Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/170422-39ad-499c-bbfd-eff3cdcbd00a/1/NjmiQJSiIW2bmDLIukYHDRHnSgI.roa
File: NjmiQJSiIW2bmDLIukYHDRHnSgI.roa (raw, json)
Hash identifier: gZUhsfBxwEpfLulCjb+lFN0TwVjCw9UIBOdKl++AC2Y=
Subject key identifier: 36:39:A2:40:94:A2:21:6D:9B:98:32:C8:BA:46:07:0D:11:E7:4A:02
Certificate issuer: /CN=659a6b975eafd2ce51468723814355f56c55bafb
Certificate serial: 018CC94CD5134748AD0144023F3705911EF2
Authority key identifier: 65:9A:6B:97:5E:AF:D2:CE:51:46:87:23:81:43:55:F5:6C:55:BA:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZZprl16v0s5RRocjgUNV9WxVuvs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/170422-39ad-499c-bbfd-eff3cdcbd00a/1/NjmiQJSiIW2bmDLIukYHDRHnSgI.roa
Signing time: Tue 02 Jan 2024 08:31:44 +0000
ROA not before: Tue 02 Jan 2024 08:31:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9121
IP address blocks: 194.125.233.0/24 maxlen: 24
194.125.232.0/24 maxlen: 24
194.125.232.0/22 maxlen: 24
194.242.32.0/24 maxlen: 24
194.125.234.0/24 maxlen: 24
194.125.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/170422-39ad-499c-bbfd-eff3cdcbd00a/1/ZZprl16v0s5RRocjgUNV9WxVuvs.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/170422-39ad-499c-bbfd-eff3cdcbd00a/1/ZZprl16v0s5RRocjgUNV9WxVuvs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZZprl16v0s5RRocjgUNV9WxVuvs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 11:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:d5:13:47:48:ad:01:44:02:3f:37:05:91:1e:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=659a6b975eafd2ce51468723814355f56c55bafb
Validity
Not Before: Jan 2 08:31:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3639a24094a2216d9b9832c8ba46070d11e74a02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:56:df:39:aa:67:08:c2:52:63:9b:29:7d:38:
d5:cc:d0:db:e0:48:50:53:77:91:10:8d:9b:27:52:
dd:70:70:8a:77:10:61:20:55:47:2a:91:c5:f7:9b:
72:55:20:52:8e:b7:ef:b0:49:72:c2:f1:65:d3:74:
14:fd:82:e7:4b:97:7e:83:25:35:28:53:9b:fc:db:
03:80:3e:06:09:51:a0:c5:b7:b9:10:9a:1c:ee:48:
c6:e6:14:a9:24:1c:3b:6d:0d:2a:ee:01:1c:fc:0b:
55:17:02:f2:f5:74:37:e8:07:77:2c:00:41:94:c3:
cf:80:07:ed:1f:eb:de:1f:b2:22:e6:a4:fa:dc:de:
5d:a0:38:74:5e:36:bb:d9:f5:2a:c0:cd:88:3d:4a:
b6:a2:6f:39:1f:dd:b7:fa:71:a1:56:61:6e:b0:fa:
1e:21:a7:b0:d2:9c:d6:ce:0c:70:2e:39:da:ec:bf:
4f:89:aa:7c:e9:18:15:af:eb:18:5d:90:27:ee:71:
df:91:95:2e:dd:1e:80:67:6a:5c:b3:b7:5d:ca:26:
79:64:53:9d:4a:7a:14:d2:87:78:80:67:fd:ae:5f:
13:46:c0:fb:4d:e8:1a:f0:ca:ff:00:69:b8:1c:1f:
9d:b3:03:61:0c:6b:31:a5:45:1b:c0:f9:61:86:fc:
d6:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:39:A2:40:94:A2:21:6D:9B:98:32:C8:BA:46:07:0D:11:E7:4A:02
X509v3 Authority Key Identifier:
keyid:65:9A:6B:97:5E:AF:D2:CE:51:46:87:23:81:43:55:F5:6C:55:BA:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZZprl16v0s5RRocjgUNV9WxVuvs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/170422-39ad-499c-bbfd-eff3cdcbd00a/1/NjmiQJSiIW2bmDLIukYHDRHnSgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/170422-39ad-499c-bbfd-eff3cdcbd00a/1/ZZprl16v0s5RRocjgUNV9WxVuvs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.125.232.0/22
194.242.32.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:c4:d4:a7:bf:c0:59:44:0d:4f:c7:34:ea:22:a3:44:ed:e9:
da:e2:4b:33:5b:57:7a:08:ae:11:7c:42:8e:67:0a:b8:8d:88:
66:8c:fb:f9:1a:fe:44:cb:d9:58:fd:58:6e:2b:57:6c:97:80:
55:d0:77:66:65:56:94:83:03:a4:83:d6:0a:f2:4d:0a:1e:49:
18:5c:21:8c:f8:9b:8a:2b:2f:a4:cf:cd:8e:9a:45:1c:c6:2c:
6d:c6:c6:8c:ff:17:ed:0e:47:93:95:11:58:f2:35:d4:4d:29:
dd:34:7e:50:eb:65:7a:b5:7f:25:a5:fe:b0:00:57:58:88:61:
3b:39:ff:d8:3b:e4:25:e8:64:fa:48:fb:83:73:dc:7a:28:37:
af:ca:39:73:da:0d:00:1e:c6:fa:b3:d5:93:6e:cc:21:68:76:
55:a1:ab:94:f9:b1:72:17:fa:d3:77:6b:fd:9e:63:95:67:81:
ec:b0:54:1f:88:d2:15:7c:a4:c0:b7:dd:73:28:b2:12:62:2b:
76:2b:d7:9b:57:c6:d2:59:e7:dc:20:0e:d6:5f:2f:e0:f6:63:
a6:86:53:87:7b:5e:c4:f9:1e:e8:6f:ea:fd:3f:b2:16:0b:5a:
11:d6:7f:e7:91:70:81:a6:e1:35:1c:58:eb:23:62:0b:c7:5e:
70:7a:93:32
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJTNUTR0itAUQCPzcFkR7yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1OWE2Yjk3NWVhZmQyY2U1MTQ2ODcyMzgxNDM1NWY1NmM1
NWJhZmIwHhcNMjQwMTAyMDgzMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjM5YTI0MDk0YTIyMTZkOWI5ODMyYzhiYTQ2MDcwZDExZTc0YTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFbfOapnCMJSY5spfTjVzNDb4EhQ
U3eREI2bJ1LdcHCKdxBhIFVHKpHF95tyVSBSjrfvsElywvFl03QU/YLnS5d+gyU1
KFOb/NsDgD4GCVGgxbe5EJoc7kjG5hSpJBw7bQ0q7gEc/AtVFwLy9XQ36Ad3LABB
lMPPgAftH+veH7Ii5qT63N5doDh0Xja72fUqwM2IPUq2om85H923+nGhVmFusPoe
Iaew0pzWzgxwLjna7L9Piap86RgVr+sYXZAn7nHfkZUu3R6AZ2pcs7ddyiZ5ZFOd
SnoU0od4gGf9rl8TRsD7Tega8Mr/AGm4HB+dswNhDGsxpUUbwPlhhvzWNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDY5okCUoiFtm5gyyLpGBw0R50oCMB8GA1UdIwQY
MBaAFGWaa5der9LOUUaHI4FDVfVsVbr7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlpwcmwxNnYwczVSUm9jamdVTlY5V3hWdXZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xNzA0MjItMzlhZC00OTljLWJiZmQt
ZWZmM2NkY2JkMDBhLzEvTmptaVFKU2lJVzJibURMSXVrWUhEUkhuU2dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xNzA0MjItMzlhZC00OTljLWJiZmQtZWZmM2NkY2JkMDBh
LzEvWlpwcmwxNnYwczVSUm9jamdVTlY5V3hWdXZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwn3oAwQA
wvIgMA0GCSqGSIb3DQEBCwUAA4IBAQC2xNSnv8BZRA1PxzTqIqNE7ena4kszW1d6
CK4RfEKOZwq4jYhmjPv5Gv5Ey9lY/VhuK1dsl4BV0HdmZVaUgwOkg9YK8k0KHkkY
XCGM+JuKKy+kz82OmkUcxixtxsaM/xftDkeTlRFY8jXUTSndNH5Q62V6tX8lpf6w
AFdYiGE7Of/YO+Ql6GT6SPuDc9x6KDevyjlz2g0AHsb6s9WTbswhaHZVoauU+bFy
F/rTd2v9nmOVZ4HssFQfiNIVfKTAt91zKLISYit2K9ebV8bSWefcIA7WXy/g9mOm
hlOHe17E+R7ob+r9P7IWC1oR1n/nkXCBpuE1HFjrI2ILx15wepMy
-----END CERTIFICATE-----
Generated at Fri Jun 7 15:42:50 2024 by rpki-client on console-fra.rpki-client.org