Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/a32567-780f-4509-b710-97eaf9aa786f/1/NHAluQqVs7gIeiNbN1cobu2RJBQ.roa
File: NHAluQqVs7gIeiNbN1cobu2RJBQ.roa (raw, json)
Hash identifier: x4USOVZvm0Ej3iMISLePdaeIPrOLZGHvMrO9BkF67WE=
Subject key identifier: 34:70:25:B9:0A:95:B3:B8:08:7A:23:5B:37:57:28:6E:ED:91:24:14
Certificate issuer: /CN=6d555e6c14b94d756d93a83a502c7f1577f9af49
Certificate serial: 018CC56DEA3B937C99D3EC936F59D8E87234
Authority key identifier: 6D:55:5E:6C:14:B9:4D:75:6D:93:A8:3A:50:2C:7F:15:77:F9:AF:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bVVebBS5TXVtk6g6UCx_FXf5r0k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/a32567-780f-4509-b710-97eaf9aa786f/1/NHAluQqVs7gIeiNbN1cobu2RJBQ.roa
Signing time: Mon 01 Jan 2024 14:29:24 +0000
ROA not before: Mon 01 Jan 2024 14:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42307
IP address blocks: 194.55.248.0/22 maxlen: 22
91.192.28.0/22 maxlen: 22
2001:67c:274::/48 maxlen: 48
2a0c:ccc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/a32567-780f-4509-b710-97eaf9aa786f/1/bVVebBS5TXVtk6g6UCx_FXf5r0k.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/a32567-780f-4509-b710-97eaf9aa786f/1/bVVebBS5TXVtk6g6UCx_FXf5r0k.mft
rsync://rpki.ripe.net/repository/DEFAULT/bVVebBS5TXVtk6g6UCx_FXf5r0k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:ea:3b:93:7c:99:d3:ec:93:6f:59:d8:e8:72:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d555e6c14b94d756d93a83a502c7f1577f9af49
Validity
Not Before: Jan 1 14:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=347025b90a95b3b8087a235b3757286eed912414
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:af:58:78:a2:be:ac:49:61:8b:62:e0:90:8d:
5e:6b:51:d4:bb:8b:8e:0c:41:b4:11:d0:a1:98:d0:
89:74:e8:9f:b3:95:ae:82:80:57:fe:f2:b0:8e:cf:
5e:3e:41:8e:ab:60:63:cb:75:2e:4a:fe:91:e5:64:
af:1d:88:24:7a:be:39:cd:ad:6b:e8:cf:45:99:30:
a3:28:1e:84:44:5c:8d:ba:fe:81:c8:10:ac:9e:0c:
14:a1:5e:1f:74:69:87:40:45:7b:cf:d3:bc:cc:67:
00:98:46:64:30:51:e1:5c:03:e6:bd:28:07:a3:be:
c1:29:ff:6a:bf:d6:cd:a0:b6:83:57:66:8b:dd:12:
d1:68:76:cf:3e:62:b3:ae:83:39:49:b5:a1:03:53:
26:18:1d:37:c9:16:fe:81:82:19:aa:c3:65:7f:21:
3a:13:4d:fe:3f:c6:eb:4c:af:07:0f:f2:b7:c4:25:
61:eb:5c:d5:0f:7f:58:19:d3:7e:f3:12:e1:a8:52:
1c:99:15:71:8a:81:c3:af:8c:92:9d:87:fc:c2:d4:
55:3d:8e:2a:2b:7a:6f:31:d3:d1:3c:e5:59:91:8b:
93:46:90:de:81:64:68:42:cb:4e:29:47:44:18:17:
8c:1b:b7:ed:a7:a7:db:f1:eb:0a:96:a3:dd:ad:ea:
cb:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:70:25:B9:0A:95:B3:B8:08:7A:23:5B:37:57:28:6E:ED:91:24:14
X509v3 Authority Key Identifier:
keyid:6D:55:5E:6C:14:B9:4D:75:6D:93:A8:3A:50:2C:7F:15:77:F9:AF:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bVVebBS5TXVtk6g6UCx_FXf5r0k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/a32567-780f-4509-b710-97eaf9aa786f/1/NHAluQqVs7gIeiNbN1cobu2RJBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/a32567-780f-4509-b710-97eaf9aa786f/1/bVVebBS5TXVtk6g6UCx_FXf5r0k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.192.28.0/22
194.55.248.0/22
IPv6:
2001:67c:274::/48
2a0c:ccc0::/29
Signature Algorithm: sha256WithRSAEncryption
6d:0b:ea:ba:84:06:fa:13:96:d2:f3:83:3f:1a:a0:dc:8e:e0:
60:de:96:3f:2b:8d:ce:fb:ce:41:7c:8a:80:86:c4:eb:cc:57:
79:11:5d:9a:04:6c:88:f5:5b:b9:bc:2e:03:9c:06:06:94:90:
5a:0f:0f:33:67:21:a7:37:5f:21:c3:f6:13:d3:8a:22:3c:a5:
51:f1:f6:fc:e9:48:84:0f:2e:08:83:a6:f3:d9:ae:d4:69:1a:
07:11:07:1c:00:cb:18:9b:22:16:36:1a:1e:d4:27:9b:d7:0f:
91:b2:0d:21:fa:5b:e1:d4:93:76:48:28:12:ad:97:6f:7e:7a:
92:c7:cd:ff:57:2d:c5:fa:0a:52:0e:cd:30:17:4d:93:00:1c:
10:f5:65:1e:cd:e6:dd:89:0c:c5:37:15:e9:1d:29:f4:d3:49:
76:bb:b4:dc:e8:11:0c:8c:18:94:07:3d:a8:c1:3a:51:65:1b:
3e:71:e4:b2:81:77:f7:f8:4a:6e:5d:cf:31:0d:4e:5d:8e:52:
b6:8a:0b:25:ed:67:83:0d:cf:3d:a3:a5:3a:33:7c:c0:dc:91:
f7:98:74:e0:66:76:25:a0:c1:2e:a4:a5:a9:75:b5:a9:1b:46:
5f:1e:98:9d:2d:65:a9:29:5a:5e:3c:e4:45:05:35:2c:bb:3d:
75:ca:fa:e2
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzFbeo7k3yZ0+yTb1nY6HI0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNTU1ZTZjMTRiOTRkNzU2ZDkzYTgzYTUwMmM3ZjE1Nzdm
OWFmNDkwHhcNMjQwMTAxMTQyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDcwMjViOTBhOTViM2I4MDg3YTIzNWIzNzU3Mjg2ZWVkOTEyNDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiK9YeKK+rElhi2LgkI1ea1HUu4uO
DEG0EdChmNCJdOifs5WugoBX/vKwjs9ePkGOq2Bjy3UuSv6R5WSvHYgker45za1r
6M9FmTCjKB6ERFyNuv6ByBCsngwUoV4fdGmHQEV7z9O8zGcAmEZkMFHhXAPmvSgH
o77BKf9qv9bNoLaDV2aL3RLRaHbPPmKzroM5SbWhA1MmGB03yRb+gYIZqsNlfyE6
E03+P8brTK8HD/K3xCVh61zVD39YGdN+8xLhqFIcmRVxioHDr4ySnYf8wtRVPY4q
K3pvMdPRPOVZkYuTRpDegWRoQstOKUdEGBeMG7ftp6fb8esKlqPdrerLdwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDRwJbkKlbO4CHojWzdXKG7tkSQUMB8GA1UdIwQY
MBaAFG1VXmwUuU11bZOoOlAsfxV3+a9JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlZWZWJCUzVUWFZ0azZnNlVDeF9GWGY1cjBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hMzI1NjctNzgwZi00NTA5LWI3MTAt
OTdlYWY5YWE3ODZmLzEvTkhBbHVRcVZzN2dJZWlOYk4xY29idTJSSkJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hMzI1NjctNzgwZi00NTA5LWI3MTAtOTdlYWY5YWE3ODZm
LzEvYlZWZWJCUzVUWFZ0azZnNlVDeF9GWGY1cjBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCW8AcAwQC
wjf4MBYEAgACMBADBwAgAQZ8AnQDBQMqDMzAMA0GCSqGSIb3DQEBCwUAA4IBAQBt
C+q6hAb6E5bS84M/GqDcjuBg3pY/K43O+85BfIqAhsTrzFd5EV2aBGyI9Vu5vC4D
nAYGlJBaDw8zZyGnN18hw/YT04oiPKVR8fb86UiEDy4Ig6bz2a7UaRoHEQccAMsY
myIWNhoe1Ceb1w+Rsg0h+lvh1JN2SCgSrZdvfnqSx83/Vy3F+gpSDs0wF02TABwQ
9WUezebdiQzFNxXpHSn000l2u7Tc6BEMjBiUBz2owTpRZRs+ceSygXf3+EpuXc8x
DU5djlK2igsl7WeDDc89o6U6M3zA3JH3mHTgZnYloMEupKWpdbWpG0ZfHpidLWWp
KVpePORFBTUsuz11yvri
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:51:52 2024 by rpki-client on console-fra.rpki-client.org