Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/nmwLLL-1roQRAFgbficFeFXISFY.roa
File: nmwLLL-1roQRAFgbficFeFXISFY.roa (raw, json)
Hash identifier: yHhje6pk/CPq2cF4zrvK6G+x2rQ9s1PSBJoGSd4e6ZI=
Subject key identifier: 9E:6C:0B:2C:BF:B5:AE:84:11:00:58:1B:7E:27:05:78:55:C8:48:56
Certificate issuer: /CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Certificate serial: 018F0C43005529F92BD555AD52F7D59E1B93
Authority key identifier: F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/nmwLLL-1roQRAFgbficFeFXISFY.roa
Signing time: Tue 23 Apr 2024 18:41:08 +0000
ROA not before: Tue 23 Apr 2024 18:41:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213220
IP address blocks: 2a11:5a42::/32 maxlen: 32
2a11:5a46::/32 maxlen: 32
2a12:1541::/32 maxlen: 32
2a12:7301::/32 maxlen: 32
2a12:7304::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 20:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0c:43:00:55:29:f9:2b:d5:55:ad:52:f7:d5:9e:1b:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Validity
Not Before: Apr 23 18:41:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e6c0b2cbfb5ae841100581b7e27057855c84856
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:8a:7e:e1:df:b3:ad:e7:b5:81:50:ed:2e:9b:
54:25:f8:10:43:f5:37:7d:e2:2f:cc:d7:ff:28:4c:
95:ff:37:c1:08:60:38:ce:07:4b:1a:4c:46:e5:8e:
5b:cf:4b:a5:87:c7:44:b2:e4:7a:ef:76:01:07:4b:
dc:09:64:4a:0b:2c:3b:90:59:3b:f1:53:44:46:d7:
54:8f:7d:6c:25:1c:90:1f:4c:f6:46:3c:7b:2b:84:
07:1a:83:99:e5:1f:00:f5:d9:32:73:14:90:d9:2f:
0a:7e:fd:b4:6c:9b:ba:e1:6f:b3:64:41:b1:04:67:
b8:9b:5d:5d:5e:4a:15:84:71:cf:63:7e:9f:86:99:
c5:f7:92:bd:33:ba:64:48:51:7d:4f:fb:ac:1b:a4:
64:d0:60:55:12:33:97:c1:ae:d0:84:29:70:ca:2a:
0a:31:8a:b6:f5:4d:b3:fb:34:35:8d:e7:26:15:2e:
6e:a1:0f:d2:6d:26:ef:61:23:47:ac:a2:21:b5:57:
f7:08:3e:d3:58:47:1e:76:83:90:06:eb:fd:20:e6:
9f:ab:e8:a3:de:38:35:12:92:d0:e5:0a:53:63:e5:
81:ef:b3:61:e3:95:80:b7:a6:66:10:7d:49:5d:34:
e1:f3:5b:4c:cb:a8:86:2d:f9:f2:1c:64:50:95:13:
b3:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:6C:0B:2C:BF:B5:AE:84:11:00:58:1B:7E:27:05:78:55:C8:48:56
X509v3 Authority Key Identifier:
keyid:F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/nmwLLL-1roQRAFgbficFeFXISFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5a42::/32
2a11:5a46::/32
2a12:1541::/32
2a12:7301::/32
2a12:7304::/32
Signature Algorithm: sha256WithRSAEncryption
45:56:45:14:58:d6:dd:9f:4d:04:d1:d0:d4:4f:07:9e:42:43:
94:e0:91:ab:c5:cc:2c:43:b4:60:32:b4:ac:27:80:dc:a6:b8:
f2:da:81:cd:7d:e8:92:22:36:88:a4:4f:5d:77:64:34:90:4c:
ef:d6:5d:f4:af:85:3c:af:49:c4:6b:1d:98:6c:21:24:c6:31:
07:55:c8:f3:d4:af:e7:cc:bd:ef:7f:35:00:6a:78:f3:44:0f:
f1:59:af:5b:e0:52:87:82:22:94:99:25:f6:73:fb:eb:e3:58:
d3:15:da:e8:ee:a0:e7:c3:fe:42:98:f2:bc:f0:c8:41:0f:06:
90:14:22:13:11:3e:01:12:c4:a5:b6:61:2a:e4:a8:99:64:71:
ef:7f:20:66:b7:4c:55:5d:0f:f7:ec:76:d0:55:87:18:e0:e6:
c7:fc:63:d1:13:48:89:0d:12:43:26:ea:20:84:d8:d0:ec:24:
21:8b:c9:42:7f:4f:46:65:89:9e:8b:3a:59:c7:01:ff:3c:4f:
85:c2:30:a0:48:2e:16:73:d8:91:77:b3:69:42:b2:e0:a5:e5:
56:a5:24:57:0c:ed:b8:a9:5d:4a:0c:45:05:6c:85:e5:a8:38:
01:6c:e6:4f:1b:1f:07:65:3f:ce:05:c5:d5:73:45:41:2e:09:
bc:e6:f8:9c
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY8MQwBVKfkr1VWtUvfVnhuTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWQ4YjUyODE1ZjNmMjYxM2U5NDg5OTJlYzlmZTY2MGY2
OTQ5YjQwHhcNMjQwNDIzMTg0MTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTZjMGIyY2JmYjVhZTg0MTEwMDU4MWI3ZTI3MDU3ODU1Yzg0ODU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIp+4d+zree1gVDtLptUJfgQQ/U3
feIvzNf/KEyV/zfBCGA4zgdLGkxG5Y5bz0ulh8dEsuR673YBB0vcCWRKCyw7kFk7
8VNERtdUj31sJRyQH0z2Rjx7K4QHGoOZ5R8A9dkycxSQ2S8Kfv20bJu64W+zZEGx
BGe4m11dXkoVhHHPY36fhpnF95K9M7pkSFF9T/usG6Rk0GBVEjOXwa7QhClwyioK
MYq29U2z+zQ1jecmFS5uoQ/SbSbvYSNHrKIhtVf3CD7TWEcedoOQBuv9IOafq+ij
3jg1EpLQ5QpTY+WB77Nh45WAt6ZmEH1JXTTh81tMy6iGLfnyHGRQlROzTwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJ5sCyy/ta6EEQBYG34nBXhVyEhWMB8GA1UdIwQY
MBaAFPddi1KBXz8mE+lImS7J/mYPaUm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2Ut
YTQ0MTBlMTBiNmY1LzEvbm13TExMLTFyb1FSQUZnYmZpY0ZlRlhJU0ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2UtYTQ0MTBlMTBiNmY1
LzEvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUAKhFaQgMF
ACoRWkYDBQAqEhVBAwUAKhJzAQMFACoScwQwDQYJKoZIhvcNAQELBQADggEBAEVW
RRRY1t2fTQTR0NRPB55CQ5TgkavFzCxDtGAytKwngNymuPLagc196JIiNoikT113
ZDSQTO/WXfSvhTyvScRrHZhsISTGMQdVyPPUr+fMve9/NQBqePNED/FZr1vgUoeC
IpSZJfZz++vjWNMV2ujuoOfD/kKY8rzwyEEPBpAUIhMRPgESxKW2YSrkqJlkce9/
IGa3TFVdD/fsdtBVhxjg5sf8Y9ETSIkNEkMm6iCE2NDsJCGLyUJ/T0ZliZ6LOlnH
Af88T4XCMKBILhZz2JF3s2lCsuCl5ValJFcM7bipXUoMRQVsheWoOAFs5k8bHwdl
P84FxdVzRUEuCbzm+Jw=
-----END CERTIFICATE-----
Generated at Sat May 18 22:15:36 2024 by rpki-client on console-fra.rpki-client.org