Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/nCd3Mb_QyPvB3BkOAgChjFRrKt8.roa
File: nCd3Mb_QyPvB3BkOAgChjFRrKt8.roa (raw, json)
Hash identifier: riAHalDntvrsYtNdAXH2yVIUxZmTl/yYZG3AoHG47Zs=
Subject key identifier: 9C:27:77:31:BF:D0:C8:FB:C1:DC:19:0E:02:00:A1:8C:54:6B:2A:DF
Certificate issuer: /CN=01626ffd800eafa336bdf343141f03f7c393c364
Certificate serial: 019344CE48BA1D710A7112776A3DE914E388
Authority key identifier: 01:62:6F:FD:80:0E:AF:A3:36:BD:F3:43:14:1F:03:F7:C3:93:C3:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AWJv_YAOr6M2vfNDFB8D98OTw2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/nCd3Mb_QyPvB3BkOAgChjFRrKt8.roa
Signing time: Tue 19 Nov 2024 14:23:09 +0000
ROA not before: Tue 19 Nov 2024 14:23:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30870
IP address blocks: 83.98.136.0/23 maxlen: 24
83.98.148.0/24 maxlen: 24
83.98.154.0/23 maxlen: 23
83.98.167.0/24 maxlen: 24
83.98.182.0/24 maxlen: 24
83.98.209.0/24 maxlen: 24
83.98.216.0/24 maxlen: 24
83.98.217.0/24 maxlen: 24
83.98.218.0/23 maxlen: 24
83.98.220.0/23 maxlen: 24
89.30.150.0/23 maxlen: 24
89.30.154.0/23 maxlen: 24
89.30.156.0/24 maxlen: 24
89.30.157.0/24 maxlen: 24
213.247.55.0/24 maxlen: 24
213.247.57.0/24 maxlen: 24
213.247.62.0/23 maxlen: 24
2001:16f8:15::/48 maxlen: 48
2001:16f8:666::/48 maxlen: 48
2001:16f8:4000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/AWJv_YAOr6M2vfNDFB8D98OTw2Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/AWJv_YAOr6M2vfNDFB8D98OTw2Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/AWJv_YAOr6M2vfNDFB8D98OTw2Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:44:ce:48:ba:1d:71:0a:71:12:77:6a:3d:e9:14:e3:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01626ffd800eafa336bdf343141f03f7c393c364
Validity
Not Before: Nov 19 14:23:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c277731bfd0c8fbc1dc190e0200a18c546b2adf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3e:a2:4f:2d:dd:2a:b8:78:20:68:ad:3a:8d:
c4:23:7a:1a:f4:93:a4:82:a0:ee:6f:ff:16:a9:5e:
24:2f:78:7f:ea:80:d4:89:c6:79:7b:ac:8d:a2:ae:
00:5e:21:2c:5b:5a:b8:b0:c6:34:bd:d8:c9:c5:b3:
6e:0c:4e:ba:38:d6:64:91:30:c1:f9:36:16:1a:6b:
d7:87:25:c4:6d:4f:62:ee:7e:17:d8:e9:5a:eb:97:
c6:42:52:74:40:45:1a:0d:75:52:99:d0:88:ee:15:
67:9b:87:b8:60:f8:54:f3:7f:26:84:d7:e8:04:33:
97:00:a2:82:a9:87:57:50:10:24:98:4f:c2:d7:89:
46:0d:81:b8:9e:0b:da:8e:16:5f:45:a2:df:66:ac:
1f:dc:0a:59:16:e7:90:54:d3:c1:4a:e5:b2:e5:ca:
23:34:91:a1:17:e4:d2:71:44:86:76:d2:d3:70:94:
40:1b:e2:e0:1d:ce:37:8d:01:26:63:c9:0d:12:60:
1b:bd:17:bd:03:5d:e7:4e:4a:23:7e:a2:e9:49:d0:
cd:c4:bb:5a:93:c3:4d:cb:9f:d7:05:60:30:4b:65:
76:fe:76:32:89:6d:10:7f:73:59:bd:82:bc:26:42:
ee:d2:29:fa:7d:27:e7:bf:18:50:79:89:06:62:5b:
d0:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:27:77:31:BF:D0:C8:FB:C1:DC:19:0E:02:00:A1:8C:54:6B:2A:DF
X509v3 Authority Key Identifier:
keyid:01:62:6F:FD:80:0E:AF:A3:36:BD:F3:43:14:1F:03:F7:C3:93:C3:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AWJv_YAOr6M2vfNDFB8D98OTw2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/nCd3Mb_QyPvB3BkOAgChjFRrKt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/AWJv_YAOr6M2vfNDFB8D98OTw2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.98.136.0/23
83.98.148.0/24
83.98.154.0/23
83.98.167.0/24
83.98.182.0/24
83.98.209.0/24
83.98.216.0-83.98.221.255
89.30.150.0/23
89.30.154.0-89.30.157.255
213.247.55.0/24
213.247.57.0/24
213.247.62.0/23
IPv6:
2001:16f8:15::/48
2001:16f8:666::/48
2001:16f8:4000::/48
Signature Algorithm: sha256WithRSAEncryption
78:65:52:9f:b0:7e:b3:97:e8:6d:d1:bf:b7:86:ed:4e:55:d3:
60:53:c1:44:a6:9e:09:62:46:d2:37:f5:d8:09:ee:58:78:13:
bc:3e:b0:16:31:2b:7b:91:09:ea:14:1f:f3:77:cf:3b:f4:e0:
4f:90:bb:a6:2e:ed:2a:99:a0:31:a6:a9:17:d7:18:4f:18:5a:
b8:c1:cd:aa:26:4a:4c:4d:f8:8d:4b:e0:cb:0d:22:c3:c0:12:
b5:68:c9:e2:a2:15:dd:f4:46:5c:af:95:05:9f:de:2f:41:af:
ef:7d:35:b8:84:7f:03:98:41:1f:b5:2f:a9:d2:be:38:51:0f:
83:45:a1:eb:53:b0:45:df:d2:34:2e:76:cf:f0:b3:bd:60:42:
ed:e6:42:b5:9e:21:64:45:c2:ff:48:6b:5a:53:66:30:17:66:
0c:05:8e:0b:e0:31:7d:75:58:b0:61:07:c0:d1:21:a8:bf:36:
30:40:dc:0d:21:c2:19:b7:16:02:e3:c4:1a:b3:89:89:f6:25:
67:ef:37:e5:32:f8:fb:d5:0b:8f:55:b6:24:0f:8c:4a:19:1a:
65:af:49:78:b3:31:76:77:12:0f:82:97:00:a6:29:28:85:bc:
7c:47:1e:40:51:7d:79:b0:17:43:73:3b:4f:d0:0a:97:d7:e6:
db:1b:a4:f5
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAZNEzki6HXEKcRJ3aj3pFOOIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNjI2ZmZkODAwZWFmYTMzNmJkZjM0MzE0MWYwM2Y3YzM5
M2MzNjQwHhcNMjQxMTE5MTQyMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzI3NzczMWJmZDBjOGZiYzFkYzE5MGUwMjAwYTE4YzU0NmIyYWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuz6iTy3dKrh4IGitOo3EI3oa9JOk
gqDub/8WqV4kL3h/6oDUicZ5e6yNoq4AXiEsW1q4sMY0vdjJxbNuDE66ONZkkTDB
+TYWGmvXhyXEbU9i7n4X2Ola65fGQlJ0QEUaDXVSmdCI7hVnm4e4YPhU838mhNfo
BDOXAKKCqYdXUBAkmE/C14lGDYG4ngvajhZfRaLfZqwf3ApZFueQVNPBSuWy5coj
NJGhF+TScUSGdtLTcJRAG+LgHc43jQEmY8kNEmAbvRe9A13nTkojfqLpSdDNxLta
k8NNy5/XBWAwS2V2/nYyiW0Qf3NZvYK8JkLu0in6fSfnvxhQeYkGYlvQiQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFJwndzG/0Mj7wdwZDgIAoYxUayrfMB8GA1UdIwQY
MBaAFAFib/2ADq+jNr3zQxQfA/fDk8NkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVdKdl9ZQU9yNk0ydmZOREZCOEQ5OE9UdzJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jNGU1YTAtODIxOS00ZmY5LTgyODct
MWY0YmVhMjNlNGM3LzEvbkNkM01iX1F5UHZCM0JrT0FnQ2hqRlJyS3Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jNGU1YTAtODIxOS00ZmY5LTgyODctMWY0YmVhMjNlNGM3
LzEvQVdKdl9ZQU9yNk0ydmZOREZCOEQ5OE9UdzJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzBeBAIAATBYAwQBU2KI
AwQAU2KUAwQBU2KaAwQAU2KnAwQAU2K2AwQAU2LRMAwDBANTYtgDBAFTYtwDBAFZ
HpYwDAMEAVkemgMEAVkenAMEANX3NwMEANX3OQMEAdX3PjAhBAIAAjAbAwcAIAEW
+AAVAwcAIAEW+AZmAwcAIAEW+EAAMA0GCSqGSIb3DQEBCwUAA4IBAQB4ZVKfsH6z
l+ht0b+3hu1OVdNgU8FEpp4JYkbSN/XYCe5YeBO8PrAWMSt7kQnqFB/zd8879OBP
kLumLu0qmaAxpqkX1xhPGFq4wc2qJkpMTfiNS+DLDSLDwBK1aMniohXd9EZcr5UF
n94vQa/vfTW4hH8DmEEftS+p0r44UQ+DRaHrU7BF39I0LnbP8LO9YELt5kK1niFk
RcL/SGtaU2YwF2YMBY4L4DF9dViwYQfA0SGovzYwQNwNIcIZtxYC48Qas4mJ9iVn
7zflMvj71QuPVbYkD4xKGRplr0l4szF2dxIPgpcApikohbx8Rx5AUX15sBdDcztP
0AqX1+bbG6T1
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:25:25 2024 by rpki-client on console-ams.rpki-client.org