Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/NgY-XjAx-DoD8INMp-inpOA7jj4.roa
File: NgY-XjAx-DoD8INMp-inpOA7jj4.roa (raw, json)
Hash identifier: qv0M6lWuXrplL4I99Y7M/M14/YIsbvDMBR9+uB3l8nM=
Subject key identifier: 36:06:3E:5E:30:31:F8:3A:03:F0:83:4C:A7:E8:A7:A4:E0:3B:8E:3E
Certificate issuer: /CN=5ee004befa553ddb35564fb7762b05eb222ecf93
Certificate serial: 018CC2DB4A04CCA6D7B2AB60026FCC979D54
Authority key identifier: 5E:E0:04:BE:FA:55:3D:DB:35:56:4F:B7:76:2B:05:EB:22:2E:CF:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuAEvvpVPds1Vk-3disF6yIuz5M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/NgY-XjAx-DoD8INMp-inpOA7jj4.roa
Signing time: Mon 01 Jan 2024 02:30:00 +0000
ROA not before: Mon 01 Jan 2024 02:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48519
IP address blocks: 185.95.96.0/23 maxlen: 24
185.95.98.0/23 maxlen: 24
2a00:1c3e:96::/47 maxlen: 48
2a00:1c3e:98::/47 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/XuAEvvpVPds1Vk-3disF6yIuz5M.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/XuAEvvpVPds1Vk-3disF6yIuz5M.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuAEvvpVPds1Vk-3disF6yIuz5M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jul 2024 16:02:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:4a:04:cc:a6:d7:b2:ab:60:02:6f:cc:97:9d:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee004befa553ddb35564fb7762b05eb222ecf93
Validity
Not Before: Jan 1 02:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36063e5e3031f83a03f0834ca7e8a7a4e03b8e3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:51:eb:3d:44:50:b7:a3:96:78:e9:3f:ff:b1:
30:29:11:91:c1:13:eb:b2:c5:2d:10:6e:fa:8d:17:
99:8f:b4:23:12:06:ab:92:94:ac:10:88:de:de:f2:
4f:d0:9c:b5:f1:5e:9e:e0:93:6f:5f:59:b0:06:a8:
e3:2f:db:6b:35:e5:52:eb:02:15:3a:fa:7c:e3:4d:
8c:5b:79:ff:24:e5:36:31:b6:b2:27:c3:e3:28:f7:
4f:1e:68:6e:9a:67:cd:11:43:11:72:ba:1b:3f:a0:
52:38:8b:a8:e9:16:cb:c7:99:d4:44:eb:84:99:fa:
42:77:fa:f0:9a:c9:e0:21:ca:7d:ae:7c:4f:77:ca:
4a:dd:9c:1e:ed:7c:23:9f:13:59:b8:61:8c:e7:94:
3e:64:50:b1:f8:fe:8e:f2:82:47:71:58:75:0e:87:
74:3b:5c:aa:41:3b:54:7d:de:7e:65:f2:0f:72:59:
01:79:0f:8b:e4:96:ee:f5:a2:fc:61:38:a7:c7:95:
5f:56:20:f8:46:0c:fa:ac:a7:99:38:14:77:82:5d:
ae:17:98:a9:16:5e:ef:72:ff:15:d9:9a:84:7a:75:
d6:64:f3:1a:d2:6f:f7:69:cb:75:73:e8:f1:50:c1:
cb:a6:7f:11:c2:3a:d2:2b:87:80:30:1d:27:6e:ec:
b4:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:06:3E:5E:30:31:F8:3A:03:F0:83:4C:A7:E8:A7:A4:E0:3B:8E:3E
X509v3 Authority Key Identifier:
keyid:5E:E0:04:BE:FA:55:3D:DB:35:56:4F:B7:76:2B:05:EB:22:2E:CF:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuAEvvpVPds1Vk-3disF6yIuz5M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/NgY-XjAx-DoD8INMp-inpOA7jj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/XuAEvvpVPds1Vk-3disF6yIuz5M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.96.0/22
IPv6:
2a00:1c3e:96::-2a00:1c3e:99:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4c:a8:4a:6b:0a:f9:d4:22:25:a0:45:9a:18:95:92:1a:78:f4:
f5:20:8e:1b:9c:a7:fa:c0:0c:2e:a3:f5:0c:a0:ac:3a:b8:36:
46:27:22:e6:4a:79:e6:74:d3:5e:6e:0a:44:b3:5d:8a:5d:e8:
27:44:ab:78:f0:97:22:dd:26:78:19:b4:67:e8:e6:ba:cd:2d:
73:4e:6a:a0:00:db:0d:a3:93:13:8b:45:22:2a:0c:7e:80:e6:
e8:4f:cb:08:6a:f4:93:28:29:4d:93:62:42:7c:8f:03:3e:39:
de:12:81:7a:af:0d:db:cc:5d:35:23:33:97:69:98:c7:14:07:
26:a5:c0:b6:d8:c9:08:1e:6f:44:75:f2:05:2c:96:13:b6:f9:
ae:57:1b:02:b4:fc:01:08:a3:1c:5e:c6:70:d2:0e:8e:8c:55:
e1:a6:63:dd:18:55:ec:20:fb:5f:0c:1e:07:58:42:e0:be:c5:
8b:a5:59:e1:d6:b6:ce:57:c4:e1:94:cf:f0:19:b7:7e:67:de:
6c:56:db:e7:ef:da:0b:38:e7:0e:fd:fc:3b:e3:4e:6f:58:73:
4e:35:d2:d0:50:fd:82:0f:a4:52:49:43:2d:bc:58:20:1c:8d:
b5:a8:ab:0d:51:0a:b6:e4:7c:c7:f1:85:b0:0c:1a:41:db:3c:
29:ff:07:53
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzC20oEzKbXsqtgAm/Ml51UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTAwNGJlZmE1NTNkZGIzNTU2NGZiNzc2MmIwNWViMjIy
ZWNmOTMwHhcNMjQwMTAxMDIzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjA2M2U1ZTMwMzFmODNhMDNmMDgzNGNhN2U4YTdhNGUwM2I4ZTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFHrPURQt6OWeOk//7EwKRGRwRPr
ssUtEG76jReZj7QjEgarkpSsEIje3vJP0Jy18V6e4JNvX1mwBqjjL9trNeVS6wIV
Ovp8402MW3n/JOU2MbayJ8PjKPdPHmhummfNEUMRcrobP6BSOIuo6RbLx5nUROuE
mfpCd/rwmsngIcp9rnxPd8pK3Zwe7XwjnxNZuGGM55Q+ZFCx+P6O8oJHcVh1Dod0
O1yqQTtUfd5+ZfIPclkBeQ+L5Jbu9aL8YTinx5VfViD4Rgz6rKeZOBR3gl2uF5ip
Fl7vcv8V2ZqEenXWZPMa0m/3act1c+jxUMHLpn8RwjrSK4eAMB0nbuy0nQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFDYGPl4wMfg6A/CDTKfop6TgO44+MB8GA1UdIwQY
MBaAFF7gBL76VT3bNVZPt3YrBesiLs+TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVBRXZ2cFZQZHMxVmstM2Rpc0Y2eUl1ejVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zYzM1ZWEtN2M5YS00OGUyLWIzYjIt
ZTIyOGFhYjQ1MDE0LzEvTmdZLVhqQXgtRG9EOElOTXAtaW5wT0E3amo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zYzM1ZWEtN2M5YS00OGUyLWIzYjItZTIyOGFhYjQ1MDE0
LzEvWHVBRXZ2cFZQZHMxVmstM2Rpc0Y2eUl1ejVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQCuV9gMBoE
AgACMBQwEgMHASoAHD4AlgMHASoAHD4AmDANBgkqhkiG9w0BAQsFAAOCAQEATKhK
awr51CIloEWaGJWSGnj09SCOG5yn+sAMLqP1DKCsOrg2Rici5kp55nTTXm4KRLNd
il3oJ0SrePCXIt0meBm0Z+jmus0tc05qoADbDaOTE4tFIioMfoDm6E/LCGr0kygp
TZNiQnyPAz453hKBeq8N28xdNSMzl2mYxxQHJqXAttjJCB5vRHXyBSyWE7b5rlcb
ArT8AQijHF7GcNIOjoxV4aZj3RhV7CD7XwweB1hC4L7Fi6VZ4da2zlfE4ZTP8Bm3
fmfebFbb5+/aCzjnDv38O+NOb1hzTjXS0FD9gg+kUklDLbxYIByNtairDVEKtuR8
x/GFsAwaQds8Kf8HUw==
-----END CERTIFICATE-----
Generated at Mon Jul 1 23:12:15 2024 by rpki-client on console-ams.rpki-client.org