Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/nBp_v8T5wszkemUAArOT71RrclM.roa
File: nBp_v8T5wszkemUAArOT71RrclM.roa (raw, json)
Hash identifier: /fXk2ISk9rtrwllExaI5SICYsMMs5Lm+kXTmbeGqoGk=
Subject key identifier: 9C:1A:7F:BF:C4:F9:C2:CC:E4:7A:65:00:02:B3:93:EF:54:6B:72:53
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018E99679142E935B03C910C1E696115E902
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/nBp_v8T5wszkemUAArOT71RrclM.roa
Signing time: Mon 01 Apr 2024 11:24:45 +0000
ROA not before: Mon 01 Apr 2024 11:24:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197715
IP address blocks: 81.161.236.0/24 maxlen: 24
92.119.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 00:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:99:67:91:42:e9:35:b0:3c:91:0c:1e:69:61:15:e9:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 1 11:24:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c1a7fbfc4f9c2cce47a650002b393ef546b7253
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d4:1b:83:ac:da:08:c7:8b:35:d1:ba:5a:5e:
9a:05:b1:0a:fb:8e:69:36:22:43:fd:05:ed:82:db:
05:15:d1:e5:64:64:e5:ce:36:43:08:ce:26:74:d1:
69:6e:3b:c1:36:05:6d:63:3a:c7:84:16:21:8e:11:
ce:b5:8d:bf:71:64:34:3b:89:a1:41:73:5f:a7:22:
87:d8:ee:35:74:d2:41:ce:43:03:6f:b2:03:b5:1a:
9c:b7:84:42:5e:fc:75:8e:02:4f:6f:41:4c:8a:f0:
9d:27:30:cc:bb:d2:cb:a9:2e:fd:fc:16:a7:84:d5:
b9:50:04:49:ff:28:20:32:0a:0a:8b:29:55:c6:c2:
6a:08:be:57:ed:9b:66:da:0a:0d:4a:ec:f9:d8:1a:
1d:9e:33:e6:ff:a3:f0:af:90:d2:ba:8b:fe:57:09:
55:7b:3d:cd:91:8c:7d:c1:17:f4:2f:52:51:1d:88:
75:f1:f0:f0:4d:4f:a7:6d:67:37:37:f9:dd:1b:bd:
32:33:66:a3:11:30:65:10:79:1d:8f:19:87:3c:08:
ff:c4:67:3b:97:95:9e:f1:82:e0:2f:bc:d6:dd:3c:
84:3f:3f:f0:8c:32:b0:4a:7a:fc:8b:0a:15:bc:e6:
74:d0:95:e2:21:6a:ef:94:b2:2f:c5:76:34:34:38:
b2:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:1A:7F:BF:C4:F9:C2:CC:E4:7A:65:00:02:B3:93:EF:54:6B:72:53
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/nBp_v8T5wszkemUAArOT71RrclM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.236.0/24
92.119.199.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:eb:b7:de:06:54:9b:db:40:c0:b3:63:33:14:d2:28:34:09:
3a:a5:a5:1e:04:ba:dd:7d:96:a2:5c:1b:e7:d9:55:b8:b9:09:
c9:94:03:a4:40:d9:f1:e8:52:de:dd:2f:95:e8:96:ca:1e:24:
82:0f:85:35:98:76:74:93:1a:1c:b9:9c:75:bc:93:2d:81:de:
e4:2c:ad:2f:43:74:99:1c:b5:4d:c2:76:ae:93:ab:52:9d:a5:
f2:93:e2:4e:cb:b4:e0:79:e9:0e:63:9f:0b:f7:2c:31:4a:d3:
55:84:d9:83:d1:e7:56:2d:b2:f9:00:5b:4e:50:db:86:97:9f:
b2:73:97:cf:1c:14:cb:bc:b5:8c:e1:05:ec:3b:33:83:97:71:
57:6f:2a:2f:69:e3:c7:b6:69:12:69:69:d1:97:a9:29:8b:ff:
09:f6:9f:23:10:3f:6a:2b:48:f8:dd:cc:36:2e:21:a5:c2:2c:
84:88:f0:8f:df:ca:14:98:a2:0a:46:6d:92:cb:62:85:b1:77:
bf:1a:53:9a:81:6f:25:46:7f:85:91:ee:73:5c:77:b7:6d:8d:
b1:82:8a:73:7f:bb:94:a4:39:5f:31:15:bb:5f:03:b7:45:3c:
7b:22:e3:cd:41:b9:af:8f:20:23:bf:66:e1:1d:27:83:aa:eb:
1d:1e:90:04
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6ZZ5FC6TWwPJEMHmlhFekCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNDAxMTEyNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzFhN2ZiZmM0ZjljMmNjZTQ3YTY1MDAwMmIzOTNlZjU0NmI3MjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9Qbg6zaCMeLNdG6Wl6aBbEK+45p
NiJD/QXtgtsFFdHlZGTlzjZDCM4mdNFpbjvBNgVtYzrHhBYhjhHOtY2/cWQ0O4mh
QXNfpyKH2O41dNJBzkMDb7IDtRqct4RCXvx1jgJPb0FMivCdJzDMu9LLqS79/Ban
hNW5UARJ/yggMgoKiylVxsJqCL5X7Ztm2goNSuz52BodnjPm/6Pwr5DSuov+VwlV
ez3NkYx9wRf0L1JRHYh18fDwTU+nbWc3N/ndG70yM2ajETBlEHkdjxmHPAj/xGc7
l5We8YLgL7zW3TyEPz/wjDKwSnr8iwoVvOZ00JXiIWrvlLIvxXY0NDiyFQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJwaf7/E+cLM5HplAAKzk+9Ua3JTMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbkJwX3Y4VDV3c3prZW1VQUFyT1Q3MVJyY2xNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUaHsAwQA
XHfHMA0GCSqGSIb3DQEBCwUAA4IBAQB+67feBlSb20DAs2MzFNIoNAk6paUeBLrd
fZaiXBvn2VW4uQnJlAOkQNnx6FLe3S+V6JbKHiSCD4U1mHZ0kxocuZx1vJMtgd7k
LK0vQ3SZHLVNwnauk6tSnaXyk+JOy7TgeekOY58L9ywxStNVhNmD0edWLbL5AFtO
UNuGl5+yc5fPHBTLvLWM4QXsOzODl3FXbyovaePHtmkSaWnRl6kpi/8J9p8jED9q
K0j43cw2LiGlwiyEiPCP38oUmKIKRm2Sy2KFsXe/GlOagW8lRn+Fke5zXHe3bY2x
gopzf7uUpDlfMRW7XwO3RTx7IuPNQbmvjyAjv2bhHSeDqusdHpAE
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:42:47 2024 by rpki-client on console-ams.rpki-client.org