Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/no4n7BQj4nRrXFxSdodP_GswyPY.roa
File: no4n7BQj4nRrXFxSdodP_GswyPY.roa (raw, json)
Hash identifier: PU+5XFbgiXKA+xO77ngiBae/7oEne+XL5Ae6CEjyutY=
Subject key identifier: 9E:8E:27:EC:14:23:E2:74:6B:5C:5C:52:76:87:4F:FC:6B:30:C8:F6
Certificate issuer: /CN=9dc28ae9937ff7e49ec4f1234e53d8b9dd694541
Certificate serial: 018F7AC164E6DA86CBC7BF94B289BBD10E90
Authority key identifier: 9D:C2:8A:E9:93:7F:F7:E4:9E:C4:F1:23:4E:53:D8:B9:DD:69:45:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ncKK6ZN_9-SexPEjTlPYud1pRUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/no4n7BQj4nRrXFxSdodP_GswyPY.roa
Signing time: Wed 15 May 2024 05:37:25 +0000
ROA not before: Wed 15 May 2024 05:37:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13213
IP address blocks: 194.62.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/ncKK6ZN_9-SexPEjTlPYud1pRUE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/ncKK6ZN_9-SexPEjTlPYud1pRUE.mft
rsync://rpki.ripe.net/repository/DEFAULT/ncKK6ZN_9-SexPEjTlPYud1pRUE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:7a:c1:64:e6:da:86:cb:c7:bf:94:b2:89:bb:d1:0e:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dc28ae9937ff7e49ec4f1234e53d8b9dd694541
Validity
Not Before: May 15 05:37:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e8e27ec1423e2746b5c5c5276874ffc6b30c8f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:ee:36:ac:12:df:72:e2:18:60:71:43:33:5a:
5c:c5:5f:63:d9:e8:45:5f:72:2e:cf:65:1e:2a:ea:
47:b3:1f:3f:8f:8c:f1:dc:71:07:5c:39:2d:c8:1c:
c6:e7:03:30:72:78:02:31:ae:6e:29:6c:04:93:22:
30:91:e7:5b:f4:0c:ae:5d:74:2f:a5:28:de:09:75:
d2:9e:aa:75:17:86:4d:77:b2:0a:c8:19:8d:f7:21:
5c:1d:68:d7:88:2d:31:52:f5:10:a7:42:e8:e1:75:
21:76:17:fa:2a:75:17:da:e2:18:65:97:9a:f6:77:
73:56:b2:f1:c6:9e:5a:80:57:8a:f8:42:8f:a6:ce:
3a:cb:19:d3:44:55:9c:d6:73:06:a2:e6:45:64:af:
6b:b9:b6:d9:c2:78:c0:38:8f:1e:f3:58:f5:a2:fd:
f5:04:21:06:b6:bc:94:0f:b5:46:94:fa:93:6a:63:
16:ec:ec:38:66:76:8e:81:78:86:d4:98:38:1b:04:
8c:5a:7a:33:9a:f5:f7:9c:7a:10:08:29:5e:e6:f5:
67:89:2c:99:9b:94:71:67:a8:b5:47:08:1b:11:57:
48:e8:8e:2c:ba:06:65:e6:1a:43:a4:d3:fe:5a:ee:
5c:fb:d9:74:95:82:35:c8:1d:06:c4:aa:1f:d5:b0:
65:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:8E:27:EC:14:23:E2:74:6B:5C:5C:52:76:87:4F:FC:6B:30:C8:F6
X509v3 Authority Key Identifier:
keyid:9D:C2:8A:E9:93:7F:F7:E4:9E:C4:F1:23:4E:53:D8:B9:DD:69:45:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ncKK6ZN_9-SexPEjTlPYud1pRUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/no4n7BQj4nRrXFxSdodP_GswyPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/ncKK6ZN_9-SexPEjTlPYud1pRUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.62.107.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:04:a2:58:03:a4:db:0c:ed:40:d6:5f:92:ce:32:ad:df:81:
93:19:29:f0:c9:6e:08:81:e7:df:0b:7d:8a:f6:77:59:dd:bc:
c2:5e:b9:33:4b:5c:63:62:62:3e:87:2a:f4:11:c7:c7:9c:00:
1c:4f:c5:a5:6e:87:cd:4d:42:17:a5:2d:6f:b6:a0:ce:21:10:
f9:cd:4f:63:70:5f:14:49:d7:dc:d2:4d:96:10:43:a6:85:83:
77:fb:3c:0e:f4:08:c4:d2:f3:a2:62:bb:91:ed:f5:b0:68:c2:
72:48:c1:d2:8a:38:af:51:09:0d:67:aa:1e:aa:05:ef:71:2b:
44:ec:66:08:27:27:e1:20:6f:23:2b:f6:a1:65:b2:ae:4c:8e:
7e:0d:9b:36:0d:f4:9c:6b:1b:f6:b2:6b:98:d0:55:df:46:68:
69:16:e7:98:a5:95:f6:a7:11:42:6b:17:5f:72:57:f6:d9:2f:
7a:5e:e7:a5:a0:7a:3c:66:8d:16:cf:e3:92:ca:0d:b5:d5:7a:
71:20:15:21:6a:63:e6:97:59:c2:c2:cf:c9:3d:e4:48:82:e4:
d9:8d:53:35:50:0d:ec:18:29:39:6b:67:79:cd:e8:5c:aa:47:
f0:f3:b5:7f:5b:23:dc:3f:14:10:66:00:b4:5a:67:9c:8a:83:
81:a0:a5:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY96wWTm2obLx7+Usom70Q6QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYzI4YWU5OTM3ZmY3ZTQ5ZWM0ZjEyMzRlNTNkOGI5ZGQ2
OTQ1NDEwHhcNMjQwNTE1MDUzNzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZThlMjdlYzE0MjNlMjc0NmI1YzVjNTI3Njg3NGZmYzZiMzBjOGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/e42rBLfcuIYYHFDM1pcxV9j2ehF
X3Iuz2UeKupHsx8/j4zx3HEHXDktyBzG5wMwcngCMa5uKWwEkyIwkedb9AyuXXQv
pSjeCXXSnqp1F4ZNd7IKyBmN9yFcHWjXiC0xUvUQp0Lo4XUhdhf6KnUX2uIYZZea
9ndzVrLxxp5agFeK+EKPps46yxnTRFWc1nMGouZFZK9rubbZwnjAOI8e81j1ov31
BCEGtryUD7VGlPqTamMW7Ow4ZnaOgXiG1Jg4GwSMWnozmvX3nHoQCCle5vVniSyZ
m5RxZ6i1RwgbEVdI6I4sugZl5hpDpNP+Wu5c+9l0lYI1yB0GxKof1bBlGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ6OJ+wUI+J0a1xcUnaHT/xrMMj2MB8GA1UdIwQY
MBaAFJ3CiumTf/fknsTxI05T2LndaUVBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmNLSzZaTl85LVNleFBFalRsUFl1ZDFwUlVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9jMDMzMGMtOTg3Mi00YWM2LWEyMmMt
MTkyY2JkMDhkYjUxLzEvbm80bjdCUWo0blJyWEZ4U2RvZFBfR3N3eVBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9jMDMzMGMtOTg3Mi00YWM2LWEyMmMtMTkyY2JkMDhkYjUx
LzEvbmNLSzZaTl85LVNleFBFalRsUFl1ZDFwUlVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwj5rMA0G
CSqGSIb3DQEBCwUAA4IBAQAcBKJYA6TbDO1A1l+SzjKt34GTGSnwyW4IgeffC32K
9ndZ3bzCXrkzS1xjYmI+hyr0EcfHnAAcT8WlbofNTUIXpS1vtqDOIRD5zU9jcF8U
Sdfc0k2WEEOmhYN3+zwO9AjE0vOiYruR7fWwaMJySMHSijivUQkNZ6oeqgXvcStE
7GYIJyfhIG8jK/ahZbKuTI5+DZs2DfScaxv2smuY0FXfRmhpFueYpZX2pxFCaxdf
clf22S96XueloHo8Zo0Wz+OSyg211XpxIBUhamPml1nCws/JPeRIguTZjVM1UA3s
GCk5a2d5zehcqkfw87V/WyPcPxQQZgC0WmecioOBoKWR
-----END CERTIFICATE-----
Generated at Sat Jun 1 22:18:09 2024 by rpki-client on console-fra.rpki-client.org