Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/af2671-0518-419f-99e0-a3199ea8d13e/1/NxXrYchp6pjfPUDx-yJI_3rbeJc.roa
File: NxXrYchp6pjfPUDx-yJI_3rbeJc.roa (raw, json)
Hash identifier: MwBWpt0C9HQC2VrG5exxf/ekcO46JPfWi80DYG6ltPo=
Subject key identifier: 37:15:EB:61:C8:69:EA:98:DF:3D:40:F1:FB:22:48:FF:7A:DB:78:97
Certificate issuer: /CN=923603c981868916b0b1701dcf3720caa2484fdc
Certificate serial: 018CCA96F543E2115372CC53D14D604002DC
Authority key identifier: 92:36:03:C9:81:86:89:16:B0:B1:70:1D:CF:37:20:CA:A2:48:4F:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kjYDyYGGiRawsXAdzzcgyqJIT9w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/af2671-0518-419f-99e0-a3199ea8d13e/1/NxXrYchp6pjfPUDx-yJI_3rbeJc.roa
Signing time: Tue 02 Jan 2024 14:32:19 +0000
ROA not before: Tue 02 Jan 2024 14:32:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16044
IP address blocks: 91.226.252.0/24 maxlen: 24
91.226.252.0/22 maxlen: 22
91.226.253.0/24 maxlen: 24
91.226.254.0/24 maxlen: 24
91.226.255.0/24 maxlen: 24
193.34.62.0/24 maxlen: 24
193.34.60.0/24 maxlen: 24
193.34.60.0/22 maxlen: 22
193.34.63.0/24 maxlen: 24
193.34.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/af2671-0518-419f-99e0-a3199ea8d13e/1/kjYDyYGGiRawsXAdzzcgyqJIT9w.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/af2671-0518-419f-99e0-a3199ea8d13e/1/kjYDyYGGiRawsXAdzzcgyqJIT9w.mft
rsync://rpki.ripe.net/repository/DEFAULT/kjYDyYGGiRawsXAdzzcgyqJIT9w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:96:f5:43:e2:11:53:72:cc:53:d1:4d:60:40:02:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=923603c981868916b0b1701dcf3720caa2484fdc
Validity
Not Before: Jan 2 14:32:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3715eb61c869ea98df3d40f1fb2248ff7adb7897
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:14:7b:1c:6d:43:47:06:43:92:99:02:11:1e:
e7:9e:82:68:9c:fa:1e:01:0c:53:da:96:f5:1c:00:
c3:30:ac:e1:15:f9:11:76:bd:fd:e0:b6:34:df:c8:
05:d0:58:fd:97:c0:33:35:30:9c:9b:d6:af:1d:95:
ea:50:a9:c2:cb:08:42:4d:8b:3f:52:08:88:47:7b:
ba:9c:d2:75:89:09:f7:82:7f:47:4b:dc:fe:85:71:
73:66:f8:47:11:ae:95:1f:3b:77:5e:07:3f:9c:4a:
b7:49:f2:7d:a7:34:b9:8b:04:3e:17:da:f2:07:98:
f2:70:b5:dc:91:0d:d4:d8:8c:34:67:45:09:49:06:
48:75:36:6f:39:79:2a:50:01:f8:cb:35:59:92:69:
c0:39:ae:c3:25:d2:08:4f:cb:c1:51:16:36:5b:50:
f4:54:dd:f1:cf:fa:42:c9:ad:b7:ee:66:48:a3:1a:
39:1e:89:6a:84:fd:b6:82:25:9d:fc:0d:a3:d4:6f:
84:e5:02:32:9d:bf:fe:45:e9:bd:f9:f4:9a:3b:3b:
ab:60:de:01:7e:73:b8:16:56:12:b4:d5:c4:9a:a2:
cd:b8:11:46:41:fd:61:ce:b6:4d:14:79:b9:92:f1:
fc:8b:84:35:cf:d0:63:35:34:4a:fb:10:d3:12:2f:
5f:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:15:EB:61:C8:69:EA:98:DF:3D:40:F1:FB:22:48:FF:7A:DB:78:97
X509v3 Authority Key Identifier:
keyid:92:36:03:C9:81:86:89:16:B0:B1:70:1D:CF:37:20:CA:A2:48:4F:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kjYDyYGGiRawsXAdzzcgyqJIT9w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/af2671-0518-419f-99e0-a3199ea8d13e/1/NxXrYchp6pjfPUDx-yJI_3rbeJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/af2671-0518-419f-99e0-a3199ea8d13e/1/kjYDyYGGiRawsXAdzzcgyqJIT9w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.226.252.0/22
193.34.60.0/22
Signature Algorithm: sha256WithRSAEncryption
bc:6e:b8:2d:a3:0b:66:ab:6b:66:52:bd:23:07:3b:01:1c:1c:
a0:88:2f:26:0f:95:ce:1f:20:7f:db:72:97:eb:cf:61:71:6d:
25:5f:ed:9c:0d:c2:33:6d:87:f5:d1:f2:fa:9e:c4:64:d6:87:
48:74:f5:4e:ac:f9:90:70:3d:29:70:68:46:f4:9b:9a:d8:1f:
fa:25:84:51:87:07:94:b5:1f:0c:1e:2d:b3:24:2b:d4:f8:65:
08:6e:6e:ab:9a:9b:b3:d1:b2:e0:bc:b2:f1:00:eb:c5:4c:dc:
9e:87:ad:a3:db:7d:1f:59:86:6e:f9:c8:e8:ca:4a:5c:60:b9:
5c:19:9d:80:53:ca:bd:3f:d6:c3:57:fa:db:7b:e0:c5:d0:2d:
ba:48:07:8c:33:aa:73:db:be:e6:6e:b2:18:f9:d5:d2:be:1b:
74:f1:19:cd:6b:97:54:64:35:f6:91:68:fc:22:a0:09:be:79:
42:a3:af:f1:70:30:18:cf:5b:69:5d:47:9e:a7:9e:cb:e4:96:
d4:6a:1b:af:c6:d7:3b:42:94:18:9a:9a:a1:bd:49:64:e5:fe:
64:65:fa:c0:bc:b5:d3:86:b8:c4:70:46:86:85:3b:e3:04:03:
50:e9:15:ec:7a:fe:a5:10:fd:cb:69:45:75:81:82:af:01:5a:
69:08:1f:27
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKlvVD4hFTcsxT0U1gQALcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMzYwM2M5ODE4Njg5MTZiMGIxNzAxZGNmMzcyMGNhYTI0
ODRmZGMwHhcNMjQwMTAyMTQzMjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzE1ZWI2MWM4NjllYTk4ZGYzZDQwZjFmYjIyNDhmZjdhZGI3ODk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhR7HG1DRwZDkpkCER7nnoJonPoe
AQxT2pb1HADDMKzhFfkRdr394LY038gF0Fj9l8AzNTCcm9avHZXqUKnCywhCTYs/
UgiIR3u6nNJ1iQn3gn9HS9z+hXFzZvhHEa6VHzt3Xgc/nEq3SfJ9pzS5iwQ+F9ry
B5jycLXckQ3U2Iw0Z0UJSQZIdTZvOXkqUAH4yzVZkmnAOa7DJdIIT8vBURY2W1D0
VN3xz/pCya237mZIoxo5HolqhP22giWd/A2j1G+E5QIynb/+Rem9+fSaOzurYN4B
fnO4FlYStNXEmqLNuBFGQf1hzrZNFHm5kvH8i4Q1z9BjNTRK+xDTEi9fawIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDcV62HIaeqY3z1A8fsiSP9623iXMB8GA1UdIwQY
MBaAFJI2A8mBhokWsLFwHc83IMqiSE/cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2pZRHlZR0dpUmF3c1hBZHp6Y2d5cUpJVDl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9hZjI2NzEtMDUxOC00MTlmLTk5ZTAt
YTMxOTllYThkMTNlLzEvTnhYclljaHA2cGpmUFVEeC15SklfM3JiZUpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9hZjI2NzEtMDUxOC00MTlmLTk5ZTAtYTMxOTllYThkMTNl
LzEva2pZRHlZR0dpUmF3c1hBZHp6Y2d5cUpJVDl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW+L8AwQC
wSI8MA0GCSqGSIb3DQEBCwUAA4IBAQC8brgtowtmq2tmUr0jBzsBHBygiC8mD5XO
HyB/23KX689hcW0lX+2cDcIzbYf10fL6nsRk1odIdPVOrPmQcD0pcGhG9Jua2B/6
JYRRhweUtR8MHi2zJCvU+GUIbm6rmpuz0bLgvLLxAOvFTNyeh62j230fWYZu+cjo
ykpcYLlcGZ2AU8q9P9bDV/rbe+DF0C26SAeMM6pz277mbrIY+dXSvht08RnNa5dU
ZDX2kWj8IqAJvnlCo6/xcDAYz1tpXUeep57L5JbUahuvxtc7QpQYmpqhvUlk5f5k
ZfrAvLXThrjEcEaGhTvjBANQ6RXsev6lEP3LaUV1gYKvAVppCB8n
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:03:53 2024 by rpki-client on console-fra.rpki-client.org