Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/NXcXmiE4ODK-WJKPLekz5MtrIkU.roa
File: NXcXmiE4ODK-WJKPLekz5MtrIkU.roa (raw, json)
Hash identifier: ZxOI4AATjTJZPUBOCKJ1eqXeyhieIzJa+TxXwatNeFk=
Subject key identifier: 35:77:17:9A:21:38:38:32:BE:58:92:8F:2D:E9:33:E4:CB:6B:22:45
Certificate issuer: /CN=8624f3f661f24be5fef641dc722e5cf5ac87389e
Certificate serial: 018DE9641AC1E0C3195AE6E8F07CA22DA8AC
Authority key identifier: 86:24:F3:F6:61:F2:4B:E5:FE:F6:41:DC:72:2E:5C:F5:AC:87:38:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hiTz9mHyS-X-9kHcci5c9ayHOJ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/NXcXmiE4ODK-WJKPLekz5MtrIkU.roa
Signing time: Tue 27 Feb 2024 07:07:48 +0000
ROA not before: Tue 27 Feb 2024 07:07:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8784
IP address blocks: 83.169.64.0/18 maxlen: 18
83.169.64.0/23 maxlen: 23
83.169.66.0/24 maxlen: 24
83.169.67.0/24 maxlen: 24
83.169.69.0/24 maxlen: 24
83.169.70.0/23 maxlen: 23
83.169.70.0/24 maxlen: 24
83.169.71.0/24 maxlen: 24
83.169.73.0/24 maxlen: 24
83.169.80.0/24 maxlen: 24
83.169.81.0/24 maxlen: 24
83.169.83.0/24 maxlen: 24
83.169.84.0/24 maxlen: 24
83.169.85.0/24 maxlen: 24
83.169.89.0/24 maxlen: 24
83.169.92.0/24 maxlen: 24
83.169.99.0/24 maxlen: 24
83.169.100.0/22 maxlen: 22
83.169.100.0/24 maxlen: 24
83.169.102.0/24 maxlen: 24
83.169.103.0/24 maxlen: 24
83.169.114.0/23 maxlen: 23
83.169.114.0/24 maxlen: 24
83.169.115.0/24 maxlen: 24
83.169.116.0/22 maxlen: 22
83.169.116.0/24 maxlen: 24
83.169.117.0/24 maxlen: 24
83.169.118.0/24 maxlen: 24
83.169.119.0/24 maxlen: 24
83.169.120.0/22 maxlen: 22
83.169.120.0/24 maxlen: 24
83.169.121.0/24 maxlen: 24
83.169.122.0/24 maxlen: 24
83.169.123.0/24 maxlen: 24
83.169.124.0/24 maxlen: 24
83.169.125.0/24 maxlen: 24
178.22.152.0/21 maxlen: 21
194.117.208.0/20 maxlen: 20
194.117.208.0/24 maxlen: 24
194.117.211.0/24 maxlen: 24
194.117.216.0/24 maxlen: 24
194.117.219.0/24 maxlen: 24
194.153.214.0/24 maxlen: 24
195.46.192.0/19 maxlen: 19
195.46.193.0/24 maxlen: 24
195.46.195.0/24 maxlen: 24
195.46.198.0/24 maxlen: 24
195.46.199.0/24 maxlen: 24
195.46.204.0/24 maxlen: 24
195.46.209.0/24 maxlen: 24
195.46.210.0/24 maxlen: 24
195.46.213.0/24 maxlen: 24
195.46.214.0/24 maxlen: 24
195.46.216.0/24 maxlen: 24
195.46.219.0/24 maxlen: 24
195.46.223.0/24 maxlen: 24
212.37.192.0/19 maxlen: 19
213.139.96.0/19 maxlen: 19
213.139.111.0/24 maxlen: 24
213.139.112.0/24 maxlen: 24
213.139.117.0/24 maxlen: 24
213.139.123.0/24 maxlen: 24
2001:4b90::/32 maxlen: 32
2a02:d50::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/hiTz9mHyS-X-9kHcci5c9ayHOJ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/hiTz9mHyS-X-9kHcci5c9ayHOJ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/hiTz9mHyS-X-9kHcci5c9ayHOJ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e9:64:1a:c1:e0:c3:19:5a:e6:e8:f0:7c:a2:2d:a8:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8624f3f661f24be5fef641dc722e5cf5ac87389e
Validity
Not Before: Feb 27 07:07:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3577179a21383832be58928f2de933e4cb6b2245
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:2b:44:be:1d:20:13:eb:cf:bb:4b:42:7d:d6:
0f:fa:8d:5e:58:f4:ed:bb:0d:58:01:b8:39:a8:7e:
2a:75:9f:e1:a5:69:f7:d0:24:07:a3:6f:d7:f2:06:
49:3f:c8:f1:f7:61:d0:66:b1:a1:5d:07:fb:26:02:
e8:7d:ab:3e:c9:12:03:cf:a7:b9:e0:10:ce:c9:8f:
67:44:f0:b7:89:0a:3e:cb:aa:5a:cf:9f:8e:e3:3b:
5c:52:00:3e:c2:49:97:ca:41:2f:6c:5c:22:44:25:
59:a0:8a:88:b2:a6:58:b5:bb:d8:26:97:21:17:12:
9a:c6:2f:c8:ad:b7:b9:b1:b5:fa:5e:d9:91:59:77:
8b:79:25:8a:4c:01:5c:84:79:77:fd:93:41:b7:59:
5d:33:82:22:d6:3d:3a:dc:c1:52:bc:e4:89:f2:bc:
82:cd:09:1e:77:60:ca:54:63:be:61:58:9e:e4:82:
19:58:8c:91:ba:36:81:00:d8:26:6a:37:18:08:0f:
34:ea:7c:fa:58:b2:8d:d7:51:54:a2:73:d8:74:3f:
22:e8:ad:d5:b9:b4:9c:23:87:42:ff:78:2b:4f:10:
98:65:96:f3:69:0f:d1:82:de:b1:43:e6:6e:96:3a:
2e:b2:01:6f:a5:ed:c0:13:06:c3:d3:04:e4:2b:26:
07:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:77:17:9A:21:38:38:32:BE:58:92:8F:2D:E9:33:E4:CB:6B:22:45
X509v3 Authority Key Identifier:
keyid:86:24:F3:F6:61:F2:4B:E5:FE:F6:41:DC:72:2E:5C:F5:AC:87:38:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hiTz9mHyS-X-9kHcci5c9ayHOJ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/NXcXmiE4ODK-WJKPLekz5MtrIkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/2d958c-8878-4323-bedc-25e535c8a5b9/1/hiTz9mHyS-X-9kHcci5c9ayHOJ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.169.64.0/18
178.22.152.0/21
194.117.208.0/20
194.153.214.0/24
195.46.192.0/19
212.37.192.0/19
213.139.96.0/19
IPv6:
2001:4b90::/32
2a02:d50::/32
Signature Algorithm: sha256WithRSAEncryption
7f:4a:8f:e7:a2:ac:2b:7a:f8:92:76:d2:b5:38:b7:96:60:5b:
fa:c3:66:51:62:7b:c1:6c:a1:90:bf:72:af:a2:01:b2:d0:da:
c5:a5:fc:c0:79:d7:70:b9:c5:ba:23:7b:f0:8c:55:0c:0c:e3:
3a:73:fe:ba:e8:84:f9:7f:9b:7a:fb:24:ae:6e:96:b2:10:69:
4f:43:94:98:30:00:9c:48:b6:26:66:70:30:99:f2:94:b9:8a:
76:25:7d:24:f1:3d:2b:0c:59:44:61:98:ea:85:ab:49:c5:aa:
86:60:55:39:93:0a:47:5b:b6:f3:51:ae:fe:a2:55:8a:10:c5:
46:ab:34:72:fa:16:fd:dc:3d:8f:0d:22:bc:e2:56:4c:db:b4:
44:5a:95:77:d9:00:b0:37:d4:ff:a3:06:4c:d3:e4:1c:d7:3f:
99:d9:ea:93:df:c0:1f:ef:15:e5:f3:e1:06:4f:aa:49:19:d0:
6a:81:5e:d3:e2:1d:f3:23:78:6c:ee:76:af:99:63:a8:28:e0:
f0:ef:2b:d0:22:98:e6:b6:d6:3f:f5:2e:22:08:dc:20:98:9f:
d6:10:0c:14:b3:95:84:43:38:16:f6:67:14:2a:48:26:84:68:
08:86:6d:0c:0b:5c:92:7d:e8:9e:5e:13:d9:65:88:34:39:68:
39:23:3f:45
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAY3pZBrB4MMZWubo8HyiLaisMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MjRmM2Y2NjFmMjRiZTVmZWY2NDFkYzcyMmU1Y2Y1YWM4
NzM4OWUwHhcNMjQwMjI3MDcwNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTc3MTc5YTIxMzgzODMyYmU1ODkyOGYyZGU5MzNlNGNiNmIyMjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCtEvh0gE+vPu0tCfdYP+o1eWPTt
uw1YAbg5qH4qdZ/hpWn30CQHo2/X8gZJP8jx92HQZrGhXQf7JgLofas+yRIDz6e5
4BDOyY9nRPC3iQo+y6paz5+O4ztcUgA+wkmXykEvbFwiRCVZoIqIsqZYtbvYJpch
FxKaxi/Irbe5sbX6XtmRWXeLeSWKTAFchHl3/ZNBt1ldM4Ii1j063MFSvOSJ8ryC
zQked2DKVGO+YVie5IIZWIyRujaBANgmajcYCA806nz6WLKN11FUonPYdD8i6K3V
ubScI4dC/3grTxCYZZbzaQ/Rgt6xQ+ZuljousgFvpe3AEwbD0wTkKyYH0wIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFDV3F5ohODgyvliSjy3pM+TLayJFMB8GA1UdIwQY
MBaAFIYk8/Zh8kvl/vZB3HIuXPWshzieMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGlUejltSHlTLVgtOWtIY2NpNWM5YXlIT0o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8yZDk1OGMtODg3OC00MzIzLWJlZGMt
MjVlNTM1YzhhNWI5LzEvTlhjWG1pRTRPREstV0pLUExla3o1TXRySWtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8yZDk1OGMtODg3OC00MzIzLWJlZGMtMjVlNTM1YzhhNWI5
LzEvaGlUejltSHlTLVgtOWtIY2NpNWM5YXlIT0o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQGU6lAAwQD
shaYAwQEwnXQAwQAwpnWAwQFwy7AAwQF1CXAAwQF1YtgMBQEAgACMA4DBQAgAUuQ
AwUAKgINUDANBgkqhkiG9w0BAQsFAAOCAQEAf0qP56KsK3r4knbStTi3lmBb+sNm
UWJ7wWyhkL9yr6IBstDaxaX8wHnXcLnFuiN78IxVDAzjOnP+uuiE+X+bevskrm6W
shBpT0OUmDAAnEi2JmZwMJnylLmKdiV9JPE9KwxZRGGY6oWrScWqhmBVOZMKR1u2
81Gu/qJVihDFRqs0cvoW/dw9jw0ivOJWTNu0RFqVd9kAsDfU/6MGTNPkHNc/mdnq
k9/AH+8V5fPhBk+qSRnQaoFe0+Id8yN4bO52r5ljqCjg8O8r0CKY5rbWP/UuIgjc
IJif1hAMFLOVhEM4FvZnFCpIJoRoCIZtDAtckn3onl4T2WWINDloOSM/RQ==
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:35:30 2024 by rpki-client on console-ams.rpki-client.org