Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/930279-3187-47a5-8137-f4fb5c880509/1/Nu2Q4WSlK0NAFDaTKQYyjGqUXBo.roa
File: Nu2Q4WSlK0NAFDaTKQYyjGqUXBo.roa (raw, json)
Hash identifier: /Rdiw1XGCDFwvuPEgAqB9waTtdUx5Wa15CXUbdNcFMI=
Subject key identifier: 36:ED:90:E1:64:A5:2B:43:40:14:36:93:29:06:32:8C:6A:94:5C:1A
Certificate issuer: /CN=29109da662f9d302fff2c5c4b4afb8f947fec1c0
Certificate serial: 018CC5DCAD0471690E02DFB217F333C7A6C7
Authority key identifier: 29:10:9D:A6:62:F9:D3:02:FF:F2:C5:C4:B4:AF:B8:F9:47:FE:C1:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KRCdpmL50wL_8sXEtK-4-Uf-wcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/930279-3187-47a5-8137-f4fb5c880509/1/Nu2Q4WSlK0NAFDaTKQYyjGqUXBo.roa
Signing time: Mon 01 Jan 2024 16:30:22 +0000
ROA not before: Mon 01 Jan 2024 16:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6881
IP address blocks: 194.50.100.0/24 maxlen: 32
185.1.34.0/24 maxlen: 32
91.207.230.0/23 maxlen: 23
91.207.234.0/23 maxlen: 23
195.47.235.0/24 maxlen: 32
91.210.16.0/22 maxlen: 32
194.30.187.0/24 maxlen: 32
93.190.128.0/21 maxlen: 32
2001:7f8:14::/48 maxlen: 128
2a02:38::/32 maxlen: 32
2001:7f8:91::/48 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/930279-3187-47a5-8137-f4fb5c880509/1/KRCdpmL50wL_8sXEtK-4-Uf-wcA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/930279-3187-47a5-8137-f4fb5c880509/1/KRCdpmL50wL_8sXEtK-4-Uf-wcA.mft
rsync://rpki.ripe.net/repository/DEFAULT/KRCdpmL50wL_8sXEtK-4-Uf-wcA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:ad:04:71:69:0e:02:df:b2:17:f3:33:c7:a6:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29109da662f9d302fff2c5c4b4afb8f947fec1c0
Validity
Not Before: Jan 1 16:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36ed90e164a52b43401436932906328c6a945c1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:90:30:0a:40:4e:cf:8a:7d:26:28:c5:d8:ab:
a0:a7:eb:41:1e:18:61:f1:0a:eb:fb:8b:cf:24:21:
9b:e3:c5:b8:2c:eb:fd:7e:fe:dd:30:7c:3c:fb:ea:
eb:4d:eb:63:61:77:aa:82:62:85:55:0d:c9:e3:74:
d0:9b:9f:53:4e:70:2e:af:53:68:71:d4:ec:8c:e5:
5a:e3:67:c2:be:ff:c7:c2:4d:f7:e0:f9:7e:79:42:
18:19:b3:cb:36:37:d9:c3:d9:a4:49:f2:3c:92:cf:
fc:cc:bd:db:ea:fe:dd:f2:a1:20:24:72:d4:07:1f:
a4:6f:ff:4f:67:78:8b:89:9c:b0:b6:e1:db:08:9d:
0b:af:32:db:6a:19:83:62:fd:b7:5d:11:57:50:f4:
f2:22:77:0c:f9:b3:9c:8f:9f:a2:21:51:34:28:42:
6f:a2:8d:dc:10:03:97:a1:61:44:54:c4:c4:35:8f:
2a:44:fc:bd:db:fa:93:16:7c:7a:65:61:66:85:57:
17:d8:f8:44:99:fd:2e:b1:3e:22:b6:9a:f7:18:29:
aa:b5:e7:e3:63:a7:41:4e:15:c3:6e:cd:92:40:14:
f1:dc:1a:6b:2c:3e:8e:0e:07:96:1a:ab:7a:da:26:
0f:c9:8b:95:a3:d2:83:c3:5f:f4:af:6d:a1:f5:48:
f0:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:ED:90:E1:64:A5:2B:43:40:14:36:93:29:06:32:8C:6A:94:5C:1A
X509v3 Authority Key Identifier:
keyid:29:10:9D:A6:62:F9:D3:02:FF:F2:C5:C4:B4:AF:B8:F9:47:FE:C1:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KRCdpmL50wL_8sXEtK-4-Uf-wcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/930279-3187-47a5-8137-f4fb5c880509/1/Nu2Q4WSlK0NAFDaTKQYyjGqUXBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/930279-3187-47a5-8137-f4fb5c880509/1/KRCdpmL50wL_8sXEtK-4-Uf-wcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.230.0/23
91.207.234.0/23
91.210.16.0/22
93.190.128.0/21
185.1.34.0/24
194.30.187.0/24
194.50.100.0/24
195.47.235.0/24
IPv6:
2001:7f8:14::/48
2001:7f8:91::/48
2a02:38::/32
Signature Algorithm: sha256WithRSAEncryption
85:44:07:2c:2c:22:85:00:76:48:9b:27:7b:33:19:ec:ac:5c:
e8:05:d0:79:7d:59:97:9f:da:ce:cf:d5:2d:e9:c2:fe:3e:53:
d9:a9:41:27:14:f7:00:83:00:7e:31:54:02:28:7b:f4:74:f1:
d6:81:c6:51:2d:75:d9:80:d3:27:ec:8d:86:b0:5a:c3:42:fb:
66:45:9a:7b:dd:5a:68:09:ee:34:f3:8c:5c:50:14:0f:55:ed:
7f:b3:b4:d1:44:6c:32:b0:4c:cd:1f:e3:9d:ee:a4:b9:01:89:
95:1a:e3:c8:45:d2:9e:1f:92:7f:b7:75:1d:ac:80:e9:80:8d:
d3:e2:20:ef:47:ac:84:2c:c9:79:4b:44:61:72:7f:fc:ec:b7:
d3:e0:57:af:d6:e9:7e:c7:fa:95:71:dc:7a:05:e0:84:6f:f1:
e6:c2:3a:03:78:2b:98:1d:17:a4:ea:d5:7b:6e:be:17:1f:e9:
73:f3:d7:b7:77:89:0c:8b:a2:db:68:0f:b3:23:c8:c6:d4:d2:
bf:18:e3:17:da:1b:ea:36:42:eb:7c:1b:e9:b9:bc:29:69:d0:
fe:aa:e2:a2:9b:c8:6a:40:cc:32:ec:be:39:f7:6c:1f:f4:6d:
f2:4a:11:b2:ac:25:bf:91:a7:f9:65:49:ce:0b:11:e7:2b:d2:
be:36:60:e1
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYzF3K0EcWkOAt+yF/Mzx6bHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MTA5ZGE2NjJmOWQzMDJmZmYyYzVjNGI0YWZiOGY5NDdm
ZWMxYzAwHhcNMjQwMTAxMTYzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmVkOTBlMTY0YTUyYjQzNDAxNDM2OTMyOTA2MzI4YzZhOTQ1YzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpAwCkBOz4p9JijF2Kugp+tBHhhh
8Qrr+4vPJCGb48W4LOv9fv7dMHw8++rrTetjYXeqgmKFVQ3J43TQm59TTnAur1No
cdTsjOVa42fCvv/Hwk334Pl+eUIYGbPLNjfZw9mkSfI8ks/8zL3b6v7d8qEgJHLU
Bx+kb/9PZ3iLiZywtuHbCJ0LrzLbahmDYv23XRFXUPTyIncM+bOcj5+iIVE0KEJv
oo3cEAOXoWFEVMTENY8qRPy92/qTFnx6ZWFmhVcX2PhEmf0usT4itpr3GCmqtefj
Y6dBThXDbs2SQBTx3BprLD6ODgeWGqt62iYPyYuVo9KDw1/0r22h9UjwyQIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFDbtkOFkpStDQBQ2kykGMoxqlFwaMB8GA1UdIwQY
MBaAFCkQnaZi+dMC//LFxLSvuPlH/sHAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1JDZHBtTDUwd0xfOHNYRXRLLTQtVWYtd2NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS85MzAyNzktMzE4Ny00N2E1LTgxMzct
ZjRmYjVjODgwNTA5LzEvTnUyUTRXU2xLME5BRkRhVEtRWXlqR3FVWEJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS85MzAyNzktMzE4Ny00N2E1LTgxMzctZjRmYjVjODgwNTA5
LzEvS1JDZHBtTDUwd0xfOHNYRXRLLTQtVWYtd2NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTA2BAIAATAwAwQBW8/mAwQB
W8/qAwQCW9IQAwQDXb6AAwQAuQEiAwQAwh67AwQAwjJkAwQAwy/rMB8EAgACMBkD
BwAgAQf4ABQDBwAgAQf4AJEDBQAqAgA4MA0GCSqGSIb3DQEBCwUAA4IBAQCFRAcs
LCKFAHZImyd7MxnsrFzoBdB5fVmXn9rOz9Ut6cL+PlPZqUEnFPcAgwB+MVQCKHv0
dPHWgcZRLXXZgNMn7I2GsFrDQvtmRZp73VpoCe4084xcUBQPVe1/s7TRRGwysEzN
H+Od7qS5AYmVGuPIRdKeH5J/t3UdrIDpgI3T4iDvR6yELMl5S0Rhcn/87LfT4Fev
1ul+x/qVcdx6BeCEb/HmwjoDeCuYHRek6tV7br4XH+lz89e3d4kMi6LbaA+zI8jG
1NK/GOMX2hvqNkLrfBvpubwpadD+quKim8hqQMwy7L4592wf9G3yShGyrCW/kaf5
ZUnOCxHnK9K+NmDh
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:52:32 2024 by rpki-client on console-ams.rpki-client.org