Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/NGQB6Bz_B57i8c6Ya02BQgtJGV0.roa
File: NGQB6Bz_B57i8c6Ya02BQgtJGV0.roa (raw, json)
Hash identifier: EiABwKTtR+PoqENLtR/SqFUWf7buKBipIr+U1Imt2ZQ=
Subject key identifier: 34:64:01:E8:1C:FF:07:9E:E2:F1:CE:98:6B:4D:81:42:0B:49:19:5D
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018CC6B8F813B6AA7582AF0AA04EA2CF9C78
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/NGQB6Bz_B57i8c6Ya02BQgtJGV0.roa
Signing time: Mon 01 Jan 2024 20:31:00 +0000
ROA not before: Mon 01 Jan 2024 20:31:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216362
IP address blocks: 2a0c:9a40:8cd0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:f8:13:b6:aa:75:82:af:0a:a0:4e:a2:cf:9c:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 20:31:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=346401e81cff079ee2f1ce986b4d81420b49195d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a9:ca:26:35:33:a7:ee:28:62:25:2b:f6:3e:
e1:b6:c3:71:dd:aa:2f:42:cd:a3:13:95:eb:a6:b8:
a3:1c:b1:39:e6:ef:94:45:2c:3b:9b:e5:37:29:65:
00:89:05:6d:45:a6:e7:aa:52:7b:a4:ef:f0:3e:28:
a3:5c:35:d7:5f:8c:ca:1e:0b:10:81:08:6f:66:30:
84:df:49:ec:b1:dc:f2:cb:be:1d:36:99:c0:c2:64:
75:95:a6:c8:58:bc:ab:f9:8d:a1:10:bb:8f:35:ea:
90:2a:98:77:21:2d:22:a2:c3:7b:0d:6e:fb:9f:cd:
58:25:66:0a:ec:03:27:cc:d4:66:70:76:e5:b7:ce:
67:ef:19:8c:36:06:fb:bf:00:2a:ca:9c:f4:f1:36:
a7:ea:cd:ac:38:cb:ed:b9:16:c0:39:f7:fe:5e:73:
2b:cd:eb:50:46:b9:d0:50:07:31:1c:19:25:2e:45:
fe:ef:04:55:57:ea:73:28:24:23:77:bd:32:9d:02:
3d:3b:bd:93:4e:ed:0c:f2:44:e4:c9:11:c9:7b:a7:
ea:7d:e4:cc:31:8f:bd:7e:ef:c7:59:51:0e:3e:f2:
a3:5e:12:99:b7:d8:0c:8f:52:c0:f4:f1:fe:75:f4:
89:47:0f:b7:3d:30:e3:45:d2:6f:97:8e:f1:90:75:
e8:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:64:01:E8:1C:FF:07:9E:E2:F1:CE:98:6B:4D:81:42:0B:49:19:5D
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/NGQB6Bz_B57i8c6Ya02BQgtJGV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8cd0::/48
Signature Algorithm: sha256WithRSAEncryption
d0:ab:ed:af:be:c2:a9:35:0f:59:cc:bb:59:62:2a:66:4a:9e:
76:e9:b4:56:1b:b8:3a:17:ec:9f:ee:08:65:43:2a:be:98:88:
95:81:56:7c:fb:95:ee:50:ae:a3:9c:d3:88:9e:3c:ad:06:39:
0d:51:34:26:8f:b7:13:0d:88:7f:d9:4c:0f:9f:f7:f5:69:6f:
3e:71:9e:bf:1a:3c:59:ce:7a:87:81:13:bd:50:a1:d8:e9:0a:
cf:71:1a:d3:49:ba:4d:1d:f1:f3:e0:5d:91:44:d0:96:a3:df:
a8:2f:8e:b3:de:03:c1:86:3e:d9:f7:16:c0:f1:61:b3:8e:ff:
38:40:3e:55:8d:5b:6e:67:67:5a:85:a3:ad:9d:4e:69:b0:4c:
3e:c8:6b:43:0f:04:9e:44:a4:32:7e:46:c2:f0:ea:cb:27:eb:
91:32:dd:c1:48:c8:8c:8c:9f:e0:6b:8d:76:0b:7d:5e:fb:93:
a1:a1:4f:75:d7:f4:0b:04:d7:37:7b:9e:bc:f2:2a:5b:17:61:
36:d4:3e:a3:28:50:b4:14:94:c3:91:49:2c:d2:6d:ce:c5:8e:
e6:25:2c:23:6d:56:d4:76:34:5f:e6:2c:34:b4:68:21:75:1c:
d9:81:a9:fd:07:4a:cb:cf:cb:24:95:e8:f0:e3:26:65:f1:dd:
4a:e5:5a:dd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzGuPgTtqp1gq8KoE6iz5x4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjQwMTAxMjAzMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDY0MDFlODFjZmYwNzllZTJmMWNlOTg2YjRkODE0MjBiNDkxOTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqnKJjUzp+4oYiUr9j7htsNx3aov
Qs2jE5XrprijHLE55u+URSw7m+U3KWUAiQVtRabnqlJ7pO/wPiijXDXXX4zKHgsQ
gQhvZjCE30nssdzyy74dNpnAwmR1labIWLyr+Y2hELuPNeqQKph3IS0iosN7DW77
n81YJWYK7AMnzNRmcHblt85n7xmMNgb7vwAqypz08Tan6s2sOMvtuRbAOff+XnMr
zetQRrnQUAcxHBklLkX+7wRVV+pzKCQjd70ynQI9O72TTu0M8kTkyRHJe6fqfeTM
MY+9fu/HWVEOPvKjXhKZt9gMj1LA9PH+dfSJRw+3PTDjRdJvl47xkHXodQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDRkAegc/wee4vHOmGtNgUILSRldMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvTkdRQjZCel9CNTdpOGM2WWEwMkJRZ3RKR1YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQIzQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDQq+2vvsKpNQ9ZzLtZYipmSp526bRWG7g6F+yf
7ghlQyq+mIiVgVZ8+5XuUK6jnNOInjytBjkNUTQmj7cTDYh/2UwPn/f1aW8+cZ6/
GjxZznqHgRO9UKHY6QrPcRrTSbpNHfHz4F2RRNCWo9+oL46z3gPBhj7Z9xbA8WGz
jv84QD5VjVtuZ2dahaOtnU5psEw+yGtDDwSeRKQyfkbC8OrLJ+uRMt3BSMiMjJ/g
a412C31e+5OhoU911/QLBNc3e5688ipbF2E21D6jKFC0FJTDkUks0m3OxY7mJSwj
bVbUdjRf5iw0tGghdRzZgan9B0rLz8sklejw4yZl8d1K5Vrd
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:24:46 2024 by rpki-client on console-ams.rpki-client.org