Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/9rxi0MU3laUjIS5YBjjrbxYeCoo.roa
File: 9rxi0MU3laUjIS5YBjjrbxYeCoo.roa (raw, json)
Hash identifier: HNKVqzhMd7OzET0xaGfpE0rdaMybaP2UC1aH/Z9xylU=
Subject key identifier: F6:BC:62:D0:C5:37:95:A5:23:21:2E:58:06:38:EB:6F:16:1E:0A:8A
Certificate issuer: /CN=351a14ce9d25239b92fe5abce532515044c1aba4
Certificate serial: 0192C0AF26EC77DDB03DC84F03F3C606085F
Authority key identifier: 35:1A:14:CE:9D:25:23:9B:92:FE:5A:BC:E5:32:51:50:44:C1:AB:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRoUzp0lI5uS_lq85TJRUETBq6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/9rxi0MU3laUjIS5YBjjrbxYeCoo.roa
Signing time: Thu 24 Oct 2024 22:39:17 +0000
ROA not before: Thu 24 Oct 2024 22:39:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56430
IP address blocks: 77.81.64.0/24 maxlen: 24
86.105.152.0/23 maxlen: 23
86.105.155.0/24 maxlen: 24
89.36.18.0/24 maxlen: 24
89.36.93.0/24 maxlen: 24
89.40.214.0/24 maxlen: 24
89.42.42.0/24 maxlen: 24
89.43.174.0/24 maxlen: 24
185.82.172.0/22 maxlen: 22
188.212.250.0/24 maxlen: 24
188.241.13.0/24 maxlen: 24
193.33.200.0/23 maxlen: 23
193.105.218.0/24 maxlen: 24
2a05:91c0::/32 maxlen: 32
2a05:91c4::/32 maxlen: 32
2a09:1340::/29 maxlen: 29
2a0f:8b80::/29 maxlen: 29
2a12:aec0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/NRoUzp0lI5uS_lq85TJRUETBq6Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/NRoUzp0lI5uS_lq85TJRUETBq6Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/NRoUzp0lI5uS_lq85TJRUETBq6Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c0:af:26:ec:77:dd:b0:3d:c8:4f:03:f3:c6:06:08:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351a14ce9d25239b92fe5abce532515044c1aba4
Validity
Not Before: Oct 24 22:39:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f6bc62d0c53795a523212e580638eb6f161e0a8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:31:7f:be:9b:85:4d:22:45:78:6f:f7:a3:53:
12:79:9e:74:a2:33:11:4b:03:28:dc:e8:68:22:d1:
6e:25:10:ff:97:b9:93:fd:29:f6:bb:22:b4:cc:6a:
50:ed:59:27:1a:fe:ea:92:7c:2a:2d:48:f1:ca:ee:
2b:96:57:c3:67:fa:86:ee:0c:8f:d8:d4:47:bf:a5:
1e:bd:48:94:d6:75:95:4a:af:61:9c:f8:18:e1:51:
60:8c:20:66:9c:6c:ae:81:35:3e:69:c9:c8:0f:67:
a8:86:15:d6:10:ea:d8:a4:dd:76:a0:e5:f5:d0:6f:
ef:5e:d8:aa:4a:8e:52:2e:dd:18:18:32:21:fa:27:
6e:ad:cf:33:ec:cf:14:cd:ee:34:96:56:04:7c:18:
b0:f0:b3:34:fd:73:bb:a0:b1:65:91:b1:ad:15:2c:
2f:fc:c5:a4:f9:69:22:a5:22:d5:ad:b6:a9:86:b1:
cf:0b:71:0b:61:f6:57:51:66:89:10:67:18:64:39:
32:f9:1d:42:1c:d3:f7:1a:9b:f5:8c:2b:31:64:81:
91:81:eb:3d:a5:48:5e:a1:88:a0:3b:e4:95:10:2a:
d8:ba:2c:7f:d1:fd:3a:dc:d5:5f:67:e0:55:66:98:
ee:da:36:49:01:4c:19:a3:90:23:16:df:c1:f8:a3:
4f:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:BC:62:D0:C5:37:95:A5:23:21:2E:58:06:38:EB:6F:16:1E:0A:8A
X509v3 Authority Key Identifier:
keyid:35:1A:14:CE:9D:25:23:9B:92:FE:5A:BC:E5:32:51:50:44:C1:AB:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRoUzp0lI5uS_lq85TJRUETBq6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/9rxi0MU3laUjIS5YBjjrbxYeCoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/NRoUzp0lI5uS_lq85TJRUETBq6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.64.0/24
86.105.152.0/23
86.105.155.0/24
89.36.18.0/24
89.36.93.0/24
89.40.214.0/24
89.42.42.0/24
89.43.174.0/24
185.82.172.0/22
188.212.250.0/24
188.241.13.0/24
193.33.200.0/23
193.105.218.0/24
IPv6:
2a05:91c0::/32
2a05:91c4::/32
2a09:1340::/29
2a0f:8b80::/29
2a12:aec0::/29
Signature Algorithm: sha256WithRSAEncryption
8a:ff:25:cb:6f:76:99:f6:1f:58:1b:49:d5:c2:a3:10:44:67:
76:3c:8a:63:f7:d5:30:0e:62:f9:01:99:47:4d:e0:4b:d1:8a:
71:12:08:49:8a:7f:19:46:dc:f8:92:58:1e:b5:99:bc:5b:a8:
1a:c4:92:4e:81:30:45:a4:22:60:1d:50:65:ec:08:df:80:65:
d3:f4:7f:4d:8f:a8:1d:8a:44:73:63:62:ab:d4:84:2d:62:96:
b2:28:1b:83:57:75:d7:c7:21:99:0d:fe:51:16:63:18:bd:a1:
e1:42:b9:cf:66:9d:f0:4d:ce:b4:0c:aa:6c:7e:0d:0f:2c:74:
b9:e6:e7:32:64:64:60:ec:e4:a8:0c:76:6c:35:9f:7d:42:a8:
c6:4c:8b:dd:d8:49:55:5b:c6:6c:ff:4f:cd:f9:2c:5a:ee:c3:
48:d8:65:b1:e7:87:16:28:75:71:56:a3:e9:43:9c:d7:6b:22:
c0:8b:18:2d:92:4e:49:38:4c:a6:0c:3d:68:b6:9a:9a:41:db:
71:9b:2e:dd:dc:aa:00:8a:94:35:ad:4e:99:0b:c3:e9:bb:54:
a1:e8:f1:a0:58:f2:56:f6:91:e1:a9:1f:7a:06:44:60:12:0e:
68:81:85:43:6d:dc:21:d4:df:6c:7f:23:fc:11:fc:55:c3:21:
5b:78:fe:c4
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZLArybsd92wPchPA/PGBghfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MWExNGNlOWQyNTIzOWI5MmZlNWFiY2U1MzI1MTUwNDRj
MWFiYTQwHhcNMjQxMDI0MjIzOTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmJjNjJkMGM1Mzc5NWE1MjMyMTJlNTgwNjM4ZWI2ZjE2MWUwYThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjF/vpuFTSJFeG/3o1MSeZ50ojMR
SwMo3OhoItFuJRD/l7mT/Sn2uyK0zGpQ7VknGv7qknwqLUjxyu4rllfDZ/qG7gyP
2NRHv6UevUiU1nWVSq9hnPgY4VFgjCBmnGyugTU+acnID2eohhXWEOrYpN12oOX1
0G/vXtiqSo5SLt0YGDIh+idurc8z7M8Uze40llYEfBiw8LM0/XO7oLFlkbGtFSwv
/MWk+WkipSLVrbaphrHPC3ELYfZXUWaJEGcYZDky+R1CHNP3Gpv1jCsxZIGRges9
pUheoYigO+SVECrYuix/0f063NVfZ+BVZpju2jZJAUwZo5AjFt/B+KNPEQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFPa8YtDFN5WlIyEuWAY4628WHgqKMB8GA1UdIwQY
MBaAFDUaFM6dJSObkv5avOUyUVBEwaukMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJvVXpwMGxJNXVTX2xxODVUSlJVRVRCcTZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8zZTIxNjUtM2JiNS00NWMzLTk4OWEt
Mjk1Mzg5NGIxZjZkLzEvOXJ4aTBNVTNsYVVqSVM1WUJqanJieFllQ29vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8zZTIxNjUtM2JiNS00NWMzLTk4OWEtMjk1Mzg5NGIxZjZk
LzEvTlJvVXpwMGxJNXVTX2xxODVUSlJVRVRCcTZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTBUBAIAATBOAwQATVFA
AwQBVmmYAwQAVmmbAwQAWSQSAwQAWSRdAwQAWSjWAwQAWSoqAwQAWSuuAwQCuVKs
AwQAvNT6AwQAvPENAwQBwSHIAwQAwWnaMCkEAgACMCMDBQAqBZHAAwUAKgWRxAMF
AyoJE0ADBQMqD4uAAwUDKhKuwDANBgkqhkiG9w0BAQsFAAOCAQEAiv8ly292mfYf
WBtJ1cKjEERndjyKY/fVMA5i+QGZR03gS9GKcRIISYp/GUbc+JJYHrWZvFuoGsSS
ToEwRaQiYB1QZewI34Bl0/R/TY+oHYpEc2Niq9SELWKWsigbg1d118chmQ3+URZj
GL2h4UK5z2ad8E3OtAyqbH4NDyx0uebnMmRkYOzkqAx2bDWffUKoxkyL3dhJVVvG
bP9PzfksWu7DSNhlseeHFih1cVaj6UOc12siwIsYLZJOSThMpgw9aLaamkHbcZsu
3dyqAIqUNa1OmQvD6btUoejxoFjyVvaR4akfegZEYBIOaIGFQ23cIdTfbH8j/BH8
VcMhW3j+xA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:55:19 2024 by rpki-client on console-ams.rpki-client.org