Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/3cc848-7861-4ce1-870d-84b67b470b04/1/NlGTgRxSWyTIyIz4YsPoE9DjZtk.roa
File: NlGTgRxSWyTIyIz4YsPoE9DjZtk.roa (raw, json)
Hash identifier: zbc1A2J5SGirVHi69d9ev+xxHYfp6fZBmbAL6LfG8gg=
Subject key identifier: 36:51:93:81:1C:52:5B:24:C8:C8:8C:F8:62:C3:E8:13:D0:E3:66:D9
Certificate issuer: /CN=ad367bc19f066996490a206674c8da8f5ed2cd0e
Certificate serial: 018D13A2D189FD0316A031E670EDF27FBC16
Authority key identifier: AD:36:7B:C1:9F:06:69:96:49:0A:20:66:74:C8:DA:8F:5E:D2:CD:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rTZ7wZ8GaZZJCiBmdMjaj17SzQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/3cc848-7861-4ce1-870d-84b67b470b04/1/NlGTgRxSWyTIyIz4YsPoE9DjZtk.roa
Signing time: Tue 16 Jan 2024 18:57:33 +0000
ROA not before: Tue 16 Jan 2024 18:57:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56322
IP address blocks: 91.219.236.0/22 maxlen: 22
91.219.236.0/24 maxlen: 24
91.219.237.0/24 maxlen: 24
91.219.238.0/24 maxlen: 24
91.219.239.0/24 maxlen: 24
185.163.204.0/24 maxlen: 24
2a10:c800::/48 maxlen: 48
2a10:c800:1::/48 maxlen: 48
2a10:c800:400::/48 maxlen: 48
2a10:c800:401::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/3cc848-7861-4ce1-870d-84b67b470b04/1/rTZ7wZ8GaZZJCiBmdMjaj17SzQ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/3cc848-7861-4ce1-870d-84b67b470b04/1/rTZ7wZ8GaZZJCiBmdMjaj17SzQ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/rTZ7wZ8GaZZJCiBmdMjaj17SzQ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 21 Jun 2024 10:02:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:13:a2:d1:89:fd:03:16:a0:31:e6:70:ed:f2:7f:bc:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad367bc19f066996490a206674c8da8f5ed2cd0e
Validity
Not Before: Jan 16 18:57:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=365193811c525b24c8c88cf862c3e813d0e366d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:8b:6c:9c:ce:d3:48:69:e9:72:34:9e:db:31:
11:50:06:63:d9:a9:16:ec:00:07:62:ec:d6:e8:9f:
6c:a0:90:54:30:8c:af:62:58:c7:42:92:e1:8d:1f:
b3:6e:ff:db:57:2e:33:88:7b:d8:c7:72:f2:70:39:
8d:d3:e0:b2:12:24:cb:86:51:8a:0e:83:cb:e0:d2:
dc:2e:ad:f8:17:9f:81:5c:9d:e0:a5:0b:78:cb:07:
8a:28:0d:ea:9a:df:6b:62:95:05:65:dc:c2:83:fe:
7f:c2:38:97:90:35:fb:e4:81:b1:9d:8d:d2:62:a9:
3a:0b:1c:3e:93:3f:c5:20:50:86:0a:fd:c6:d0:5e:
e8:00:d1:44:32:9c:55:ea:86:ce:dd:79:0b:c8:b8:
dc:34:d6:c3:66:e1:06:65:98:d0:35:a0:4d:2d:06:
33:66:75:0b:a3:1b:57:28:3d:f3:5b:40:a5:a5:57:
60:1b:7b:6e:5c:a7:9d:0f:9f:20:ba:ed:cb:17:6b:
08:29:a2:e4:9d:64:87:81:91:e3:f3:15:a1:0b:30:
e9:0e:77:f7:57:92:bc:3e:81:3a:86:9a:95:79:cb:
22:2d:91:b8:3d:1c:e6:77:e8:ab:c5:ba:74:09:cb:
d7:6a:6d:52:b7:c8:cd:0c:2f:e0:d6:b0:90:86:cb:
d8:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:51:93:81:1C:52:5B:24:C8:C8:8C:F8:62:C3:E8:13:D0:E3:66:D9
X509v3 Authority Key Identifier:
keyid:AD:36:7B:C1:9F:06:69:96:49:0A:20:66:74:C8:DA:8F:5E:D2:CD:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rTZ7wZ8GaZZJCiBmdMjaj17SzQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/3cc848-7861-4ce1-870d-84b67b470b04/1/NlGTgRxSWyTIyIz4YsPoE9DjZtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/3cc848-7861-4ce1-870d-84b67b470b04/1/rTZ7wZ8GaZZJCiBmdMjaj17SzQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.219.236.0/22
185.163.204.0/24
IPv6:
2a10:c800::/47
2a10:c800:400::/47
Signature Algorithm: sha256WithRSAEncryption
35:79:a0:c3:26:ac:f4:c9:67:52:d9:21:f3:0c:02:0e:5e:2b:
03:0f:f2:a2:d0:8a:e4:a7:e2:3f:99:7f:39:dc:5a:5e:40:ee:
1c:e3:eb:54:6a:f5:4d:9a:2a:e2:d0:06:d9:9d:7f:9f:2a:a4:
6e:2f:d6:56:ce:36:f4:3d:3f:89:f3:7b:1c:09:e1:27:07:50:
50:7f:b3:04:5f:79:89:5a:0f:df:6f:d4:b1:18:9d:77:fa:67:
2d:21:94:03:68:65:3b:70:dc:15:97:bb:7f:28:86:f6:87:ec:
00:05:bc:97:f2:81:62:f4:dc:3d:01:1f:03:3c:04:5c:e5:2a:
04:44:1b:43:78:9f:1e:57:11:ed:de:3f:ac:e3:fe:87:cd:9e:
b3:5c:0f:f4:f4:d3:a4:6b:de:13:e1:c7:0f:63:4e:5f:c9:08:
cd:78:4b:62:75:a6:94:c9:c3:bd:b7:d4:7e:7f:58:29:0b:9d:
39:62:22:20:23:6b:79:9e:99:04:0a:7a:5c:0f:72:32:8a:85:
11:f3:f8:cb:22:9a:df:fd:07:05:9c:64:d9:7d:8d:6d:ef:2a:
35:65:97:9d:ed:e0:23:09:34:32:74:ab:67:59:13:f8:bc:cd:
0f:3c:dd:ce:29:cd:db:a6:e3:89:33:cb:54:f3:c4:ec:48:e1:
c5:2c:75:f5
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY0TotGJ/QMWoDHmcO3yf7wWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMzY3YmMxOWYwNjY5OTY0OTBhMjA2Njc0YzhkYThmNWVk
MmNkMGUwHhcNMjQwMTE2MTg1NzMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjUxOTM4MTFjNTI1YjI0YzhjODhjZjg2MmMzZTgxM2QwZTM2NmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYtsnM7TSGnpcjSe2zERUAZj2akW
7AAHYuzW6J9soJBUMIyvYljHQpLhjR+zbv/bVy4ziHvYx3LycDmN0+CyEiTLhlGK
DoPL4NLcLq34F5+BXJ3gpQt4yweKKA3qmt9rYpUFZdzCg/5/wjiXkDX75IGxnY3S
Yqk6Cxw+kz/FIFCGCv3G0F7oANFEMpxV6obO3XkLyLjcNNbDZuEGZZjQNaBNLQYz
ZnULoxtXKD3zW0ClpVdgG3tuXKedD58guu3LF2sIKaLknWSHgZHj8xWhCzDpDnf3
V5K8PoE6hpqVecsiLZG4PRzmd+irxbp0CcvXam1St8jNDC/g1rCQhsvY6QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFDZRk4EcUlskyMiM+GLD6BPQ42bZMB8GA1UdIwQY
MBaAFK02e8GfBmmWSQogZnTI2o9e0s0OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclRaN3daOEdhWlpKQ2lCbWRNamFqMTdTelE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8zY2M4NDgtNzg2MS00Y2UxLTg3MGQt
ODRiNjdiNDcwYjA0LzEvTmxHVGdSeFNXeVRJeUl6NFlzUG9FOURqWnRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8zY2M4NDgtNzg2MS00Y2UxLTg3MGQtODRiNjdiNDcwYjA0
LzEvclRaN3daOEdhWlpKQ2lCbWRNamFqMTdTelE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQCW9vsAwQA
uaPMMBgEAgACMBIDBwEqEMgAAAADBwEqEMgABAAwDQYJKoZIhvcNAQELBQADggEB
ADV5oMMmrPTJZ1LZIfMMAg5eKwMP8qLQiuSn4j+ZfzncWl5A7hzj61Rq9U2aKuLQ
Btmdf58qpG4v1lbONvQ9P4nzexwJ4ScHUFB/swRfeYlaD99v1LEYnXf6Zy0hlANo
ZTtw3BWXu38ohvaH7AAFvJfygWL03D0BHwM8BFzlKgREG0N4nx5XEe3eP6zj/ofN
nrNcD/T006Rr3hPhxw9jTl/JCM14S2J1ppTJw7231H5/WCkLnTliIiAja3memQQK
elwPcjKKhRHz+Msimt/9BwWcZNl9jW3vKjVll53t4CMJNDJ0q2dZE/i8zQ883c4p
zdum44kzy1TzxOxI4cUsdfU=
-----END CERTIFICATE-----
Generated at Thu Jun 20 15:11:35 2024 by rpki-client on console-ams.rpki-client.org