Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/678964-d802-48f9-96f1-e3bfa72d7ef8/1/u9OTzlSQAALPibWsyPb7USMm2MA.roa
File: u9OTzlSQAALPibWsyPb7USMm2MA.roa (raw, json)
Hash identifier: RsBv/SXlM9E2eYsJflnmXCWbxR3T43I1HALbhab+cpA=
Subject key identifier: BB:D3:93:CE:54:90:00:02:CF:89:B5:AC:C8:F6:FB:51:23:26:D8:C0
Certificate issuer: /CN=dedb20030901ff2df4ebd1f49e4891cb28fe0730
Certificate serial: 018CC8DF74844C57E4B04EB338833B9489D9
Authority key identifier: DE:DB:20:03:09:01:FF:2D:F4:EB:D1:F4:9E:48:91:CB:28:FE:07:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3tsgAwkB_y3069H0nkiRyyj-BzA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/678964-d802-48f9-96f1-e3bfa72d7ef8/1/u9OTzlSQAALPibWsyPb7USMm2MA.roa
Signing time: Tue 02 Jan 2024 06:32:16 +0000
ROA not before: Tue 02 Jan 2024 06:32:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60847
IP address blocks: 185.92.12.0/24 maxlen: 24
91.244.227.0/24 maxlen: 24
185.92.15.0/24 maxlen: 24
185.92.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/678964-d802-48f9-96f1-e3bfa72d7ef8/1/3tsgAwkB_y3069H0nkiRyyj-BzA.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/678964-d802-48f9-96f1-e3bfa72d7ef8/1/3tsgAwkB_y3069H0nkiRyyj-BzA.mft
rsync://rpki.ripe.net/repository/DEFAULT/3tsgAwkB_y3069H0nkiRyyj-BzA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Dec 2024 06:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:74:84:4c:57:e4:b0:4e:b3:38:83:3b:94:89:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dedb20030901ff2df4ebd1f49e4891cb28fe0730
Validity
Not Before: Jan 2 06:32:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bbd393ce54900002cf89b5acc8f6fb512326d8c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:f7:b9:d3:bb:85:bf:17:13:61:7a:f6:b8:17:
9b:0e:30:bd:1e:f7:9a:a9:7f:be:11:57:74:e9:6d:
87:c9:f4:96:ca:c4:08:2e:87:db:b5:36:3f:c1:2c:
65:51:ab:58:0c:1d:99:32:eb:9e:db:89:37:4d:15:
a3:03:d7:d2:12:05:04:af:d6:b4:68:20:e2:83:29:
0b:26:3e:f1:63:51:63:e1:32:58:6f:f2:38:c0:36:
fa:af:7e:33:26:fd:b2:15:ae:3e:5a:e3:00:0c:52:
a7:8c:a7:15:51:85:1f:e4:de:ff:98:40:31:c5:90:
d8:6a:99:6c:3b:0a:0f:98:f8:00:9e:33:8f:33:02:
29:33:39:0a:80:60:94:b2:c4:f9:b2:be:a6:3c:ee:
4c:7b:ed:09:a1:21:1f:91:21:45:27:10:d5:5e:24:
e8:ec:fe:20:45:ae:17:dc:4a:e1:09:df:99:b5:f5:
bd:6a:78:69:a3:a8:78:5b:9c:14:93:fe:22:4d:7d:
e3:7a:1b:13:1f:c8:05:77:a1:59:a3:e9:fa:da:68:
c7:61:0f:e6:b9:e7:6a:8a:0f:dc:a5:c6:ef:cb:76:
f9:16:21:cc:8e:f1:4a:1b:a7:19:87:1b:02:75:0c:
ba:b4:33:bf:82:91:63:c5:ee:54:52:7c:6e:59:65:
ac:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:D3:93:CE:54:90:00:02:CF:89:B5:AC:C8:F6:FB:51:23:26:D8:C0
X509v3 Authority Key Identifier:
keyid:DE:DB:20:03:09:01:FF:2D:F4:EB:D1:F4:9E:48:91:CB:28:FE:07:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3tsgAwkB_y3069H0nkiRyyj-BzA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/678964-d802-48f9-96f1-e3bfa72d7ef8/1/u9OTzlSQAALPibWsyPb7USMm2MA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/678964-d802-48f9-96f1-e3bfa72d7ef8/1/3tsgAwkB_y3069H0nkiRyyj-BzA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.244.227.0/24
185.92.12.0/24
185.92.14.0/23
Signature Algorithm: sha256WithRSAEncryption
97:ff:19:bf:e4:fb:cd:e9:e6:85:1f:4a:78:eb:53:39:40:e0:
63:85:27:5d:05:c7:6c:61:a6:a9:aa:84:80:2e:87:0c:ac:6e:
f1:cd:d3:0e:06:70:37:35:8f:3e:24:56:ea:bc:97:3f:93:83:
ec:a4:03:04:41:f1:ce:f6:77:ab:92:44:0c:92:5a:29:af:f4:
b7:80:1c:be:6d:a8:0f:00:ab:1d:41:a2:41:a8:d6:91:fd:75:
9c:64:4c:63:77:3e:40:1a:ba:51:f7:00:61:fe:72:e4:a6:0e:
37:80:b0:72:68:6f:c5:5c:94:5a:89:86:2c:05:62:d3:eb:8b:
b4:cd:20:30:dd:24:08:37:9c:66:86:d9:51:6e:65:16:55:eb:
d4:30:4f:4d:3d:13:89:4c:36:72:81:3e:4d:ec:aa:0c:bf:74:
96:28:e9:61:79:c8:6b:37:70:8d:40:92:a9:0c:7e:eb:3a:36:
fa:5b:1d:e2:dd:3a:4e:c9:ae:49:a5:65:e2:4b:61:66:52:86:
3e:61:66:00:ba:d7:52:ee:2f:b8:48:a2:a1:62:cb:8d:59:d2:
a2:f0:0a:03:b4:cb:b4:b0:50:fe:e4:1b:57:6d:70:6d:38:ae:
7a:a9:b1:dc:31:d7:1c:4b:fc:66:5b:90:9f:68:2e:40:81:82:
c6:26:cc:ed
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzI33SETFfksE6zOIM7lInZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZGIyMDAzMDkwMWZmMmRmNGViZDFmNDllNDg5MWNiMjhm
ZTA3MzAwHhcNMjQwMTAyMDYzMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmQzOTNjZTU0OTAwMDAyY2Y4OWI1YWNjOGY2ZmI1MTIzMjZkOGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgve507uFvxcTYXr2uBebDjC9Hvea
qX++EVd06W2HyfSWysQILofbtTY/wSxlUatYDB2ZMuue24k3TRWjA9fSEgUEr9a0
aCDigykLJj7xY1Fj4TJYb/I4wDb6r34zJv2yFa4+WuMADFKnjKcVUYUf5N7/mEAx
xZDYaplsOwoPmPgAnjOPMwIpMzkKgGCUssT5sr6mPO5Me+0JoSEfkSFFJxDVXiTo
7P4gRa4X3ErhCd+ZtfW9anhpo6h4W5wUk/4iTX3jehsTH8gFd6FZo+n62mjHYQ/m
uedqig/cpcbvy3b5FiHMjvFKG6cZhxsCdQy6tDO/gpFjxe5UUnxuWWWs2wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLvTk85UkAACz4m1rMj2+1EjJtjAMB8GA1UdIwQY
MBaAFN7bIAMJAf8t9OvR9J5Ikcso/gcwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3RzZ0F3a0JfeTMwNjlIMG5raVJ5eWotQnpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82Nzg5NjQtZDgwMi00OGY5LTk2ZjEt
ZTNiZmE3MmQ3ZWY4LzEvdTlPVHpsU1FBQUxQaWJXc3lQYjdVU01tMk1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi82Nzg5NjQtZDgwMi00OGY5LTk2ZjEtZTNiZmE3MmQ3ZWY4
LzEvM3RzZ0F3a0JfeTMwNjlIMG5raVJ5eWotQnpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW/TjAwQA
uVwMAwQBuVwOMA0GCSqGSIb3DQEBCwUAA4IBAQCX/xm/5PvN6eaFH0p461M5QOBj
hSddBcdsYaapqoSALocMrG7xzdMOBnA3NY8+JFbqvJc/k4PspAMEQfHO9nerkkQM
klopr/S3gBy+bagPAKsdQaJBqNaR/XWcZExjdz5AGrpR9wBh/nLkpg43gLByaG/F
XJRaiYYsBWLT64u0zSAw3SQIN5xmhtlRbmUWVevUME9NPROJTDZygT5N7KoMv3SW
KOlhechrN3CNQJKpDH7rOjb6Wx3i3TpOya5JpWXiS2FmUoY+YWYAutdS7i+4SKKh
YsuNWdKi8AoDtMu0sFD+5BtXbXBtOK56qbHcMdccS/xmW5CfaC5AgYLGJszt
-----END CERTIFICATE-----
Generated at Tue Dec 3 17:53:09 2024 by rpki-client on console-ams.rpki-client.org