Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/n-Va9du71H74BI0Azy1rrrSNYvM.roa
File: n-Va9du71H74BI0Azy1rrrSNYvM.roa (raw, json)
Hash identifier: A7l1XW8d6bmVYB4gKJq504Mu6AFYxxabr+CcIN0Wq4I=
Subject key identifier: 9F:E5:5A:F5:DB:BB:D4:7E:F8:04:8D:00:CF:2D:6B:AE:B4:8D:62:F3
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CCA2A88CFBA58786D7ACE9EC2C1C685E6
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/n-Va9du71H74BI0Azy1rrrSNYvM.roa
Signing time: Tue 02 Jan 2024 12:33:54 +0000
ROA not before: Tue 02 Jan 2024 12:33:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206446
IP address blocks: 194.87.211.0/24 maxlen: 24
195.133.95.0/24 maxlen: 24
195.133.33.0/24 maxlen: 24
194.87.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:46:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:88:cf:ba:58:78:6d:7a:ce:9e:c2:c1:c6:85:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 12:33:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9fe55af5dbbbd47ef8048d00cf2d6baeb48d62f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:3b:b6:7f:8e:7f:4c:52:f4:63:2c:af:9a:ac:
28:55:5d:1d:27:e4:62:4e:6f:a6:f1:6e:1e:5b:6b:
7c:12:ae:0e:ac:a0:e4:21:11:f9:ac:4d:a0:04:7a:
5b:eb:8a:0e:9a:71:52:10:1a:35:19:52:e0:80:3f:
0b:b0:85:a1:7b:5b:80:b5:98:b6:9c:65:0e:2f:bb:
82:28:cb:f9:c9:4e:ac:86:2e:62:50:7e:4c:61:0a:
b7:55:a2:92:52:68:a7:c8:0a:25:64:5c:df:c0:00:
03:42:a4:8b:dd:23:b5:4b:32:f1:4b:8c:99:bd:b6:
ff:01:92:0b:30:a2:38:a3:69:56:34:79:9e:47:e3:
9b:e9:eb:d5:8b:ef:6a:90:a9:3e:41:aa:2a:1a:ed:
d6:7b:14:0b:e2:4d:4b:b4:6b:96:f2:ac:ba:dd:7a:
7c:af:2d:31:26:5b:aa:b3:08:56:7b:32:5a:2f:67:
4e:a7:64:2a:4d:d6:58:16:86:30:74:78:41:00:38:
78:dd:75:ee:6b:2d:26:2c:ea:3c:7e:e5:64:56:79:
2b:cb:7d:0f:41:e1:89:e5:64:41:d6:54:b0:9c:08:
b3:03:d8:db:d6:9f:f5:4f:7f:47:38:19:66:02:57:
f7:1a:0f:77:8e:58:4b:20:5d:c8:56:b2:47:7f:3c:
50:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:E5:5A:F5:DB:BB:D4:7E:F8:04:8D:00:CF:2D:6B:AE:B4:8D:62:F3
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/n-Va9du71H74BI0Azy1rrrSNYvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.183.0/24
194.87.211.0/24
195.133.33.0/24
195.133.95.0/24
Signature Algorithm: sha256WithRSAEncryption
92:9f:62:59:b9:26:3e:a7:9f:32:b9:d4:39:c8:21:01:3c:4f:
c0:fa:1f:24:90:75:4b:30:0a:d7:45:24:d2:ee:ac:7b:92:e0:
d4:57:18:33:06:d5:d4:58:f7:5b:df:26:40:da:67:04:99:f9:
bd:10:1f:c3:dd:e9:e1:36:5d:c7:be:f5:7e:38:aa:67:21:35:
77:c7:47:67:e2:ed:50:a1:04:ac:87:de:6b:56:b3:ad:a8:bf:
34:ab:b8:ac:19:3e:0e:fd:ef:33:d0:42:ec:1f:81:93:4c:27:
30:4f:9c:94:7f:d3:dc:fe:de:59:0a:f3:d2:f1:20:14:cf:a8:
31:15:06:2a:f5:27:0a:0a:57:4f:0a:50:16:6a:f7:64:e8:67:
57:5f:1a:4b:2b:63:60:01:0c:c1:9c:4f:38:46:b7:8a:28:7d:
21:b3:85:5c:d6:2b:8c:19:3e:d3:94:8e:ac:2f:93:46:6f:93:
e6:51:30:f1:5f:5a:16:5d:d2:c9:66:de:91:cc:4a:c1:54:2f:
78:e0:34:b4:48:2a:66:c3:a9:71:43:97:97:f5:79:eb:e6:5d:
cc:03:ab:0b:9b:c2:c7:79:fe:6e:77:da:3c:50:31:0f:1b:77:
62:33:54:e2:53:23:ac:2f:9e:08:b8:e2:02:70:62:a9:48:d1:
6d:ec:8e:13
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzKKojPulh4bXrOnsLBxoXmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMTIzMzU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmU1NWFmNWRiYmJkNDdlZjgwNDhkMDBjZjJkNmJhZWI0OGQ2MmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDu2f45/TFL0YyyvmqwoVV0dJ+Ri
Tm+m8W4eW2t8Eq4OrKDkIRH5rE2gBHpb64oOmnFSEBo1GVLggD8LsIWhe1uAtZi2
nGUOL7uCKMv5yU6shi5iUH5MYQq3VaKSUminyAolZFzfwAADQqSL3SO1SzLxS4yZ
vbb/AZILMKI4o2lWNHmeR+Ob6evVi+9qkKk+QaoqGu3WexQL4k1LtGuW8qy63Xp8
ry0xJluqswhWezJaL2dOp2QqTdZYFoYwdHhBADh43XXuay0mLOo8fuVkVnkry30P
QeGJ5WRB1lSwnAizA9jb1p/1T39HOBlmAlf3Gg93jlhLIF3IVrJHfzxQYQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJ/lWvXbu9R++ASNAM8ta660jWLzMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbi1WYTlkdTcxSDc0QkkwQXp5MXJyclNOWXZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwle3AwQA
wlfTAwQAw4UhAwQAw4VfMA0GCSqGSIb3DQEBCwUAA4IBAQCSn2JZuSY+p58yudQ5
yCEBPE/A+h8kkHVLMArXRSTS7qx7kuDUVxgzBtXUWPdb3yZA2mcEmfm9EB/D3enh
Nl3HvvV+OKpnITV3x0dn4u1QoQSsh95rVrOtqL80q7isGT4O/e8z0ELsH4GTTCcw
T5yUf9Pc/t5ZCvPS8SAUz6gxFQYq9ScKCldPClAWavdk6GdXXxpLK2NgAQzBnE84
RreKKH0hs4Vc1iuMGT7TlI6sL5NGb5PmUTDxX1oWXdLJZt6RzErBVC944DS0SCpm
w6lxQ5eX9Xnr5l3MA6sLm8LHef5ud9o8UDEPG3diM1TiUyOsL54IuOICcGKpSNFt
7I4T
-----END CERTIFICATE-----
Generated at Fri May 17 21:11:07 2024 by rpki-client on console-ams.rpki-client.org