Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/n5grmYLFusDXskduHNK0u8Uh7_8.roa
File: n5grmYLFusDXskduHNK0u8Uh7_8.roa (raw, json)
Hash identifier: Ot/hVRNHpI3TyJW49c6dgVaMjbZnxiCg+2OWKcBEwPs=
Subject key identifier: 9F:98:2B:99:82:C5:BA:C0:D7:B2:47:6E:1C:D2:B4:BB:C5:21:EF:FF
Certificate issuer: /CN=c755702467770ed69b367b77bbe640bc6db4153e
Certificate serial: 018CC8DF2158C743399CF6115228BCD35BBE
Authority key identifier: C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/n5grmYLFusDXskduHNK0u8Uh7_8.roa
Signing time: Tue 02 Jan 2024 06:31:55 +0000
ROA not before: Tue 02 Jan 2024 06:31:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201935
IP address blocks: 84.254.137.0/24 maxlen: 24
84.254.144.0/24 maxlen: 24
84.254.144.0/23 maxlen: 24
84.254.145.0/24 maxlen: 24
84.254.146.0/24 maxlen: 24
84.254.164.0/24 maxlen: 24
95.210.133.0/24 maxlen: 24
176.227.131.0/24 maxlen: 24
176.227.139.0/24 maxlen: 24
176.227.138.0/24 maxlen: 24
84.254.130.0/24 maxlen: 24
84.254.131.0/24 maxlen: 24
95.210.111.0/24 maxlen: 24
95.210.132.0/24 maxlen: 24
95.210.132.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/x1VwJGd3DtabNnt3u-ZAvG20FT4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/x1VwJGd3DtabNnt3u-ZAvG20FT4.mft
rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:21:58:c7:43:39:9c:f6:11:52:28:bc:d3:5b:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c755702467770ed69b367b77bbe640bc6db4153e
Validity
Not Before: Jan 2 06:31:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f982b9982c5bac0d7b2476e1cd2b4bbc521efff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ef:ab:8e:9c:7f:d6:84:58:bd:d0:3b:38:06:
8b:d9:e4:ff:1d:65:28:0a:6d:50:88:85:8f:3b:98:
cd:a6:ef:8c:21:af:bc:1e:5d:a3:51:f5:57:1d:e3:
7e:73:ff:d7:ef:19:ec:93:d1:a2:3b:e8:d3:e7:c8:
77:29:df:64:b6:e4:61:26:c1:0c:1d:1e:dc:12:58:
d0:da:1d:83:01:4d:ad:66:10:fc:3f:6c:63:03:2c:
d5:eb:39:02:0d:39:05:8f:62:bc:6c:18:d1:37:18:
76:4f:94:6c:93:6e:05:d8:63:59:ec:e8:13:b3:38:
83:f3:c3:fa:5f:83:f7:ae:e9:18:a4:5d:99:1b:fd:
0c:06:f7:ec:44:8e:d3:d5:ac:e5:4c:73:2a:1e:22:
48:ed:aa:39:91:75:8b:b0:d8:ef:bb:49:07:58:69:
2f:f7:28:b3:b2:c0:d7:47:d2:fb:c6:aa:0c:0f:e7:
8a:0c:e6:9d:52:5a:c4:3e:74:f2:20:45:f6:69:35:
d4:ef:49:f2:7d:98:a2:5f:3b:f6:99:62:ff:de:04:
ae:8e:98:22:9b:7a:1b:a3:6c:e0:ec:6c:16:c0:b1:
d4:46:27:02:fa:9c:3d:b8:c3:02:80:39:29:8c:45:
16:8b:5b:46:e0:de:2b:8d:d2:d4:08:b2:84:a8:64:
3e:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:98:2B:99:82:C5:BA:C0:D7:B2:47:6E:1C:D2:B4:BB:C5:21:EF:FF
X509v3 Authority Key Identifier:
keyid:C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/n5grmYLFusDXskduHNK0u8Uh7_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/x1VwJGd3DtabNnt3u-ZAvG20FT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.254.130.0/23
84.254.137.0/24
84.254.144.0-84.254.146.255
84.254.164.0/24
95.210.111.0/24
95.210.132.0/23
176.227.131.0/24
176.227.138.0/23
Signature Algorithm: sha256WithRSAEncryption
10:4e:15:6d:c6:71:c7:51:d7:aa:2e:11:d2:f8:16:9b:13:6f:
71:3a:01:e3:dc:62:03:98:8d:b1:f4:2b:fc:1e:57:97:0f:ab:
d2:b1:7e:82:28:0e:7c:76:a9:33:a5:1a:8b:ad:e0:45:59:c8:
52:7f:ec:57:0b:78:b0:2e:29:b5:d3:21:c5:ba:85:aa:79:c5:
b9:46:b9:b4:b5:ea:89:1f:b8:8e:ed:68:af:b6:c5:9c:1d:90:
b9:7c:90:80:18:3d:21:ee:7d:ef:18:9a:17:49:ef:2b:04:d7:
64:27:c4:11:ee:48:e2:9b:d4:4c:63:a7:c8:55:60:02:08:9d:
69:16:39:d8:3a:9a:3d:c8:ca:d4:b7:6c:dd:fe:19:6b:17:cd:
51:c6:5f:01:da:28:ec:de:60:b5:53:28:dd:94:94:1c:b6:b1:
89:76:83:69:97:9f:28:44:cc:cd:bb:c1:ff:e5:9e:3a:9a:1c:
d6:7b:46:9d:8e:fe:31:22:db:6b:d7:de:d1:1e:3d:12:ca:8d:
f5:81:4b:73:09:07:4e:ee:5f:5e:09:b3:d3:79:a3:3d:2d:67:
96:c2:85:03:eb:7b:de:e6:51:90:01:e7:09:76:d0:21:6c:ca:
de:f3:61:f7:fa:81:7d:bc:2c:06:32:bc:c5:89:31:9b:c9:a4:
20:c8:3b:c7
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYzI3yFYx0M5nPYRUii801u+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NTU3MDI0Njc3NzBlZDY5YjM2N2I3N2JiZTY0MGJjNmRi
NDE1M2UwHhcNMjQwMTAyMDYzMTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Zjk4MmI5OTgyYzViYWMwZDdiMjQ3NmUxY2QyYjRiYmM1MjFlZmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnu+rjpx/1oRYvdA7OAaL2eT/HWUo
Cm1QiIWPO5jNpu+MIa+8Hl2jUfVXHeN+c//X7xnsk9GiO+jT58h3Kd9ktuRhJsEM
HR7cEljQ2h2DAU2tZhD8P2xjAyzV6zkCDTkFj2K8bBjRNxh2T5Rsk24F2GNZ7OgT
sziD88P6X4P3rukYpF2ZG/0MBvfsRI7T1azlTHMqHiJI7ao5kXWLsNjvu0kHWGkv
9yizssDXR9L7xqoMD+eKDOadUlrEPnTyIEX2aTXU70nyfZiiXzv2mWL/3gSujpgi
m3obo2zg7GwWwLHURicC+pw9uMMCgDkpjEUWi1tG4N4rjdLUCLKEqGQ+PwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFJ+YK5mCxbrA17JHbhzStLvFIe//MB8GA1UdIwQY
MBaAFMdVcCRndw7WmzZ7d7vmQLxttBU+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDFWd0pHZDNEdGFiTm50M3UtWkF2RzIwRlQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8yNDNmOTEtODc0Ny00OTgxLTljYmYt
MWQzNzM0OTk5MjRlLzEvbjVncm1ZTEZ1c0RYc2tkdUhOSzB1OFVoN184LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8yNDNmOTEtODc0Ny00OTgxLTljYmYtMWQzNzM0OTk5MjRl
LzEveDFWd0pHZDNEdGFiTm50M3UtWkF2RzIwRlQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQBVP6CAwQA
VP6JMAwDBARU/pADBABU/pIDBABU/qQDBABf0m8DBAFf0oQDBACw44MDBAGw44ow
DQYJKoZIhvcNAQELBQADggEBABBOFW3GccdR16ouEdL4FpsTb3E6AePcYgOYjbH0
K/weV5cPq9KxfoIoDnx2qTOlGout4EVZyFJ/7FcLeLAuKbXTIcW6hap5xblGubS1
6okfuI7taK+2xZwdkLl8kIAYPSHufe8YmhdJ7ysE12QnxBHuSOKb1Exjp8hVYAII
nWkWOdg6mj3IytS3bN3+GWsXzVHGXwHaKOzeYLVTKN2UlBy2sYl2g2mXnyhEzM27
wf/lnjqaHNZ7Rp2O/jEi22vX3tEePRLKjfWBS3MJB07uX14Js9N5oz0tZ5bChQPr
e97mUZAB5wl20CFsyt7zYff6gX28LAYyvMWJMZvJpCDIO8c=
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:30:16 2024 by rpki-client on console-ams.rpki-client.org