Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/6451ef-32d2-4f51-b3bd-9d1cda23ec4f/1/nyhNRoSW5TaYGy7Tf9jgueimheE.roa
File: nyhNRoSW5TaYGy7Tf9jgueimheE.roa (raw, json)
Hash identifier: 9o8QmpT9rMr7g88hqhyPlwlmKQQmX8iXIEiiLV/6B/A=
Subject key identifier: 9F:28:4D:46:84:96:E5:36:98:1B:2E:D3:7F:D8:E0:B9:E8:A6:85:E1
Certificate issuer: /CN=7813663c64a5da8dcaf5b3acfd3eeaf835b41a53
Certificate serial: 018CC2DB2F9C2D9547A75B2BED7CB347206A
Authority key identifier: 78:13:66:3C:64:A5:DA:8D:CA:F5:B3:AC:FD:3E:EA:F8:35:B4:1A:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eBNmPGSl2o3K9bOs_T7q-DW0GlM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/6451ef-32d2-4f51-b3bd-9d1cda23ec4f/1/nyhNRoSW5TaYGy7Tf9jgueimheE.roa
Signing time: Mon 01 Jan 2024 02:29:53 +0000
ROA not before: Mon 01 Jan 2024 02:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59794
IP address blocks: 185.211.90.0/23 maxlen: 23
185.211.88.0/22 maxlen: 22
185.211.90.0/24 maxlen: 24
185.211.91.0/24 maxlen: 24
185.211.88.0/24 maxlen: 24
185.211.88.0/23 maxlen: 23
185.211.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/6451ef-32d2-4f51-b3bd-9d1cda23ec4f/1/eBNmPGSl2o3K9bOs_T7q-DW0GlM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/6451ef-32d2-4f51-b3bd-9d1cda23ec4f/1/eBNmPGSl2o3K9bOs_T7q-DW0GlM.mft
rsync://rpki.ripe.net/repository/DEFAULT/eBNmPGSl2o3K9bOs_T7q-DW0GlM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:2f:9c:2d:95:47:a7:5b:2b:ed:7c:b3:47:20:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7813663c64a5da8dcaf5b3acfd3eeaf835b41a53
Validity
Not Before: Jan 1 02:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f284d468496e536981b2ed37fd8e0b9e8a685e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:90:43:3e:0d:d5:ed:ae:7b:2c:e9:50:9c:81:
8f:c7:0d:9b:68:0a:be:3f:cf:4f:35:0a:bc:5a:55:
4d:9d:58:d9:ae:aa:44:8a:20:2d:52:48:44:a1:95:
af:65:7a:37:12:0e:b4:30:4c:19:15:04:df:e9:03:
66:f7:58:8e:73:51:c7:49:0d:8e:fd:46:21:4a:d7:
29:8e:23:55:76:33:28:8f:00:cf:04:55:3d:e4:db:
dc:c3:80:0b:3f:b9:ca:2f:e0:f0:97:46:00:0f:00:
17:9e:d8:ca:a8:ae:27:f9:b0:b8:6e:6d:1d:17:5b:
da:08:fb:e4:ec:df:8a:23:d3:bd:7e:27:4e:6e:30:
87:a7:bf:90:f6:51:70:34:82:52:ed:eb:4b:58:18:
5c:ae:08:2d:34:7e:3c:75:b1:02:84:a3:ac:cb:bb:
c1:82:60:99:e0:d5:db:76:1d:4b:32:2d:d6:38:6d:
41:89:f4:94:31:e4:99:1a:6b:e0:56:0a:92:82:ec:
2e:d2:17:03:46:7b:02:a9:e6:76:f2:53:90:bc:75:
ad:d3:c9:14:33:9c:16:ee:61:4c:f5:29:6c:fb:bd:
b9:2d:2e:4b:bc:ae:13:aa:6b:3a:7d:8b:a8:34:4b:
61:4d:97:90:82:36:4c:f1:1e:b4:61:f1:96:a6:d5:
ba:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:28:4D:46:84:96:E5:36:98:1B:2E:D3:7F:D8:E0:B9:E8:A6:85:E1
X509v3 Authority Key Identifier:
keyid:78:13:66:3C:64:A5:DA:8D:CA:F5:B3:AC:FD:3E:EA:F8:35:B4:1A:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eBNmPGSl2o3K9bOs_T7q-DW0GlM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/6451ef-32d2-4f51-b3bd-9d1cda23ec4f/1/nyhNRoSW5TaYGy7Tf9jgueimheE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/6451ef-32d2-4f51-b3bd-9d1cda23ec4f/1/eBNmPGSl2o3K9bOs_T7q-DW0GlM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.88.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:e6:13:9e:fc:c9:bc:66:aa:c6:85:b8:a4:a1:a9:a4:6c:65:
05:77:47:6c:b6:35:6d:8d:4c:16:ab:bb:cd:fd:aa:ca:cb:24:
e9:b7:34:30:61:a1:98:8c:b9:7a:b9:df:33:62:28:d0:b3:47:
38:d8:ba:70:99:ef:59:ba:7a:1e:15:ef:11:05:4f:46:38:1c:
52:a5:32:e4:55:5a:a9:d6:e7:ff:82:a8:61:a1:6b:a7:e8:b0:
b9:6c:e9:ff:7f:bf:36:c0:b7:ce:f6:55:1b:08:77:06:39:eb:
46:f1:3a:cd:f2:0c:61:7d:4e:2f:14:6b:5f:2b:49:6d:d2:8b:
19:a7:3c:c2:b9:5a:86:fd:28:d8:d2:b7:b5:2f:8e:a7:43:10:
f0:28:c4:94:be:fb:d8:c7:3c:41:53:a1:e8:b0:d3:b4:9d:93:
59:80:a1:78:00:87:de:a2:f2:91:a8:42:e2:17:c4:0f:8a:b1:
f2:5f:7a:e6:67:e5:fc:db:14:b4:02:53:25:23:14:41:35:9d:
c9:f1:88:d3:9d:bb:54:e6:47:5f:58:2a:9f:ed:86:be:84:61:
10:e3:02:54:d7:a6:b7:77:8d:7f:f0:f6:7d:4f:05:e0:54:78:
af:9c:76:94:6d:16:e1:a2:15:89:94:22:01:b5:67:00:44:3b:
75:6b:b5:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2y+cLZVHp1sr7XyzRyBqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4MTM2NjNjNjRhNWRhOGRjYWY1YjNhY2ZkM2VlYWY4MzVi
NDFhNTMwHhcNMjQwMTAxMDIyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjI4NGQ0Njg0OTZlNTM2OTgxYjJlZDM3ZmQ4ZTBiOWU4YTY4NWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZBDPg3V7a57LOlQnIGPxw2baAq+
P89PNQq8WlVNnVjZrqpEiiAtUkhEoZWvZXo3Eg60MEwZFQTf6QNm91iOc1HHSQ2O
/UYhStcpjiNVdjMojwDPBFU95Nvcw4ALP7nKL+Dwl0YADwAXntjKqK4n+bC4bm0d
F1vaCPvk7N+KI9O9fidObjCHp7+Q9lFwNIJS7etLWBhcrggtNH48dbEChKOsy7vB
gmCZ4NXbdh1LMi3WOG1BifSUMeSZGmvgVgqSguwu0hcDRnsCqeZ28lOQvHWt08kU
M5wW7mFM9Sls+725LS5LvK4Tqms6fYuoNEthTZeQgjZM8R60YfGWptW6OQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ8oTUaEluU2mBsu03/Y4LnopoXhMB8GA1UdIwQY
MBaAFHgTZjxkpdqNyvWzrP0+6vg1tBpTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUJObVBHU2wybzNLOWJPc19UN3EtRFcwR2xNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy82NDUxZWYtMzJkMi00ZjUxLWIzYmQt
OWQxY2RhMjNlYzRmLzEvbnloTlJvU1c1VGFZR3k3VGY5amd1ZWltaGVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy82NDUxZWYtMzJkMi00ZjUxLWIzYmQtOWQxY2RhMjNlYzRm
LzEvZUJObVBHU2wybzNLOWJPc19UN3EtRFcwR2xNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudNYMA0G
CSqGSIb3DQEBCwUAA4IBAQCN5hOe/Mm8ZqrGhbikoamkbGUFd0dstjVtjUwWq7vN
/arKyyTptzQwYaGYjLl6ud8zYijQs0c42Lpwme9ZunoeFe8RBU9GOBxSpTLkVVqp
1uf/gqhhoWun6LC5bOn/f782wLfO9lUbCHcGOetG8TrN8gxhfU4vFGtfK0lt0osZ
pzzCuVqG/SjY0re1L46nQxDwKMSUvvvYxzxBU6HosNO0nZNZgKF4AIfeovKRqELi
F8QPirHyX3rmZ+X82xS0AlMlIxRBNZ3J8YjTnbtU5kdfWCqf7Ya+hGEQ4wJU16a3
d41/8PZ9TwXgVHivnHaUbRbhohWJlCIBtWcARDt1a7VR
-----END CERTIFICATE-----
Generated at Sat Jun 8 07:14:35 2024 by rpki-client on console-ams.rpki-client.org