Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/NTD-am35itb22aJ7Y8o7jbRATms.roa
File: NTD-am35itb22aJ7Y8o7jbRATms.roa (raw, json)
Hash identifier: SAuZhCy29YnygOT3hYgcvZsIl3pj8Cbq2V1sF/9Wdb4=
Subject key identifier: 35:30:FE:6A:6D:F9:8A:D6:F6:D9:A2:7B:63:CA:3B:8D:B4:40:4E:6B
Certificate issuer: /CN=59dd542781851c0bce5a3ea5cc387650ffc8277e
Certificate serial: 018CC9BCEEA84A2663F801E705DB8C00C681
Authority key identifier: 59:DD:54:27:81:85:1C:0B:CE:5A:3E:A5:CC:38:76:50:FF:C8:27:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/NTD-am35itb22aJ7Y8o7jbRATms.roa
Signing time: Tue 02 Jan 2024 10:34:11 +0000
ROA not before: Tue 02 Jan 2024 10:34:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201382
IP address blocks: 213.208.171.0/24 maxlen: 24
85.91.105.0/24 maxlen: 24
85.91.107.0/24 maxlen: 24
85.91.108.0/22 maxlen: 22
85.91.108.0/24 maxlen: 24
85.91.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.mft
rsync://rpki.ripe.net/repository/DEFAULT/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:ee:a8:4a:26:63:f8:01:e7:05:db:8c:00:c6:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59dd542781851c0bce5a3ea5cc387650ffc8277e
Validity
Not Before: Jan 2 10:34:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3530fe6a6df98ad6f6d9a27b63ca3b8db4404e6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:be:c5:cc:be:76:ec:74:ea:3a:01:b9:9a:46:
ce:c4:be:b5:a2:7e:e8:b1:33:70:bd:b3:1f:29:b4:
3d:79:eb:52:39:dd:da:1a:b0:a8:05:1e:98:36:9c:
7d:f0:01:ad:53:24:32:70:8e:43:bc:06:17:99:6f:
05:59:fe:8c:15:66:21:c6:88:52:de:c2:ab:91:ed:
bb:e1:d2:21:9f:f4:07:eb:f1:2e:af:b9:bd:6e:bd:
13:68:c3:d0:fc:e5:82:2b:1a:29:55:37:1f:1a:b5:
fe:61:b8:bc:04:fa:93:6b:ae:44:0c:90:22:2f:45:
0c:2b:8a:cf:9d:da:ff:0e:ea:e9:71:41:3f:19:bf:
c9:dd:fe:5e:b1:0e:a0:52:b9:6d:c2:26:ad:4c:7b:
d9:c8:f9:5b:28:4d:50:68:c4:61:0b:8a:a6:b8:11:
5c:03:45:c8:01:69:5e:da:bd:98:53:03:b0:c2:82:
67:6a:8c:a6:60:d9:02:86:2b:f6:1d:6c:f1:19:fb:
80:e4:0c:1f:35:31:48:69:1b:4a:ed:13:a5:72:4e:
16:dc:f5:1c:79:e3:35:83:ec:37:dc:9e:af:af:55:
b8:91:65:76:a7:81:95:5b:6c:b6:2e:5c:07:dd:4a:
85:a9:41:51:cb:6b:c1:64:f2:46:9a:a8:59:97:33:
00:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:30:FE:6A:6D:F9:8A:D6:F6:D9:A2:7B:63:CA:3B:8D:B4:40:4E:6B
X509v3 Authority Key Identifier:
keyid:59:DD:54:27:81:85:1C:0B:CE:5A:3E:A5:CC:38:76:50:FF:C8:27:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/NTD-am35itb22aJ7Y8o7jbRATms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.91.105.0/24
85.91.107.0-85.91.111.255
85.91.123.0/24
213.208.171.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:70:f2:08:66:49:b5:83:7e:c4:d4:e3:60:cb:72:f4:65:63:
97:90:fc:73:0d:72:d2:e8:76:69:fb:ec:cb:80:d6:14:f9:e7:
67:d7:b6:dc:9e:ae:94:e1:a3:62:f2:0c:17:80:74:fc:33:3e:
b0:ad:d9:1a:a5:35:81:e8:dc:af:47:78:28:c1:14:fc:6d:1e:
9a:a7:cc:18:8b:a5:00:d5:52:45:60:3e:4d:3f:9e:68:07:76:
79:f4:f0:82:aa:3a:02:3b:69:9e:cd:e2:5d:17:9d:7a:26:76:
17:d3:50:d4:9d:0c:b4:6a:44:64:e8:fb:f2:be:2d:71:e3:eb:
67:0b:70:9a:70:fc:b1:a9:59:8c:a2:04:0a:0c:5f:10:01:42:
17:bc:a2:98:14:f2:54:e7:8a:37:45:36:ed:ea:d4:4f:36:91:
bd:aa:e6:93:e5:66:71:c8:fc:0a:7a:ba:79:15:e2:7d:fd:57:
71:da:ad:64:60:fd:54:b8:0c:61:fa:81:19:0d:5b:48:b1:1c:
2c:af:9b:00:d4:23:ae:e0:e8:08:35:8c:c7:4a:0a:9f:1b:69:
37:dd:05:c6:fb:6b:68:c0:bd:9b:32:32:0d:94:54:43:a3:3b:
bc:e3:0c:6d:bb:42:7a:cf:b7:79:8b:01:c0:09:50:e1:f4:5d:
0e:8b:98:db
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzJvO6oSiZj+AHnBduMAMaBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5ZGQ1NDI3ODE4NTFjMGJjZTVhM2VhNWNjMzg3NjUwZmZj
ODI3N2UwHhcNMjQwMTAyMTAzNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTMwZmU2YTZkZjk4YWQ2ZjZkOWEyN2I2M2NhM2I4ZGI0NDA0ZTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgL7FzL527HTqOgG5mkbOxL61on7o
sTNwvbMfKbQ9eetSOd3aGrCoBR6YNpx98AGtUyQycI5DvAYXmW8FWf6MFWYhxohS
3sKrke274dIhn/QH6/Eur7m9br0TaMPQ/OWCKxopVTcfGrX+Ybi8BPqTa65EDJAi
L0UMK4rPndr/DurpcUE/Gb/J3f5esQ6gUrltwiatTHvZyPlbKE1QaMRhC4qmuBFc
A0XIAWle2r2YUwOwwoJnaoymYNkChiv2HWzxGfuA5AwfNTFIaRtK7ROlck4W3PUc
eeM1g+w33J6vr1W4kWV2p4GVW2y2LlwH3UqFqUFRy2vBZPJGmqhZlzMATwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDUw/mpt+YrW9tmie2PKO420QE5rMB8GA1UdIwQY
MBaAFFndVCeBhRwLzlo+pcw4dlD/yCd+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2QxVUo0R0ZIQXZPV2o2bHpEaDJVUF9JSjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi83OWM0YmEtMzhlMi00ZjVhLTk1OWYt
NDdlMDkzNzk4OWE4LzEvTlRELWFtMzVpdGIyMmFKN1k4bzdqYlJBVG1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi83OWM0YmEtMzhlMi00ZjVhLTk1OWYtNDdlMDkzNzk4OWE4
LzEvV2QxVUo0R0ZIQXZPV2o2bHpEaDJVUF9JSjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAVVtpMAwD
BABVW2sDBARVW2ADBABVW3sDBADV0KswDQYJKoZIhvcNAQELBQADggEBAC9w8ghm
SbWDfsTU42DLcvRlY5eQ/HMNctLodmn77MuA1hT552fXttyerpTho2LyDBeAdPwz
PrCt2RqlNYHo3K9HeCjBFPxtHpqnzBiLpQDVUkVgPk0/nmgHdnn08IKqOgI7aZ7N
4l0XnXomdhfTUNSdDLRqRGTo+/K+LXHj62cLcJpw/LGpWYyiBAoMXxABQhe8opgU
8lTnijdFNu3q1E82kb2q5pPlZnHI/Ap6unkV4n39V3HarWRg/VS4DGH6gRkNW0ix
HCyvmwDUI67g6Ag1jMdKCp8baTfdBcb7a2jAvZsyMg2UVEOjO7zjDG27QnrPt3mL
AcAJUOH0XQ6LmNs=
-----END CERTIFICATE-----
Generated at Sat Nov 23 00:10:30 2024 by rpki-client on console-ams.rpki-client.org