Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/ed3054-0a97-497c-9703-bc91c0670d03/1/nsnCeLDyo36Hg2dDNLeRwxmD4TI.roa
File: nsnCeLDyo36Hg2dDNLeRwxmD4TI.roa (raw, json)
Hash identifier: h0P936Z4d0N315HUPdUvWwifGz5vv8GGcOUEhQxhrY4=
Subject key identifier: 9E:C9:C2:78:B0:F2:A3:7E:87:83:67:43:34:B7:91:C3:19:83:E1:32
Certificate issuer: /CN=8387c219c9841ebafaa3d40806c984f9f3e4e461
Certificate serial: 018CC726CA80BAD3004AED2A0F2503FF36EB
Authority key identifier: 83:87:C2:19:C9:84:1E:BA:FA:A3:D4:08:06:C9:84:F9:F3:E4:E4:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g4fCGcmEHrr6o9QIBsmE-fPk5GE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/ed3054-0a97-497c-9703-bc91c0670d03/1/nsnCeLDyo36Hg2dDNLeRwxmD4TI.roa
Signing time: Mon 01 Jan 2024 22:30:57 +0000
ROA not before: Mon 01 Jan 2024 22:30:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48689
IP address blocks: 212.57.32.0/21 maxlen: 24
195.181.248.0/22 maxlen: 24
185.65.220.0/22 maxlen: 24
2a00:1e40::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/ed3054-0a97-497c-9703-bc91c0670d03/1/g4fCGcmEHrr6o9QIBsmE-fPk5GE.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/ed3054-0a97-497c-9703-bc91c0670d03/1/g4fCGcmEHrr6o9QIBsmE-fPk5GE.mft
rsync://rpki.ripe.net/repository/DEFAULT/g4fCGcmEHrr6o9QIBsmE-fPk5GE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 17:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:ca:80:ba:d3:00:4a:ed:2a:0f:25:03:ff:36:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8387c219c9841ebafaa3d40806c984f9f3e4e461
Validity
Not Before: Jan 1 22:30:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ec9c278b0f2a37e8783674334b791c31983e132
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b9:6a:9c:23:37:f9:17:8e:11:93:98:fb:8d:
d1:70:f0:0b:1a:6c:d0:46:62:87:19:e3:dc:2e:9a:
98:9f:5a:6a:f0:fa:21:5f:f3:07:cd:78:4b:f2:91:
ea:d1:20:c4:51:7b:81:94:76:65:c5:d6:79:8f:c9:
6f:d2:26:56:68:92:52:95:34:3f:c7:7c:50:2d:6e:
20:bc:75:15:86:1c:a9:39:bb:0c:ec:07:bb:c3:5e:
6b:c8:d3:63:86:27:8d:e7:b6:9c:09:5d:83:4d:92:
92:2f:95:4b:e4:d3:ce:75:2c:98:6f:fd:9e:8c:4e:
40:73:12:81:e4:fb:f4:ec:f6:34:7f:ec:ad:60:8e:
33:ab:45:db:22:76:59:7c:16:a9:68:55:dc:34:cf:
4a:92:5e:39:55:2d:28:a1:11:61:9a:a0:2b:4b:b3:
1f:b3:29:a4:8b:c2:80:86:00:e7:1a:e5:de:3b:da:
bc:7b:99:ec:9e:13:ef:57:5c:11:57:39:c3:bc:5a:
a6:61:60:9b:97:b1:98:98:91:40:84:f1:b2:b2:17:
1a:8a:88:f2:6a:0f:9b:f9:e3:5b:19:47:67:ee:d0:
15:07:49:b2:0e:7a:0d:87:74:fc:f1:4e:18:6c:00:
04:1c:bb:5c:9b:87:45:3e:73:57:19:93:11:17:62:
15:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:C9:C2:78:B0:F2:A3:7E:87:83:67:43:34:B7:91:C3:19:83:E1:32
X509v3 Authority Key Identifier:
keyid:83:87:C2:19:C9:84:1E:BA:FA:A3:D4:08:06:C9:84:F9:F3:E4:E4:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g4fCGcmEHrr6o9QIBsmE-fPk5GE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/ed3054-0a97-497c-9703-bc91c0670d03/1/nsnCeLDyo36Hg2dDNLeRwxmD4TI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/ed3054-0a97-497c-9703-bc91c0670d03/1/g4fCGcmEHrr6o9QIBsmE-fPk5GE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.220.0/22
195.181.248.0/22
212.57.32.0/21
IPv6:
2a00:1e40::/32
Signature Algorithm: sha256WithRSAEncryption
0d:e8:19:ce:e7:1f:c1:24:e1:56:72:bc:b5:0e:a5:0e:b2:d7:
71:5e:69:c4:aa:89:f3:30:56:b3:10:cf:a7:d8:70:d4:a4:98:
c1:67:d1:2c:1d:24:04:1f:3b:bd:ab:4b:12:24:b7:78:83:db:
51:8d:84:9d:a2:5c:f0:d1:b0:59:06:37:4a:1d:78:3d:dc:bf:
83:c7:f1:94:9c:4a:e2:d6:09:2f:b7:7f:6f:2e:5b:88:95:62:
70:e3:f2:9f:18:23:30:8f:97:82:33:bc:06:01:60:68:ab:45:
82:63:e3:11:75:5e:49:ef:86:d6:ea:6f:d1:bb:13:5c:b4:f8:
91:26:c5:b3:f9:2b:0f:61:b7:23:c1:6b:cf:9a:a1:7d:1e:79:
71:ac:f4:eb:78:b1:98:b7:ac:5c:b0:cd:b1:4e:4d:7f:c9:63:
cd:c1:4f:56:27:4c:22:03:20:df:2a:08:2b:a6:39:cc:e8:81:
0c:6a:45:cb:32:4c:53:fb:32:a1:85:f0:bd:26:3a:be:96:6c:
10:d2:d6:1a:6e:d7:85:1f:ad:79:95:a4:a5:41:87:05:15:c5:
b0:f9:c3:56:71:bb:19:ac:71:94:65:5d:6c:89:b1:f2:78:b5:
53:49:01:5b:e1:7d:7b:04:08:89:d2:14:c9:b0:01:b9:42:60:
43:3d:1f:1c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzHJsqAutMASu0qDyUD/zbrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzODdjMjE5Yzk4NDFlYmFmYWEzZDQwODA2Yzk4NGY5ZjNl
NGU0NjEwHhcNMjQwMTAxMjIzMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWM5YzI3OGIwZjJhMzdlODc4MzY3NDMzNGI3OTFjMzE5ODNlMTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoblqnCM3+ReOEZOY+43RcPALGmzQ
RmKHGePcLpqYn1pq8PohX/MHzXhL8pHq0SDEUXuBlHZlxdZ5j8lv0iZWaJJSlTQ/
x3xQLW4gvHUVhhypObsM7Ae7w15ryNNjhieN57acCV2DTZKSL5VL5NPOdSyYb/2e
jE5AcxKB5Pv07PY0f+ytYI4zq0XbInZZfBapaFXcNM9Kkl45VS0ooRFhmqArS7Mf
symki8KAhgDnGuXeO9q8e5nsnhPvV1wRVznDvFqmYWCbl7GYmJFAhPGyshcaiojy
ag+b+eNbGUdn7tAVB0myDnoNh3T88U4YbAAEHLtcm4dFPnNXGZMRF2IVHwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJ7Jwniw8qN+h4NnQzS3kcMZg+EyMB8GA1UdIwQY
MBaAFIOHwhnJhB66+qPUCAbJhPnz5ORhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzRmQ0djbUVIcnI2bzlRSUJzbUUtZlBrNUdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9lZDMwNTQtMGE5Ny00OTdjLTk3MDMt
YmM5MWMwNjcwZDAzLzEvbnNuQ2VMRHlvMzZIZzJkRE5MZVJ3eG1ENFRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9lZDMwNTQtMGE5Ny00OTdjLTk3MDMtYmM5MWMwNjcwZDAz
LzEvZzRmQ0djbUVIcnI2bzlRSUJzbUUtZlBrNUdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuUHcAwQC
w7X4AwQD1DkgMA0EAgACMAcDBQAqAB5AMA0GCSqGSIb3DQEBCwUAA4IBAQAN6BnO
5x/BJOFWcry1DqUOstdxXmnEqonzMFazEM+n2HDUpJjBZ9EsHSQEHzu9q0sSJLd4
g9tRjYSdolzw0bBZBjdKHXg93L+Dx/GUnEri1gkvt39vLluIlWJw4/KfGCMwj5eC
M7wGAWBoq0WCY+MRdV5J74bW6m/RuxNctPiRJsWz+SsPYbcjwWvPmqF9HnlxrPTr
eLGYt6xcsM2xTk1/yWPNwU9WJ0wiAyDfKggrpjnM6IEMakXLMkxT+zKhhfC9Jjq+
lmwQ0tYabteFH615laSlQYcFFcWw+cNWcbsZrHGUZV1sibHyeLVTSQFb4X17BAiJ
0hTJsAG5QmBDPR8c
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:13:01 2024 by rpki-client on console-ams.rpki-client.org