Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/N7xg8paEcEEQHj_ny7jaTRXPCto.roa
File: N7xg8paEcEEQHj_ny7jaTRXPCto.roa (raw, json)
Hash identifier: kubruKqxfa8TJLS99UXOG9bvj5jllZwkBxjgakdkg4U=
Subject key identifier: 37:BC:60:F2:96:84:70:41:10:1E:3F:E7:CB:B8:DA:4D:15:CF:0A:DA
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0192AD63E2B98F605675CE4B0D053D3A2EEC
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/N7xg8paEcEEQHj_ny7jaTRXPCto.roa
Signing time: Mon 21 Oct 2024 04:44:17 +0000
ROA not before: Mon 21 Oct 2024 04:44:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214417
IP address blocks: 94.156.179.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ad:63:e2:b9:8f:60:56:75:ce:4b:0d:05:3d:3a:2e:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 21 04:44:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=37bc60f296847041101e3fe7cbb8da4d15cf0ada
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:36:df:a9:f9:62:5f:6d:a0:81:3d:48:2d:58:
b3:cb:72:80:7e:3a:74:18:e1:4f:8d:07:c1:bb:32:
15:e7:9e:c0:ee:2b:aa:87:f5:53:e4:92:77:32:80:
75:f4:a1:d3:a3:4e:fb:16:11:ea:ae:30:cc:f0:ae:
bc:85:81:23:43:94:ef:0e:62:68:46:90:cd:e4:2e:
c4:1d:58:c4:30:96:00:59:e8:b9:11:e5:bc:46:e7:
5c:11:a1:95:ab:23:59:18:30:1d:f0:33:72:0c:36:
43:e3:7f:07:65:c8:26:9e:03:d9:b7:59:88:72:d4:
eb:f6:31:88:bd:76:85:06:ab:0c:6a:b2:d8:97:18:
fe:6c:e8:5b:de:c8:33:bc:c9:53:6f:66:42:8c:d5:
18:b2:5c:18:4e:96:1d:99:b3:4d:86:7c:5b:59:a5:
66:9d:8e:21:31:f1:e7:be:89:95:5a:81:ec:41:44:
5a:7f:53:9a:a4:85:6e:f5:9e:f1:a3:5f:2b:e1:a8:
e3:0a:2e:85:70:b9:8e:39:2a:67:8f:6d:a2:5d:06:
5c:10:80:5b:e6:98:2e:f0:a3:a6:27:35:a1:d8:c5:
58:48:53:5b:5f:09:aa:f0:b4:53:95:69:60:4d:9c:
97:d6:6f:dc:ca:2c:55:0b:40:36:95:a1:8e:e8:83:
b2:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:BC:60:F2:96:84:70:41:10:1E:3F:E7:CB:B8:DA:4D:15:CF:0A:DA
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/N7xg8paEcEEQHj_ny7jaTRXPCto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.156.179.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:b4:07:57:71:09:97:07:56:80:92:3d:13:f7:40:7a:16:e6:
a7:62:7f:d8:7f:ca:78:d7:98:c0:86:0e:7e:80:61:ca:a8:bc:
c5:00:fd:11:8d:87:86:88:b6:21:3e:81:7e:2a:ee:66:0a:85:
a0:cc:87:01:0d:b2:45:27:ed:5d:ee:4c:12:da:79:df:f7:c1:
37:06:dd:cf:e5:cf:1c:96:53:07:6d:37:ef:f4:bd:5a:9c:9e:
12:63:2a:ea:d8:90:61:c1:99:db:07:c6:ff:4e:ff:82:e9:48:
88:eb:53:a9:26:28:df:77:de:e6:74:50:87:60:24:54:a1:4c:
11:37:82:e3:44:77:2c:e9:40:54:2e:4f:e2:07:5e:89:f5:be:
35:e3:a3:72:d4:21:10:96:13:ce:a7:a4:78:f3:7b:5d:c3:2d:
4b:f4:b7:09:b2:73:6b:a9:e5:cb:02:e2:e6:42:72:21:f5:a8:
9c:9f:b8:26:36:a6:63:ec:bc:16:93:45:f2:2c:03:38:76:a4:
e1:76:8d:ca:4e:98:0e:9b:31:ee:58:44:75:63:f5:39:de:c7:
62:bd:cd:b5:66:25:b4:bd:42:dd:a8:30:a5:da:e4:41:fc:3f:
4a:d4:e7:0d:46:d0:2e:10:99:e3:7d:99:e6:1a:bb:18:5d:18:
da:44:ce:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKtY+K5j2BWdc5LDQU9Oi7sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMDIxMDQ0NDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2JjNjBmMjk2ODQ3MDQxMTAxZTNmZTdjYmI4ZGE0ZDE1Y2YwYWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDbfqfliX22ggT1ILVizy3KAfjp0
GOFPjQfBuzIV557A7iuqh/VT5JJ3MoB19KHTo077FhHqrjDM8K68hYEjQ5TvDmJo
RpDN5C7EHVjEMJYAWei5EeW8RudcEaGVqyNZGDAd8DNyDDZD438HZcgmngPZt1mI
ctTr9jGIvXaFBqsMarLYlxj+bOhb3sgzvMlTb2ZCjNUYslwYTpYdmbNNhnxbWaVm
nY4hMfHnvomVWoHsQURaf1OapIVu9Z7xo18r4ajjCi6FcLmOOSpnj22iXQZcEIBb
5pgu8KOmJzWh2MVYSFNbXwmq8LRTlWlgTZyX1m/cyixVC0A2laGO6IOyWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDe8YPKWhHBBEB4/58u42k0VzwraMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTjd4ZzhwYUVjRUVRSGpfbnk3amFUUlhQQ3RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXpyzMA0G
CSqGSIb3DQEBCwUAA4IBAQAqtAdXcQmXB1aAkj0T90B6FuanYn/Yf8p415jAhg5+
gGHKqLzFAP0RjYeGiLYhPoF+Ku5mCoWgzIcBDbJFJ+1d7kwS2nnf98E3Bt3P5c8c
llMHbTfv9L1anJ4SYyrq2JBhwZnbB8b/Tv+C6UiI61OpJijfd97mdFCHYCRUoUwR
N4LjRHcs6UBULk/iB16J9b4146Ny1CEQlhPOp6R483tdwy1L9LcJsnNrqeXLAuLm
QnIh9aicn7gmNqZj7LwWk0XyLAM4dqThdo3KTpgOmzHuWER1Y/U53sdivc21ZiW0
vULdqDCl2uRB/D9K1OcNRtAuEJnjfZnmGrsYXRjaRM7F
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:15:16 2024 by rpki-client on console-ams.rpki-client.org