Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/3NoyuRZuk6asfCLqYSlXSDGTFIs.roa
File: 3NoyuRZuk6asfCLqYSlXSDGTFIs.roa (raw, json)
Hash identifier: KG7MXR5H+OfYpC0EwKG+yuo8wLdqSzVmiSV7wPNTvO0=
Subject key identifier: DC:DA:32:B9:16:6E:93:A6:AC:7C:22:EA:61:29:57:48:31:93:14:8B
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018E5D3828CA5280BB11AB3E71AFF376DA48
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/3NoyuRZuk6asfCLqYSlXSDGTFIs.roa
Signing time: Wed 20 Mar 2024 18:55:45 +0000
ROA not before: Wed 20 Mar 2024 18:55:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207506
IP address blocks: 194.15.54.0/24 maxlen: 24
194.242.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5d:38:28:ca:52:80:bb:11:ab:3e:71:af:f3:76:da:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Mar 20 18:55:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dcda32b9166e93a6ac7c22ea612957483193148b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:28:52:4b:b6:0b:1e:ba:0c:e3:07:ab:9a:fe:
95:f6:3b:29:75:bd:0f:71:94:89:67:cd:c4:81:40:
6e:14:1c:81:63:20:37:bc:cb:db:60:09:a5:ee:a0:
4a:72:a2:c9:05:f5:b5:c8:dc:6c:7b:86:f0:ab:23:
2b:06:55:77:3f:03:60:76:d9:bb:45:16:74:8d:57:
7e:35:59:93:90:b9:cb:52:77:90:31:35:4d:55:37:
f7:04:22:31:28:47:d4:a2:5a:53:77:f4:81:ac:59:
c3:c6:51:a3:d9:ad:49:83:44:16:10:ec:32:62:c6:
b0:1a:45:f9:f0:83:19:05:ed:ce:5d:dd:77:93:4d:
6c:8d:a4:80:73:cb:be:0f:0d:74:a9:96:34:04:53:
5f:d5:66:5f:86:8a:af:40:cc:32:20:cf:4d:1f:f9:
4f:0e:ef:24:8f:61:35:65:e4:9e:9a:a5:09:85:80:
38:a1:97:67:eb:4c:d0:4f:2a:b3:57:b0:0c:9b:66:
69:c9:e2:5d:bb:b1:3c:72:fd:24:72:bd:8e:e2:7a:
d9:d0:f7:03:9d:2c:3a:16:10:59:31:2a:ad:29:6e:
95:75:6b:a8:5c:91:52:c8:64:46:38:c2:fd:a9:e9:
d6:35:8e:b8:a3:20:bf:56:62:f0:49:53:11:1a:01:
f1:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:DA:32:B9:16:6E:93:A6:AC:7C:22:EA:61:29:57:48:31:93:14:8B
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/3NoyuRZuk6asfCLqYSlXSDGTFIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.15.54.0/24
194.242.97.0/24
Signature Algorithm: sha256WithRSAEncryption
48:1c:1a:41:66:42:a3:4a:2c:b5:4e:8f:b4:58:54:72:b3:51:
a5:bc:f3:e9:28:77:e0:b4:e1:dd:b5:b7:83:55:fd:2d:a9:18:
4e:69:ce:03:0e:41:c6:4d:94:97:a5:bf:96:19:33:20:97:70:
a2:d3:ac:2d:cc:a7:6d:25:1f:1f:d2:a5:2c:70:aa:9a:40:56:
ee:1f:5e:3d:fd:06:66:62:d3:d9:d1:bf:25:fc:07:86:94:e5:
e3:12:ca:52:7b:b6:3c:27:62:bb:e5:0f:0b:be:e6:1b:65:79:
23:b5:a4:88:3a:2d:bd:88:ed:ed:b5:ba:2b:c2:64:89:88:ae:
2f:87:7a:b7:e4:de:2a:3e:7b:79:14:fa:34:94:f2:ae:a7:e7:
1b:93:88:78:b7:6a:5f:1d:45:57:0e:96:db:a4:93:df:33:00:
29:0c:58:2a:3f:92:d6:39:70:56:fb:37:59:8a:2a:bc:2f:db:
8a:39:24:53:53:40:d2:93:1d:20:8c:90:47:a0:d3:cf:09:9f:
53:84:6d:b0:37:16:4e:a4:6f:9c:8c:1f:03:da:35:e4:30:28:
74:59:9d:f0:77:7b:74:af:e6:c7:91:13:fa:dc:3d:ae:06:44:
17:4e:8d:b1:20:43:fb:f6:13:06:f8:f5:e9:7f:ff:e8:bc:bf:
38:df:4a:10
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY5dOCjKUoC7Eas+ca/zdtpIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwMzIwMTg1NTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2RhMzJiOTE2NmU5M2E2YWM3YzIyZWE2MTI5NTc0ODMxOTMxNDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyhSS7YLHroM4wermv6V9jspdb0P
cZSJZ83EgUBuFByBYyA3vMvbYAml7qBKcqLJBfW1yNxse4bwqyMrBlV3PwNgdtm7
RRZ0jVd+NVmTkLnLUneQMTVNVTf3BCIxKEfUolpTd/SBrFnDxlGj2a1Jg0QWEOwy
YsawGkX58IMZBe3OXd13k01sjaSAc8u+Dw10qZY0BFNf1WZfhoqvQMwyIM9NH/lP
Du8kj2E1ZeSemqUJhYA4oZdn60zQTyqzV7AMm2ZpyeJdu7E8cv0kcr2O4nrZ0PcD
nSw6FhBZMSqtKW6VdWuoXJFSyGRGOML9qenWNY64oyC/VmLwSVMRGgHx9QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNzaMrkWbpOmrHwi6mEpV0gxkxSLMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvM05veXVSWnVrNmFzZkNMcVlTbFhTREdURklzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwg82AwQA
wvJhMA0GCSqGSIb3DQEBCwUAA4IBAQBIHBpBZkKjSiy1To+0WFRys1GlvPPpKHfg
tOHdtbeDVf0tqRhOac4DDkHGTZSXpb+WGTMgl3Ci06wtzKdtJR8f0qUscKqaQFbu
H149/QZmYtPZ0b8l/AeGlOXjEspSe7Y8J2K75Q8LvuYbZXkjtaSIOi29iO3ttbor
wmSJiK4vh3q35N4qPnt5FPo0lPKup+cbk4h4t2pfHUVXDpbbpJPfMwApDFgqP5LW
OXBW+zdZiiq8L9uKOSRTU0DSkx0gjJBHoNPPCZ9ThG2wNxZOpG+cjB8D2jXkMCh0
WZ3wd3t0r+bHkRP63D2uBkQXTo2xIEP79hMG+PXpf//ovL8430oQ
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:07:55 2024 by rpki-client on console-fra.rpki-client.org