Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/ND-2T-TXVgO1iidRxUqpbiZ62f8.roa
File: ND-2T-TXVgO1iidRxUqpbiZ62f8.roa (raw, json)
Hash identifier: QKJfEvAusxYEqCt0nLS1vzk10Jd8GtUZ8EFTkQjxvAA=
Subject key identifier: 34:3F:B6:4F:E4:D7:56:03:B5:8A:27:51:C5:4A:A9:6E:26:7A:D9:FF
Certificate issuer: /CN=33c342c06aacc359d39439ff58defa8ea1875748
Certificate serial: 018CC500BBC4E228175DCA5DCC31A4543450
Authority key identifier: 33:C3:42:C0:6A:AC:C3:59:D3:94:39:FF:58:DE:FA:8E:A1:87:57:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M8NCwGqsw1nTlDn_WN76jqGHV0g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/ND-2T-TXVgO1iidRxUqpbiZ62f8.roa
Signing time: Mon 01 Jan 2024 12:30:08 +0000
ROA not before: Mon 01 Jan 2024 12:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198350
IP address blocks: 109.236.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/M8NCwGqsw1nTlDn_WN76jqGHV0g.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/M8NCwGqsw1nTlDn_WN76jqGHV0g.mft
rsync://rpki.ripe.net/repository/DEFAULT/M8NCwGqsw1nTlDn_WN76jqGHV0g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 12:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:bb:c4:e2:28:17:5d:ca:5d:cc:31:a4:54:34:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33c342c06aacc359d39439ff58defa8ea1875748
Validity
Not Before: Jan 1 12:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=343fb64fe4d75603b58a2751c54aa96e267ad9ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ad:69:e5:df:16:4d:34:00:8e:ec:70:ff:a2:
8b:6b:e0:16:ec:09:f2:21:48:33:a9:ce:43:59:48:
d2:0b:c3:dd:8e:9e:51:8b:9c:82:0f:ba:02:33:21:
16:fb:5a:13:33:b5:66:91:b1:96:e2:63:9b:36:a1:
9b:94:c1:be:58:67:ff:26:6f:3b:13:e8:f3:90:c7:
d9:22:c3:d4:84:e4:13:2a:23:10:fa:bd:47:79:f6:
f9:4c:57:fd:65:c0:e5:50:27:e6:b7:a9:ff:c2:af:
f2:0b:f9:f4:33:b4:a3:2b:99:df:14:1e:b7:dc:03:
5b:2b:34:50:3c:d6:7c:98:da:ef:1e:50:41:27:e3:
35:bf:e6:7f:db:ec:a2:7e:45:28:d7:24:07:40:2d:
ec:87:a3:8f:03:64:8c:06:93:c6:b5:02:ec:f5:ef:
1b:05:e8:6f:bc:81:b6:7c:13:d8:11:d5:c5:84:ae:
23:16:f1:0f:ec:64:59:98:5a:c4:ef:ae:a4:10:91:
c6:e9:fd:91:b0:51:33:7a:d1:cc:c0:c4:7e:64:31:
9e:bd:88:5a:5f:3d:26:5b:62:a2:64:ea:1e:e3:0c:
bf:42:7a:b6:1e:2e:c5:1e:6f:b5:c3:00:7f:75:26:
fa:cf:d9:cb:ca:18:78:81:97:d1:3b:27:93:ad:85:
4c:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:3F:B6:4F:E4:D7:56:03:B5:8A:27:51:C5:4A:A9:6E:26:7A:D9:FF
X509v3 Authority Key Identifier:
keyid:33:C3:42:C0:6A:AC:C3:59:D3:94:39:FF:58:DE:FA:8E:A1:87:57:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M8NCwGqsw1nTlDn_WN76jqGHV0g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/ND-2T-TXVgO1iidRxUqpbiZ62f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/M8NCwGqsw1nTlDn_WN76jqGHV0g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.247.0/24
Signature Algorithm: sha256WithRSAEncryption
20:58:e3:49:96:97:66:7c:79:78:ce:75:21:71:b4:3f:79:06:
74:d1:47:55:a4:42:da:9c:10:7c:1f:f2:ad:e5:e1:f5:95:61:
41:e8:da:8f:3a:01:7a:25:b5:d9:3f:2c:47:d6:8d:cd:71:7a:
2e:5e:50:b6:52:11:5a:44:8e:16:ba:8f:f2:54:bd:a7:03:7a:
ba:26:da:ed:54:2b:a0:ce:a6:5c:4b:90:af:8c:49:ae:a2:a9:
4a:ce:fc:7d:eb:52:7f:cf:64:ec:6b:27:d7:fe:33:6d:54:52:
c0:f8:3c:92:42:cd:f7:bb:0d:90:ea:fd:cf:77:99:20:b0:f5:
b3:c4:37:cc:9b:34:a4:29:00:4f:a6:5a:8d:31:d2:0c:2a:8f:
bb:7d:5a:94:47:ea:f5:82:eb:0d:9d:ee:34:ad:1c:93:8e:6d:
be:af:38:97:bc:ac:90:29:bc:4f:54:06:3e:6d:19:25:6a:32:
87:1d:a2:6c:43:b4:8f:87:da:5b:e8:d0:9a:42:00:4a:28:68:
54:2d:46:6b:fa:a0:f5:92:68:2f:01:94:a9:c6:db:4d:62:23:
cf:28:6f:a4:56:ee:d0:24:ea:50:24:33:e8:ec:2e:7d:8d:9e:
29:94:bd:ed:8e:22:0c:ec:24:a5:5d:d1:41:77:46:90:ff:49:
a1:a0:cd:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFALvE4igXXcpdzDGkVDRQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzYzM0MmMwNmFhY2MzNTlkMzk0MzlmZjU4ZGVmYThlYTE4
NzU3NDgwHhcNMjQwMTAxMTIzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDNmYjY0ZmU0ZDc1NjAzYjU4YTI3NTFjNTRhYTk2ZTI2N2FkOWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAza1p5d8WTTQAjuxw/6KLa+AW7Any
IUgzqc5DWUjSC8Pdjp5Ri5yCD7oCMyEW+1oTM7VmkbGW4mObNqGblMG+WGf/Jm87
E+jzkMfZIsPUhOQTKiMQ+r1Hefb5TFf9ZcDlUCfmt6n/wq/yC/n0M7SjK5nfFB63
3ANbKzRQPNZ8mNrvHlBBJ+M1v+Z/2+yifkUo1yQHQC3sh6OPA2SMBpPGtQLs9e8b
BehvvIG2fBPYEdXFhK4jFvEP7GRZmFrE766kEJHG6f2RsFEzetHMwMR+ZDGevYha
Xz0mW2KiZOoe4wy/Qnq2Hi7FHm+1wwB/dSb6z9nLyhh4gZfROyeTrYVMyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDQ/tk/k11YDtYonUcVKqW4metn/MB8GA1UdIwQY
MBaAFDPDQsBqrMNZ05Q5/1je+o6hh1dIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTThOQ3dHcXN3MW5UbERuX1dONzZqcUdIVjBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9jNTVmZGYtYTY4YS00YWEwLWI4YzUt
N2YyMzMzNjA0OTk3LzEvTkQtMlQtVFhWZ08xaWlkUnhVcXBiaVo2MmY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9jNTVmZGYtYTY4YS00YWEwLWI4YzUtN2YyMzMzNjA0OTk3
LzEvTThOQ3dHcXN3MW5UbERuX1dONzZqcUdIVjBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbez3MA0G
CSqGSIb3DQEBCwUAA4IBAQAgWONJlpdmfHl4znUhcbQ/eQZ00UdVpELanBB8H/Kt
5eH1lWFB6NqPOgF6JbXZPyxH1o3NcXouXlC2UhFaRI4Wuo/yVL2nA3q6JtrtVCug
zqZcS5CvjEmuoqlKzvx961J/z2TsayfX/jNtVFLA+DySQs33uw2Q6v3Pd5kgsPWz
xDfMmzSkKQBPplqNMdIMKo+7fVqUR+r1gusNne40rRyTjm2+rziXvKyQKbxPVAY+
bRklajKHHaJsQ7SPh9pb6NCaQgBKKGhULUZr+qD1kmgvAZSpxttNYiPPKG+kVu7Q
JOpQJDPo7C59jZ4plL3tjiIM7CSlXdFBd0aQ/0mhoM08
-----END CERTIFICATE-----
Generated at Sun Jun 23 19:07:46 2024 by rpki-client on console-fra.rpki-client.org