Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/NvwZlMcAwIjQXQv7WwIwajy-4MA.roa
File: NvwZlMcAwIjQXQv7WwIwajy-4MA.roa (raw, json)
Hash identifier: hpvvOOULb8qH39AXRffuRNY2rcxNszNa6+bTgcHHp60=
Subject key identifier: 36:FC:19:94:C7:00:C0:88:D0:5D:0B:FB:5B:02:30:6A:3C:BE:E0:C0
Certificate issuer: /CN=767f3bd4bfbd3071c38cd4d7092bd3490920c3d9
Certificate serial: 018D5F1D1C164C41CEC914FE59C269CB8645
Authority key identifier: 76:7F:3B:D4:BF:BD:30:71:C3:8C:D4:D7:09:2B:D3:49:09:20:C3:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/NvwZlMcAwIjQXQv7WwIwajy-4MA.roa
Signing time: Wed 31 Jan 2024 10:42:39 +0000
ROA not before: Wed 31 Jan 2024 10:42:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39855
IP address blocks: 45.91.148.0/24 maxlen: 24
213.109.152.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/dn871L-9MHHDjNTXCSvTSQkgw9k.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/dn871L-9MHHDjNTXCSvTSQkgw9k.mft
rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 04:02:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5f:1d:1c:16:4c:41:ce:c9:14:fe:59:c2:69:cb:86:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=767f3bd4bfbd3071c38cd4d7092bd3490920c3d9
Validity
Not Before: Jan 31 10:42:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36fc1994c700c088d05d0bfb5b02306a3cbee0c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:13:67:ce:6c:f1:88:23:4c:0b:0e:0e:50:6f:
1e:a8:34:8a:4c:eb:6f:15:a0:f1:68:c5:90:09:7d:
7e:12:63:19:02:af:dd:37:52:48:26:a7:eb:26:e4:
6e:b7:3f:dc:89:87:e0:88:d5:27:a1:de:09:c7:81:
33:65:6c:5f:f3:65:c7:91:d6:93:55:fb:64:fa:66:
07:cd:fa:11:04:33:16:43:a6:30:7a:53:d1:68:04:
25:d5:9b:66:5f:f0:2a:e1:ac:45:0f:0a:48:60:30:
28:6b:fe:f6:3d:71:e2:d5:3e:41:f9:ab:a8:08:f8:
43:dd:47:bc:33:9c:22:3e:9a:a6:37:f4:97:0a:f9:
bb:e6:47:c8:01:a3:a0:d7:a9:f2:df:89:cb:93:b7:
0e:7f:e6:eb:c1:77:6b:c5:5d:27:86:d7:b8:5f:31:
1f:2d:15:d8:55:e3:3b:82:11:68:b7:0d:74:d2:00:
cd:43:75:a6:8b:5d:a1:2a:69:05:6f:39:97:df:42:
2a:5b:4f:22:59:db:0d:44:1d:85:4a:a9:f6:4d:50:
26:b3:f9:05:c7:be:16:21:21:8d:d1:2f:27:19:c1:
bb:04:3e:f1:37:c9:da:1a:d9:64:2a:39:d0:1e:15:
3a:f6:50:ed:54:a2:7e:61:c4:7c:13:46:53:f2:32:
e9:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:FC:19:94:C7:00:C0:88:D0:5D:0B:FB:5B:02:30:6A:3C:BE:E0:C0
X509v3 Authority Key Identifier:
keyid:76:7F:3B:D4:BF:BD:30:71:C3:8C:D4:D7:09:2B:D3:49:09:20:C3:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/NvwZlMcAwIjQXQv7WwIwajy-4MA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/dn871L-9MHHDjNTXCSvTSQkgw9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.148.0/24
213.109.152.0/24
Signature Algorithm: sha256WithRSAEncryption
be:08:20:9e:95:25:5f:95:47:43:ee:a4:89:c8:7d:5c:fa:c1:
c4:6e:c8:f5:ed:5f:36:ae:35:a7:9c:27:ff:93:2c:a7:44:c7:
c4:4c:fe:09:7b:73:ea:d5:fd:47:84:14:12:66:30:f3:d9:ae:
97:f4:ae:a4:06:38:60:84:83:b8:e7:9f:b8:f1:b2:02:25:15:
e5:cb:5e:7a:6b:a8:7b:da:88:ee:9b:12:c8:8a:9a:9a:90:be:
a0:36:14:bb:eb:0f:12:a9:a1:8c:f1:ce:99:7d:43:57:3c:62:
54:cb:07:db:e2:f7:7f:c1:c2:31:1f:8e:4b:2a:d4:27:63:09:
51:9e:b2:fc:ae:ed:e1:8b:57:cd:09:fa:31:ef:14:1a:fa:8b:
7f:08:54:62:32:11:94:c7:5e:67:96:09:fb:8b:2f:c6:7f:46:
e7:27:d5:ce:21:4d:52:37:47:76:b5:1e:13:06:72:4c:67:84:
df:95:6a:fd:34:1f:96:2b:19:d3:bd:4a:2f:93:18:e1:df:70:
dd:0e:4f:e4:29:df:6d:88:7b:c7:5e:40:96:5e:9e:c8:9f:95:
86:83:9e:cb:53:1a:b1:c5:cf:1f:bf:b1:2a:ae:78:c9:92:5c:
bb:d8:61:b2:04:7f:42:fa:30:81:90:3f:c5:fd:99:ce:aa:a5:
fc:5a:21:8d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1fHRwWTEHOyRT+WcJpy4ZFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2N2YzYmQ0YmZiZDMwNzFjMzhjZDRkNzA5MmJkMzQ5MDky
MGMzZDkwHhcNMjQwMTMxMTA0MjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmZjMTk5NGM3MDBjMDg4ZDA1ZDBiZmI1YjAyMzA2YTNjYmVlMGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhNnzmzxiCNMCw4OUG8eqDSKTOtv
FaDxaMWQCX1+EmMZAq/dN1JIJqfrJuRutz/ciYfgiNUnod4Jx4EzZWxf82XHkdaT
Vftk+mYHzfoRBDMWQ6YwelPRaAQl1ZtmX/Aq4axFDwpIYDAoa/72PXHi1T5B+auo
CPhD3Ue8M5wiPpqmN/SXCvm75kfIAaOg16ny34nLk7cOf+brwXdrxV0nhte4XzEf
LRXYVeM7ghFotw100gDNQ3Wmi12hKmkFbzmX30IqW08iWdsNRB2FSqn2TVAms/kF
x74WISGN0S8nGcG7BD7xN8naGtlkKjnQHhU69lDtVKJ+YcR8E0ZT8jLpewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDb8GZTHAMCI0F0L+1sCMGo8vuDAMB8GA1UdIwQY
MBaAFHZ/O9S/vTBxw4zU1wkr00kJIMPZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG44NzFMLTlNSEhEak5UWENTdlRTUWtndzlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9mZjVjYzYtOGY2MS00NDdiLWI2NTgt
NGZiNTU5YjNiOWIzLzEvTnZ3WmxNY0F3SWpRWFF2N1d3SXdhanktNE1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9mZjVjYzYtOGY2MS00NDdiLWI2NTgtNGZiNTU5YjNiOWIz
LzEvZG44NzFMLTlNSEhEak5UWENTdlRTUWtndzlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVuUAwQA
1W2YMA0GCSqGSIb3DQEBCwUAA4IBAQC+CCCelSVflUdD7qSJyH1c+sHEbsj17V82
rjWnnCf/kyynRMfETP4Je3Pq1f1HhBQSZjDz2a6X9K6kBjhghIO455+48bICJRXl
y156a6h72ojumxLIipqakL6gNhS76w8SqaGM8c6ZfUNXPGJUywfb4vd/wcIxH45L
KtQnYwlRnrL8ru3hi1fNCfox7xQa+ot/CFRiMhGUx15nlgn7iy/Gf0bnJ9XOIU1S
N0d2tR4TBnJMZ4TflWr9NB+WKxnTvUovkxjh33DdDk/kKd9tiHvHXkCWXp7In5WG
g57LUxqxxc8fv7EqrnjJkly72GGyBH9C+jCBkD/F/ZnOqqX8WiGN
-----END CERTIFICATE-----
Generated at Fri May 10 11:42:29 2024 by rpki-client on console-fra.rpki-client.org