Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/ac0950-2273-4ee1-a830-422e6d3fe93e/1/9J-hVVMxPO-FlhvuCZ6xowBsK58.roa
File: 9J-hVVMxPO-FlhvuCZ6xowBsK58.roa (raw, json)
Hash identifier: FWIHmjn0c1e5ckIQrgocJ2xOjbPgibtsdofcG9S2BkU=
Subject key identifier: F4:9F:A1:55:53:31:3C:EF:85:96:1B:EE:09:9E:B1:A3:00:6C:2B:9F
Certificate issuer: /CN=499f03e48ed62a96840eb2f2d79c3ec21a27f1ce
Certificate serial: 018CC5DD174F334F035F0B954D33DB3ED9C9
Authority key identifier: 49:9F:03:E4:8E:D6:2A:96:84:0E:B2:F2:D7:9C:3E:C2:1A:27:F1:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SZ8D5I7WKpaEDrLy15w-whon8c4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/ac0950-2273-4ee1-a830-422e6d3fe93e/1/9J-hVVMxPO-FlhvuCZ6xowBsK58.roa
Signing time: Mon 01 Jan 2024 16:30:50 +0000
ROA not before: Mon 01 Jan 2024 16:30:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15930
IP address blocks: 185.24.180.0/22 maxlen: 22
185.24.180.0/24 maxlen: 24
89.18.128.0/21 maxlen: 21
89.18.128.0/19 maxlen: 19
89.18.136.0/21 maxlen: 21
89.18.143.0/24 maxlen: 24
89.18.144.0/21 maxlen: 21
89.18.152.0/21 maxlen: 21
89.18.159.0/24 maxlen: 24
89.18.156.0/24 maxlen: 24
2a00:65a0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/ac0950-2273-4ee1-a830-422e6d3fe93e/1/SZ8D5I7WKpaEDrLy15w-whon8c4.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/ac0950-2273-4ee1-a830-422e6d3fe93e/1/SZ8D5I7WKpaEDrLy15w-whon8c4.mft
rsync://rpki.ripe.net/repository/DEFAULT/SZ8D5I7WKpaEDrLy15w-whon8c4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:17:4f:33:4f:03:5f:0b:95:4d:33:db:3e:d9:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=499f03e48ed62a96840eb2f2d79c3ec21a27f1ce
Validity
Not Before: Jan 1 16:30:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f49fa15553313cef85961bee099eb1a3006c2b9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c9:f2:03:8d:70:d3:e2:69:e7:62:55:01:d0:
a0:39:70:99:38:b7:21:b4:17:7a:82:28:90:24:34:
f2:4b:7d:3d:56:4e:fd:05:d8:2c:8e:78:eb:7c:00:
8a:a8:e6:7f:8e:51:0c:3d:10:87:f0:57:17:02:2e:
98:a4:e4:21:6e:da:a2:52:bf:6e:f6:6f:59:da:34:
96:8d:94:12:2f:34:df:0d:57:54:5e:f2:99:28:31:
98:11:df:5a:f8:28:43:a9:85:53:37:8f:6c:2a:43:
a5:34:d1:59:9b:67:2a:18:62:89:d4:50:ee:97:74:
a8:ed:c4:13:1b:40:18:72:4b:c3:b1:01:00:85:44:
62:05:26:ed:b6:9a:88:c4:37:e7:f0:f8:ee:ad:a8:
c2:a3:b7:83:a3:3b:3d:37:e5:16:01:60:c4:98:6a:
99:10:b9:48:f6:07:3b:1a:59:00:98:35:6e:31:8f:
e6:94:50:43:30:db:58:2d:92:c5:6d:66:b0:58:57:
39:ee:d3:cf:38:48:62:94:f8:96:ca:65:da:45:fb:
04:4b:da:3e:02:34:fc:c2:80:dd:e5:52:4b:e5:75:
1f:86:6d:cc:fc:09:51:29:e7:f2:01:11:91:e6:f4:
3b:b5:6f:3a:e7:5a:8c:45:20:f2:ba:62:a3:21:4b:
bb:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:9F:A1:55:53:31:3C:EF:85:96:1B:EE:09:9E:B1:A3:00:6C:2B:9F
X509v3 Authority Key Identifier:
keyid:49:9F:03:E4:8E:D6:2A:96:84:0E:B2:F2:D7:9C:3E:C2:1A:27:F1:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SZ8D5I7WKpaEDrLy15w-whon8c4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ac0950-2273-4ee1-a830-422e6d3fe93e/1/9J-hVVMxPO-FlhvuCZ6xowBsK58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ac0950-2273-4ee1-a830-422e6d3fe93e/1/SZ8D5I7WKpaEDrLy15w-whon8c4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.18.128.0/19
185.24.180.0/22
IPv6:
2a00:65a0::/32
Signature Algorithm: sha256WithRSAEncryption
b7:5b:80:5d:5d:f6:66:a5:ce:02:6b:eb:5f:aa:d6:0a:7f:de:
3b:bd:54:e0:4c:6c:27:12:55:8d:b4:e1:72:8f:ae:31:6d:1b:
71:8a:f6:bb:2a:10:aa:a6:df:ff:ae:71:fb:88:82:1b:73:7e:
9d:1b:83:b6:12:bd:4d:e3:03:7b:ec:b2:9a:40:dc:ab:15:e7:
dc:a3:f3:16:ec:6a:d3:53:6b:24:40:a9:1d:72:81:fb:82:e9:
fb:26:0f:1d:17:f6:93:fc:81:a3:c0:9e:0a:43:2b:a6:db:5b:
18:0b:73:6f:4e:0a:ed:6e:9a:e8:f6:35:72:e8:c2:c4:54:7d:
ed:54:51:f1:62:06:48:8f:b8:ea:e0:3a:6c:2f:d3:ea:c8:8d:
44:66:3b:a8:9a:1d:a4:54:2f:6a:f3:6b:1b:f9:a5:02:98:4f:
26:d9:97:01:f0:46:da:ef:ec:42:c8:0f:3c:20:d1:f5:d5:ea:
d8:4f:dd:18:90:07:bd:f5:e7:79:be:7a:7e:3f:28:09:c3:cc:
4e:88:9c:fe:b1:ae:bc:d6:83:5d:d0:08:a1:8f:93:9e:92:23:
89:42:cb:8f:6f:11:e4:b8:2d:33:63:7f:af:e1:40:66:6b:88:
c7:ab:2b:d4:dc:c2:1b:2c:26:7c:92:bf:9a:17:a3:30:8f:1a:
5c:5d:49:0a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzF3RdPM08DXwuVTTPbPtnJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5OWYwM2U0OGVkNjJhOTY4NDBlYjJmMmQ3OWMzZWMyMWEy
N2YxY2UwHhcNMjQwMTAxMTYzMDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDlmYTE1NTUzMzEzY2VmODU5NjFiZWUwOTllYjFhMzAwNmMyYjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMnyA41w0+Jp52JVAdCgOXCZOLch
tBd6giiQJDTyS309Vk79BdgsjnjrfACKqOZ/jlEMPRCH8FcXAi6YpOQhbtqiUr9u
9m9Z2jSWjZQSLzTfDVdUXvKZKDGYEd9a+ChDqYVTN49sKkOlNNFZm2cqGGKJ1FDu
l3So7cQTG0AYckvDsQEAhURiBSbttpqIxDfn8PjurajCo7eDozs9N+UWAWDEmGqZ
ELlI9gc7GlkAmDVuMY/mlFBDMNtYLZLFbWawWFc57tPPOEhilPiWymXaRfsES9o+
AjT8woDd5VJL5XUfhm3M/AlRKefyARGR5vQ7tW8651qMRSDyumKjIUu7CwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPSfoVVTMTzvhZYb7gmesaMAbCufMB8GA1UdIwQY
MBaAFEmfA+SO1iqWhA6y8tecPsIaJ/HOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1o4RDVJN1dLcGFFRHJMeTE1dy13aG9uOGM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9hYzA5NTAtMjI3My00ZWUxLWE4MzAt
NDIyZTZkM2ZlOTNlLzEvOUotaFZWTXhQTy1GbGh2dUNaNnhvd0JzSzU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9hYzA5NTAtMjI3My00ZWUxLWE4MzAtNDIyZTZkM2ZlOTNl
LzEvU1o4RDVJN1dLcGFFRHJMeTE1dy13aG9uOGM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFWRKAAwQC
uRi0MA0EAgACMAcDBQAqAGWgMA0GCSqGSIb3DQEBCwUAA4IBAQC3W4BdXfZmpc4C
a+tfqtYKf947vVTgTGwnElWNtOFyj64xbRtxiva7KhCqpt//rnH7iIIbc36dG4O2
Er1N4wN77LKaQNyrFefco/MW7GrTU2skQKkdcoH7gun7Jg8dF/aT/IGjwJ4KQyum
21sYC3NvTgrtbpro9jVy6MLEVH3tVFHxYgZIj7jq4DpsL9PqyI1EZjuomh2kVC9q
82sb+aUCmE8m2ZcB8Eba7+xCyA88INH11erYT90YkAe99ed5vnp+PygJw8xOiJz+
sa681oNd0Aihj5OekiOJQsuPbxHkuC0zY3+v4UBma4jHqyvU3MIbLCZ8kr+aF6Mw
jxpcXUkK
-----END CERTIFICATE-----
Generated at Tue Nov 26 20:12:41 2024 by rpki-client on console-ams.rpki-client.org