Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/c8d393-3e28-4f07-996b-366ba1700fe0/1/1-Nh2Jn3G5dwAfd0cbHKnGeQ0B0E.roa
File: 1-Nh2Jn3G5dwAfd0cbHKnGeQ0B0E.roa (raw, json)
Hash identifier: JlA4hDRL6MaQMM6pbIo7twX/HF7DehEkFPmjd5E2b5I=
Subject key identifier: F8:D8:76:26:7D:C6:E5:DC:00:7D:DD:1C:6C:72:A7:19:E4:34:07:41
Certificate issuer: /CN=547841eeff20c78b33d411dae51a692adb892e31
Certificate serial: 018CC50012A89C7EF622982A8B87C9D311DB
Authority key identifier: 54:78:41:EE:FF:20:C7:8B:33:D4:11:DA:E5:1A:69:2A:DB:89:2E:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VHhB7v8gx4sz1BHa5RppKtuJLjE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/c8d393-3e28-4f07-996b-366ba1700fe0/1/1-Nh2Jn3G5dwAfd0cbHKnGeQ0B0E.roa
Signing time: Mon 01 Jan 2024 12:29:25 +0000
ROA not before: Mon 01 Jan 2024 12:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199738
IP address blocks: 89.37.76.0/24 maxlen: 24
89.37.76.0/22 maxlen: 22
89.37.77.0/24 maxlen: 24
89.37.78.0/24 maxlen: 24
89.37.79.0/24 maxlen: 24
86.106.64.0/22 maxlen: 22
86.106.68.0/24 maxlen: 24
86.106.68.0/23 maxlen: 23
86.106.69.0/24 maxlen: 24
86.106.70.0/23 maxlen: 23
86.106.4.0/22 maxlen: 22
86.106.4.0/24 maxlen: 24
86.106.6.0/24 maxlen: 24
86.106.5.0/24 maxlen: 24
86.106.7.0/24 maxlen: 24
89.32.112.0/24 maxlen: 24
89.32.116.0/23 maxlen: 23
89.32.116.0/24 maxlen: 24
89.32.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/c8d393-3e28-4f07-996b-366ba1700fe0/1/VHhB7v8gx4sz1BHa5RppKtuJLjE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/c8d393-3e28-4f07-996b-366ba1700fe0/1/VHhB7v8gx4sz1BHa5RppKtuJLjE.mft
rsync://rpki.ripe.net/repository/DEFAULT/VHhB7v8gx4sz1BHa5RppKtuJLjE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:12:a8:9c:7e:f6:22:98:2a:8b:87:c9:d3:11:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=547841eeff20c78b33d411dae51a692adb892e31
Validity
Not Before: Jan 1 12:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8d876267dc6e5dc007ddd1c6c72a719e4340741
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:a5:63:13:76:7c:00:95:3a:cb:3d:16:e8:63:
ba:9d:a0:07:0f:a4:a1:d7:e0:65:21:06:32:ac:b8:
29:67:ac:12:cb:94:57:6b:0a:2b:e1:88:57:23:60:
bc:44:b5:05:b7:db:86:10:2f:32:bd:53:1e:75:d6:
bb:bd:34:89:d5:8b:f5:78:25:3f:28:f4:57:5b:f6:
ca:0b:73:65:ff:6a:2b:cf:aa:36:45:75:d5:86:ae:
be:e9:4b:3e:78:08:8f:db:f2:ed:6d:97:5a:19:cb:
dc:2c:b5:04:0d:c3:36:ca:99:36:3a:db:65:69:18:
6d:1a:af:3b:5b:f6:cc:06:be:f6:22:ad:62:33:6b:
6f:e0:47:8e:f9:4c:13:92:3c:ff:4e:04:81:8d:d9:
67:5a:56:e2:22:ee:a4:2c:9e:5a:83:11:64:67:2d:
e5:0e:f5:d2:65:1b:5d:f7:a6:8a:c6:0b:7b:d8:0f:
51:9e:b0:75:74:20:c2:aa:e6:34:f1:04:e4:69:01:
c5:84:ce:81:86:94:eb:e9:fe:16:a0:51:52:9c:c3:
f8:b0:31:9b:1c:12:47:83:4c:7c:32:ac:93:26:05:
fc:f1:fe:f5:3f:a4:6e:10:71:16:a0:5b:ad:ae:7a:
31:3d:ae:30:c6:2b:30:58:de:40:28:9b:cb:b9:4d:
31:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:D8:76:26:7D:C6:E5:DC:00:7D:DD:1C:6C:72:A7:19:E4:34:07:41
X509v3 Authority Key Identifier:
keyid:54:78:41:EE:FF:20:C7:8B:33:D4:11:DA:E5:1A:69:2A:DB:89:2E:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VHhB7v8gx4sz1BHa5RppKtuJLjE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/c8d393-3e28-4f07-996b-366ba1700fe0/1/1-Nh2Jn3G5dwAfd0cbHKnGeQ0B0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/c8d393-3e28-4f07-996b-366ba1700fe0/1/VHhB7v8gx4sz1BHa5RppKtuJLjE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.106.4.0/22
86.106.64.0/21
89.32.112.0/24
89.32.116.0/23
89.37.76.0/22
Signature Algorithm: sha256WithRSAEncryption
05:c3:79:d9:b4:08:a3:17:48:95:bc:ba:36:68:7c:8f:30:f2:
dc:de:5f:8d:f3:f8:fa:71:c1:fe:7d:cd:31:61:62:95:94:e8:
ea:07:ea:ce:ba:ca:a6:62:b9:d0:7c:6c:95:35:24:f6:50:29:
67:fa:41:21:59:fb:29:e5:64:93:da:58:91:8f:c1:0f:76:ac:
d7:74:43:81:ea:62:05:64:3c:70:0d:c2:bd:af:43:ac:96:eb:
b0:94:24:4c:81:30:0c:24:f0:94:09:f2:33:ef:c3:62:2c:23:
88:00:40:2c:14:2c:4e:cc:dc:8c:9c:50:08:54:07:0d:4d:bb:
b8:2e:d4:8e:d5:c4:af:15:43:c0:61:95:50:f6:6c:1d:ad:32:
58:39:fb:80:41:9c:00:19:81:2c:d1:be:97:3f:98:4c:7d:50:
aa:a9:1a:36:34:9c:07:ed:58:b7:69:24:29:1d:49:aa:d9:5a:
0a:7a:09:7a:4a:a2:66:41:32:93:c7:8c:ce:a2:1e:99:df:78:
b6:5c:9c:67:ed:7f:28:5e:a0:6f:bb:37:dc:b3:36:6f:98:c2:
15:09:e9:c9:c0:7d:43:96:f2:a5:a4:3d:92:c2:a0:bb:c9:bb:
1f:87:72:25:0b:c4:b6:db:c8:1a:03:a1:48:61:56:94:f4:74:
f9:e2:f6:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYzFABKonH72Ipgqi4fJ0xHbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0Nzg0MWVlZmYyMGM3OGIzM2Q0MTFkYWU1MWE2OTJhZGI4
OTJlMzEwHhcNMjQwMTAxMTIyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGQ4NzYyNjdkYzZlNWRjMDA3ZGRkMWM2YzcyYTcxOWU0MzQwNzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7aVjE3Z8AJU6yz0W6GO6naAHD6Sh
1+BlIQYyrLgpZ6wSy5RXawor4YhXI2C8RLUFt9uGEC8yvVMedda7vTSJ1Yv1eCU/
KPRXW/bKC3Nl/2orz6o2RXXVhq6+6Us+eAiP2/LtbZdaGcvcLLUEDcM2ypk2Ottl
aRhtGq87W/bMBr72Iq1iM2tv4EeO+UwTkjz/TgSBjdlnWlbiIu6kLJ5agxFkZy3l
DvXSZRtd96aKxgt72A9RnrB1dCDCquY08QTkaQHFhM6BhpTr6f4WoFFSnMP4sDGb
HBJHg0x8MqyTJgX88f71P6RuEHEWoFutrnoxPa4wxiswWN5AKJvLuU0xewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPjYdiZ9xuXcAH3dHGxypxnkNAdBMB8GA1UdIwQY
MBaAFFR4Qe7/IMeLM9QR2uUaaSrbiS4xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkhoQjd2OGd4NHN6MUJIYTVScHBLdHVKTGpFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9jOGQzOTMtM2UyOC00ZjA3LTk5NmIt
MzY2YmExNzAwZmUwLzEvMS1OaDJKbjNHNWR3QWZkMGNiSEtuR2VRMEIwRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYWQvYzhkMzkzLTNlMjgtNGYwNy05OTZiLTM2NmJhMTcwMGZl
MC8xL1ZIaEI3djhneDRzejFCSGE1UnBwS3R1SkxqRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAlZqBAME
A1ZqQAMEAFkgcAMEAVkgdAMEAlklTDANBgkqhkiG9w0BAQsFAAOCAQEABcN52bQI
oxdIlby6Nmh8jzDy3N5fjfP4+nHB/n3NMWFilZTo6gfqzrrKpmK50HxslTUk9lAp
Z/pBIVn7KeVkk9pYkY/BD3as13RDgepiBWQ8cA3Cva9DrJbrsJQkTIEwDCTwlAny
M+/DYiwjiABALBQsTszcjJxQCFQHDU27uC7UjtXErxVDwGGVUPZsHa0yWDn7gEGc
ABmBLNG+lz+YTH1QqqkaNjScB+1Yt2kkKR1JqtlaCnoJekqiZkEyk8eMzqIemd94
tlycZ+1/KF6gb7s33LM2b5jCFQnpycB9Q5bypaQ9ksKgu8m7H4dyJQvEttvIGgOh
SGFWlPR0+eL2Aw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:13:27 2024 by rpki-client on console-fra.rpki-client.org