Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/pehSY_x_TwYOoca8-U73i8cby3Y.roa
File: pehSY_x_TwYOoca8-U73i8cby3Y.roa (raw, json)
Hash identifier: I4hO7SnWRRHKJHlpaNkISxhKEWzxZBcbGqb39ABwjTw=
Subject key identifier: A5:E8:52:63:FC:7F:4F:06:0E:A1:C6:BC:F9:4E:F7:8B:C7:1B:CB:76
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 019344D1084ED87DE8CE3A7638C2D2C6BAAC
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/pehSY_x_TwYOoca8-U73i8cby3Y.roa
Signing time: Tue 19 Nov 2024 14:26:10 +0000
ROA not before: Tue 19 Nov 2024 14:26:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 89.37.63.0/24 maxlen: 24
92.114.107.0/24 maxlen: 24
103.212.80.0/24 maxlen: 24
185.9.55.0/24 maxlen: 24
185.121.122.0/23 maxlen: 24
188.212.133.0/24 maxlen: 24
188.241.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:44:d1:08:4e:d8:7d:e8:ce:3a:76:38:c2:d2:c6:ba:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 19 14:26:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5e85263fc7f4f060ea1c6bcf94ef78bc71bcb76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:45:83:df:8d:c9:c6:2e:56:9d:b0:59:d5:34:
3b:03:a2:51:cc:15:f5:98:a5:a0:79:5c:f3:80:67:
14:fe:95:f5:12:e8:70:d8:c0:b0:ad:bc:e4:35:b8:
4a:9f:c1:a7:c8:8f:e0:74:45:cb:c6:66:ac:d9:41:
88:12:78:18:8b:4a:22:79:af:3e:14:01:48:a3:2a:
41:7b:f4:64:f3:bf:0b:2a:2e:b3:67:21:16:66:42:
f3:65:6b:7a:07:9c:b7:75:93:a5:d2:bd:d3:20:ab:
d6:c5:16:15:b8:94:0a:37:ac:e6:3d:17:e8:77:71:
e6:ac:37:2d:c8:4d:d4:86:cd:14:f0:16:6e:73:05:
7b:4d:33:19:a0:f3:15:26:2b:c5:a6:60:2a:b5:f7:
f9:e5:0c:1b:91:f7:1b:fd:c7:c5:94:f3:d5:fd:ce:
5a:85:15:61:12:45:7d:9b:3e:d8:01:7d:83:05:d2:
19:39:f3:b6:bb:4c:2f:4a:5b:c6:ae:a1:96:d7:49:
c5:bd:93:96:34:c0:fd:f6:e4:52:17:d9:7e:93:41:
ef:35:36:59:0d:57:e2:3b:1e:ed:f9:1f:14:eb:28:
fd:d7:c5:8b:5f:75:34:c4:4d:c5:2d:77:45:39:28:
71:c9:16:21:7e:c5:d0:27:73:2f:19:7f:6a:c9:1a:
8e:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:E8:52:63:FC:7F:4F:06:0E:A1:C6:BC:F9:4E:F7:8B:C7:1B:CB:76
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/pehSY_x_TwYOoca8-U73i8cby3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.63.0/24
92.114.107.0/24
103.212.80.0/24
185.9.55.0/24
185.121.122.0/23
188.212.133.0/24
188.241.214.0/24
Signature Algorithm: sha256WithRSAEncryption
59:cb:5c:d4:45:a4:8e:05:28:19:7b:38:05:26:32:b5:89:29:
7a:5e:28:3f:b3:76:9a:5f:33:f1:f9:9b:90:3f:99:e8:cf:be:
fd:30:4e:61:df:8f:2b:8a:5a:07:fa:9f:77:ef:e3:7f:79:45:
7a:9a:ac:a9:8f:e6:a0:67:95:ab:2b:8a:42:49:c7:35:1d:6a:
11:f9:0f:46:32:24:2b:c7:02:48:b5:91:e5:58:db:72:53:65:
24:45:14:16:83:c8:76:b9:fa:db:5e:63:1a:cf:6b:e1:1c:bb:
15:a2:01:d9:15:c3:f8:61:8d:42:7f:22:55:ae:56:80:05:ec:
57:f5:0c:6a:bf:de:29:71:50:f2:52:3d:07:b5:81:89:a5:95:
1d:9e:bc:64:e5:57:8a:a2:a3:b0:42:d1:68:0b:e4:f0:a2:dc:
08:4d:4e:ab:f0:a1:22:9f:e4:df:0e:16:59:18:3c:12:49:17:
c9:ce:a6:03:69:54:5e:4c:f4:5e:71:9e:7c:5d:76:7a:fc:af:
04:57:5d:21:90:f3:b8:e1:55:97:cc:7a:39:c7:ca:31:80:4a:
f2:6e:0c:9a:13:07:c3:35:7e:8d:fa:0e:8c:df:aa:66:33:19:
55:99:a0:0b:3c:cf:36:38:b2:16:24:95:a8:17:b8:50:71:62:
7f:71:a7:73
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZNE0QhO2H3ozjp2OMLSxrqsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQxMTE5MTQyNjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWU4NTI2M2ZjN2Y0ZjA2MGVhMWM2YmNmOTRlZjc4YmM3MWJjYjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEWD343Jxi5WnbBZ1TQ7A6JRzBX1
mKWgeVzzgGcU/pX1Euhw2MCwrbzkNbhKn8GnyI/gdEXLxmas2UGIEngYi0oiea8+
FAFIoypBe/Rk878LKi6zZyEWZkLzZWt6B5y3dZOl0r3TIKvWxRYVuJQKN6zmPRfo
d3HmrDctyE3Uhs0U8BZucwV7TTMZoPMVJivFpmAqtff55Qwbkfcb/cfFlPPV/c5a
hRVhEkV9mz7YAX2DBdIZOfO2u0wvSlvGrqGW10nFvZOWNMD99uRSF9l+k0HvNTZZ
DVfiOx7t+R8U6yj918WLX3U0xE3FLXdFOShxyRYhfsXQJ3MvGX9qyRqO6wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKXoUmP8f08GDqHGvPlO94vHG8t2MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvcGVoU1lfeF9Ud1lPb2NhOC1VNzNpOGNieTNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAWSU/AwQA
XHJrAwQAZ9RQAwQAuQk3AwQBuXl6AwQAvNSFAwQAvPHWMA0GCSqGSIb3DQEBCwUA
A4IBAQBZy1zURaSOBSgZezgFJjK1iSl6Xig/s3aaXzPx+ZuQP5noz779ME5h348r
iloH+p937+N/eUV6mqypj+agZ5WrK4pCScc1HWoR+Q9GMiQrxwJItZHlWNtyU2Uk
RRQWg8h2ufrbXmMaz2vhHLsVogHZFcP4YY1CfyJVrlaABexX9Qxqv94pcVDyUj0H
tYGJpZUdnrxk5VeKoqOwQtFoC+TwotwITU6r8KEin+TfDhZZGDwSSRfJzqYDaVRe
TPRecZ58XXZ6/K8EV10hkPO44VWXzHo5x8oxgErybgyaEwfDNX6N+g6M36pmMxlV
maALPM82OLIWJJWoF7hQcWJ/cadz
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:06:50 2024 by rpki-client on console-ams.rpki-client.org