Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/niSmBpfdzlepBpmmctXjBmJnGKA.roa
File: niSmBpfdzlepBpmmctXjBmJnGKA.roa (raw, json)
Hash identifier: cLCqb0+4/FgUSLPIL/nnP+rtn+oP+AY9TZDYKDHOxuE=
Subject key identifier: 9E:24:A6:06:97:DD:CE:57:A9:06:99:A6:72:D5:E3:06:62:67:18:A0
Certificate issuer: /CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Certificate serial: 018EBEAFC10C37472102571196BCF1CE5F80
Authority key identifier: 9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/niSmBpfdzlepBpmmctXjBmJnGKA.roa
Signing time: Mon 08 Apr 2024 17:09:32 +0000
ROA not before: Mon 08 Apr 2024 17:09:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41236
IP address blocks: 86.107.58.0/24 maxlen: 24
93.190.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.mft
rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 11:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:be:af:c1:0c:37:47:21:02:57:11:96:bc:f1:ce:5f:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Validity
Not Before: Apr 8 17:09:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e24a60697ddce57a90699a672d5e306626718a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:84:e6:55:74:d5:65:f5:c7:75:92:1c:70:e1:
f4:96:92:4a:ad:b0:69:d8:d8:d5:d1:b8:20:01:9e:
1f:cb:4b:87:b9:15:a6:40:43:73:f9:d8:67:17:54:
c4:7c:d3:b1:60:f0:3a:80:c9:cc:eb:a6:8b:9c:1e:
16:a6:c7:0e:b5:8f:5c:0d:dd:51:6c:fe:82:34:dc:
a8:d7:b5:fa:45:48:0a:11:c4:29:26:b5:36:30:f7:
65:72:57:ce:96:31:d0:de:c2:f1:55:84:41:27:c4:
f4:77:f4:d8:c7:a4:a5:49:09:7d:8e:2e:59:dd:3d:
7f:98:f4:ee:cb:8e:3c:eb:8f:a1:43:1e:33:29:79:
79:90:04:53:c2:85:55:ca:36:81:74:83:02:30:dc:
58:15:17:06:da:12:ff:fb:60:cb:5a:d8:c3:83:6a:
eb:0c:c5:64:99:94:a7:5f:3e:be:ec:59:ee:83:e8:
eb:41:c3:ac:54:08:62:c8:13:7d:7a:c3:13:c6:91:
50:32:c4:55:61:d2:34:26:5e:6d:68:5a:d5:69:4c:
fa:6e:13:d1:b9:79:97:97:07:0b:5d:fc:bd:d0:c5:
d5:79:f3:c9:89:a3:ad:99:6b:86:9e:d5:35:ca:d5:
2b:f6:f0:c4:69:e9:b9:30:f2:3e:91:ff:c1:23:4d:
4c:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:24:A6:06:97:DD:CE:57:A9:06:99:A6:72:D5:E3:06:62:67:18:A0
X509v3 Authority Key Identifier:
keyid:9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/niSmBpfdzlepBpmmctXjBmJnGKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.58.0/24
93.190.122.0/24
Signature Algorithm: sha256WithRSAEncryption
66:5a:26:e5:02:ef:e6:0b:30:4d:4d:93:f6:4a:2a:4f:02:49:
e8:a1:5f:e2:0b:5d:3f:fd:a5:82:11:f9:a2:02:82:b9:16:f6:
56:e4:a6:98:6b:be:67:a5:14:b0:e1:93:6d:50:33:b6:04:3b:
4a:f7:57:25:75:6f:36:d6:68:9e:c9:85:48:01:18:70:3b:c4:
2d:96:ca:13:11:3c:ce:cf:ef:be:44:04:7f:e4:4a:9f:20:1d:
d1:66:fc:29:4b:47:2f:3c:7e:0f:6a:c2:7b:20:18:d7:47:53:
1e:d0:de:9b:a0:f0:65:52:94:69:f3:ba:1e:23:7d:20:23:58:
28:dc:80:e1:c5:0f:43:1a:5f:b9:03:0d:14:a3:c0:ab:3c:83:
d3:21:b8:98:fb:6d:2f:b9:fd:f2:cc:87:29:8f:08:ef:98:c2:
a6:b7:72:07:ea:7a:e3:5f:d7:15:46:b4:78:49:94:4e:87:eb:
36:10:e2:5f:86:cf:f3:b2:e8:4d:77:44:66:07:31:f7:24:4a:
31:6a:d7:87:49:af:9a:bb:71:8d:0c:66:e8:b8:3b:d2:9d:0e:
b4:6d:d3:2f:ed:1c:d4:c8:9f:dc:d9:e2:15:71:ee:6e:04:67:
31:52:74:88:2c:53:b7:30:90:8f:c3:f5:9c:b8:f7:13:87:d9:
85:c7:2a:06
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6+r8EMN0chAlcRlrzxzl+AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNTQyZjVkZjNjMWFjYjg1N2ZkNTBlZWIwMTZlZWQwNzM4
NWZmOGMwHhcNMjQwNDA4MTcwOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTI0YTYwNjk3ZGRjZTU3YTkwNjk5YTY3MmQ1ZTMwNjYyNjcxOGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhITmVXTVZfXHdZIccOH0lpJKrbBp
2NjV0bggAZ4fy0uHuRWmQENz+dhnF1TEfNOxYPA6gMnM66aLnB4WpscOtY9cDd1R
bP6CNNyo17X6RUgKEcQpJrU2MPdlclfOljHQ3sLxVYRBJ8T0d/TYx6SlSQl9ji5Z
3T1/mPTuy44864+hQx4zKXl5kARTwoVVyjaBdIMCMNxYFRcG2hL/+2DLWtjDg2rr
DMVkmZSnXz6+7Fnug+jrQcOsVAhiyBN9esMTxpFQMsRVYdI0Jl5taFrVaUz6bhPR
uXmXlwcLXfy90MXVefPJiaOtmWuGntU1ytUr9vDEaem5MPI+kf/BI01MUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ4kpgaX3c5XqQaZpnLV4wZiZxigMB8GA1UdIwQY
MBaAFJxUL13zway4V/1Q7rAW7tBzhf+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUt
MjVkYmY0MzgwNGM1LzEvbmlTbUJwZmR6bGVwQnBtbWN0WGpCbUpuR0tBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUtMjVkYmY0MzgwNGM1
LzEvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVms6AwQA
Xb56MA0GCSqGSIb3DQEBCwUAA4IBAQBmWiblAu/mCzBNTZP2SipPAknooV/iC10/
/aWCEfmiAoK5FvZW5KaYa75npRSw4ZNtUDO2BDtK91cldW821mieyYVIARhwO8Qt
lsoTETzOz+++RAR/5EqfIB3RZvwpS0cvPH4PasJ7IBjXR1Me0N6boPBlUpRp87oe
I30gI1go3IDhxQ9DGl+5Aw0Uo8CrPIPTIbiY+20vuf3yzIcpjwjvmMKmt3IH6nrj
X9cVRrR4SZROh+s2EOJfhs/zsuhNd0RmBzH3JEoxateHSa+au3GNDGbouDvSnQ60
bdMv7RzUyJ/c2eIVce5uBGcxUnSILFO3MJCPw/WcuPcTh9mFxyoG
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:30:19 2024 by rpki-client on console-fra.rpki-client.org