Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/NbWcSOpbnkcPWh49RAgqtbOjJZs.roa
File: NbWcSOpbnkcPWh49RAgqtbOjJZs.roa (raw, json)
Hash identifier: 51WlalA4Eg1bXaQxyP2MjfXSP4Y03f+xdMcHUnTjELI=
Subject key identifier: 35:B5:9C:48:EA:5B:9E:47:0F:5A:1E:3D:44:08:2A:B5:B3:A3:25:9B
Certificate issuer: /CN=1224e5eff1abc0e6d8bf029e4f732e0ab71bc16a
Certificate serial: 018CC94E61617673C6D286CB424BE1F71E0E
Authority key identifier: 12:24:E5:EF:F1:AB:C0:E6:D8:BF:02:9E:4F:73:2E:0A:B7:1B:C1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EiTl7_GrwObYvwKeT3MuCrcbwWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/NbWcSOpbnkcPWh49RAgqtbOjJZs.roa
Signing time: Tue 02 Jan 2024 08:33:26 +0000
ROA not before: Tue 02 Jan 2024 08:33:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26478
IP address blocks: 160.62.140.0/23 maxlen: 23
86.117.47.0/24 maxlen: 24
160.62.15.0/24 maxlen: 24
160.62.14.0/24 maxlen: 24
160.62.22.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/EiTl7_GrwObYvwKeT3MuCrcbwWo.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/EiTl7_GrwObYvwKeT3MuCrcbwWo.mft
rsync://rpki.ripe.net/repository/DEFAULT/EiTl7_GrwObYvwKeT3MuCrcbwWo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Jun 2024 23:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:61:61:76:73:c6:d2:86:cb:42:4b:e1:f7:1e:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1224e5eff1abc0e6d8bf029e4f732e0ab71bc16a
Validity
Not Before: Jan 2 08:33:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35b59c48ea5b9e470f5a1e3d44082ab5b3a3259b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:4e:61:f2:c6:68:a3:ee:19:b0:f6:35:b7:76:
19:e5:f7:12:b9:ba:c1:39:3e:71:c1:53:a0:e4:40:
02:8a:5c:ce:2c:2f:e5:c2:18:47:dc:0d:e4:69:30:
80:c6:66:45:3b:a2:73:8d:bf:3e:41:1e:cb:94:8c:
f5:ab:4f:4c:63:d6:e6:ad:c8:4e:ad:b1:43:d3:c2:
61:78:28:13:7f:8d:d1:2b:8f:29:b5:19:5a:80:22:
ad:9b:54:d2:3e:72:17:a7:de:82:13:54:c2:3f:2a:
22:f9:de:b3:f6:a2:ff:bf:e0:7f:8b:e5:86:05:56:
14:b3:ba:0d:8a:15:df:ee:4a:84:8c:c5:de:c7:99:
a6:9f:34:1d:14:21:16:a2:3b:99:bf:bb:07:2b:2f:
f8:93:48:04:a4:02:ae:1a:c2:54:21:8f:f8:c2:9d:
f6:4f:71:ae:1c:ea:1c:43:b1:70:ae:a3:a7:54:02:
0d:8e:a6:9d:96:2b:78:ed:3b:ab:3d:1a:b8:e6:2f:
f7:27:f2:ed:75:18:33:ba:85:d4:f4:12:bb:23:17:
97:65:58:78:c1:a8:2d:e1:3d:1b:51:de:d9:e0:63:
a4:24:ea:63:8c:89:b5:bc:f6:42:91:20:74:fd:99:
6a:f3:d6:bc:b9:fd:8f:20:71:e5:ec:7a:ef:18:d4:
9e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:B5:9C:48:EA:5B:9E:47:0F:5A:1E:3D:44:08:2A:B5:B3:A3:25:9B
X509v3 Authority Key Identifier:
keyid:12:24:E5:EF:F1:AB:C0:E6:D8:BF:02:9E:4F:73:2E:0A:B7:1B:C1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EiTl7_GrwObYvwKeT3MuCrcbwWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/NbWcSOpbnkcPWh49RAgqtbOjJZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/EiTl7_GrwObYvwKeT3MuCrcbwWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.117.47.0/24
160.62.14.0/23
160.62.22.0/24
160.62.140.0/23
Signature Algorithm: sha256WithRSAEncryption
93:3f:82:b1:84:11:30:5a:e8:f4:b9:43:eb:1e:80:91:a0:d2:
71:c5:08:81:59:4b:48:d9:44:00:92:4e:30:da:46:5c:28:50:
a6:d2:e8:fa:a9:36:09:ff:6e:fe:98:eb:16:0e:96:07:54:fe:
0b:c7:34:f8:6c:22:f5:48:4a:25:95:8a:4f:2b:23:52:83:cd:
d9:aa:22:cd:34:05:af:04:d7:df:71:e4:30:5f:30:f2:3f:7a:
b1:74:72:4d:ec:20:4a:19:43:e6:bd:a2:c8:b5:aa:0d:1c:44:
05:04:2b:88:04:64:7f:9d:d0:e3:81:e7:c0:f2:5a:0b:c2:4e:
fb:29:7c:a0:f0:a7:bc:67:98:28:eb:e0:de:8d:a5:cd:26:8b:
67:14:5f:15:2c:db:60:45:a9:6f:02:cd:5b:10:44:7f:d0:58:
0f:b8:50:5b:6d:cd:99:ae:be:a7:42:44:bb:31:2a:e3:6c:aa:
89:ea:01:5e:0d:95:cc:ed:1d:de:b9:4c:1c:bb:b3:03:ae:7d:
da:50:ac:e1:33:56:27:fb:f5:c5:ef:cf:32:f1:30:dd:bc:de:
6f:7f:22:34:d5:ba:52:45:06:fa:92:3a:1a:b4:cc:7b:6d:5e:
f8:63:51:c5:23:0f:f4:9b:53:3a:cf:49:de:4e:ef:d2:e3:4b:
ca:2d:d9:3e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzJTmFhdnPG0obLQkvh9x4OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMjRlNWVmZjFhYmMwZTZkOGJmMDI5ZTRmNzMyZTBhYjcx
YmMxNmEwHhcNMjQwMTAyMDgzMzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWI1OWM0OGVhNWI5ZTQ3MGY1YTFlM2Q0NDA4MmFiNWIzYTMyNTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAok5h8sZoo+4ZsPY1t3YZ5fcSubrB
OT5xwVOg5EACilzOLC/lwhhH3A3kaTCAxmZFO6Jzjb8+QR7LlIz1q09MY9bmrchO
rbFD08JheCgTf43RK48ptRlagCKtm1TSPnIXp96CE1TCPyoi+d6z9qL/v+B/i+WG
BVYUs7oNihXf7kqEjMXex5mmnzQdFCEWojuZv7sHKy/4k0gEpAKuGsJUIY/4wp32
T3GuHOocQ7FwrqOnVAINjqadlit47TurPRq45i/3J/LtdRgzuoXU9BK7IxeXZVh4
wagt4T0bUd7Z4GOkJOpjjIm1vPZCkSB0/Zlq89a8uf2PIHHl7HrvGNSeuwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDW1nEjqW55HD1oePUQIKrWzoyWbMB8GA1UdIwQY
MBaAFBIk5e/xq8Dm2L8Cnk9zLgq3G8FqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWlUbDdfR3J3T2JZdndLZVQzTXVDcmNid1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8xMWJlMjMtM2JlNi00ODgxLWEzZDEt
NTM4NmIxZDk2M2JjLzEvTmJXY1NPcGJua2NQV2g0OVJBZ3F0Yk9qSlpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8xMWJlMjMtM2JlNi00ODgxLWEzZDEtNTM4NmIxZDk2M2Jj
LzEvRWlUbDdfR3J3T2JZdndLZVQzTXVDcmNid1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVnUvAwQB
oD4OAwQAoD4WAwQBoD6MMA0GCSqGSIb3DQEBCwUAA4IBAQCTP4KxhBEwWuj0uUPr
HoCRoNJxxQiBWUtI2UQAkk4w2kZcKFCm0uj6qTYJ/27+mOsWDpYHVP4LxzT4bCL1
SEollYpPKyNSg83ZqiLNNAWvBNffceQwXzDyP3qxdHJN7CBKGUPmvaLItaoNHEQF
BCuIBGR/ndDjgefA8loLwk77KXyg8Ke8Z5go6+DejaXNJotnFF8VLNtgRalvAs1b
EER/0FgPuFBbbc2Zrr6nQkS7MSrjbKqJ6gFeDZXM7R3euUwcu7MDrn3aUKzhM1Yn
+/XF788y8TDdvN5vfyI01bpSRQb6kjoatMx7bV74Y1HFIw/0m1M6z0neTu/S40vK
Ldk+
-----END CERTIFICATE-----
Generated at Sat Jun 1 08:26:56 2024 by rpki-client on console-ams.rpki-client.org