Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bad3b5-bd9f-4461-ba87-99f683206388/1/nbnIAVJNAnZgU5AVCE_qus_GC7w.roa
File: nbnIAVJNAnZgU5AVCE_qus_GC7w.roa (raw, json)
Hash identifier: kRfWet6eSf4dnBlKBrx1NbKgX3QvN7s8AHAHv5b5NzM=
Subject key identifier: 9D:B9:C8:01:52:4D:02:76:60:53:90:15:08:4F:EA:BA:CF:C6:0B:BC
Certificate issuer: /CN=cb1d7efd6bacf42f145df4d528b0a8320ffc37b9
Certificate serial: 019425FC431D52FFBDBD547F373269CF1C4A
Authority key identifier: CB:1D:7E:FD:6B:AC:F4:2F:14:5D:F4:D5:28:B0:A8:32:0F:FC:37:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yx1-_Wus9C8UXfTVKLCoMg_8N7k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bad3b5-bd9f-4461-ba87-99f683206388/1/nbnIAVJNAnZgU5AVCE_qus_GC7w.roa
Signing time: Thu 02 Jan 2025 07:47:56 +0000
ROA not before: Thu 02 Jan 2025 07:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60720
IP address blocks: 185.26.193.0/24 maxlen: 24
185.26.194.0/24 maxlen: 24
185.26.195.0/24 maxlen: 24
185.116.200.0/24 maxlen: 24
185.116.202.0/23 maxlen: 23
2a00:8d60::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/bad3b5-bd9f-4461-ba87-99f683206388/1/yx1-_Wus9C8UXfTVKLCoMg_8N7k.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/bad3b5-bd9f-4461-ba87-99f683206388/1/yx1-_Wus9C8UXfTVKLCoMg_8N7k.mft
rsync://rpki.ripe.net/repository/DEFAULT/yx1-_Wus9C8UXfTVKLCoMg_8N7k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:43:1d:52:ff:bd:bd:54:7f:37:32:69:cf:1c:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb1d7efd6bacf42f145df4d528b0a8320ffc37b9
Validity
Not Before: Jan 2 07:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9db9c801524d027660539015084feabacfc60bbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ce:08:a0:29:aa:a9:db:75:d6:16:62:58:a9:
38:f2:06:f9:52:96:cd:e1:fd:fb:7a:43:bc:0f:36:
08:75:77:c3:a7:f2:24:45:a4:aa:d5:68:37:ee:bb:
b4:d2:de:98:72:de:80:cf:58:b2:fd:ee:f8:b7:46:
f2:82:30:67:3f:9d:6e:0e:65:cb:81:df:88:7a:11:
c4:55:fe:6e:a2:e4:43:d6:ab:ae:90:f9:64:8b:da:
da:6c:e1:58:49:95:fe:52:36:06:8b:99:60:c9:60:
10:ab:06:03:c6:aa:42:8a:ce:77:89:ed:8e:1f:0a:
55:bf:ac:b5:bf:23:d2:c9:78:a9:a5:6b:3d:2b:47:
75:e9:4b:eb:7f:4b:4e:73:de:98:64:02:84:d2:90:
31:4a:f3:c0:be:44:b1:91:fe:ac:e6:af:b5:72:54:
e2:9f:4f:c0:a5:c5:00:fd:32:fa:4a:ce:f2:4f:04:
69:5d:42:0a:74:9b:e8:3e:0a:65:17:dd:09:4a:28:
bf:f7:60:1f:3b:7c:3f:84:02:4d:d7:61:34:99:c2:
b5:03:59:86:b4:cc:a7:ae:e3:58:fd:2f:5c:69:39:
2d:e3:cd:79:d3:e8:f6:ca:3f:1e:33:bc:e4:e4:80:
c9:66:23:d9:ef:0a:83:4d:4a:c0:ad:1c:7d:8e:e7:
31:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:B9:C8:01:52:4D:02:76:60:53:90:15:08:4F:EA:BA:CF:C6:0B:BC
X509v3 Authority Key Identifier:
keyid:CB:1D:7E:FD:6B:AC:F4:2F:14:5D:F4:D5:28:B0:A8:32:0F:FC:37:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yx1-_Wus9C8UXfTVKLCoMg_8N7k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bad3b5-bd9f-4461-ba87-99f683206388/1/nbnIAVJNAnZgU5AVCE_qus_GC7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bad3b5-bd9f-4461-ba87-99f683206388/1/yx1-_Wus9C8UXfTVKLCoMg_8N7k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.26.193.0-185.26.195.255
185.116.200.0/24
185.116.202.0/23
IPv6:
2a00:8d60::/32
Signature Algorithm: sha256WithRSAEncryption
69:6d:4d:86:14:d2:cd:6d:7c:6f:dc:c5:04:77:79:6e:73:02:
3f:a3:b9:37:b1:25:0b:34:dc:ea:3b:0b:8c:33:8c:5b:e3:3e:
c2:94:36:61:a1:8a:6f:15:0e:c5:64:7b:7e:83:d0:a8:74:52:
39:db:fb:db:1e:00:18:47:e2:1f:be:81:63:3f:04:8f:33:fd:
20:be:22:6b:39:a0:65:05:b5:16:fa:4b:88:6d:c3:95:66:99:
88:ad:04:86:50:3e:2a:e5:2b:06:03:29:4a:b3:c2:09:5f:74:
9d:1e:70:a5:ee:c1:52:39:31:ba:d9:cb:5a:64:11:26:fc:49:
f6:99:bc:9a:a4:15:ba:f4:8a:08:47:03:f6:ac:2a:be:8e:3b:
84:86:47:b2:c9:c2:fb:c0:4f:6b:4e:1c:7f:cf:58:aa:70:e1:
4c:ff:80:c8:9d:5a:95:ee:ac:f2:20:1f:78:86:9b:eb:3e:5d:
02:50:f4:e5:42:8e:82:ee:1d:3d:26:11:db:fe:14:c1:13:38:
d7:1e:02:c4:36:57:5b:86:2e:c5:ea:de:38:22:05:3a:58:1b:
21:4d:46:e4:15:3a:e4:e3:ef:ad:7c:3d:b4:f5:01:b0:de:01:
18:b6:a2:6b:e7:2c:df:8d:98:55:22:98:44:92:25:d9:30:ce:
fd:2d:63:0d
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQl/EMdUv+9vVR/NzJpzxxKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMWQ3ZWZkNmJhY2Y0MmYxNDVkZjRkNTI4YjBhODMyMGZm
YzM3YjkwHhcNMjUwMTAyMDc0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGI5YzgwMTUyNGQwMjc2NjA1MzkwMTUwODRmZWFiYWNmYzYwYmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAms4IoCmqqdt11hZiWKk48gb5UpbN
4f37ekO8DzYIdXfDp/IkRaSq1Wg37ru00t6Yct6Az1iy/e74t0bygjBnP51uDmXL
gd+IehHEVf5uouRD1quukPlki9rabOFYSZX+UjYGi5lgyWAQqwYDxqpCis53ie2O
HwpVv6y1vyPSyXippWs9K0d16Uvrf0tOc96YZAKE0pAxSvPAvkSxkf6s5q+1clTi
n0/ApcUA/TL6Ss7yTwRpXUIKdJvoPgplF90JSii/92AfO3w/hAJN12E0mcK1A1mG
tMynruNY/S9caTkt48150+j2yj8eM7zk5IDJZiPZ7wqDTUrArRx9jucxRwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFJ25yAFSTQJ2YFOQFQhP6rrPxgu8MB8GA1UdIwQY
MBaAFMsdfv1rrPQvFF301SiwqDIP/De5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXgxLV9XdXM5QzhVWGZUVktMQ29NZ184TjdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iYWQzYjUtYmQ5Zi00NDYxLWJhODct
OTlmNjgzMjA2Mzg4LzEvbmJuSUFWSk5BblpnVTVBVkNFX3F1c19HQzd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9iYWQzYjUtYmQ5Zi00NDYxLWJhODctOTlmNjgzMjA2Mzg4
LzEveXgxLV9XdXM5QzhVWGZUVktMQ29NZ184TjdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaMAwDBAC5GsED
BAK5GsADBAC5dMgDBAG5dMowDQQCAAIwBwMFACoAjWAwDQYJKoZIhvcNAQELBQAD
ggEBAGltTYYU0s1tfG/cxQR3eW5zAj+juTexJQs03Oo7C4wzjFvjPsKUNmGhim8V
DsVke36D0Kh0Ujnb+9seABhH4h++gWM/BI8z/SC+Ims5oGUFtRb6S4htw5VmmYit
BIZQPirlKwYDKUqzwglfdJ0ecKXuwVI5MbrZy1pkESb8SfaZvJqkFbr0ighHA/as
Kr6OO4SGR7LJwvvAT2tOHH/PWKpw4Uz/gMidWpXurPIgH3iGm+s+XQJQ9OVCjoLu
HT0mEdv+FMETONceAsQ2V1uGLsXq3jgiBTpYGyFNRuQVOuTj7618PbT1AbDeARi2
omvnLN+NmFUimESSJdkwzv0tYw0=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:55:50 2025 by rpki-client