Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/8NxqwNwik_mO_nrf5Fs5nynUvxQ.roa
File: 8NxqwNwik_mO_nrf5Fs5nynUvxQ.roa (raw, json)
Hash identifier: Yd1/SVHjGPeRbU2G+cZVgH/KTpiZEhJ8+x0L3Gy6nBM=
Subject key identifier: F0:DC:6A:C0:DC:22:93:F9:8E:FE:7A:DF:E4:5B:39:9F:29:D4:BF:14
Certificate issuer: /CN=9c73d9453fbedfb80c4543bb529fc330c1f8c1ce
Certificate serial: 018CC8702B0B5F430A0F840C707FBBC47B3C
Authority key identifier: 9C:73:D9:45:3F:BE:DF:B8:0C:45:43:BB:52:9F:C3:30:C1:F8:C1:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nHPZRT--37gMRUO7Up_DMMH4wc4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/8NxqwNwik_mO_nrf5Fs5nynUvxQ.roa
Signing time: Tue 02 Jan 2024 04:30:43 +0000
ROA not before: Tue 02 Jan 2024 04:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207353
IP address blocks: 195.246.246.0/24 maxlen: 24
195.246.249.0/24 maxlen: 24
195.246.247.0/24 maxlen: 24
195.246.248.0/24 maxlen: 24
217.199.213.0/24 maxlen: 24
193.243.161.0/24 maxlen: 24
89.248.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/nHPZRT--37gMRUO7Up_DMMH4wc4.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/nHPZRT--37gMRUO7Up_DMMH4wc4.mft
rsync://rpki.ripe.net/repository/DEFAULT/nHPZRT--37gMRUO7Up_DMMH4wc4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Sep 2024 13:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:2b:0b:5f:43:0a:0f:84:0c:70:7f:bb:c4:7b:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c73d9453fbedfb80c4543bb529fc330c1f8c1ce
Validity
Not Before: Jan 2 04:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0dc6ac0dc2293f98efe7adfe45b399f29d4bf14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:da:f6:39:2e:e0:ba:09:a0:de:b7:9b:bb:51:
4f:bd:3e:f4:83:e2:79:e9:8b:67:70:4e:9f:cb:8e:
49:a0:81:d8:da:b1:65:56:79:80:91:f9:fb:a4:48:
2f:64:ed:26:c1:6b:02:b3:8f:78:02:a8:ed:26:ca:
61:8b:29:db:1f:7a:c9:0b:79:a5:56:64:6b:75:8a:
4b:89:03:0f:f7:23:2c:0e:ec:82:c3:97:89:9d:ac:
92:49:58:7d:1e:13:a0:49:0f:27:19:d2:67:d9:70:
58:b2:cf:7a:2f:4c:e4:f8:d8:8c:52:ea:9a:88:fa:
1d:ed:a2:60:af:c5:0e:4e:f4:cf:f7:14:42:22:e1:
cb:e8:f5:7e:76:b3:ac:02:2c:b4:3c:3a:ee:8f:d3:
44:1b:0e:b9:5d:08:ba:21:c7:9d:97:22:30:c0:97:
41:3f:0a:1e:65:7f:67:22:39:e6:db:8c:19:e6:31:
7d:1b:aa:45:46:b4:39:a8:02:74:cf:66:3c:e7:71:
9d:8f:c8:17:50:9c:f2:50:e1:6a:a6:5e:1b:2f:4b:
94:b1:26:ae:68:6f:bb:04:4d:00:c5:cb:51:17:92:
bc:c4:6b:99:9d:0e:4b:9b:e9:5f:c0:f4:db:ce:ac:
b2:a3:74:b2:f8:7e:59:96:f9:37:8b:4e:bb:5e:4b:
62:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:DC:6A:C0:DC:22:93:F9:8E:FE:7A:DF:E4:5B:39:9F:29:D4:BF:14
X509v3 Authority Key Identifier:
keyid:9C:73:D9:45:3F:BE:DF:B8:0C:45:43:BB:52:9F:C3:30:C1:F8:C1:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nHPZRT--37gMRUO7Up_DMMH4wc4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/8NxqwNwik_mO_nrf5Fs5nynUvxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/b35379-2122-4191-8821-c47e18df0371/1/nHPZRT--37gMRUO7Up_DMMH4wc4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.248.230.0/24
193.243.161.0/24
195.246.246.0-195.246.249.255
217.199.213.0/24
Signature Algorithm: sha256WithRSAEncryption
09:cb:f1:8b:ce:63:83:c0:06:ca:24:c2:0c:9c:ac:c4:08:07:
d9:e6:96:b5:92:02:b6:51:37:b7:67:60:f1:6f:1e:99:31:58:
2c:d8:16:4e:36:81:3b:b0:f9:83:80:20:11:29:fd:48:d2:a1:
10:98:06:6c:7e:4d:0e:fc:a4:0b:79:45:09:61:bd:d6:0a:eb:
c2:a9:05:5d:23:73:4f:af:40:30:19:ea:67:53:26:39:77:b0:
e7:fb:e7:b6:d5:22:fd:4c:27:4d:d9:29:43:f5:a4:d1:20:d9:
9a:c8:98:c9:cb:1b:a2:47:a3:23:b9:ed:8a:d1:d0:5f:66:9c:
b1:f2:f3:25:bf:6c:2e:9f:07:5c:34:82:47:e3:83:21:84:1f:
6f:ab:1e:73:e3:78:53:bd:90:55:c7:3b:3c:bd:20:ab:2a:0d:
fb:e8:11:44:44:a8:6f:ce:b1:1c:b5:a9:e8:fb:03:58:54:7a:
26:7f:9c:46:ee:4e:09:d1:65:f7:d1:80:24:ea:11:d9:52:3e:
c5:c9:1a:0b:08:41:9e:40:55:4d:c5:5a:51:98:bc:29:8b:9b:
cc:03:8f:10:73:c9:5c:2f:63:ca:5f:e8:20:28:1c:bd:ff:da:
62:3e:e0:1b:f3:4c:a6:ce:03:31:fb:40:0d:cf:2f:6b:b6:c6:
8f:a2:d3:15
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzIcCsLX0MKD4QMcH+7xHs8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNzNkOTQ1M2ZiZWRmYjgwYzQ1NDNiYjUyOWZjMzMwYzFm
OGMxY2UwHhcNMjQwMTAyMDQzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGRjNmFjMGRjMjI5M2Y5OGVmZTdhZGZlNDViMzk5ZjI5ZDRiZjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNr2OS7gugmg3rebu1FPvT70g+J5
6YtncE6fy45JoIHY2rFlVnmAkfn7pEgvZO0mwWsCs494AqjtJsphiynbH3rJC3ml
VmRrdYpLiQMP9yMsDuyCw5eJnaySSVh9HhOgSQ8nGdJn2XBYss96L0zk+NiMUuqa
iPod7aJgr8UOTvTP9xRCIuHL6PV+drOsAiy0PDruj9NEGw65XQi6IcedlyIwwJdB
PwoeZX9nIjnm24wZ5jF9G6pFRrQ5qAJ0z2Y853Gdj8gXUJzyUOFqpl4bL0uUsSau
aG+7BE0AxctRF5K8xGuZnQ5Lm+lfwPTbzqyyo3Sy+H5Zlvk3i067XktiJQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFPDcasDcIpP5jv563+RbOZ8p1L8UMB8GA1UdIwQY
MBaAFJxz2UU/vt+4DEVDu1KfwzDB+MHOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkhQWlJULS0zN2dNUlVPN1VwX0RNTUg0d2M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9iMzUzNzktMjEyMi00MTkxLTg4MjEt
YzQ3ZTE4ZGYwMzcxLzEvOE54cXdOd2lrX21PX25yZjVGczVueW5VdnhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9iMzUzNzktMjEyMi00MTkxLTg4MjEtYzQ3ZTE4ZGYwMzcx
LzEvbkhQWlJULS0zN2dNUlVPN1VwX0RNTUg0d2M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAWfjmAwQA
wfOhMAwDBAHD9vYDBAHD9vgDBADZx9UwDQYJKoZIhvcNAQELBQADggEBAAnL8YvO
Y4PABsokwgycrMQIB9nmlrWSArZRN7dnYPFvHpkxWCzYFk42gTuw+YOAIBEp/UjS
oRCYBmx+TQ78pAt5RQlhvdYK68KpBV0jc0+vQDAZ6mdTJjl3sOf757bVIv1MJ03Z
KUP1pNEg2ZrImMnLG6JHoyO57YrR0F9mnLHy8yW/bC6fB1w0gkfjgyGEH2+rHnPj
eFO9kFXHOzy9IKsqDfvoEUREqG/OsRy1qej7A1hUeiZ/nEbuTgnRZffRgCTqEdlS
PsXJGgsIQZ5AVU3FWlGYvCmLm8wDjxBzyVwvY8pf6CAoHL3/2mI+4BvzTKbOAzH7
QA3PL2u2xo+i0xU=
-----END CERTIFICATE-----
Generated at Fri Sep 27 22:15:56 2024 by rpki-client on console-fra.rpki-client.org