Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NnbtXj1tNY4lI6jdFK-1jR2UByw.roa
File: NnbtXj1tNY4lI6jdFK-1jR2UByw.roa (raw, json)
Hash identifier: QM9Q5YXH789bCCc8XqmFOy8uVlRXAjwxnScyPSfRYJI=
Subject key identifier: 36:76:ED:5E:3D:6D:35:8E:25:23:A8:DD:14:AF:B5:8D:1D:94:07:2C
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018CC86FBF6C305B84FB20AF43C163DDBA40
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NnbtXj1tNY4lI6jdFK-1jR2UByw.roa
Signing time: Tue 02 Jan 2024 04:30:15 +0000
ROA not before: Tue 02 Jan 2024 04:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42708
IP address blocks: 31.135.2.0/24 maxlen: 24
64.43.64.0/24 maxlen: 24
193.36.201.0/24 maxlen: 24
193.36.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:bf:6c:30:5b:84:fb:20:af:43:c1:63:dd:ba:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 2 04:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3676ed5e3d6d358e2523a8dd14afb58d1d94072c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f4:d0:61:85:a5:c0:4e:ee:c6:9c:86:7d:bc:
ef:4a:e8:cc:83:88:50:0f:9c:b5:19:ea:df:f2:8f:
b5:d8:f7:73:d9:07:93:c6:96:49:cb:48:3c:b6:37:
99:65:6e:e3:7d:e0:4d:69:d3:5f:c2:0a:c0:0d:e3:
a5:fe:8e:66:b4:df:34:52:e3:75:88:3e:87:26:17:
ce:64:c9:78:87:43:ff:99:6b:97:94:20:ce:11:d1:
b1:d8:e1:57:53:9b:f1:25:4f:d7:e8:d4:71:45:ce:
7e:5a:82:5b:cc:4d:d1:d7:5a:6a:58:3f:8b:53:7f:
c0:8a:5d:19:96:82:2c:c3:66:ac:69:51:49:84:42:
9d:ab:fc:48:b6:0f:c2:01:57:e5:bd:85:b4:ea:d6:
fa:b8:41:3b:32:48:64:e3:50:fc:d9:a8:83:b2:c9:
48:54:63:98:61:ec:07:05:8b:f3:ae:38:42:48:7d:
21:c2:d1:13:49:a4:f7:26:2c:70:cb:ef:94:04:7c:
36:be:33:94:84:09:3f:5c:04:8c:d4:61:41:04:4d:
5e:28:96:16:21:94:5e:fb:98:7e:88:f7:a4:12:12:
28:dc:1c:7f:d5:21:89:81:ce:92:f5:52:be:04:52:
72:b1:56:ca:a1:8e:91:40:77:80:02:51:4f:84:f4:
3f:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:76:ED:5E:3D:6D:35:8E:25:23:A8:DD:14:AF:B5:8D:1D:94:07:2C
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NnbtXj1tNY4lI6jdFK-1jR2UByw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.2.0/24
64.43.64.0/24
193.36.200.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:38:68:a3:bc:81:8d:b4:b6:ed:04:91:5e:04:a2:86:e8:32:
34:7e:bf:35:73:86:78:62:e1:4b:fc:d6:70:df:c1:14:94:08:
54:20:8d:2d:ff:86:38:74:e1:83:01:ce:68:1c:b1:26:e6:19:
27:01:72:e5:a4:47:09:8e:d3:92:ca:d9:fd:be:18:57:31:c1:
cb:29:9f:c5:f4:0f:5d:c5:ca:64:3e:7a:dc:41:ad:ca:a8:a1:
61:56:83:c3:28:dc:d0:d9:12:91:35:df:af:5e:0f:c6:ee:aa:
83:30:31:aa:f7:9f:42:d7:93:da:a3:1e:c1:6c:90:ce:62:81:
8d:ff:05:cf:5c:75:c1:36:2a:32:f5:30:71:57:97:fd:65:5a:
08:6f:60:9f:3a:f8:09:f9:31:c3:21:a4:ee:55:0b:f0:52:a0:
34:4f:41:23:6b:c1:55:d8:55:cf:13:84:b0:68:86:89:77:ff:
dd:af:11:64:d9:ed:33:eb:87:92:11:a0:df:1a:af:5c:6a:81:
fa:aa:98:c5:17:db:e5:76:21:77:ab:4e:27:06:ce:42:76:f7:
0f:2d:03:a4:5b:8b:22:55:e5:d2:2d:1a:7b:d7:6b:bb:e8:37:
6a:ee:25:63:cc:18:46:46:52:38:01:81:55:1c:cf:d6:08:c2:
f4:7a:2c:ec
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIb79sMFuE+yCvQ8Fj3bpAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjQwMTAyMDQzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjc2ZWQ1ZTNkNmQzNThlMjUyM2E4ZGQxNGFmYjU4ZDFkOTQwNzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvTQYYWlwE7uxpyGfbzvSujMg4hQ
D5y1Gerf8o+12Pdz2QeTxpZJy0g8tjeZZW7jfeBNadNfwgrADeOl/o5mtN80UuN1
iD6HJhfOZMl4h0P/mWuXlCDOEdGx2OFXU5vxJU/X6NRxRc5+WoJbzE3R11pqWD+L
U3/Ail0ZloIsw2asaVFJhEKdq/xItg/CAVflvYW06tb6uEE7Mkhk41D82aiDsslI
VGOYYewHBYvzrjhCSH0hwtETSaT3Jixwy++UBHw2vjOUhAk/XASM1GFBBE1eKJYW
IZRe+5h+iPekEhIo3Bx/1SGJgc6S9VK+BFJysVbKoY6RQHeAAlFPhPQ/YQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDZ27V49bTWOJSOo3RSvtY0dlAcsMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvTm5idFhqMXROWTRsSTZqZEZLLTFqUjJVQnl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAH4cCAwQA
QCtAAwQBwSTIMA0GCSqGSIb3DQEBCwUAA4IBAQBNOGijvIGNtLbtBJFeBKKG6DI0
fr81c4Z4YuFL/NZw38EUlAhUII0t/4Y4dOGDAc5oHLEm5hknAXLlpEcJjtOSytn9
vhhXMcHLKZ/F9A9dxcpkPnrcQa3KqKFhVoPDKNzQ2RKRNd+vXg/G7qqDMDGq959C
15Paox7BbJDOYoGN/wXPXHXBNioy9TBxV5f9ZVoIb2CfOvgJ+THDIaTuVQvwUqA0
T0Eja8FV2FXPE4SwaIaJd//drxFk2e0z64eSEaDfGq9caoH6qpjFF9vldiF3q04n
Bs5CdvcPLQOkW4siVeXSLRp712u76Ddq7iVjzBhGRlI4AYFVHM/WCML0eizs
-----END CERTIFICATE-----
Generated at Fri Jun 21 16:32:03 2024 by rpki-client on console-ams.rpki-client.org