Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nT21BlgG2-Poudu2bObtqtFshcA.roa
File: nT21BlgG2-Poudu2bObtqtFshcA.roa (raw, json)
Hash identifier: dLRFDp5g0fEuY1S/e27NZVYSxh/4Dh5Otuu5MSQ1mqI=
Subject key identifier: 9D:3D:B5:06:58:06:DB:E3:E8:B9:DB:B6:6C:E6:ED:AA:D1:6C:85:C0
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019091896451A1C3E012C1D8AE2909E06B74
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nT21BlgG2-Poudu2bObtqtFshcA.roa
Signing time: Mon 08 Jul 2024 08:50:18 +0000
ROA not before: Mon 08 Jul 2024 08:50:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48314
IP address blocks: 192.124.178.0/24 maxlen: 24
195.133.54.0/24 maxlen: 24
195.133.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Oct 2024 22:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:91:89:64:51:a1:c3:e0:12:c1:d8:ae:29:09:e0:6b:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 8 08:50:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d3db5065806dbe3e8b9dbb66ce6edaad16c85c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:b3:35:12:ae:d8:2e:13:c0:f1:7d:76:13:ce:
50:07:4b:65:63:7f:14:47:70:20:32:0b:90:4b:db:
9e:e9:7a:22:f9:62:b8:6f:c2:ca:b2:45:e9:a9:3e:
54:41:79:e4:b9:50:2e:04:5f:bc:08:cb:1b:b7:bb:
f0:1d:0f:2a:27:a8:31:5d:c8:c1:f7:42:20:f4:e1:
d8:16:90:12:c2:29:95:6b:bc:bd:e8:f0:05:55:c4:
33:44:ab:4e:e0:bc:6f:89:bc:d9:27:6d:92:03:b8:
56:b8:fe:60:3c:76:34:72:63:8d:a6:74:77:46:a7:
a9:b8:c8:da:30:c6:12:20:92:f2:7e:40:4b:28:76:
bd:4f:af:01:2c:87:f0:43:f3:25:3c:49:4b:6a:38:
b0:42:bd:ff:df:8e:5a:0f:54:66:14:51:1f:26:77:
53:e7:92:e6:be:2c:21:a0:05:cf:2b:fb:f0:36:47:
b6:5b:76:ae:ba:56:04:76:f5:98:a8:61:19:02:d1:
51:46:ba:80:d6:34:41:22:9a:6f:2a:a9:06:6d:d2:
41:24:fa:91:71:60:af:93:95:81:da:23:17:16:1b:
cc:95:53:6d:d9:bb:ba:ce:bb:63:0d:e4:ce:73:47:
5f:e0:92:fa:2d:cb:c0:c7:92:af:c2:cb:d7:c9:e1:
60:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:3D:B5:06:58:06:DB:E3:E8:B9:DB:B6:6C:E6:ED:AA:D1:6C:85:C0
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/nT21BlgG2-Poudu2bObtqtFshcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
195.133.54.0/24
195.133.74.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:d9:45:72:c1:bf:60:c7:68:ed:f1:6b:78:c6:5b:21:87:85:
9d:b8:89:3e:b4:16:60:76:0c:c8:6b:48:40:da:ea:fb:f1:fd:
e3:66:aa:8b:31:4a:26:ba:49:a9:3b:af:92:d8:1f:d2:cd:3e:
1e:97:c6:6c:34:ca:4a:da:3c:7e:ee:bd:f2:c5:b7:e2:38:05:
30:d0:91:c0:1f:08:05:ce:e6:68:2b:69:53:a8:f3:93:b1:ad:
a3:1e:e9:04:7c:be:3d:ff:18:f5:dd:cd:21:85:e8:7e:01:8e:
09:08:e3:5c:93:fa:ea:f8:7e:fc:d0:8d:46:cb:6d:fd:f1:20:
3e:90:d4:f9:db:e4:10:45:28:b6:ef:42:87:e1:9d:50:33:74:
15:00:b1:0a:d1:89:33:51:ea:97:ca:4a:02:f4:39:e3:26:81:
4c:8b:ec:ab:1f:c3:a2:3e:ae:d8:67:13:fd:ce:4d:b0:9d:b0:
67:84:55:79:72:6f:c3:97:f2:d1:7a:65:27:f0:43:ac:05:c6:
5c:dc:dd:6d:59:c3:85:27:3b:71:aa:cc:42:fe:fc:d1:e0:b8:
24:74:3a:a9:23:4b:1f:dc:4d:84:30:5c:86:43:a9:4b:0e:8c:
84:df:d8:be:88:e5:dd:6c:44:93:3f:fc:9a:bc:89:6d:4b:9f:
23:25:cb:6e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZCRiWRRocPgEsHYrikJ4Gt0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNzA4MDg1MDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDNkYjUwNjU4MDZkYmUzZThiOWRiYjY2Y2U2ZWRhYWQxNmM4NWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbM1Eq7YLhPA8X12E85QB0tlY38U
R3AgMguQS9ue6Xoi+WK4b8LKskXpqT5UQXnkuVAuBF+8CMsbt7vwHQ8qJ6gxXcjB
90Ig9OHYFpASwimVa7y96PAFVcQzRKtO4LxvibzZJ22SA7hWuP5gPHY0cmONpnR3
RqepuMjaMMYSIJLyfkBLKHa9T68BLIfwQ/MlPElLajiwQr3/345aD1RmFFEfJndT
55LmviwhoAXPK/vwNke2W3auulYEdvWYqGEZAtFRRrqA1jRBIppvKqkGbdJBJPqR
cWCvk5WB2iMXFhvMlVNt2bu6zrtjDeTOc0df4JL6LcvAx5KvwsvXyeFgCwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ09tQZYBtvj6Lnbtmzm7arRbIXAMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvblQyMUJsZ0cyLVBvdWR1MmJPYnRxdEZzaGNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwHyyAwQA
w4U2AwQAw4VKMA0GCSqGSIb3DQEBCwUAA4IBAQBa2UVywb9gx2jt8Wt4xlshh4Wd
uIk+tBZgdgzIa0hA2ur78f3jZqqLMUomukmpO6+S2B/SzT4el8ZsNMpK2jx+7r3y
xbfiOAUw0JHAHwgFzuZoK2lTqPOTsa2jHukEfL49/xj13c0hheh+AY4JCONck/rq
+H780I1Gy2398SA+kNT52+QQRSi270KH4Z1QM3QVALEK0YkzUeqXykoC9DnjJoFM
i+yrH8OiPq7YZxP9zk2wnbBnhFV5cm/Dl/LRemUn8EOsBcZc3N1tWcOFJztxqsxC
/vzR4LgkdDqpI0sf3E2EMFyGQ6lLDoyE39i+iOXdbESTP/yavIltS58jJctu
-----END CERTIFICATE-----
Generated at Tue Oct 15 03:26:42 2024 by rpki-client on console-fra.rpki-client.org