRvX1kXbj4Twm9/XvY93QkxU
Fa+RIuabjGSB1Nj5Z4EHzy1x1koTzc3SMCV8d4br8Yh8Kwa4BM2TRERoZ7hS7CpE
QUMjHeXV/JcLIzWJombSnytCrABqqb8rmzETXzUHBN9pFNp4WrEmhp+7ZkLKZTMO
uVfS3VgSt6oM+fRnssGrOukif2zfvWYJXWp8nEN95bjd1Xh3jE9Zpq6LLOHXw4yb
/p/d02ib+H7EPfpsTW6dSxXx9Ru/wQvJ52I72+QKzhSIWx4jNPmxefbSHT6HjsH1
zBNh8Yz07cquzQGJGXRs0lo4dsD2rpDZJRo2IoT2FRnPtmvA/5qywI/tkQIDAQAB
o4ICazCCAmcwHQYDVR0OBBYEFMWfawtP2yMLKTDa88wjZGiDfYZLMB8GA1UdIwQY
MBaAFPe1DH6B2M8mTRIJtq1aPMuCwW/dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTdVTWZvSFl6eVpORWdtMnJWbzh5NExCYjkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi83MzJhODctNGRiMC00ZWYxLWJhZmIt
YWM0MDE2MTIwY2I5LzEveFo5ckMwX2JJd3NwTU5yenpDTmthSU45aGtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi83MzJhODctNGRiMC00ZWYxLWJhZmItYWM0MDE2MTIwY2I5
LzEvOTdVTWZvSFl6eVpORWdtMnJWbzh5NExCYjkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGABggrBgEFBQcBBwEB/wRxMG8wSAQCAAEwQgMEAi1bXAME
AS2ESgMEAFOKNQMEAFu+mwMEAG3NPQMEALnfzwMEALxdjAMEALz0dQMEAcIdZAME
AcIdugMEANQ0ADAjBAIAAjAdMBIDBwEqDg3AAAIDBwAqDg3AAAYDBwEqDg3AAAgw
DQYJKoZIhvcNAQELBQADggEBAI8Xyq0AXIWwPXnKMx7+cEvVc5+kyOCEwi7e5IeD
lETn0sKSI3Kc0F3UFdiYaxRWjp0RRIAs7q1FssU4HavKtvJK9F7OjQtSgbAWIJUV
yr8tJh5ZF5ZpuYF8pNairaOs81CE+txOC6/S7rNhYq3E3n4PdLt5UuqpJoKFfO72
7Qmup28EoK86bP0Qdup0R0sPyAo6UM/WG4/7N9DbfmgLxOTEYSpHP3svjZNFRKQd
FWBvMBRwnigP5JqMgm/oiW1AIrav8IJHUOsC8aRe3rlED13ikf7WVwFAeRx9fcZE
K6vGJrhKXHVKEwRc4Xiz8dxDyitrTuEx9yqdiG7d73n3tk4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:56:20 2024 by rpki-client on console-ams.rpki-client.org