Route Origin Authorization
$ rpki-client -vvf rpki.nellicus.net/repo/nellicus/1/3138352e3230342e31322e302f32332d3233203d3e203631393631.roa
File: 3138352e3230342e31322e302f32332d3233203d3e203631393631.roa (raw, json)
Hash identifier: 05KBv20ho05+9nNhARljl3KvN1w1xbUcP6YBmhidjZI=
Subject key identifier: 4C:DB:CA:54:5F:26:69:4A:F6:BF:EB:D0:A2:0C:97:62:75:1D:94:3C
Certificate issuer: /CN=4e9a6c18f349b395c31c33bb7f9b9f5817bde9a8
Certificate serial: 2BB590925DE9EE88ACE72FA69488B157A71CD658
Authority key identifier: 4E:9A:6C:18:F3:49:B3:95:C3:1C:33:BB:7F:9B:9F:58:17:BD:E9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TppsGPNJs5XDHDO7f5ufWBe96ag.cer
Subject info access: rsync://rpki.nellicus.net/repo/nellicus/1/3138352e3230342e31322e302f32332d3233203d3e203631393631.roa
Signing time: Mon 30 Dec 2024 07:27:45 +0000
ROA not before: Mon 30 Dec 2024 07:22:45 +0000
ROA not after: Mon 29 Dec 2025 07:27:45 +0000
asID: 61961
IP address blocks: 185.204.12.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.nellicus.net/repo/nellicus/1/4E9A6C18F349B395C31C33BB7F9B9F5817BDE9A8.crl
rsync://rpki.nellicus.net/repo/nellicus/1/4E9A6C18F349B395C31C33BB7F9B9F5817BDE9A8.mft
rsync://rpki.ripe.net/repository/DEFAULT/TppsGPNJs5XDHDO7f5ufWBe96ag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 22:02:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:b5:90:92:5d:e9:ee:88:ac:e7:2f:a6:94:88:b1:57:a7:1c:d6:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9a6c18f349b395c31c33bb7f9b9f5817bde9a8
Validity
Not Before: Dec 30 07:22:45 2024 GMT
Not After : Dec 29 07:27:45 2025 GMT
Subject: CN=4CDBCA545F26694AF6BFEBD0A20C9762751D943C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:4d:b4:d8:03:98:15:5d:3e:a6:30:1b:cc:34:
d4:84:ae:9c:a1:58:eb:d5:03:26:aa:99:50:3a:2b:
a3:4a:2b:8a:31:3f:e7:45:3a:60:ba:87:a5:67:01:
97:75:bf:da:fa:6d:31:ac:38:9b:ca:dc:8e:67:d9:
64:0b:8c:c4:93:f9:9c:d5:13:f9:1d:02:34:14:ae:
34:b1:15:83:3b:05:56:f1:82:8e:03:65:09:e4:f2:
59:a9:6f:a3:fd:51:83:01:7a:e9:4a:74:4e:93:30:
4a:0a:61:47:a6:7b:a6:b8:b4:f2:87:2d:2f:55:c3:
c7:72:39:70:1a:02:26:40:02:21:7e:69:c2:dd:31:
d4:fd:5d:a5:d0:c4:01:c7:54:61:4d:52:af:98:ef:
8b:41:5b:55:6c:a0:64:08:46:36:93:20:ad:28:82:
31:4a:8d:4e:c4:e4:ca:a2:4f:db:be:85:05:01:7b:
28:ba:a4:0d:af:81:47:c0:79:de:e8:ee:0b:48:82:
19:bd:89:dd:0d:2a:1a:bb:1e:ea:4b:51:67:ed:fe:
5a:db:e4:e0:2b:19:58:c9:45:4a:c5:ac:3d:dd:26:
d4:c7:42:77:f2:24:89:e0:d2:10:91:4d:86:64:d0:
26:57:ed:f0:9a:69:13:10:08:38:ef:3f:73:bd:20:
e2:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:DB:CA:54:5F:26:69:4A:F6:BF:EB:D0:A2:0C:97:62:75:1D:94:3C
X509v3 Authority Key Identifier:
keyid:4E:9A:6C:18:F3:49:B3:95:C3:1C:33:BB:7F:9B:9F:58:17:BD:E9:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.nellicus.net/repo/nellicus/1/4E9A6C18F349B395C31C33BB7F9B9F5817BDE9A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TppsGPNJs5XDHDO7f5ufWBe96ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.nellicus.net/repo/nellicus/1/3138352e3230342e31322e302f32332d3233203d3e203631393631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.12.0/23
Signature Algorithm: sha256WithRSAEncryption
06:9c:af:75:91:fe:b9:71:fe:c4:64:2e:99:90:dc:b0:99:6f:
00:75:e9:de:0e:94:cd:84:fe:ef:b8:f9:af:89:08:02:6a:bf:
61:8a:2c:4b:92:15:29:48:2a:ed:72:34:0b:55:f0:50:1f:03:
cc:f0:4e:d8:e8:dc:99:df:eb:08:31:93:89:e2:79:c7:c3:d8:
d1:39:a8:03:5f:9d:32:49:c1:cc:33:83:d4:66:95:3c:b1:81:
42:4f:10:bd:1d:27:b7:34:7a:b1:1e:1d:27:e5:1a:ee:66:cb:
cf:fa:63:e6:dc:ad:00:a7:7c:48:a1:25:86:30:05:1c:1e:5f:
a6:39:34:b1:98:18:d0:20:90:72:d4:fa:95:4d:a1:36:d0:52:
08:6b:7a:71:4f:96:a6:9b:a0:c5:85:41:3e:86:9e:32:45:da:
ab:c8:6e:a3:e5:20:8a:8e:7b:81:08:b3:6d:9e:80:2e:3f:f7:
5e:ca:78:48:9c:20:cd:3a:7a:de:3a:a9:85:e9:83:82:b0:2f:
8c:51:f7:ba:e4:a1:33:7c:e2:3d:e9:13:b0:09:fe:af:d8:b5:
54:61:88:e0:98:07:2f:32:5e:97:bc:d9:8a:2e:bd:04:e1:23:
cb:54:bb:4b:b3:fd:ce:21:c0:c6:6c:c0:33:da:45:69:0f:7a:
05:54:7a:04
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgIUK7WQkl3p7ois5y+mlIixV6cc1lgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5YTZjMThmMzQ5YjM5NWMzMWMzM2JiN2Y5YjlmNTgx
N2JkZTlhODAeFw0yNDEyMzAwNzIyNDVaFw0yNTEyMjkwNzI3NDVaMDMxMTAvBgNV
BAMTKDRDREJDQTU0NUYyNjY5NEFGNkJGRUJEMEEyMEM5NzYyNzUxRDk0M0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCTbTYA5gVXT6mMBvMNNSErpyh
WOvVAyaqmVA6K6NKK4oxP+dFOmC6h6VnAZd1v9r6bTGsOJvK3I5n2WQLjMST+ZzV
E/kdAjQUrjSxFYM7BVbxgo4DZQnk8lmpb6P9UYMBeulKdE6TMEoKYUeme6a4tPKH
LS9Vw8dyOXAaAiZAAiF+acLdMdT9XaXQxAHHVGFNUq+Y74tBW1VsoGQIRjaTIK0o
gjFKjU7E5MqiT9u+hQUBeyi6pA2vgUfAed7o7gtIghm9id0NKhq7HupLUWft/lrb
5OArGVjJRUrFrD3dJtTHQnfyJIng0hCRTYZk0CZX7fCaaRMQCDjvP3O9IOIrAgMB
AAGjggHhMIIB3TAdBgNVHQ4EFgQUTNvKVF8maUr2v+vQogyXYnUdlDwwHwYDVR0j
BBgwFoAUTppsGPNJs5XDHDO7f5ufWBe96agwDgYDVR0PAQH/BAQDAgeAMGcGA1Ud
HwRgMF4wXKBaoFiGVnJzeW5jOi8vcnBraS5uZWxsaWN1cy5uZXQvcmVwby9uZWxs
aWN1cy8xLzRFOUE2QzE4RjM0OUIzOTVDMzFDMzNCQjdGOUI5RjU4MTdCREU5QTgu
Y3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJp
cGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9UcHBzR1BOSnM1WERIRE83ZjV1ZldC
ZTk2YWcuY2VyMIGABggrBgEFBQcBCwR0MHIwcAYIKwYBBQUHMAuGZHJzeW5jOi8v
cnBraS5uZWxsaWN1cy5uZXQvcmVwby9uZWxsaWN1cy8xLzMxMzgzNTJlMzIzMDM0
MmUzMTMyMmUzMDJmMzIzMzJkMzIzMzIwM2QzZTIwMzYzMTM5MzYzMS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAbnMDDANBgkqhkiG9w0BAQsFAAOCAQEABpyvdZH+uXH+xGQumZDcsJlvAHXp
3g6UzYT+77j5r4kIAmq/YYosS5IVKUgq7XI0C1XwUB8DzPBO2Ojcmd/rCDGTieJ5
x8PY0TmoA1+dMknBzDOD1GaVPLGBQk8QvR0ntzR6sR4dJ+Ua7mbLz/pj5tytAKd8
SKElhjAFHB5fpjk0sZgY0CCQctT6lU2hNtBSCGt6cU+WppugxYVBPoaeMkXaq8hu
o+Ugio57gQizbZ6ALj/3Xsp4SJwgzTp63jqphemDgrAvjFH3uuShM3ziPekTsAn+
r9i1VGGI4JgHLzJel7zZii69BOEjy1S7S7P9ziHAxmzAM9pFaQ96BVR6BA==
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:46:50 2025 by rpki-client