Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/34d39a-62d2-40f2-84aa-9724cad6baee/1/PN9uMM55JEBccqlE8qSCxvdMXh0.roa
File: PN9uMM55JEBccqlE8qSCxvdMXh0.roa (raw, json)
Hash identifier: 0NZOp7gVJNaTmUk9Jd7tpa2S8uDhCy7BAXudy7/XQAY=
Subject key identifier: 3C:DF:6E:30:CE:79:24:40:5C:72:A9:44:F2:A4:82:C6:F7:4C:5E:1D
Certificate issuer: /CN=f0d4819e663aa9487b6a082a77d2237e1b8802a1
Certificate serial: 018CC26D72884A31BCE5B545BD0082FDFE93
Authority key identifier: F0:D4:81:9E:66:3A:A9:48:7B:6A:08:2A:77:D2:23:7E:1B:88:02:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8NSBnmY6qUh7aggqd9IjfhuIAqE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/34d39a-62d2-40f2-84aa-9724cad6baee/1/PN9uMM55JEBccqlE8qSCxvdMXh0.roa
Signing time: Mon 01 Jan 2024 00:30:01 +0000
ROA not before: Mon 01 Jan 2024 00:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 185.234.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/34d39a-62d2-40f2-84aa-9724cad6baee/1/8NSBnmY6qUh7aggqd9IjfhuIAqE.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/34d39a-62d2-40f2-84aa-9724cad6baee/1/8NSBnmY6qUh7aggqd9IjfhuIAqE.mft
rsync://rpki.ripe.net/repository/DEFAULT/8NSBnmY6qUh7aggqd9IjfhuIAqE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:72:88:4a:31:bc:e5:b5:45:bd:00:82:fd:fe:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0d4819e663aa9487b6a082a77d2237e1b8802a1
Validity
Not Before: Jan 1 00:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3cdf6e30ce7924405c72a944f2a482c6f74c5e1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a6:2e:e8:6d:b3:61:a7:c8:eb:54:d6:bd:3a:
8e:63:e9:f2:af:db:d6:13:11:60:6d:4e:48:dd:70:
06:88:3e:68:69:0a:c6:02:46:97:4f:eb:fd:bd:8f:
38:cc:fa:a6:e6:73:ae:af:46:36:de:63:74:9a:49:
b0:8a:bc:9f:15:7d:c7:b9:67:52:25:0d:de:09:36:
b7:11:15:27:b8:12:a2:c1:a7:b1:ba:0e:87:bf:f2:
4f:6d:dc:a0:83:23:2e:c4:6c:fc:0e:ab:0d:a6:1d:
85:29:c0:bd:1a:72:d5:32:be:c9:c7:be:d6:90:ef:
12:4f:10:4f:06:91:e8:51:5f:51:8b:48:ff:65:33:
b5:7b:bc:a8:e2:fb:73:ea:53:72:22:e1:00:2e:90:
11:0b:1a:3c:98:c1:4a:15:a5:e2:88:b4:74:20:e1:
4f:89:8b:d6:59:67:9d:9a:25:c1:df:8d:74:07:ee:
39:2e:fb:65:d3:39:68:88:d7:3b:82:c4:cd:9a:76:
2f:1c:00:9e:61:7d:38:8f:61:e9:33:90:31:46:e8:
9d:3e:fc:67:25:1d:8f:0f:ea:60:52:8d:ad:c1:c8:
4c:bc:9c:ff:3d:49:b8:2c:9c:88:29:9b:4c:55:df:
23:6e:bd:59:88:05:51:b9:60:6c:b5:be:0e:66:0c:
02:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:DF:6E:30:CE:79:24:40:5C:72:A9:44:F2:A4:82:C6:F7:4C:5E:1D
X509v3 Authority Key Identifier:
keyid:F0:D4:81:9E:66:3A:A9:48:7B:6A:08:2A:77:D2:23:7E:1B:88:02:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8NSBnmY6qUh7aggqd9IjfhuIAqE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/34d39a-62d2-40f2-84aa-9724cad6baee/1/PN9uMM55JEBccqlE8qSCxvdMXh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/34d39a-62d2-40f2-84aa-9724cad6baee/1/8NSBnmY6qUh7aggqd9IjfhuIAqE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.100.0/24
Signature Algorithm: sha256WithRSAEncryption
41:65:52:af:3b:ba:29:89:0a:f5:77:88:6b:34:76:a2:32:df:
b1:38:60:de:af:20:b1:f9:a6:ab:44:59:c2:40:47:30:07:0d:
47:af:f1:2b:42:67:d7:28:8c:00:c3:72:fa:27:8f:e4:18:37:
0a:15:e8:e2:06:0d:b2:bd:b3:d4:49:b8:87:57:05:23:d4:fe:
d5:9b:e7:23:77:93:5b:94:96:57:1b:07:90:09:df:bd:73:22:
c6:54:1d:61:46:aa:fb:c3:84:d5:0d:38:2e:8f:3d:3b:54:c0:
cd:7e:7c:55:8c:d9:1c:89:54:b8:7f:b4:ab:ae:c1:af:d3:5e:
0f:fe:b8:7a:1b:39:61:7a:02:a4:7b:62:75:fa:a1:e4:4e:ae:
0a:e0:d9:46:80:63:67:e2:97:75:df:20:c7:bf:03:25:56:4f:
77:df:e9:80:46:e9:95:81:b7:e4:0d:21:31:8d:6f:d3:3d:03:
7c:c8:eb:8f:69:6a:f2:0f:01:53:ee:7a:2d:3e:12:3a:fd:68:
75:7d:b4:a0:be:1b:3a:d3:fd:9b:b4:31:f6:1f:c3:c5:ab:a7:
99:b0:69:7b:00:9e:5a:9b:13:ca:28:a1:c2:dd:55:51:60:bc:
db:34:17:c2:8a:00:cc:27:63:9d:6b:ad:d2:fd:95:8b:94:b9:
34:e9:dc:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbXKISjG85bVFvQCC/f6TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZDQ4MTllNjYzYWE5NDg3YjZhMDgyYTc3ZDIyMzdlMWI4
ODAyYTEwHhcNMjQwMTAxMDAzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2RmNmUzMGNlNzkyNDQwNWM3MmE5NDRmMmE0ODJjNmY3NGM1ZTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqYu6G2zYafI61TWvTqOY+nyr9vW
ExFgbU5I3XAGiD5oaQrGAkaXT+v9vY84zPqm5nOur0Y23mN0mkmwiryfFX3HuWdS
JQ3eCTa3ERUnuBKiwaexug6Hv/JPbdyggyMuxGz8DqsNph2FKcC9GnLVMr7Jx77W
kO8STxBPBpHoUV9Ri0j/ZTO1e7yo4vtz6lNyIuEALpARCxo8mMFKFaXiiLR0IOFP
iYvWWWedmiXB3410B+45Lvtl0zloiNc7gsTNmnYvHACeYX04j2HpM5AxRuidPvxn
JR2PD+pgUo2twchMvJz/PUm4LJyIKZtMVd8jbr1ZiAVRuWBstb4OZgwCMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDzfbjDOeSRAXHKpRPKkgsb3TF4dMB8GA1UdIwQY
MBaAFPDUgZ5mOqlIe2oIKnfSI34biAKhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE5TQm5tWTZxVWg3YWdncWQ5SWpmaHVJQXFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8zNGQzOWEtNjJkMi00MGYyLTg0YWEt
OTcyNGNhZDZiYWVlLzEvUE45dU1NNTVKRUJjY3FsRThxU0N4dmRNWGgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8zNGQzOWEtNjJkMi00MGYyLTg0YWEtOTcyNGNhZDZiYWVl
LzEvOE5TQm5tWTZxVWg3YWdncWQ5SWpmaHVJQXFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuepkMA0G
CSqGSIb3DQEBCwUAA4IBAQBBZVKvO7opiQr1d4hrNHaiMt+xOGDeryCx+aarRFnC
QEcwBw1Hr/ErQmfXKIwAw3L6J4/kGDcKFejiBg2yvbPUSbiHVwUj1P7Vm+cjd5Nb
lJZXGweQCd+9cyLGVB1hRqr7w4TVDTgujz07VMDNfnxVjNkciVS4f7SrrsGv014P
/rh6GzlhegKke2J1+qHkTq4K4NlGgGNn4pd13yDHvwMlVk933+mARumVgbfkDSEx
jW/TPQN8yOuPaWryDwFT7notPhI6/Wh1fbSgvhs60/2btDH2H8PFq6eZsGl7AJ5a
mxPKKKHC3VVRYLzbNBfCigDMJ2Oda63S/ZWLlLk06dzI
-----END CERTIFICATE-----
Generated at Sat May 4 13:54:02 2024 by rpki-client on console-ams.rpki-client.org