Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/nam681pBUC-hLpxtasMSXp9x1A0.roa
File: nam681pBUC-hLpxtasMSXp9x1A0.roa (raw, json)
Hash identifier: ywKIcUBQf76AAY6zBvOKqvcvrcb1Deqv3sjuC2xfBJc=
Subject key identifier: 9D:A9:BA:F3:5A:41:50:2F:A1:2E:9C:6D:6A:C3:12:5E:9F:71:D4:0D
Certificate issuer: /CN=02a962c1fe8e2e12a35576fd62987a0cbba463d4
Certificate serial: 018F3914353630CC0B78222EBD9024DE586F
Authority key identifier: 02:A9:62:C1:FE:8E:2E:12:A3:55:76:FD:62:98:7A:0C:BB:A4:63:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Aqliwf6OLhKjVXb9Yph6DLukY9Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/nam681pBUC-hLpxtasMSXp9x1A0.roa
Signing time: Thu 02 May 2024 11:32:56 +0000
ROA not before: Thu 02 May 2024 11:32:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211619
IP address blocks: 45.95.168.0/22 maxlen: 22
150.40.96.0/19 maxlen: 19
203.31.217.0/24 maxlen: 24
2a0e:bfc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/Aqliwf6OLhKjVXb9Yph6DLukY9Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/Aqliwf6OLhKjVXb9Yph6DLukY9Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/Aqliwf6OLhKjVXb9Yph6DLukY9Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 20:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:39:14:35:36:30:cc:0b:78:22:2e:bd:90:24:de:58:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02a962c1fe8e2e12a35576fd62987a0cbba463d4
Validity
Not Before: May 2 11:32:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9da9baf35a41502fa12e9c6d6ac3125e9f71d40d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a2:3c:95:4b:ef:24:1c:06:cc:80:08:15:56:
c1:9f:1a:b4:bf:f7:10:6c:d5:66:1b:1b:34:1e:5c:
ee:eb:05:4b:fa:06:14:bb:15:90:d0:bb:14:b5:5d:
05:52:00:c7:b4:05:1a:f5:df:c4:78:fe:55:2b:4f:
ae:54:e3:57:82:d7:ba:9b:69:38:bd:51:21:63:57:
55:40:a1:15:4e:d3:23:17:37:a8:b8:c9:30:8e:a9:
b2:04:a1:41:27:5f:b1:f5:d7:d7:f5:46:69:55:d3:
e7:47:d0:1f:70:9a:0d:e6:e0:6c:27:b4:b6:a0:38:
99:82:c5:31:95:4f:d2:48:67:db:01:5a:e5:f6:dc:
70:75:fc:cf:c2:4d:01:33:fa:2b:32:4b:27:76:db:
c8:48:3d:8b:a7:90:e0:dd:fe:08:0c:85:50:b1:61:
8a:24:a2:d5:9d:a4:15:bd:99:ec:c4:9f:36:d5:24:
0c:0a:79:b8:aa:ab:6b:57:56:ea:a3:1a:3a:b4:b9:
37:88:2b:7e:52:2b:61:44:d6:72:b6:b2:6b:bc:e5:
91:26:f9:4d:f1:05:a5:3f:0f:a0:b1:d7:6a:80:27:
fb:ce:36:2b:6d:ca:47:77:f1:05:51:ec:b1:86:8b:
5c:9d:23:98:e4:14:cc:e3:4f:18:c3:8f:73:c8:93:
03:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:A9:BA:F3:5A:41:50:2F:A1:2E:9C:6D:6A:C3:12:5E:9F:71:D4:0D
X509v3 Authority Key Identifier:
keyid:02:A9:62:C1:FE:8E:2E:12:A3:55:76:FD:62:98:7A:0C:BB:A4:63:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Aqliwf6OLhKjVXb9Yph6DLukY9Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/nam681pBUC-hLpxtasMSXp9x1A0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/Aqliwf6OLhKjVXb9Yph6DLukY9Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.168.0/22
150.40.96.0/19
203.31.217.0/24
IPv6:
2a0e:bfc0::/29
Signature Algorithm: sha256WithRSAEncryption
5c:39:58:0e:8f:95:53:e4:2f:bd:00:b3:f0:3c:8e:2a:44:13:
4f:0f:2c:7e:65:8a:c8:06:d8:e6:98:f5:eb:80:40:26:75:e4:
0e:44:7f:11:c5:e0:f1:80:cd:f1:72:01:b1:7b:94:2f:22:5e:
1d:2d:90:0a:ff:3a:88:19:d6:b7:27:13:5f:09:b3:7d:54:5e:
50:be:e8:7a:f5:64:2b:46:1d:b9:4a:80:ed:1f:94:47:e6:bf:
4b:6f:99:ab:e9:b3:18:98:95:28:03:f4:80:7d:42:cf:b1:8e:
a3:24:e1:f2:2d:a6:51:e7:72:9d:8f:d9:14:db:30:5e:10:26:
99:ca:e6:c8:61:54:16:95:62:70:fa:a2:bd:84:66:c1:34:0a:
e8:37:c5:f9:95:35:96:6a:56:89:b3:ee:85:7b:aa:48:1b:08:
a4:31:21:d1:ca:a1:ae:3c:2e:ae:47:2c:4c:f9:d7:e4:c6:9a:
d1:0d:2d:6d:18:5f:c5:af:b4:50:1a:a9:c9:0b:65:d2:5a:65:
29:49:31:78:6d:bd:35:d2:b7:a0:18:f6:42:74:84:ab:46:45:
50:90:98:53:bd:73:4c:a6:f5:63:cb:3e:70:05:94:b5:ea:81:
da:8b:3d:55:3a:97:f8:61:4c:84:be:db:a5:e0:0c:d0:a9:71:
63:e4:5b:6c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY85FDU2MMwLeCIuvZAk3lhvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYTk2MmMxZmU4ZTJlMTJhMzU1NzZmZDYyOTg3YTBjYmJh
NDYzZDQwHhcNMjQwNTAyMTEzMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGE5YmFmMzVhNDE1MDJmYTEyZTljNmQ2YWMzMTI1ZTlmNzFkNDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqI8lUvvJBwGzIAIFVbBnxq0v/cQ
bNVmGxs0Hlzu6wVL+gYUuxWQ0LsUtV0FUgDHtAUa9d/EeP5VK0+uVONXgte6m2k4
vVEhY1dVQKEVTtMjFzeouMkwjqmyBKFBJ1+x9dfX9UZpVdPnR9AfcJoN5uBsJ7S2
oDiZgsUxlU/SSGfbAVrl9txwdfzPwk0BM/orMksndtvISD2Lp5Dg3f4IDIVQsWGK
JKLVnaQVvZnsxJ821SQMCnm4qqtrV1bqoxo6tLk3iCt+UithRNZytrJrvOWRJvlN
8QWlPw+gsddqgCf7zjYrbcpHd/EFUeyxhotcnSOY5BTM408Yw49zyJMDAQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJ2puvNaQVAvoS6cbWrDEl6fcdQNMB8GA1UdIwQY
MBaAFAKpYsH+ji4So1V2/WKYegy7pGPUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXFsaXdmNk9MaEtqVlhiOVlwaDZETHVrWTlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jNjE3OWEtMTYwZC00MGUyLWFlODYt
N2QxMzQ5ODBjNWJlLzEvbmFtNjgxcEJVQy1oTHB4dGFzTVNYcDl4MUEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jNjE3OWEtMTYwZC00MGUyLWFlODYtN2QxMzQ5ODBjNWJl
LzEvQXFsaXdmNk9MaEtqVlhiOVlwaDZETHVrWTlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLV+oAwQF
lihgAwQAyx/ZMA0EAgACMAcDBQMqDr/AMA0GCSqGSIb3DQEBCwUAA4IBAQBcOVgO
j5VT5C+9ALPwPI4qRBNPDyx+ZYrIBtjmmPXrgEAmdeQORH8RxeDxgM3xcgGxe5Qv
Il4dLZAK/zqIGda3JxNfCbN9VF5Qvuh69WQrRh25SoDtH5RH5r9Lb5mr6bMYmJUo
A/SAfULPsY6jJOHyLaZR53Kdj9kU2zBeECaZyubIYVQWlWJw+qK9hGbBNAroN8X5
lTWWalaJs+6Fe6pIGwikMSHRyqGuPC6uRyxM+dfkxprRDS1tGF/Fr7RQGqnJC2XS
WmUpSTF4bb010regGPZCdISrRkVQkJhTvXNMpvVjyz5wBZS16oHaiz1VOpf4YUyE
vtul4AzQqXFj5Fts
-----END CERTIFICATE-----
Generated at Sun Jun 2 05:01:09 2024 by rpki-client on console-fra.rpki-client.org