Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/23bea6-9001-441d-8364-61cb43c2db85/1/NBarGzpErMhIHYXWMrmo3k6GnVg.roa
File: NBarGzpErMhIHYXWMrmo3k6GnVg.roa (raw, json)
Hash identifier: sP6dgvYNTB8XAB+niqVOGwvIZV0voXqsMFX7dFzHCUg=
Subject key identifier: 34:16:AB:1B:3A:44:AC:C8:48:1D:85:D6:32:B9:A8:DE:4E:86:9D:58
Certificate issuer: /CN=860d9f01a98b514ebd3c2723d7f7eb448326f5e2
Certificate serial: 018CC492F3C7CD5184AB3FBEA1B67E5DDC57
Authority key identifier: 86:0D:9F:01:A9:8B:51:4E:BD:3C:27:23:D7:F7:EB:44:83:26:F5:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hg2fAamLUU69PCcj1_frRIMm9eI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/23bea6-9001-441d-8364-61cb43c2db85/1/NBarGzpErMhIHYXWMrmo3k6GnVg.roa
Signing time: Mon 01 Jan 2024 10:30:14 +0000
ROA not before: Mon 01 Jan 2024 10:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50472
IP address blocks: 185.106.84.0/22 maxlen: 24
195.54.164.0/23 maxlen: 23
2a02:8000::/32 maxlen: 32
2001:67c:20a0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/23bea6-9001-441d-8364-61cb43c2db85/1/hg2fAamLUU69PCcj1_frRIMm9eI.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/23bea6-9001-441d-8364-61cb43c2db85/1/hg2fAamLUU69PCcj1_frRIMm9eI.mft
rsync://rpki.ripe.net/repository/DEFAULT/hg2fAamLUU69PCcj1_frRIMm9eI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:f3:c7:cd:51:84:ab:3f:be:a1:b6:7e:5d:dc:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=860d9f01a98b514ebd3c2723d7f7eb448326f5e2
Validity
Not Before: Jan 1 10:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3416ab1b3a44acc8481d85d632b9a8de4e869d58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:42:37:e5:4d:f9:c1:69:22:37:12:22:68:18:
10:50:72:ae:1c:10:17:c9:2f:92:8f:15:28:1d:4d:
53:34:45:71:06:36:e4:c4:5a:b3:4d:09:89:5e:8a:
91:91:23:f8:c0:ff:97:51:17:c2:f1:fe:a1:f1:c8:
04:09:55:5b:6f:e1:5e:dc:1a:47:a3:48:89:b0:df:
70:b1:73:c5:5f:2d:a2:10:d9:60:4b:39:75:a1:be:
98:32:23:e6:a3:60:1b:26:85:5a:82:7c:02:6d:e5:
9f:c5:14:9e:4d:b1:e2:7e:1c:b5:df:0a:ca:2b:c3:
df:e0:98:74:b9:dd:b1:46:6d:2d:2a:fd:90:dc:2c:
d1:e7:1d:34:37:74:b9:43:28:1a:9b:20:ee:2d:79:
6b:a5:aa:60:e1:af:f0:a9:32:ea:e5:23:c7:cc:c0:
f9:a6:98:4b:b1:d3:78:40:4f:b6:34:2e:14:f8:30:
64:26:01:3c:b0:b8:b4:78:69:9d:0d:b6:dc:f1:e0:
86:96:25:c6:57:e4:f9:75:c9:47:b4:70:a2:38:51:
07:61:3e:cd:ce:45:3d:ee:28:e6:df:50:d8:af:6b:
ea:1d:2c:1e:12:eb:3c:68:b3:e6:e2:cd:36:f0:91:
10:22:a6:f5:99:f1:5a:e5:23:8a:8c:11:b4:07:2b:
6d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:16:AB:1B:3A:44:AC:C8:48:1D:85:D6:32:B9:A8:DE:4E:86:9D:58
X509v3 Authority Key Identifier:
keyid:86:0D:9F:01:A9:8B:51:4E:BD:3C:27:23:D7:F7:EB:44:83:26:F5:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hg2fAamLUU69PCcj1_frRIMm9eI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/23bea6-9001-441d-8364-61cb43c2db85/1/NBarGzpErMhIHYXWMrmo3k6GnVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/23bea6-9001-441d-8364-61cb43c2db85/1/hg2fAamLUU69PCcj1_frRIMm9eI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.106.84.0/22
195.54.164.0/23
IPv6:
2001:67c:20a0::/48
2a02:8000::/32
Signature Algorithm: sha256WithRSAEncryption
19:8b:f0:af:e1:21:45:42:58:d5:ab:f3:25:e9:15:46:9c:54:
3b:0d:8d:a4:ef:f0:6c:41:8a:1c:e6:21:d9:40:5a:af:c3:67:
45:6f:a1:ab:4b:45:c7:a8:ad:30:eb:8c:7e:57:dc:81:ba:95:
f4:0b:e0:cb:2d:fe:ba:51:e3:ac:68:65:ee:47:7f:c1:f7:70:
20:3f:1f:ad:48:ca:6f:3b:6f:de:ea:7d:99:91:af:c5:73:a1:
1d:dc:84:06:bc:59:35:b1:c1:8b:33:de:53:80:62:27:2c:05:
70:5e:c9:49:71:88:38:01:d9:77:35:06:28:1c:85:fb:07:5e:
c6:23:a1:46:47:90:f1:0e:81:f9:ce:87:29:fc:19:1a:da:71:
13:83:ca:fb:2b:4f:bd:c5:4c:59:53:12:c4:48:eb:53:ce:a9:
62:9d:8a:80:93:d2:17:4f:7e:b9:d0:77:ed:74:29:24:02:bf:
fd:54:e3:c7:7a:6a:9d:f8:75:06:73:f1:bf:23:df:60:ca:47:
95:9c:23:f0:94:9b:c0:32:a5:ab:1e:13:63:dc:11:47:7b:41:
83:04:e0:31:96:70:3e:b2:a1:eb:85:c9:e2:7a:db:6b:42:f7:
57:f3:a1:7f:23:e4:4d:b8:ca:40:b3:eb:b6:d5:c5:b7:27:e7:
03:9f:b6:3c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzEkvPHzVGEqz++obZ+XdxXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MGQ5ZjAxYTk4YjUxNGViZDNjMjcyM2Q3ZjdlYjQ0ODMy
NmY1ZTIwHhcNMjQwMTAxMTAzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDE2YWIxYjNhNDRhY2M4NDgxZDg1ZDYzMmI5YThkZTRlODY5ZDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6UI35U35wWkiNxIiaBgQUHKuHBAX
yS+SjxUoHU1TNEVxBjbkxFqzTQmJXoqRkSP4wP+XURfC8f6h8cgECVVbb+Fe3BpH
o0iJsN9wsXPFXy2iENlgSzl1ob6YMiPmo2AbJoVagnwCbeWfxRSeTbHifhy13wrK
K8Pf4Jh0ud2xRm0tKv2Q3CzR5x00N3S5QygamyDuLXlrpapg4a/wqTLq5SPHzMD5
pphLsdN4QE+2NC4U+DBkJgE8sLi0eGmdDbbc8eCGliXGV+T5dclHtHCiOFEHYT7N
zkU97ijm31DYr2vqHSweEus8aLPm4s028JEQIqb1mfFa5SOKjBG0ByttcwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDQWqxs6RKzISB2F1jK5qN5Ohp1YMB8GA1UdIwQY
MBaAFIYNnwGpi1FOvTwnI9f360SDJvXiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGcyZkFhbUxVVTY5UENjajFfZnJSSU1tOWVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8yM2JlYTYtOTAwMS00NDFkLTgzNjQt
NjFjYjQzYzJkYjg1LzEvTkJhckd6cEVyTWhJSFlYV01ybW8zazZHblZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8yM2JlYTYtOTAwMS00NDFkLTgzNjQtNjFjYjQzYzJkYjg1
LzEvaGcyZkFhbUxVVTY5UENjajFfZnJSSU1tOWVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCuWpUAwQB
wzakMBYEAgACMBADBwAgAQZ8IKADBQAqAoAAMA0GCSqGSIb3DQEBCwUAA4IBAQAZ
i/Cv4SFFQljVq/Ml6RVGnFQ7DY2k7/BsQYoc5iHZQFqvw2dFb6GrS0XHqK0w64x+
V9yBupX0C+DLLf66UeOsaGXuR3/B93AgPx+tSMpvO2/e6n2Zka/Fc6Ed3IQGvFk1
scGLM95TgGInLAVwXslJcYg4Adl3NQYoHIX7B17GI6FGR5DxDoH5zocp/Bka2nET
g8r7K0+9xUxZUxLESOtTzqlinYqAk9IXT3650HftdCkkAr/9VOPHemqd+HUGc/G/
I99gykeVnCPwlJvAMqWrHhNj3BFHe0GDBOAxlnA+sqHrhcniettrQvdX86F/I+RN
uMpAs+u21cW3J+cDn7Y8
-----END CERTIFICATE-----
Generated at Sat Jun 8 02:53:29 2024 by rpki-client on console-ams.rpki-client.org