Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/nJkp-bTRkFJzffNAJ2XqpYrqjWg.roa
File: nJkp-bTRkFJzffNAJ2XqpYrqjWg.roa (raw, json)
Hash identifier: C4Deo6n/0pFEY6VAfAHvPqulCu/scjQvAEG2oAabVBk=
Subject key identifier: 9C:99:29:F9:B4:D1:90:52:73:7D:F3:40:27:65:EA:A5:8A:EA:8D:68
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 0191320578BA0024C680B017228C87F3D921
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/nJkp-bTRkFJzffNAJ2XqpYrqjWg.roa
Signing time: Thu 08 Aug 2024 12:45:04 +0000
ROA not before: Thu 08 Aug 2024 12:45:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214979
IP address blocks: 86.106.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:32:05:78:ba:00:24:c6:80:b0:17:22:8c:87:f3:d9:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Aug 8 12:45:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c9929f9b4d19052737df3402765eaa58aea8d68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a6:06:2d:bb:8e:cb:e0:b3:8c:1b:56:c0:d0:
2e:46:16:ec:6a:9c:35:01:76:82:9c:9b:f8:bc:48:
29:6c:af:da:51:e8:d0:3c:88:71:f6:19:9a:8a:a4:
b7:e0:bf:26:35:b0:af:37:92:e9:ac:6d:38:6a:f7:
dd:86:32:94:cb:46:20:7b:0d:f4:d6:98:e4:6d:62:
6d:2c:50:c4:49:c9:98:de:f4:1e:24:92:20:ad:6f:
2a:56:49:28:11:9f:2e:9e:71:92:f6:4c:26:21:8e:
af:ec:be:d0:e5:5e:e5:e5:14:02:8f:05:42:b6:cf:
dc:3c:4d:c6:d8:73:37:b6:b4:3e:df:cf:46:01:d9:
3a:e6:4d:ef:76:2f:55:3c:25:b0:c1:fc:63:8a:56:
04:bf:1e:4b:0f:06:fd:d0:4b:5c:0b:80:38:0c:d3:
79:2f:ad:e4:68:52:f5:99:f8:0b:14:79:31:73:56:
19:25:e8:0f:d0:8c:f6:3b:9a:54:c9:ba:48:14:b6:
6e:2c:9f:00:fd:7a:80:f8:f0:86:d3:29:f8:83:2b:
41:b4:f4:df:4b:b5:64:1a:a2:c9:bc:4a:31:41:1c:
ea:35:44:9e:ca:1d:ca:69:68:6c:ab:91:fa:dd:14:
b2:5b:18:cf:7f:a3:48:1e:c9:27:ee:18:e6:30:d7:
6c:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:99:29:F9:B4:D1:90:52:73:7D:F3:40:27:65:EA:A5:8A:EA:8D:68
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/nJkp-bTRkFJzffNAJ2XqpYrqjWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.106.108.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:dc:4a:e5:8c:35:d8:18:c7:66:1a:7f:6a:47:1b:68:92:4e:
aa:68:cf:13:13:7b:b5:bc:b9:f1:ec:c6:e9:d3:0c:7a:58:61:
2b:fd:f0:93:69:5b:9b:7f:5b:a5:01:ba:24:6d:13:b6:c9:2b:
5c:6e:4a:34:6c:b9:1b:77:82:3c:a1:b4:33:70:ff:98:6d:f9:
c9:83:a7:6b:d9:86:fa:85:52:eb:eb:d5:aa:10:ad:25:a3:ea:
d7:77:d9:90:43:76:74:24:e7:f4:af:46:21:0d:1e:38:f7:b3:
f2:75:e6:71:34:43:1c:b3:75:74:d2:06:11:60:f1:65:39:59:
44:83:b9:ef:20:7b:40:2d:b8:e0:16:e4:8f:bf:b2:fe:e2:c1:
2e:83:5f:b4:8b:a8:41:29:72:aa:8c:f2:6a:22:0e:a7:d8:fc:
55:7d:89:45:d0:ea:9c:51:75:be:8e:b6:7c:aa:78:f0:65:90:
5a:71:b3:b6:b4:82:68:bf:81:3d:bf:aa:f2:cc:76:09:4d:19:
42:4e:86:be:47:c4:79:7a:89:7c:1d:03:63:e8:83:cf:19:8a:
3d:0a:6b:79:50:77:88:b3:98:42:20:e3:75:45:f9:15:45:17:
a7:03:98:a8:75:d9:d7:0a:95:e2:23:92:04:6d:e1:c9:18:43:
d0:9c:d7:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZEyBXi6ACTGgLAXIoyH89khMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQwODA4MTI0NTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yzk5MjlmOWI0ZDE5MDUyNzM3ZGYzNDAyNzY1ZWFhNThhZWE4ZDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxaYGLbuOy+CzjBtWwNAuRhbsapw1
AXaCnJv4vEgpbK/aUejQPIhx9hmaiqS34L8mNbCvN5LprG04avfdhjKUy0Ygew30
1pjkbWJtLFDEScmY3vQeJJIgrW8qVkkoEZ8unnGS9kwmIY6v7L7Q5V7l5RQCjwVC
ts/cPE3G2HM3trQ+389GAdk65k3vdi9VPCWwwfxjilYEvx5LDwb90EtcC4A4DNN5
L63kaFL1mfgLFHkxc1YZJegP0Iz2O5pUybpIFLZuLJ8A/XqA+PCG0yn4gytBtPTf
S7VkGqLJvEoxQRzqNUSeyh3KaWhsq5H63RSyWxjPf6NIHskn7hjmMNds4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJyZKfm00ZBSc33zQCdl6qWK6o1oMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvbkprcC1iVFJrRkp6ZmZOQUoyWHFwWXJxaldnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVmpsMA0G
CSqGSIb3DQEBCwUAA4IBAQBb3ErljDXYGMdmGn9qRxtokk6qaM8TE3u1vLnx7Mbp
0wx6WGEr/fCTaVubf1ulAbokbRO2yStcbko0bLkbd4I8obQzcP+YbfnJg6dr2Yb6
hVLr69WqEK0lo+rXd9mQQ3Z0JOf0r0YhDR4497PydeZxNEMcs3V00gYRYPFlOVlE
g7nvIHtALbjgFuSPv7L+4sEug1+0i6hBKXKqjPJqIg6n2PxVfYlF0OqcUXW+jrZ8
qnjwZZBacbO2tIJov4E9v6ryzHYJTRlCToa+R8R5eol8HQNj6IPPGYo9Cmt5UHeI
s5hCION1RfkVRRenA5ioddnXCpXiI5IEbeHJGEPQnNdw
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:40:51 2024 by rpki-client on console-ams.rpki-client.org